<description>&lt;p&gt;Stop the press - a company has actually said &amp;#34;sorry&amp;#34; after a data breach, and hotels are helping hackers phish their own guests.&lt;/p&gt;&lt;p&gt;In episode 444 of &amp;#34;Smashing Security&amp;#34; we examine a refreshingly honest breach response (and why legacy systems are still going to ruin your week), dig into a nasty hotel-booking malware campaign that abuses trust in apps and CAPTCHAs, and chat about autonomous pen testing, AI-turbocharged cybercrime, and what CISOs should really be asking on Monday morning.&lt;/p&gt;&lt;p&gt;And lost Doctor Who is brought back to life by one very dedicated animator, and we take a look at Eddie Murphy’s career.&lt;/p&gt;&lt;p&gt;All this and more is discussed in episode 444 of the &amp;#34;Smashing Security&amp;#34; podcast with cybersecurity veteran Graham Cluley, and special guest Tricia Howard.&lt;/p&gt;&lt;p&gt;Plus - don&amp;#39;t miss our featured interview with Snehal Antani from Horizon3.ai!&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;strong&gt;EPISODE LINKS:&lt;/strong&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;ul&gt;&lt;li&gt;&lt;a href="https://www.wired.com/story/a-simple-whatsapp-security-flaw-exposed-billions-phone-numbers/" rel="nofollow"&gt;A Simple WhatsApp Security Flaw Exposed 3.5 Billion Phone Numbers&lt;/a&gt;&lt;span&gt; - Wired.&lt;/span&gt;&lt;/li&gt;&lt;li&gt;&lt;a href="https://www.bbc.co.uk/news/articles/c709ppwpw1wo" rel="nofollow"&gt;British hacker must repay £4m after hijacking celebrity Twitter accounts&lt;/a&gt;&lt;span&gt; - BBC News.&lt;/span&gt;&lt;/li&gt;&lt;li&gt;&lt;a href="https://lifehacker.com/tech/cloudfare-is-experiencing-a-massive-outage" rel="nofollow"&gt;Cloudflare experiences a massive outage&lt;/a&gt;&lt;span&gt; - LifeHacker.&lt;/span&gt;&lt;/li&gt;&lt;li&gt;&lt;a href="https://www.checkout.com/blog/protecting-our-merchants-standing-up-to-extortion" rel="nofollow"&gt;Protecting our Merchants: Standing up to Extortion&lt;/a&gt;&lt;span&gt; - Checkout.&lt;/span&gt;&lt;/li&gt;&lt;li&gt;&lt;a href="https://www.bitdefender.com/en-us/blog/hotforsecurity/a-miracle-a-company-says-sorry-after-a-cyber-attack-and-donates-the-ransom-to-cybersecurity-research" rel="nofollow"&gt;A miracle: A company says sorry after a cyber attack - and donates the ransom to cybersecurity research&lt;/a&gt;&lt;span&gt; - Hot for Security.&lt;/span&gt;&lt;/li&gt;&lt;li&gt;&lt;a href="https://thehackernews.com/2025/11/large-scale-clickfix-phishing-attacks.html" rel="nofollow"&gt;Large-Scale ClickFix Phishing Attacks Target Hotel Systems with PureRAT Malware&lt;/a&gt;&lt;span&gt; - The Hacker News.&lt;/span&gt;&lt;/li&gt;&lt;li&gt;&lt;a href="https://www.akamai.com/blog/security-research/sophisticated-phishing-campaign-targeting-hospitality" rel="nofollow"&gt;Unmasking a Sophisticated Phishing Campaign That Targets Hotel Guests&lt;/a&gt;&lt;span&gt; - Akamai.&lt;/span&gt;&lt;/li&gt;&lt;li&gt;&lt;a href="https://www.youtube.com/watch?v=2--OWFrTXUI" rel="nofollow"&gt;Doctor Who Animation: Daleks&amp;#39; Master Plan - The Nightmare Begins. Part 1&lt;/a&gt;&lt;span&gt; - YouTube.&lt;/span&gt;&lt;/li&gt;&lt;li&gt;&lt;a href="https://www.youtube.com/watch?v=u9E5wVUa_eg" rel="nofollow"&gt;Doctor Who Animation: Daleks&amp;#39; Master Plan - The Nightmare Begins. Part 2&lt;/a&gt;&lt;span&gt; - YouTube.&lt;/span&gt;&lt;/li&gt;&lt;li&gt;&lt;a href="https://www.netflix.com/gb/title/81094163" rel="nofollow"&gt;Being Eddie&lt;/a&gt;&lt;span&gt; - Netflix.&lt;/span&gt;&lt;/li&gt;&lt;li&gt;&lt;a href="https://www.smashingsecurity.com/store/" rel="nofollow"&gt;Smashing Security merchandise (t-shirts, mugs, stickers and stuff)&lt;/a&gt;&lt;/li&gt;&lt;/ul&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;strong&gt;SPONSORS:&lt;/strong&gt;&lt;/p&gt;&lt;ul&gt;&lt;li&gt;&lt;a href="https://www.smashingsecurity.com/vanta" rel="nofollow"&gt;Vanta&lt;/a&gt; - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!&lt;/li&gt;&lt;li&gt;&lt;a href="https://horizon3.ai" rel="nofollow"&gt;Horizon3.ai&lt;/a&gt; - Get an autonomous pentest demo and see your network the way attackers do. Visit Horizon3.ai.&lt;/li&gt;&lt;/ul&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;strong&gt;SUPPORT THE SHOW:&lt;/strong&gt;&lt;/p&gt;&lt;p&gt;Tell your friends and colleagues about “Smashing Security”, and leave us a review on &lt;a href="https://www.smashingsecurity.com/applepodcasts" rel="nofollow"&gt;Apple Podcasts&lt;/a&gt; or &lt;a href="https://www.podchaser.com/podcasts/smashing-security-244729" rel="nofollow"&gt;Podchaser&lt;/a&gt;.&lt;/p&gt;&lt;p&gt;Become a supporter! Join Smashing Security PLUS via &lt;a href="https://www.patreon.com/smashingsecurity" rel="nofollow"&gt;Patreon&lt;/a&gt; or &lt;a href="https://www.smashingsecurity.com/applepodcasts" rel="nofollow"&gt;Apple Podcasts&lt;/a&gt; for ad-free episodes on our early-release feed!&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;strong&gt;FOLLOW THE SHOW:&lt;/strong&gt;&lt;/p&gt;&lt;p&gt;&lt;span&gt;Follow us on &lt;/span&gt;&lt;a href="https://bsky.app/profile/smashingsecurity.com" rel="nofollow"&gt;Bluesky&lt;/a&gt;&lt;span&gt; or &lt;/span&gt;&lt;a href="https://www.smashingsecurity.com/mastodon" rel="nofollow"&gt;Mastodon&lt;/a&gt;&lt;span&gt;, or on the &lt;/span&gt;&lt;a href="https://www.reddit.com/r/smashingsecurity" rel="nofollow"&gt;Smashing Security subreddit&lt;/a&gt;&lt;span&gt;, and &lt;/span&gt;&lt;a href="https://www.smashingsecurity.com/" rel="nofollow"&gt;visit our website&lt;/a&gt;&lt;span&gt; for more episodes.&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;strong&gt;THANKS:&lt;/strong&gt;&lt;/p&gt;&lt;p&gt;Theme tune: &amp;#34;Vinyl Memories&amp;#34; by Mikael Manvelyan.&lt;/p&gt;&lt;p&gt;Assorted sound effects: AudioBlocks.&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;p&gt;&lt;strong&gt;ENJOYED THE SHOW?&lt;/strong&gt;&lt;/p&gt;&lt;p&gt;Make sure to check out our sister podcast, &lt;a href="https://theaifix.show/" rel="nofollow"&gt;&amp;#34;The AI Fix&amp;#34;&lt;/a&gt;.&lt;/p&gt;&lt;p&gt;&lt;br&gt;&lt;/p&gt;&lt;br/&gt;&lt;br/&gt;Privacy &amp; Opt-Out: &lt;a href='https://redcircle.com/privacy'&gt;https://redcircle.com/privacy&lt;/a&gt;</description>

Smashing Security

Graham Cluley

We’re sorry. Wait, did a company actually say that?

NOV 20, 202555 MIN
Smashing Security

We’re sorry. Wait, did a company actually say that?

NOV 20, 202555 MIN

Description

Stop the press - a company has actually said "sorry" after a data breach, and hotels are helping hackers phish their own guests.

In episode 444 of "Smashing Security" we examine a refreshingly honest breach response (and why legacy systems are still going to ruin your week), dig into a nasty hotel-booking malware campaign that abuses trust in apps and CAPTCHAs, and chat about autonomous pen testing, AI-turbocharged cybercrime, and what CISOs should really be asking on Monday morning.

And lost Doctor Who is brought back to life by one very dedicated animator, and we take a look at Eddie Murphy’s career.

All this and more is discussed in episode 444 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and special guest Tricia Howard.

Plus - don't miss our featured interview with Snehal Antani from Horizon3.ai!


EPISODE LINKS:




SPONSORS:

  • Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
  • Horizon3.ai - Get an autonomous pentest demo and see your network the way attackers do. Visit Horizon3.ai.


SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!


FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.


THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.


ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".




Privacy & Opt-Out: https://redcircle.com/privacy