How would you track someone who owed you money? What was the colossal flaw Facebook left on its website for anyone to exploit and hijack accounts? And what excuse are insurance companies giving for not paying victims of the NotPetya malware millions of dollars?
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Joe Carrigan of the Information Security Institute at Johns Hopkins University.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, Castbox, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
Special Guest: Joe Carrigan.
Sponsored By:
- Recorded Future: For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you.
- "The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber attacks.
- Download it for free at smashingsecurity.com/intelligence
- LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
- But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
- Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.
Links:
- In first such case, Chinese police arrest hacker for selling tracking app to debt collectors — Global Times.
- Ravenous Bugblatter Beast of Traal — Urban Dictionary.
- "I just had to download a software update for my shoes" — Thread from @GK3 on Twitter.
- Marty McFly Gets Power Laces — YouTube.
- Nike Adapt BB Self-Lacing Shoe — SneakerNews.
- Here's Why the Nike Adapt BB Is Worth $350 — YouTube.
- Facebook CSRF protection bypass which leads to Account Takeover — Samm0uda.
- Everything you need to know about the Petya, er, NotPetya nasty trashing PCs worldwide — The Register.
- The Untold Story of NotPetya, the Most Devastating Cyberattack in History — Wired.
- A Moment of Truth for Cyber Insurance — Lawfare.
- Manufacturers Remain Slow to Recognize Cybersecurity Risks — New York Times.
- UK and US blame Russia for 'malicious' NotPetya cyber-attack — BBC News.
- thispersondoesnotexist.com.
- This website uses AI to generate faces of people who don't exist — Mashable.
- ESPN+
- Trevor Moore: The Story of Our Times - "My Computer Just Became Self Aware" — YouTube.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
This podcast uses the following third-party services for analysis:
OP3 - https://op3.dev/privacy