Graham Cluely

Websites of eight US cities poisoned by malware skimming the credit card details of residents

Graham Cluely Security Blog - Thu, 07/02/2020 - 12:06pm

Beware if you’re paying your bills for local government services – the payment information you type into that web form may be heading straight to cybercriminals.

Categories: Graham Cluely

22,900 MongoDB databases held to ransom by hacker threatening to report firms for GDPR violations

Graham Cluely Security Blog - Thu, 07/02/2020 - 11:16am

Hackers are once again finding unsecured MongoDB databases, wiping their contents, and leaving ransom demands.

So far, so normal. But what’s different this time is that they’re also threatening to report their victims for violating GDPR.

Read more in my article on the Tripwire State of Security blog.

Categories: Graham Cluely

Smashing Security podcast #185: Bieber fever, Roblox, and ransomware

Graham Cluely Security Blog - Thu, 07/02/2020 - 8:59am

Who’s been dressing Robox players up in red baseball caps? Which ransomware victim’s negotations got spied on by the media? And should Jason Bieber think twice before touching his hat? Oh, and we need to talk about squirrels…

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast.

Categories: Graham Cluely

Watching a $1.14 million ransomware negotiation between hackers and scientists searching for COVID-19 treatments

Graham Cluely Security Blog - Mon, 06/29/2020 - 11:47am

An anonymous tip-off to BBC News enabled them to watch in real-time as an American medical university attempted to negotiate with the hackers who had infected its systems with ransomware.

Categories: Graham Cluely

Voice recordings from domestic violence alerting app exposed on the internet

Graham Cluely Security Blog - Mon, 06/29/2020 - 9:43am

A smartphone app, disguised as a regular app delivering the top world, sports, and entertainment news, containing a secret feature that allows victims of domestic abuse to send a covert distress call for help at the touch of a button.

What could possibly go wrong?

Read more in my article on the Hot for Security blog.

Categories: Graham Cluely

Man sentenced, two others charged, in connection with Satori IoT botnet

Graham Cluely Security Blog - Fri, 06/26/2020 - 8:38am

Even after being charged, Kenneth Schuchman continued to create and operate a DDoS botnet, and communicate with his co-conspirators.

Read more in my article on the Hot for Security blog.

Categories: Graham Cluely

Find a Playstation 4 vulnerability and earn over $50,000

Graham Cluely Security Blog - Thu, 06/25/2020 - 10:25am

Do you think you have found a vulnerability in the Sony PlayStation 4 or the PlayStation Network?

You could be heading towards a sizeable sum of money, after Sony announced details of its new bug bounty program. Just be sure to play by the rules…

Read more in my article on the Tripwire State of Security blog.

Categories: Graham Cluely

The inside story of the Maersk NotPetya ransomware attack, from someone who was there

Graham Cluely Security Blog - Thu, 06/25/2020 - 8:48am

Gavin Ashton was an IT security guy working at Maersk at the time of it was hit hard by the NotPetya ransomware. Now he’s written an article about his experiences, and shares advice for others.

Categories: Graham Cluely

Smashing Security podcast #184: Vanity Bitcoin wallets, BlueLeaks, and a Coronavirus app conspiracy

Graham Cluely Security Blog - Thu, 06/25/2020 - 6:02am

A conspiracy spreads on social media about Coronavirus tracing apps, US police find decades’ worth of sensitive data leaked online, and is there a Bitcoin bonanza to be had from watching Elon Musk YouTube videos?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by BBC technology reporter Zoe Kleinman.

Categories: Graham Cluely

DDoSecrets thrown off Twitter after distributing 269GB BlueLeaks data dump

Graham Cluely Security Blog - Wed, 06/24/2020 - 2:03pm

The activist group Distributed Denial of Secrets, perhaps better known by their shorter but clumsy moniker DDoSecrets, has been permanently banned from Twitter.

Read more in my article on the Hot for Security blog.

Categories: Graham Cluely

HEY pulls feature which could expose email threads without participants’ knowledge

Graham Cluely Security Blog - Wed, 06/24/2020 - 12:49pm

HEY, a new service which aims to revolutionise users’ inboxes, admits it made a mistake which could have made it too easy for private messages to be exposed.

Categories: Graham Cluely

Password security is critical in a remote work environment – see where businesses are putting themselves at risk

Graham Cluely Security Blog - Wed, 06/24/2020 - 8:25am

Graham Cluley Security News is sponsored this week by the folks at LastPass. Thanks to the great team there for their support! LastPass has analyzed over 47,000 businesses to bring you insights into security behavior worldwide. The takeaway is clear: Many businesses are making significant strides in some areas of password and access security – […]

Categories: Graham Cluely

Pubs and restaurants left guessing after being told to collect customer data as lockdown eases

Graham Cluely Security Blog - Wed, 06/24/2020 - 6:58am

In just ten days, the UK Government says English pubs, restaurants, and cafes can open again for business.

However, they are told that they should collect contact information about every customer and visitor to their premises. But what they’re not told is how they should do this in a way that protects people’s security and privacy.

Categories: Graham Cluely

Stalker Online hacked! Over one million gamers’ passwords made available for download

Graham Cluely Security Blog - Mon, 06/22/2020 - 8:59am

More than one million players of the video game Stalker Online have been put at risk after hackers offered them for sale on the darknet.

Categories: Graham Cluely

Woman who deliberately deleted firm’s Dropbox is sentenced

Graham Cluely Security Blog - Fri, 06/19/2020 - 10:03am

58-year-old Danielle Bulley may not look like your typical cybercriminal, but the act of revenge she committed against a company had just as much impact as a conventional hacker breaking into a business’s servers and causing havoc.

Read more in my article on the Hot for Security blog.

Categories: Graham Cluely

Aussie surfer’s hacked Instagram sent sexually explicit images to her 40,000 followers

Graham Cluely Security Blog - Fri, 06/19/2020 - 7:53am

18-year-old Blaze Angel Roberts is a talented surfer with 40,000 Instagram followers.

Unfortunately, her popularity also seems to have drawn the unwanted attention of hackers, who successfully tricked her into clicking on a phishing link, and handing over the password to her email account.

Categories: Graham Cluely

Copied master key forces South African bank to replace 12 million cards

Graham Cluely Security Blog - Thu, 06/18/2020 - 8:32am

Fraudsters stole more than $3.2 million from the banking division of South Africa’s post office, after – in a catastrophic breach of security – employees printed out the bank’s master key.

Read more in my article on the Tripwire State of Security blog.

Categories: Graham Cluely

Smashing Security podcast #183: MAMILs, gameshows, and a surprise from eBay

Graham Cluely Security Blog - Thu, 06/18/2020 - 5:28am

A TV gameshow with cash prizes if you’re obeying Coronavirus lockdown rules, ex-Ebay staff charged in crazy cyberstalking case, and when the wrong cyclist was accused by the internet bearing pitchforks.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

Categories: Graham Cluely

New Mac malware spreads disguised as Flash Player installer via Google search results

Graham Cluely Security Blog - Wed, 06/17/2020 - 12:28pm

Apple Mac users are warned of a new in-the-wild malware threat which masquerades as an installer for Adobe Flash Player.

Categories: Graham Cluely

NHS Test & Trace sends text to wrong person, telling them they tested negative for Coronavirus

Graham Cluely Security Blog - Wed, 06/17/2020 - 11:50am

A former MP warns that she received a message intended for someone else, with the results of their Coronavirus test.

Categories: Graham Cluely

Pages