Graham Cluely

D’oh! Apple botches iOS update, leaves iPhones open to jailbreaking

Graham Cluely Security Blog - 1 hour 54 min ago

For the first time in years, hackers have created a working exploit that can jailbreak the latest, fully-updated version of iOS.

And a goof by Apple has allowed them do it.

Read more in my article on the Hot for Security blog.

Categories: Graham Cluely

20 month prison sentence for British hacker who made fortune helping SIM-swap fraudsters

Graham Cluely Security Blog - Mon, 08/19/2019 - 10:20am

A teenage British hacker, who previously played a role in the infamous TalkTalk data breach, has been sentenced to 20 months in prison after pleading guilty to selling hacking services and stolen personal data for cryptocurrency.

Read more in my article on the Hot for Security blog.

Categories: Graham Cluely

European Central Bank confirms website hack and data breach

Graham Cluely Security Blog - Fri, 08/16/2019 - 5:48am

The European Central Bank (ECB), the central bank of the 19 European countries which have adopted the euro, has shut down a compromised website after it discovered that hackers had planted malware that stole information from newsletter subscribers.

Categories: Graham Cluely

“NULL” vanity plate hack to dodge parking tickets backfires to the tune of $12,000

Graham Cluely Security Blog - Thu, 08/15/2019 - 11:07am

A US security researcher called Droogie thought he’d come up with the perfect wheeze to avoid being fined by the Department of Motor Vehicles (DMV) – he bought a personalised license plate which we believed would mess with the DMV’s database.

The name on Droogie’s vanity plate? “NULL”

Categories: Graham Cluely

More than a million people have their biometric data exposed in massive security breach

Graham Cluely Security Blog - Thu, 08/15/2019 - 9:01am

A biometrics system used to secure more than 1.5 million locations around the world – including banks, police forces, and defence companies in the United States, UK, India, Japan, and the UAE – has suffered a major data breach, exposing a huge number of records and unencrypted fingerprints.

Read more in my article on the Tripwire State of Security blog.

Categories: Graham Cluely

Smashing Security #141: Black Hat and Bridezillas

Graham Cluely Security Blog - Thu, 08/15/2019 - 6:04am

Say cheese to ransomware on your camera! A sponsored speech at Black Hat causes uproar, and should you trust that Lightning cable you’re about to plug into your MacBook?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire’s Dave Bittner.

Categories: Graham Cluely

Microsoft warns of wormable vulnerabilities in Windows

Graham Cluely Security Blog - Wed, 08/14/2019 - 9:59am

Microsoft’s security team warns that the remote code execution vulnerabilities could be abused by malware to spread from computer to computer without requiring any user interaction. Patch your systems now!

Read more in my article on the Hot for Security blog.

Categories: Graham Cluely

Patch your internet-connected printer! Serious vulnerabilities discovered

Graham Cluely Security Blog - Tue, 08/13/2019 - 3:41pm

Printers, just like any other IoT-enabled device, need to be secured, and updated with the latest firmware and patches to prevent a successful hacker attack.

Read more in my article on the Bitdefender BOX blog.

Categories: Graham Cluely

Cryptocurrency exchange Binance offers $290,000 bounty to unmask blackmailer

Graham Cluely Security Blog - Thu, 08/08/2019 - 9:38am

One of the world’s largest cryptocurrency exchanges has revealed that it is being blackmailed to the tune of 300 Bitcoin (approximately US $3.5 million) by someone who is threatening to release some 10,000 sensitive photographs of its customers.

Read more in my article on the Tripwire State of Security blog.

Categories: Graham Cluely

Smashing Security #140: Love, PINs, and 8chan

Graham Cluely Security Blog - Thu, 08/08/2019 - 4:54am

Is the PIN you use for your bank card secure? How did one woman get duped into giving a romance scammer $200,000? And Cloudflare and other online services take aim at a vile corner of the internet…

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

Categories: Graham Cluely

AT&T workers bribed to install malware on company network and unlock iPhones

Graham Cluely Security Blog - Wed, 08/07/2019 - 12:53pm

34-year-old Muhammad Fahd has been charged for his part in a criminal scheme that is said to have cost AT&T millions of dollars.

Read more in my article on the Hot for Security blog.

Categories: Graham Cluely

SWAPGS attack: The Spectre-like flaw affecting Intel CPUs

Graham Cluely Security Blog - Wed, 08/07/2019 - 5:59am

Security researchers at Bitdefender have discovered a way of exploiting a flaw in Intel chips that could be used to steal passwords and encryption keys.

Categories: Graham Cluely

You really should listen to the award-winning “Smashing Security” podcast

Graham Cluely Security Blog - Tue, 08/06/2019 - 10:10am

“Smashing Security” is a weekly podcast where I, Carole Theriault, and a special guest discuss some of the quirky stories from the last week’s cybersecurity news headlines, and anything else that takes our fancy.

Categories: Graham Cluely

500,000 Monzo banking customers told to change their PINs

Graham Cluely Security Blog - Tue, 08/06/2019 - 8:18am

Mobile-only bank Mozo has apologised for a gaffe which left the PINs of a subset of its customers exposed to its internal engineers.

Categories: Graham Cluely

GermanWiper isn’t ransomware. It’s worse than that

Graham Cluely Security Blog - Mon, 08/05/2019 - 9:41am

The tech press is full of stories about “a new ransomware strain” called GermanWiper, that has hit German businesses hard in the last week.

But the reality is that GermanWiper is much worse than ransomware.

Categories: Graham Cluely

Amazon now lets you opt-out of having humans review your Alexa conversations

Graham Cluely Security Blog - Mon, 08/05/2019 - 5:47am

Now it’s Amazon’s turn to respond to growing concerns about sensitive personal conversations recorded by digital home assistants are being reviewed by third-party contractors.

Categories: Graham Cluely

Apple’s Siri contractors will no longer hear you having sex, making drug deals

Graham Cluely Security Blog - Fri, 08/02/2019 - 8:18am

Apple has decided to suspend what it calls Siri “grading” globally, while it conducts a “thorough review.”

Categories: Graham Cluely

Google contractors told to stop listening to conversations captured on your Home assistant… for now, in Europe at least

Graham Cluely Security Blog - Fri, 08/02/2019 - 7:59am

Google has agreed to temporarily stop listening to audio captured by its Google Home smart speaker across the European Union… after an investigation was started by German regulators.

Categories: Graham Cluely

Exposed internal database reveals vulnerable unpatched systems at Honda

Graham Cluely Security Blog - Thu, 08/01/2019 - 10:51am

Automotive giant Honda has shut down an exposed database that contained sensitive information about the security – specifically the weak points – of its internal network.

Read more in my article on the Tripwire State of Security blog.

Categories: Graham Cluely

Smashing Security #139: Capital One hacked, iMessage flaws, and anonymity my ass!

Graham Cluely Security Blog - Thu, 08/01/2019 - 6:09am

Capital One gets hacked, critical vulnerabilities are found in iMessage, and data anonymization may not be as good as we hope. But listen up, we also discuss the Legend of Zelda, a biography of tech giants, offer advice for escaping an angry moose, and are introduced to… Penelope?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast.

Categories: Graham Cluely

Pages