Graham Cluely

For the first time in years, hackers have created a working exploit that can jailbreak the latest, fully-updated version of iOS.

And a goof by Apple has allowed them do it.

Read more in my article on the Hot for Security blog.

A teenage British hacker, who previously played a role in the infamous TalkTalk data breach, has been sentenced to 20 months in prison after pleading guilty to selling hacking services and stolen personal data for cryptocurrency.

Read more in my article on the Hot for Security blog.

The European Central Bank (ECB), the central bank of the 19 European countries which have adopted the euro, has shut down a compromised website after it discovered that hackers had planted malware that stole information from newsletter subscribers.

A US security researcher called Droogie thought he’d come up with the perfect wheeze to avoid being fined by the Department of Motor Vehicles (DMV) – he bought a personalised license plate which we believed would mess with the DMV’s database.

The name on Droogie’s vanity plate? “NULL”

A biometrics system used to secure more than 1.5 million locations around the world – including banks, police forces, and defence companies in the United States, UK, India, Japan, and the UAE – has suffered a major data breach, exposing a huge number of records and unencrypted fingerprints.

Read more in my article on the Tripwire State of Security blog.

Say cheese to ransomware on your camera! A sponsored speech at Black Hat causes uproar, and should you trust that Lightning cable you’re about to plug into your MacBook?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire’s Dave Bittner.

Microsoft’s security team warns that the remote code execution vulnerabilities could be abused by malware to spread from computer to computer without requiring any user interaction. Patch your systems now!

Read more in my article on the Hot for Security blog.

Printers, just like any other IoT-enabled device, need to be secured, and updated with the latest firmware and patches to prevent a successful hacker attack.

Read more in my article on the Bitdefender BOX blog.

One of the world’s largest cryptocurrency exchanges has revealed that it is being blackmailed to the tune of 300 Bitcoin (approximately US $3.5 million) by someone who is threatening to release some 10,000 sensitive photographs of its customers.

Read more in my article on the Tripwire State of Security blog.

Is the PIN you use for your bank card secure? How did one woman get duped into giving a romance scammer $200,000? And Cloudflare and other online services take aim at a vile corner of the internet…

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

34-year-old Muhammad Fahd has been charged for his part in a criminal scheme that is said to have cost AT&T millions of dollars.

Read more in my article on the Hot for Security blog.

Security researchers at Bitdefender have discovered a way of exploiting a flaw in Intel chips that could be used to steal passwords and encryption keys.

“Smashing Security” is a weekly podcast where I, Carole Theriault, and a special guest discuss some of the quirky stories from the last week’s cybersecurity news headlines, and anything else that takes our fancy.

Mobile-only bank Mozo has apologised for a gaffe which left the PINs of a subset of its customers exposed to its internal engineers.

The tech press is full of stories about “a new ransomware strain” called GermanWiper, that has hit German businesses hard in the last week.

But the reality is that GermanWiper is much worse than ransomware.

Now it’s Amazon’s turn to respond to growing concerns about sensitive personal conversations recorded by digital home assistants are being reviewed by third-party contractors.

Apple has decided to suspend what it calls Siri “grading” globally, while it conducts a “thorough review.”

Google has agreed to temporarily stop listening to audio captured by its Google Home smart speaker across the European Union… after an investigation was started by German regulators.

Automotive giant Honda has shut down an exposed database that contained sensitive information about the security – specifically the weak points – of its internal network.

Read more in my article on the Tripwire State of Security blog.

Capital One gets hacked, critical vulnerabilities are found in iMessage, and data anonymization may not be as good as we hope. But listen up, we also discuss the Legend of Zelda, a biography of tech giants, offer advice for escaping an angry moose, and are introduced to… Penelope?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast.