In today’s podcast, we hear about how OAuth abuse rushed a worm around Google Docs, and how the good guys swiftly contained the attack. Bondnet discovered mining cryptocurrency. The Blackmoon financial malware gets an upgrade. Carbanak is still out there, trickier than ever. No-phishing season at Gannett. India’s national biometric ID system runs into security and legal trouble. Rick Howard from Palo Alto Networks previews the Cyber Canon awards ceremony. Andrew Chanin describes the upcoming Cyber Investing Summit. And reflections on passwords yesterday, today, and tomorrow, both here on earth and in a galaxy far, far away.