116: Stalking debtors, Facebook farce, and a cyber insurance snag

How would you track someone who owed you money? What was the colossal flaw Facebook left on its website for anyone to exploit and hijack accounts? And what excuse are insurance companies giving for not paying victims of the NotPetya malware millions of dollars?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Joe Carrigan of the Information Security Institute at Johns Hopkins University.

Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.

Remember: Subscribe on Apple Podcasts, Castbox, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.

• In first such case, Chinese police arrest hacker for selling tracking app to debt collectors — Global Times.
• Ravenous Bugblatter Beast of Traal — Urban Dictionary.
• "I just had to download a software update for my shoes" — Thread from @GK3 on Twitter.
• Marty McFly Gets Power Laces — YouTube.
• Nike Adapt BB Self-Lacing Shoe — SneakerNews.
• Here's Why the Nike Adapt BB Is Worth $350 — YouTube.
• Facebook CSRF protection bypass which leads to Account Takeover — Samm0uda.
• Everything you need to know about the Petya, er, NotPetya nasty trashing PCs worldwide — The Register.
• The Untold Story of NotPetya, the Most Devastating Cyberattack in History — Wired.
• A Moment of Truth for Cyber Insurance — Lawfare.
• Manufacturers Remain Slow to Recognize Cybersecurity Risks — New York Times.
• UK and US blame Russia for 'malicious' NotPetya cyber-attack — BBC News.
• thispersondoesnotexist.com.
• This website uses AI to generate faces of people who don't exist — Mashable.
• ESPN+
• Trevor Moore: The Story of Our Times - "My Computer Just Became Self Aware" — YouTube.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)