A hacker bursts the bubble of inflatable fetish fans, Hollywood celebrities unwittingly record videos in a Kremlin plot, and there’s a particularly devious WordPress-related malware campaign.
All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.
Warning: This podcast may contain nuts, adult themes, and rude language.
Hosts:
Graham Cluley – @gcluley
Carole Theriault – @caroletheriault
Guest:
Paul Ducklin – @duckblog
Episode links:
- Fuzzy Duck – Wikipedia.
- Cybercrime author Geoff White demonstrates his NSFW balloon trick at the “Smashing Security” podcast Christmas party – Reddit.
- Rule 34 – Wikipedia.
- We are (temporarily) offline – InflateVids on Patreon.
- Fast Company’s Apple News access hijacked to send an obscene push notification – The Verge.
- Fast Company Hacker on Rogue Apple News Notification: ‘Anyone Could Have Done It’ – Vice.
- The WordPress backdoor with its own backdoor! (And fake CVE numbers, too) – Paul Ducklin.
- Russian influence and cyber operations adapt for long haul and exploit war fatigue – Microsoft.
- How Zelensky became Hollywood man of the hour – The Guardian.
- Nigel Farage wishes Hugh Janus a happy birthday – YouTube.
- Don Johnson – Cameo.
- Hollywood plays unwitting Cameo in Kremlin plot to discredit Zelensky – The Register.
- Winning hearts and minds – Military Wiki.
- AdGuard Home – GitHub.
- Garmin Edge 130 Plus – Garmin.
- Garmin Connect IQ – Garmin.
- The Thermapen.
- Flat Whisk Stainless Steel Egg Beater Mixer Kitchen Tool – Amazon.
- Small Silicone Spatulas – Amazon.
- 3 Pcs Rubber Jar Gripper Pads – Amazon.
- Marble Dough Roller – Amazon.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
Sponsored by:
- Push Security – Monitor and secure your entire identity attack surface, including non-SSO identities. Get notified in real-time to vulnerabilities across all your internet-facing identities, and have your staff guided to fix simple issues.
- Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!
- Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 20% off!
Support the show:
You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.
Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!
Follow us:
Follow the show on Twitter at @SmashinSecurity, or on Mastodon, on the Smashing Security subreddit, or visit our website for more episodes.
Thanks:
Theme tune: “Vinyl Memories” by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
Found this article interesting? Follow Graham Cluley on Twitter, Mastodon, or Threads to read more of the exclusive content we post.