Smashing Security5 Feb 2025

Coinbase crypto heists, QR codes, and ransomware in the classroom

In episode 403 of "Smashing Security" we dive into the mystery of $65 million vanishing from Coinbase users faster than J-Lo slipped into Graham's DMs, Geoff gives a poor grade for PowerSchool's security, and Carole takes a curious look at QR codes.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Lazarus Heist's Geoff White.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

ZachXBT’s thread - Twitter.
Coinbase employee tells users not to use a VPN or ad blocker - Twitter.
What PowerSchool won’t say about its data breach affecting millions of students - TechCrunch.
QR code - Wikipedia.
Reed–Solomon error correction - Wikipedia.
Urgent warning over QR code scam tricking drivers out of £100s at popular car parks - Express.
Scam alert: QR code on an unexpected package - Consumer Advice
New Star Blizzard spear-phishing campaign targets WhatsApp accounts - Microsoft Security Blog.
What You Must Know Before Scanning a QR Code - AARP.
“More” - Niall Conlon.
“Money Men” by Dan McCrum - Penguin Books.
Bitter Orange Marmalade Recipe - Ballymaloe Cooking School.
Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

Tailscale – Tailscale is perfect for work or personal projects, making networking simple. Its free plan covers up to 100 devices and 3 users. Get started at tailscale.com and be up and running in less than 10 minutes!
1Password – Secure every app, device, and identity – even the unmanaged ones at 1password.com/smashing.
Cortex Symphony 2025 - Ready to transform your cybersecurity? Register now to see the future of security innovation with exclusive insights, demos, and stories from pros.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Privacy & Opt-Out: https://redcircle.com/privacy

Det här avsnittet är hämtat från ett öppet RSS-flöde och publiceras inte av Podme. Det kan innehålla reklam.

Avsnitt(470)

Red flags, leaked chats, and a final farewell

The viral women-only dating safety app Tea, built to flag red flags, gets flagged itself - after leaking over 70,000 private images and chat logs. We are talking full-on selfies, ID docs, private DMs,...

30 Juli 202540min

When 2G attacks, and a romantic road trip goes wrong

In this episode, Graham warns why it is high time we said goodbye to 2G - the outdated mobile network being exploited by cybercriminals with suitcase-sized SMS blasters. From New Zealand to London, sc...

23 Juli 202533min

Choo Choo Choose to ignore the vulnerability

In episode 426 of the "Smashing Security" podcast, Graham reveals how you can hijack a train’s brakes from 150 miles away using kit cheaper than a second-hand PlayStation. Meanwhile, Carole investigat...

16 Juli 202536min

Call of Duty: From pew-pew to pwned

In episode 425 of "Smashing Security", Graham reveals how "Call of Duty: WWII" has been weaponised - allowing hackers to hijack your entire PC during online matches, thanks to ancient code and Microso...

9 Juli 202535min

Surveillance, spyware, and self-driving snafus

A Mexican drug cartel spies on the FBI using traffic cameras and spyware — because "ubiquitous technical surveillance” is no longer just for dystopian thrillers. Graham digs into a chilling new US Jus...

2 Juli 202534min

Operation Endgame, deepfakes, and dead slugs

In this episode, Graham unravels Operation Endgame - the surprisingly stylish police crackdown that is seizing botnets, mocking malware authors with anime videos, and taunting cybercriminals via Teleg...

25 Juni 202554min

The curious case of the code copier

A GCHQ intern forgets the golden rule of spy school — don’t take the secrets home with you — and finds himself swapping Cheltenham for a cell. Meanwhile, an Australian hacker flies too close to the su...

18 Juni 202532min

Toothpick flirts, Google leaks, and ICE ICE scammers

What do a sleazy nightclub carpet, Google’s gaping privacy hole, and an international student conned by fake ICE agents have in common? This week’s episode of the "Smashing Security" podcast obviously...

11 Juni 202535min