Stop the press – a company has actually said “sorry” after a data breach, and hotels are helping hackers phish their own guests.
We examine a refreshingly honest breach response (and why legacy systems are still going to ruin your week), dig into a nasty hotel-booking malware campaign that abuses trust in apps and CAPTCHAs, and chat about autonomous pen testing, AI-turbocharged cybercrime, and what CISOs should really be asking on Monday morning.
And lost Doctor Who is brought back to life by one very dedicated animator, and we take a look at Eddie Murphy’s career.
All this and more is discussed in episode 444 of the “Smashing Security” podcast with cybersecurity veteran Graham Cluley, and special guest Tricia Howard.
Plus – don’t miss our featured interview with Snehal Antani from Horizon3.ai!
Smashing Security #444:
We’re sorry. Wait, did a company actually say that?
Host:
Graham Cluley:
@grahamcluley.com
@
/ grahamcluley
Guest:
Tricia Howard:
/ triciakickssaas
Episode links:
- A Simple WhatsApp Security Flaw Exposed 3.5 Billion Phone Numbers – Wired.
- British hacker must repay £4m after hijacking celebrity Twitter accounts – BBC News.
- Cloudflare experiences a massive outage – LifeHacker.
- Protecting our Merchants: Standing up to Extortion – Checkout.
- A miracle: A company says sorry after a cyber attack – and donates the ransom to cybersecurity research – Hot for Security.
- Large-Scale ClickFix Phishing Attacks Target Hotel Systems with PureRAT Malware – The Hacker News.
- Unmasking a Sophisticated Phishing Campaign That Targets Hotel Guests – Akamai.
- Doctor Who Animation: Daleks’ Master Plan – The Nightmare Begins. Part 1 – YouTube.
- Doctor Who Animation: Daleks’ Master Plan – The Nightmare Begins. Part 2 – YouTube.
- Being Eddie – Netflix.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
Sponsored by:
- Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
- Horizon3.ai – Get an autonomous pentest demo and see your network the way attackers do. Visit Horizon3.ai.
Support the show:
You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.
Join Smashing Security PLUS for ad-free episodes and our early-release feed!
Follow us:
Follow the show on Bluesky, or join us on the Smashing Security subreddit, or visit our website for more episodes.
Thanks:
Theme tune: “Vinyl Memories” by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
