Graham Cluely
Hundreds of thousands of cryptocurrency investors put at risk after BuyUCoin security breach
Another day, and another report that a cryptocurrency exchange has been breached by malicious hackers.
Indian cryptocurrency exchange BuyUCoin says that is investigating claims that sensitive data related to hundreds of thousands of its users has been published on the dark web, where it is available for free download.
Read more in my article on the Hot for Security blog.
Categories: Graham Cluely
Hackers release over 4,000 files stolen from Scottish environment agency in ransomware attack
The Conti ransomware gang has published corporate plans, contracts, spreadsheets, and personal information about staff, amongst other files stolen in a ransomware attack against the Scottish Environment Protection Agency (SEPA).
Read more in my article on the Hot for Security blog.
Categories: Graham Cluely
Is Joe Biden’s Peloton a cybersecurity risk? Don’t sweat about it
Joe Biden is now the President of the United States of America, and what are the papers talking about?
His internet-connected Peloton exercise bike.
Categories: Graham Cluely
Google Chrome wants to fix your unsafe passwords
In the coming weeks Google will be rolling out a new feature to users of its Chrome browser which will make it easier to check for weak passwords and warn if stored passwords have been compromised in a past data breach.
Read more in my article on the Tripwire State of Security blog.
Categories: Graham Cluely
Post-ransomware attack, Hackney Council wants to change its cybersecurity culture
Following a devastating ransomware attack, the London Borough Council of Hacney is looking for some external expertise to evaluate its staff's understanding of their security responsibilities, and help them adopt effective security practices.
Do you think you could help them?
Categories: Graham Cluely
Smashing Security podcast #211: Fleeking, COVID-19 hacking, and Bitcoin balls-ups
Your privacy may be at risk if you're on Fleek, hackers not only steal COVID-19 vaccine data but then tamper with it to spread mistrust, and the Bitcoin bungles keep on coming...
All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Hacker Valley Studio's Ron Eddings.
Categories: Graham Cluely
How most large cloud breaches happen revealed in Orca Security report
The world of cybersecurity isn’t fair. Security teams need to secure everything, but attackers need only find one weak link. For most organizations, cloud workload security is dependent upon the installation and maintenance of security agents across all assets. Something that rarely happens, as Orca Security's new report reveals.
Categories: Graham Cluely
Scottish environmental agency still struggling after Christmas Eve ransomware attack
The Scottish Environment Protection Agency (SEPA) has confirmed that it is continuing to respond to an ongoing ransomware attack that has encrypted files, disrupted systems and seen 1.2 GB of data stolen by cybercriminals.
Read more in my article on the Hot for Security blog.
Categories: Graham Cluely
Swanky Wentworth golf club hacked, details of 4000 members stolen in ransomware attack
Members of one of England's most exclusive golf clubs has warned its 4000 members that their personal details may have fallen into the hands of hackers following a ransomware attack.
Categories: Graham Cluely
Cryptocurrency scammers hijack verified accounts once again, jumping on Elon Musk’s Twitter threads
Hackers are still making hay hijacking the accounts of verified celebrity users to promote cryptocurrency scams.
Categories: Graham Cluely
Cybercriminals are bypassing multi-factor authentication to access organisation’s cloud services
The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to companies to better protect their cloud-based accounts after several recent successful attacks.
Read more in my article on the Tripwire State of Security blog.
Categories: Graham Cluely
Orca Security public cloud security report reveals how most large cloud breaches happen
Graham Cluley Security News is sponsored this week by the folks at Orca Security. Thanks to the great team there for their support! You’re probably familiar with the shared responsibility model. The basic idea is that public cloud providers such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) keep their platforms … Continue reading "Orca Security public cloud security report reveals how most large cloud breaches happen"
Categories: Graham Cluely
Smashing Security podcast #210: DC rioters ID’d, Energydots, and ransomware gets you in a pickle
Penile penal problems, identifying rioters in Washington DC, and can a sticker protect you from radiation?
All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.
And don't miss our featured interview with CrowdSec's Philippe Humeau.
Categories: Graham Cluely
Microsoft patches anti-virus bug that allowed boobytrapped files to run malicious code when scanned
Microsoft has patched a security vulnerability that was - ironically - exploiting usage of the company's own Windows security product, Microsoft Defender Antivirus.
Categories: Graham Cluely
Ubiquiti users told to change their passwords following security breach
IoT device vendor Ubiquiti has told customers that they should change their passwords after a security breach left user details exposed.
Read more in my article on the Hot for Security blog.
Categories: Graham Cluely
Russia-linked postcard was “sent to FireEye’s CEO after cybersecurity firm uncovered hack”
The CEO of FireEye, the cybersecurity company hacked by a state-sponsored attack, received a postcard at his home mocking any claims that Russia might have been responsible.
Categories: Graham Cluely
Donald Trump’s presidency ended today, claims altered US State Department website
The biographies of outgoing US President Donald Trump and his Vice President Mike Pence were mysteriously changed on the official US State Department website at some point on Monday.
Visitors to www.state.gov were unable to view facts about the country's top politicians, as somebody appeared to have mysteriously wiped them - only to be replace them with a solitary line detailing the end of their term.
Categories: Graham Cluely
Ransomware gangs scavenge for sensitive data by targeting top executives
In their attempt to extort as much money as quickly as possible out of companies, ransomware gang know some effective techniques to get the full attention of a firm's management team.
And one of them is to specifically target the sensitive information stored on the computers used by a company's top executives, in the hope of finding valuable data that can best pressure bosses into approving the payment of a sizeable ransom.
Read more in my article on the Tripwire State of Security blog.
Categories: Graham Cluely
Data stolen from Hackney Council posted on dark web by ransomware gang
The cybercrime gang behind the PYSA ransomware has released files which they claim to have stolen from the London borough council of Hackney during an attack last year.
Categories: Graham Cluely
Ill-conceived Donald Trump sex video malware attack attempts to install RAT on Windows PCs
Have you been emailed a file claiming to be video evidence of a Donald Trump sex scandal? Don't click!
Categories: Graham Cluely