<description>&lt;p&gt;The SolarWinds have returned to haunt four cybersecurity companies who tried to hide their breaches and ended up with their trousers around their ankles, and North Korea succeeds in getting one of its IT workers hired... but what's their plan?&lt;/p&gt;&lt;p&gt;All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.&lt;/p&gt;&lt;p&gt;Warning: This podcast may contain nuts, adult themes, and rude language.&lt;/p&gt;&lt;p&gt;&lt;strong&gt;Episode links:&lt;/strong&gt;&lt;/p&gt;&lt;ul&gt;&lt;li&gt;&lt;a href="https://en.wikipedia.org/wiki/SolarWinds#SUNBURST" rel="noopener noreferrer" target="_blank"&gt;SolarWinds Sunburst supply chain attack&lt;/a&gt; - Wikipedia.&lt;/li&gt;&lt;li&gt;&lt;a href="https://x.com/RepKatiePorter/status/1365435633422856192" rel="noopener noreferrer" target="_blank"&gt;Rep. Katie Porter slams SolarWinds for its poor passwords&lt;/a&gt; - Twitter.&lt;/li&gt;&lt;li&gt;&lt;a href="https://www.sec.gov/newsroom/press-releases/2024-174" rel="noopener noreferrer" target="_blank"&gt;SEC Charges Four Companies With Misleading Cyber Disclosures&lt;/a&gt; - SEC.&lt;/li&gt;&lt;li&gt;&lt;a href="https://www.computing.co.uk/news/2024/security/firm-hacked-by-north-korean-cybercriminal-it-hired" rel="noopener noreferrer" target="_blank"&gt;Western firm hacked by North Korean cybercriminal hired as remote IT worker&lt;/a&gt; - Computing.&lt;/li&gt;&lt;li&gt;&lt;a href="https://www.governmentevents.co.uk/ge-insights/engaging-with-a-remote-workforce-statistics-and-strategies-for-success/" rel="noopener noreferrer" target="_blank"&gt;Engaging with a Remote Workforce: Statistics and Strategies for Success&lt;/a&gt; - Government Events.&lt;/li&gt;&lt;li&gt;&lt;a href="https://www.forbes.com/sites/rachelwells/2024/10/21/us-employers-to-lose-employees-to-remote-work-in-2024/" rel="noopener noreferrer" target="_blank"&gt;67% Of U.S. Employers To Lose Employees To Remote Work In 2024&lt;/a&gt; - Forbes.&lt;/li&gt;&lt;li&gt;&lt;a href="https://www.businessinsider.com/company-accidentally-hires-north-korea-remote-worker-hacks-attempts-ransom-2024-10" rel="noopener noreferrer" target="_blank"&gt;A company's remote-working hire turns out to be in North Korea. He tried to hold it to ransom&lt;/a&gt; - Business Insider.&lt;/li&gt;&lt;li&gt;&lt;a href="https://www.msn.com/en-gb/money/other/us-company-accidentally-hires-north-korean-for-remote-work-gets-blackmailed-when-they-try-to-fire-him/ar-AA1sDyDQ" rel="noopener noreferrer" target="_blank"&gt;US company accidentally hires North Korean for remote work, gets blackmailed when they try to fire him&lt;/a&gt; - IBTimes.&lt;/li&gt;&lt;li&gt;&lt;a href="https://www.channel4.com/programmes/undercover-exposing-the-far-right" rel="noopener noreferrer" target="_blank"&gt;Watch “Undercover: Exposing the Far Right”&lt;/a&gt; - Channel 4.&lt;/li&gt;&lt;li&gt;&lt;a href="https://www.theguardian.com/politics/2024/oct/19/undercover-film-exposing-uk-far-right-activists-pulled-from-london-film-festival" rel="noopener noreferrer" target="_blank"&gt;Undercover film exposing UK far-right activists pulled from London festival&lt;/a&gt; - The Guardian.&lt;/li&gt;&lt;li&gt;&lt;a href="https://www.youtube.com/@kermodeandmayostake/podcasts" rel="noopener noreferrer" target="_blank"&gt;Kermode and Mayo’s Take&lt;/a&gt; - YouTube.&lt;/li&gt;&lt;li&gt;&lt;a href="https://www.bbc.co.uk/iplayer/episode/p07r5pwq/the-fear-of-god-25-years-of-the-exorcist" rel="noopener noreferrer" target="_blank"&gt;The Fear of God: 25 Years of the Exorcist&lt;/a&gt; – BBC iPlayer.&lt;/li&gt;&lt;li&gt;&lt;a href="https://www.smashingsecurity.com/store/" rel="noopener noreferrer" target="_blank"&gt;Smashing Security merchandise (t-shirts, mugs, stickers and stuff)&lt;/a&gt;&lt;/li&gt;&lt;/ul&gt;&lt;br/&gt;&lt;p&gt;&lt;strong&gt;Sponsored by:&lt;/strong&gt;&lt;/p&gt;&lt;ul&gt;&lt;li&gt;&lt;a href="https://www.1password.com/smashing" rel="noopener noreferrer" target="_blank"&gt;1Password Extended Access Management&lt;/a&gt; – Secure every sign-in for every app on every device.&lt;/li&gt;&lt;li&gt;&lt;a href="https://www.vanta.com/smashing" rel="noopener noreferrer" target="_blank"&gt;Vanta&lt;/a&gt; – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000...</description>

Smashing Security

Graham Cluley & Carole Theriault

When security firms get hacked, and your new North Korean remote worker

OCT 24, 202430 MIN
Smashing Security

When security firms get hacked, and your new North Korean remote worker

OCT 24, 202430 MIN

Description

The SolarWinds have returned to haunt four cybersecurity companies who tried to hide their breaches and ended up with their trousers around their ankles, and North Korea succeeds in getting one of its IT workers hired... but what's their plan?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:


Sponsored by:

  • 1Password Extended Access Management – Secure every sign-in for every app on every device.
  • Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!


FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.


THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.



This podcast uses the following third-party services for analysis:

OP3 - https://op3.dev/privacy