Oops, we created Iran's hacking exploit

Mac users of the Zoom video conferencing app are warned their webcams could be hijacked, security firms warn of how scammers are deepfaking audio to steal from businesses, and our guest owns up to the role he played in an Iranian cyberattack against US organisations.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Charl van der Walt.

Visit https://www.smashingsecurity.com/136 to check out this episode’s show notes and episode links.

Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Special Guest: Charl van der Walt.

Sponsored By:

• LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
• 
  
• But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
• 
  
• Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.
• Recorded Future: For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you.
• 
  
• "The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber attacks.
• 
  
• Download it for free at smashingsecurity.com/intelligence

Support Smashing Security

Links:

• Zoom Zero Day: 4+ Million Webcams & maybe an RCE? Just get them to visit your website!
• Zoom Mac flaw allows webcams to be hijacked - because they wanted to save you a click — Graham Cluley.
• USCYBERCOM Malware Alert on Twitter.
• CISA Statement on Iranian Cybersecurity Threats — Department of Homeland Security.
• Patch for Microsoft Outlook security vulnerability.
• U.S. Military Warns Outlook Users To Update Immediately Over Hack Linked To Iran — Forbes.
• U.S. Cyber Command Shares Malware via VirusTotal — SecurityWeek.
• Steve Buscemi Swapped On Jennifer Lawrence — YouTube.
• Fake voices 'help cyber-crooks steal cash' — BBC News.
• New AI deepfake app creates nude images of women in seconds — The Verge.
• Horrifying DeepNude App Undresses a Photo of Any Woman With a Single Click — Motherboard.
• Learn how to spot deepfake videos — Slate.
• 507 Mechanical Movements.
• ‘Born a Crime,’ Trevor Noah’s Raw Account of Life Under Apartheid — The New York Times.
• The global tree restoration potential — Science.
• How to erase 100 years of carbon emissions? Plant trees—lots of them — National Geographic.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
• Support us on Patreon!