When security firms get hacked, and your new North Korean remote worker

The SolarWinds have returned to haunt four cybersecurity companies who tried to hide their breaches and ended up with their trousers around their ankles, and North Korea succeeds in getting one of its IT workers hired... but what's their plan?

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

• SolarWinds Sunburst supply chain attack - Wikipedia.
• Rep. Katie Porter slams SolarWinds for its poor passwords - Twitter.
• SEC Charges Four Companies With Misleading Cyber Disclosures - SEC.
• Western firm hacked by North Korean cybercriminal hired as remote IT worker - Computing.
• Engaging with a Remote Workforce: Statistics and Strategies for Success - Government Events.
• 67% Of U.S. Employers To Lose Employees To Remote Work In 2024 - Forbes.
• A company's remote-working hire turns out to be in North Korea. He tried to hold it to ransom - Business Insider.
• US company accidentally hires North Korean for remote work, gets blackmailed when they try to fire him - IBTimes.
• Watch “Undercover: Exposing the Far Right” - Channel 4.
• Undercover film exposing UK far-right activists pulled from London festival - The Guardian.
• Kermode and Mayo’s Take - YouTube.
• The Fear of God: 25 Years of the Exorcist – BBC iPlayer.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

• 1Password Extended Access Management – Secure every sign-in for every app on every device.
• Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or