A literal insider threat: we head to a Romanian prison where “self-service” web kiosks allowed inmates to run wild. Then we head to the checkout aisle to ask why JavaScript on payment pages went feral, and how new PCI DSS rules are finally muzzling Magecart-style skimmers.
Plus: Graham reveals his new-found superpower with Keyboard Maestro, and Scott describes a slick new way to whip up beautiful how-to videos with Screen Studio.
All this and more is discussed in episode 440 of “Smashing Security” podcast with cybersecurity veteran Graham Cluley, and special guest Scott Helme.
Smashing Security #440:
How to hack a prison, and the hidden threat of online checkouts
Host:
Graham Cluley:
@grahamcluley.com
@
/ grahamcluley
Guest:
Scott Helme:
/ scotthelme
Episode links:
- What caused the AWS outage – and why did it make the internet fall apart? – BBC News.
- China blames US for cyber break-in, claims America is world’s biggest bit burglar – The Register.
- Nintendo allegedly hacked by Crimson Collective hacking group – screenshot shows leaked folders, production assets, developer files, and backups – Tom’s Hardware.
- Romanian inmate hacks into prison IT system, modifies sentences for others – Romania Insider.
- New Version of PCI DSS Designed to Tackle Emerging Payment Threats – Infosecurity Magazine.
- What is Magecart? How this hacker group steals payment card data – CSO.
- Keyboard Maestro.
- Screen Studio.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
- Support us on Patreon!
Sponsored by:
- ANON – Find, monitor and remove data about yourself online. Manage your digital footprint with ease. Use code SMASHING for a 25% discount.
- Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
- Trelica by 1Password – Access Governance for every SaaS app. Discover, manage, and optimize access for any of your SaaS apps – whether managed or unmanaged.
Support the show:
You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.
Join Smashing Security PLUS for ad-free episodes and our early-release feed!
Follow us:
Follow the show on Bluesky, or join us on the Smashing Security subreddit, or visit our website for more episodes.
Thanks:
Theme tune: “Vinyl Memories” by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
