017: Data breaches, zero day exploits, and toenail clippings
Smashing Security
Graham Cluley
4.7 • 579 Ratings
🗓️ 20 April 2017
⏱️ 31 minutes
🧾️ Download transcript
Summary
Hotel malware has been stealing guests' payment card details... again, should businesses relay delay rolling out vulnerability patches, and Burger King's Whopper TV ad campaign tries to take advantage of viewers' Google Home devices with predictable results.
All this and more is discussed by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Paul Ducklin.
Show notes:
- InterContinental Hotels Group (IHG) Notifies Guests of Payment Card Incident at IHG-Branded Franchise Hotel Locations in the Americas Region - IHG.
- Affected hotel look-up tool - IHG.
- Been to one of these 1170 IHG hotels? Your credit card details may have been stolen by malware - Bitdefender.
- Microsoft patches Word zero-day booby-trap exploit - Naked Security.
- Microsoft zero-day vulnerability was being exploited for cyber-espionage - Graham Cluley.
- The Shadow Brokers - Wikipedia.
- Burger King's 'OK Google' sad ad saga somehow gets worse - The Register.
- Burger King Connected Whopper ad - YouTube.
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.
Special Guest: Paul Ducklin.
Sponsored By:
- Recorded Future: Recorded Future is the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.Sign up for free daily threat intelligence updates at https://recordedfuture.com/intel
Privacy & Opt-Out: https://redcircle.com/privacy
Transcript
Click on a timestamp to play from that location
| 0:00.0 | This podcast is made possible by the generous support of Recorded Future. |
| 0:06.7 | Recorded Future are a real-time threat intel firm whose machine learning technology analyzes the open and dark web to give you great insight into emerging threats. |
| 0:16.0 | Sign up for their Cyber Daily newsletter and get their latest insights at recorded future.com slash intel. |
| 0:26.2 | Smashing Security, Episode 17, data breaches, zero-day exploits, and tonal clippings with Carol Terrio and Graham Cluley. |
| 0:36.3 | Hello and welcome to Smashing Security episode 17 for the 20th of April 2017. And |
| 0:42.7 | great to have everybody here. I'm joined as always by Coral Terrio. Hello, Carol. |
| 0:47.6 | Hello, Graham. And we've also got our good chum from Sophos, Paul Ducklin, |
| 0:51.7 | joining us as our special guest today. Hi, Duck, how are you doing? |
| 0:55.0 | I am doing superbly, thank you. |
| 0:57.6 | Oh, Duck is almost a regular. I am. And I won't say I've dined out on Graham's joke about |
| 1:04.1 | tweeting ducks, but it has come up, well, I won't say it's come up often, or even that |
| 1:09.6 | it's come up twice, but it did come up once, and the person who brought it up thought it was quite amusing. So, you know, I'm very happy for that of the last podcast. So there's one person other than ourselves who listened to the podcast. That's fantastic. And not me, not me myself. It wasn't like self-tweeting duck. We've succeeded, guys. We're there. We've made it. That's fantastic. Well, as always, we're looking back over the last seven days, some of the things which we can go on in on the world of computer security, some of the stories you may have missed, and some of the things which have caught our eye and just generally been interesting to us. And I'm going to kick off today because I'm going to talk to you about hotel hacking. |
| 1:45.4 | Now, chaps, how would you feel if a company has an advisory for you? |
| 1:53.0 | And they begin the advisory say, we value the relationship we have with our guests, |
| 1:57.2 | and we understand the importance of protecting payment card data. |
| 2:05.7 | I'd say they missed out the bit that says, comma, but only now. What a pity we didn't do it last week, last month, last year. |
| 2:16.1 | But they never put that bit in. |
| 2:17.6 | I can't think why. |
| 2:18.4 | No, they don't. |
| 2:19.0 | And quite often they don't include words like sorry or apologize or anything like that as well, |
| 2:22.6 | which their legal team think may get them into a spot of bother. |
| 2:25.8 | No. |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from Graham Cluley, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of Graham Cluley and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.