logo
episode-header-image
Mar 2019
47m 37s

Hijacked motel rooms, ASUS PCs, and leak...

Graham Cluley & Carole Theriault
About this episode

An app leaking private conversations and intimate photographs is ignoring requests to fix the problem, hackers poison a security update sent to ASUS PCs, and how to protect your privacy in motel rooms.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.


Follow the show on Twitter at @SmashinSecurity, on the Smashing Security subreddit, or visit our website for more episodes.


Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!


Warning: This podcast may contain nuts, adult themes, and rude language.


Theme tune: "Vinyl Memories" by Mikael Manvelyan.


Assorted sound effects: AudioBlocks.

Special Guest: Maria Varmazis.

Sponsored By:


Support Smashing Security

Links:




This podcast uses the following third-party services for analysis:

OP3 - https://op3.dev/privacy
Up next
Jul 2
Surveillance, spyware, and self-driving snafus
A Mexican drug cartel spies on the FBI using traffic cameras and spyware — because "ubiquitous technical surveillance” is no longer just for dystopian thrillers. Graham digs into a chilling new US Justice Department report that shows how surveillance tech was weaponised to deadly ... Show More
34m 5s
Jun 25
Operation Endgame, deepfakes, and dead slugs
In this episode, Graham unravels Operation Endgame - the surprisingly stylish police crackdown that is seizing botnets, mocking malware authors with anime videos, and taunting cybercriminals via Telegram.Meanwhile, Carole exposes the AI-generated remote hiring threat. Could your ... Show More
54m 59s
Jun 18
The curious case of the code copier
A GCHQ intern forgets the golden rule of spy school — don’t take the secrets home with you — and finds himself swapping Cheltenham for a cell. Meanwhile, an Australian hacker flies too close to the sun, hacks his way into a US indictment, and somehow walks free... only to get boo ... Show More
32m 16s
Recommended Episodes
Jun 2023
Cyber spies and vulnerability goodbyes. RedLine Stealer and Vidar: the cryptkeepers. Social engineering TTPs.
North Korea's APT37 deploys FadeStealer to steal information from its targets. Apple patches vulnerabilities under active exploitation. Access to a US satellite is being hawked in a Russophone cybercrime forum. Russian hacktivist auxiliaries say they’ve disrupted IFC.org. Unmaski ... Show More
31m 49s
Jan 2024
Vulnerabilities and security risks.
Ivanti products are under active zero-day exploitation. Phemedrone is a new open-source info-stealer. Bishop Fox finds exposed SonicWall firewalls. GitLab and VMware patch critical vulnerabilities. The Secret Service foils a phishing scam. Europol shuts down a cryptojacking campa ... Show More
32m 50s
Apr 2023
SN 918: A Dangerous Interpretation - H26FORGE, Privatized ChatGPT, Mozilla Site Breach Monitor
Picture of the Week. Microsoft and Fortra go on the offensive. Can ChatGPT keep a secret? Apple updates their OS's. Wordpress under attack... again. Mozilla's Site Breach Monitor. Another ChatGPT investigation. Samsung handsets reaching EoL. Less access for loan apps. The right t ... Show More
2h 4m
Feb 2019
Social engineering and the power of brands. Insecure check-ins? APT10 is quiet but not gone. MacOS Keychain bug. Assessment of Chinese device manufacturers continues.
In today’s podcast, we hear about social engineering, with a few new twists. Some airlines may be exposing passenger data with insecure check-in links. APT10 may be lying low, for now, but the US Department of Homeland Security expects the cyber spies to be back. A researcher fin ... Show More
21m 57s
Dec 2023
The United Kingdom's catastrophic ransomware attack.
The UK faces a looming threat of a catastrophic ransomware attack. The Senate confirms a new National Cyber Director. The rivalry between malware groups BatLoader and FakeBat. BazarCall phishing attack and its unusual use of Google Forms. A serious vulnerability threatens K-12 st ... Show More
30m 57s
Feb 2023
A look at the SideWinder APT. GoAnywhere vulnerability exploited in the wild. Ransomware rampant. Hacktivism in Russia’s hybrid war. Patch Tuesday notes.
SideWinder is an APT with possible origins in India. MortalKombat ransomware debuts. The GoAnywhere zero day was exploited in a data breach. Belarusian Cyber-Partisans release Russian data. Betsy Carmelite from Booz Allen Hamilton shares an overview of cyber deception. Our guest ... Show More
28m 49s
Jan 2020
Curveball proofs-of-concept. CISA warns chemical industry. Military families harassed online. Phishing the UN. Fleeceware in the Play Store. Moscow says there was no Burisma hack.
Proof-of-concept exploits for the CryptoAPI vulnerability Microsoft patched this week have been released. CISA warns the chemical industry to look to its security during this period of what the agency calls “heightened geopolitical tension.” Families of deployed US soldiers recei ... Show More
21m 50s
Jan 2024
Another day, another Blizzard attack.
Cozy Bear breaches Hewlett Packard Enterprise. An investigation reveals global surveillance based on digital advertising. Cisco patches critical vulnerabilities. Meta aims to enhance the online safety of minors.  iOS notifications are exploited for tracking. EquiLend’s systems go ... Show More
35m 32s
Sep 2023
Enter Sandman. A look at an initial access broker. Iran’s OilRig hits Israeli targets. Cyber ops and soft power. Update on casino ransomware attacks. Bermuda’s government sustains cyberattacks.
A new APT is found: enter Sandman. Tracking an initial access broker called Gold Melody. Iran’s OilRig group is active against Israeli targets. Cyber ops as an instrument of soft power. Recovery and investigation in the casino ransomware attacks. In our Solutions Spotlight, Simon ... Show More
32m 16s
Listen to millions of songs and podcasts on Anghami