Graham Cluely

WannaCry's "accidental hero" pleads guilty to malware charges, Samsung and Nokia have fingerprint fumbles, the NCSC publishes a list of 100,000 dreadful passwords, and Apple finds itself at the centre of an identity mix-up. All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes.

MEP Matt Carthy wondered why the battery life on his laptop was running down so quickly...

Fitness fanatics are being advised to change their passwords after one of the world’s largest and most popular online fitness stores admitted that it had suffered a security breach that might have exposed customer data. Read more in my article on the Hot for Security blog.

Just another day at Facebook.

Yes, they stole 1.5 million people’s address books without asking permission, but hey they say it was “unintentional” so.…

British investigative journalist Carole Cadwalladr gave a passionate speech at the TED conference in Vancouver this week. You should watch it.

Vishwanath Akuthota didn’t make it hard for authorities to prove that he was the person who destroyed $58,000 worth of college equipment using a USB stick.

Read more in my article on the Tripwire State of Security blog.

The hacker who lived the high life after spreading malware via porn sites, Wipro demonstrates how to turn a cybersecurity crisis into a PR disaster, and why are humans listening in to your Alexa conversations?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Brian Honan.

Don’t want to wait for Microsoft to fix the problem in how Internet Explorer handles .MHT files? Other security researchers come to the rescue.

Recent months seem to have seen a rise in extortion emails, designed to scare users into handing over their money.

Even if you don’t use Internet Explorer any more, it may still be posing a potential risk by being installed on your Windows PCs.

Read more in my article on the Hot for Security blog.

Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support!

At Recorded Future, we believe every security team can benefit from threat intelligence. That’s why we’ve published “The Threat Intelligence Handbook.”

It’s aimed at helping security professionals realize the advantages of threat intelligence by offering practical steps for applying threat intelligence in any organization.

Download your free copy now.

About Recorded Future

Recorded Future delivers the only complete threat intelligence solution powered by patented machine learning to lower risk. We empower organizations to reveal unknown threats before they impact business, and enable teams to respond to alerts 10 times faster. To supercharge the efforts of security teams, our technology automatically collects and analyzes intelligence from technical, open web, and dark web sources and aggregates customer-proprietary data. Recorded Future delivers more context than threat feeds, updates in real time so intelligence stays relevant, and centralizes information ready for human analysis, collaboration, and integration with security technologies. 91 percent of the Fortune 100 use Recorded Future.

If you’re interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.

When Berkeley High School in California held its first ever elections for student government last month, things went about as well you probably expected…

Microsoft says that it had identified that one of its support agents had had their username and password stolen, which allowed hackers to access information stored within users’ email accounts.

Read more in my article on the Hot for Security blog.

A US court has convicted two Romanian hackers belonging to the Bayrob malware gang after they infected over 400,000 computers around the world, and stole millions of dollars.

Read more in my article on the Hot for Security blog.

How did a cybercrime gang steal a billion dollars from banks and financial instituions.

Come to the talk I’m giving in London, and find out.

A British man has been jailed for over six years after exploiting ad networks on pornographic websites to spread malware onto innocent users’ computers.

Read more in my article on the Tripwire State of Security blog.

With Graham incapacitated, we drag an episode out from the archives. In this special “splinter” episode of the “Smashing Security” podcast from September 2017 we tackle the tricky subject of backups - when did you last backup your data? how and what should you backup? and where should you store them?

Lots of questions and Graham gets to do his Tina Turner impression.

All this and more is discussed in this edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

As hacker claims the entire process can be completed in just three minutes, you would be wise to remember that fingerprints are not the same as passwords.

Stalkerware. Software that allows someone else to spy upon every SMS text message you send or receive, who you’re speaking to on your smartphone phone, the pictures in your photo library, every social media post you make, your current location, and where you go and when.

The EFF’s Eva Galperin calls on the security industry to take stalkerware more seriously.

Graham Cluley Security News is sponsored this week by the folks at CloudShare. Thanks to the great team there for their support!

As cyber hacks, ransomware, and other breaches continue to rise, companies are quickly realizing the need for increasing their cybersecurity staff. Current data however indicates that the cybersecurity manpower shortage continues to grow, with over 1,000,000 cybersecurity positions unfilled in the U.S. alone.

The relationship between this shortage of cyber security skills and hacking exposure can’t be ignored, with many companies feeling that their lack of employees with cybersecurity skills make for more desirable targets for cyber criminals. It’s imperative therefore that these employees are sufficiently trained to receive the promised benefits from products and solutions, and able to sell and support them as well.

The challenges facing the cyber industry today can be overcome in a variety of ways such as:

• Replicating complicated products with complex networking features.
• Running complex training scenarios (for example, injecting scripts).
• Providing templates of complex related structures.
• Offering timed environments.
• Creating replication of complex environments in seconds.

Securing the enterprise is a people problem that needs immediate attention!

Download the free eBook “Under Attack!”, and get a comprehensive examination of the skill-building strategies needed to strengthen lines of defense across the organization including:

• An examination of today’s urgent cybersecurity skills crisis
• The top ten actions organizations can take to become more cyber resilient
• Insights into the most effective cybersecurity training options
• Tips for creating a corporate cybersecurity culture

“People impact security outcomes much more than any technology, policy or process.”
Joanna G. Huisman, Analyst at Gartner

Since 2007, CloudShare has been the leading supplier of virtual IT labs in the cloud, with specialized solutions designed to meet a wide variety of business needs – including training, sales enablement, and sandboxing for testing and support.

CloudShare customers include leading software and cybersecurity companies, such as Palo Alto Networks, Atlassian, ForgeRock, Sophos, Fortinet and Check Point Software Technologies.

If you’re interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.