Smashing Security podcast #460: Never knock on the door of a nuclear submarine base and ask for a selfie
A disgruntled data analyst decides that the best response to losing his contract is to steal the entire company payroll database and demand $2.5…
AI-Generated Summary
A disgruntled data analyst stole an entire company payroll database and demanded $2.5 million in Bitcoin in a cyber extortion scheme, for which a Charlotte man was convicted by a federal jury. Separately, an Iranian and a Romanian national were charged after allegedly attempting to gain unauthorized access to the UK's nuclear submarine base at Faslane, raising physical security and espionage concerns. Additional cybersecurity stories covered include a Google Search result manipulation via planted Claude plugins, a crypto theft operation targeting wallet supply chains, and a cyberattack disrupting interlock calibration services.
Threat Actor
Unidentified Iranian and Romanian nationals; disgruntled insider (data analyst); China-linked hacker group
Affected Sectors
Frameworks
Aggregated from Graham Cluley
This article was automatically aggregated from an external source. Content may be summarized.
Full Analysis
Hacking stories and cybersecurity insights.
A disgruntled data analyst decides that the best response to losing his contract is to steal the entire company payroll database and demand $2.5 million in Bitcoin – signing his extortion emails from a company called “Loot.”
Meanwhile, two people drive up to the entrance of the UK’s nuclear submarine base at Faslane and politely ask if they can have a look around. Tourists? Spies? Something in between?
Plus: Female Muslim punk rock group, and a little red book that might save your sanity in a post-truth world.
All this and more in episode 460 of the “Smashing Security” podcast with cybersecurity veteran Graham Cluley, and special guest Jenny Radcliffe.
Host:
Graham Cluley:
@grahamcluley.com
@
/ grahamcluley
Guest:
Jenny Radcliffe:
/ jenny-radcliffe-the-people-hacker
Episode links:
- A Top Google Search Result for Claude Plugins Was Planted by Hackers – 404 Media.
- Iowa-based Intoxalock cyberattack disrupts calibration service for interlock users – DysruptionHub.
- China hacker group leaks $7M crypto theft operation targeting wallet supply chains – Crypto News.
- Federal Jury Convicts Charlotte Man For Cyber Extortion Scheme That Targeted International Technology Company – DOJ.
- Iranian and Romanian charged after allegedly trying to enter UK nuclear naval base – Sky News.
- LadyParts – Spotify.
- On Disinformation: How to Fight for Truth and Protect Democracy – Lee McIntyre.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
Sponsored by:
- ThreatLocker – Start your free trial and book a demo of ThreatLocker today to see how you can implement Zero Trust in your environment.
- Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
- Meter – Network infrastructure for the enterprise. Get a free personalised demo.
Support the show:
You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.
Join Smashing Security PLUS for ad-free episodes and our early-release feed!
Follow us:
Follow the show on Bluesky, or join us on the Smashing Security subreddit, or visit our website for more episodes.
Thanks:
Theme tune: “Vinyl Memories” by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
Found this article interesting? Follow Graham Cluley on LinkedIn, Bluesky, or Mastodon to read more of the exclusive content we post.
Originally published by Graham Cluley
Original Source
Graham Cluley