Graham Cluely

International email bomb hoax proves to be a spectacular failure

Graham Cluely Security Blog - Fri, 12/14/2018 - 12:50pm

Authorities in the United States, Canada, Australia, and New Zealand are said to be investigating a wave of bogus bomb threats that have been sent to a variety of organisations late on Thursday.

But if the hoaxer thought they were going to make a lot of money through the scam, they’re going to be disappointed.

Categories: Graham Cluely

2018 - a year of data breaches in review

Graham Cluely Security Blog - Fri, 12/14/2018 - 5:59am

Week after week, month after month, 2018 saw organisations and companies struck by massive and damaging data breaches, putting the personal details of innocent members of the public at risk.

Read more in my article on the Bitdefender Business Insights blog.

Categories: Graham Cluely

Unlocking Android phones with a 3D-printed head

Graham Cluely Security Blog - Thu, 12/13/2018 - 1:30pm

Forbes journalist Thomas Brewster wanted to find out just how well a variety of Android phones and a top-of-the-range Apple iPhone would fare against a determined attempt to break facial recognition. And he did that by having a 3D-model printed of his head.

Read more in my article on the Tripwire State of Security blog.

Categories: Graham Cluely

Smashing Security #108: Hoaxes, Huawei and chatbots - with Mikko Hyppönen

Graham Cluely Security Blog - Thu, 12/13/2018 - 4:52am

The curious case of George Duke-Cohan, Huawei’s CFO finds herself in hot water, and the crazy world of mobile phone mental health apps.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guests Mikko Hyppönen from F-Secure and technology journalist Geoff White.

Categories: Graham Cluely

Supermicro says independent investigation found no spy chips on its motherboards

Graham Cluely Security Blog - Wed, 12/12/2018 - 4:49pm

An independent audit has found no evidence that malicious chips were planted on Supermicro’s motherboards, debunking Bloomberg claims that servers at Amazon and Apple were being spied upon by China.

Categories: Graham Cluely

Bad news for scammers. Huawei executive Meng Wanzhou has been released on bail

Graham Cluely Security Blog - Wed, 12/12/2018 - 9:48am

Scammers want you to send $2000 to help Huawei’s CFO bribe her way out of jail.

Categories: Graham Cluely

Google admits Google Plus hit by *another* privacy flaw, speeds up site’s closure

Graham Cluely Security Blog - Mon, 12/10/2018 - 9:30pm

Google has admitted that Google Plus suffered another security failure last month, allowing the personal information of 52 million users to be accessed by third-party apps and developers without permission.

Categories: Graham Cluely

GlobeImposter ransomware victims find themselves abandoned by their extortionists

Graham Cluely Security Blog - Mon, 12/10/2018 - 8:20pm

It’s a bad day when your computers get hit by ransomware.

But it only gets worse when you realise that you not only don’t have backups, but also have no way of contacting the criminals who encrypted your data.

Categories: Graham Cluely

Three years in jail for teenager who spammed out school bomb threats

Graham Cluely Security Blog - Fri, 12/07/2018 - 10:35am

British teenager George Duke-Cohan has been jailed for three years for making hoax bomb threats that closed hundreds of schools up and down the UK.

Categories: Graham Cluely

Malicious Chrome extension which sloppily spied on academics believed to originate from North Korea

Graham Cluely Security Blog - Thu, 12/06/2018 - 8:04am

Computer users are being reminded once again to take care over the browser extensions they install after security experts discovered a hacking campaign that has been targeting academic institutions since at least May 2018.

Read more in my article on the Tripwire State of Security blog.

Categories: Graham Cluely

Smashing Security #107: Sextorting the US army, and a Touch ID scam

Graham Cluely Security Blog - Wed, 12/05/2018 - 8:16pm

Fitness apps exploit TouchID through a sneaky user interface trick, tech giants claim to have a plan to banish passwords, and you won’t believe who was behind a sextortion scam that targeted over 400 members of the US military.

All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by ferret-loving ethical hacker Zoë Rose.

Categories: Graham Cluely

It looked like a Citrix ShareFile phishing attack, but wasn’t

Graham Cluely Security Blog - Wed, 12/05/2018 - 9:48am

Guest contributor Bob Covello isn’t happy about a password reset email that Citrix has been sending its customers.

If you’re a company contacting your customers via email, please make sure it doesn’t look phishy.

Categories: Graham Cluely

Quora hack leaves details of 100 million accounts exposed

Graham Cluely Security Blog - Tue, 12/04/2018 - 7:58am

Approximately 100 million Quora users may have had their information accessed by hackers.

Categories: Graham Cluely

Fitness-tracking apps caught misusing Touch ID to steal money from iPhone users

Graham Cluely Security Blog - Mon, 12/03/2018 - 2:53pm

Two iOS fitness apps have been found exploiting a sneaky user interface trick to fool users into making unwanted in-app purchases with Touch ID.

Categories: Graham Cluely

Digitize and automate your customer agreement process for financial transactions. Download this free OneSpan guide.

Graham Cluely Security Blog - Mon, 12/03/2018 - 2:05pm

Graham Cluley Security News is sponsored this week by the folks at OneSpan. Thanks to the great team there for their support!

More than 10,000 customers in 100 countries rely on OneSpan to secure access, manage identities, verify transactions, simplify document signing and protect high value assets and systems.

OneSpan is now giving you the chance to download its Financial Agreement Automation RFP Guide for Account Opening, Digital Lending and Leasing Automation.

Trillions of dollars in financial transactions are processed each year. These include credit agreements, loans, new account openings, mortgages, pensions and annuities.

Today’s customer is looking for speed, ease and convenience. To meet these demands, financial institutions must offer fully digital experiences.

This guide is for financial institutions evaluating technology for agreement automation.

Agreement automation refers to the digitization of the customer agreement process for financial transactions – including application data validation, digital identity verification, agreement signing and storage, and audit trail capture.

This guide will assist you in:

  • Determining your agreement automation requirement
  • Deciding which stakeholders to involve in the RFP process
  • Developing RFP questions (14 pages of sample RFP questions provided)
  • Evaluating options for implementation

Download your copy of OneSpan’s guide now.

If you’re interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.

Categories: Graham Cluely

Marriott warns of hack. 500 million Starwood hotel guests’ personal data could be exposed.

Graham Cluely Security Blog - Fri, 11/30/2018 - 7:35am

There’s bad news if you’re one of the 500 million hotel guests whose data was included on the Starwood guest reservation database.

Categories: Graham Cluely

US charges Iranian hackers for SamSam ransomware attacks

Graham Cluely Security Blog - Thu, 11/29/2018 - 9:27am

Authorities in the United States have charged two people in connection with a series of notorious ransomware attacks.

Read more in my article on the Tripwire State of Security blog.

Categories: Graham Cluely

Dell suffers security breach, reset customer passwords (but didn’t tell customers why until now)

Graham Cluely Security Blog - Thu, 11/29/2018 - 9:23am

Dell has revealed that earlier this month it discovered that hackers had breached its security and were attempting to access customer details - including names, email addresses, and hashed passwords.

Categories: Graham Cluely

Smashing Security #106: Google Maps, Fed phishing, and Grinch bots

Graham Cluely Security Blog - Thu, 11/29/2018 - 7:04am

How are scammers stealing your money through Google Maps? Why did the FBI create a fake FedEx website? And how are US senators hoping to stop Grinch bots ruining Christmas?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

And don’t miss our special bonus interview about passwords with Rachael Stockton of LastPass.

Categories: Graham Cluely

Germany proposes security guidelines for routers, but not everybody is happy

Graham Cluely Security Blog - Wed, 11/28/2018 - 11:53am

The German government has published draft guidelines on how it believes broadband routers should be secured. But some people think more could be done.

Read more in my article on the Bitdefender Box blog.

Categories: Graham Cluely

Pages