Graham Cluely

Smashing Security #125: Pick of the thief!

Graham Cluely Security Blog - 1 hour 32 min ago
WannaCry's "accidental hero" pleads guilty to malware charges, Samsung and Nokia have fingerprint fumbles, the NCSC publishes a list of 100,000 dreadful passwords, and Apple finds itself at the centre of an identity mix-up. All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes.
Categories: Graham Cluely

Facial recognition fail allows politician’s kids to access his laptop

Graham Cluely Security Blog - Wed, 04/24/2019 - 2:04pm
MEP Matt Carthy wondered why the battery life on his laptop was running down so quickly...
Categories: Graham Cluely

Bodybuilders beware! One of the world’s largest online fitness stores hit by security breach

Graham Cluely Security Blog - Wed, 04/24/2019 - 1:15pm
Fitness fanatics are being advised to change their passwords after one of the world’s largest and most popular online fitness stores admitted that it had suffered a security breach that might have exposed customer data. Read more in my article on the Hot for Security blog.
Categories: Graham Cluely

Facebook hoovered up 1.5 million users’ email contacts without permission… “unintentionally”

Graham Cluely Security Blog - Thu, 04/18/2019 - 1:28pm

Just another day at Facebook.

Yes, they stole 1.5 million people’s address books without asking permission, but hey they say it was “unintentional” so.…

Categories: Graham Cluely

Facebook’s role in Brexit - and the threat to democracy

Graham Cluely Security Blog - Thu, 04/18/2019 - 12:57pm

British investigative journalist Carole Cadwalladr gave a passionate speech at the TED conference in Vancouver this week. You should watch it.

Categories: Graham Cluely

Man fried over 50 college computers with weaponized USB stick

Graham Cluely Security Blog - Thu, 04/18/2019 - 10:06am

Vishwanath Akuthota didn’t make it hard for authorities to prove that he was the person who destroyed $58,000 worth of college equipment using a USB stick.

Read more in my article on the Tripwire State of Security blog.

Categories: Graham Cluely

Smashing Security #124: Poisoned porn ads, the A word, and why why why Wipro?

Graham Cluely Security Blog - Thu, 04/18/2019 - 6:57am

The hacker who lived the high life after spreading malware via porn sites, Wipro demonstrates how to turn a cybersecurity crisis into a PR disaster, and why are humans listening in to your Alexa conversations?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Brian Honan.

Categories: Graham Cluely

A third-party patch for Microsoft’s Internet Explorer zero-day vulnerability

Graham Cluely Security Blog - Wed, 04/17/2019 - 9:12am

Don’t want to wait for Microsoft to fix the problem in how Internet Explorer handles .MHT files? Other security researchers come to the rescue.

Categories: Graham Cluely

Extortion emails a go-go

Graham Cluely Security Blog - Wed, 04/17/2019 - 8:51am

Recent months seem to have seen a rise in extortion emails, designed to scare users into handing over their money.

Categories: Graham Cluely

It doesn’t matter if you don’t use Internet Explorer, you could still be at risk from this IE zero-day vulnerability

Graham Cluely Security Blog - Wed, 04/17/2019 - 8:22am

Even if you don’t use Internet Explorer any more, it may still be posing a potential risk by being installed on your Windows PCs.

Read more in my article on the Hot for Security blog.

Categories: Graham Cluely

Unlock the power of threat intelligence with this practical guide. Get your free copy now

Graham Cluely Security Blog - Tue, 04/16/2019 - 4:30am

Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support!

At Recorded Future, we believe every security team can benefit from threat intelligence. That’s why we’ve published “The Threat Intelligence Handbook.”

It’s aimed at helping security professionals realize the advantages of threat intelligence by offering practical steps for applying threat intelligence in any organization.

Download your free copy now.

About Recorded Future

Recorded Future delivers the only complete threat intelligence solution powered by patented machine learning to lower risk. We empower organizations to reveal unknown threats before they impact business, and enable teams to respond to alerts 10 times faster. To supercharge the efforts of security teams, our technology automatically collects and analyzes intelligence from technical, open web, and dark web sources and aggregates customer-proprietary data. Recorded Future delivers more context than threat feeds, updates in real time so intelligence stays relevant, and centralizes information ready for human analysis, collaboration, and integration with security technologies. 91 percent of the Fortune 100 use Recorded Future.

If you’re interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.

Categories: Graham Cluely

High school election hacked by candidate who exploited weak passwords

Graham Cluely Security Blog - Mon, 04/15/2019 - 11:41am

When Berkeley High School in California held its first ever elections for student government last month, things went about as well you probably expected…

Categories: Graham Cluely

Hackers could read users’ Outlook, Hotmail, and MSN email via compromised Microsoft support account

Graham Cluely Security Blog - Mon, 04/15/2019 - 9:44am

Microsoft says that it had identified that one of its support agents had had their username and password stolen, which allowed hackers to access information stored within users’ email accounts.

Read more in my article on the Hot for Security blog.

Categories: Graham Cluely

Bayrob malware gang convicted of infecting over 400,000 computers worldwide, stealing millions through online auction fraud

Graham Cluely Security Blog - Fri, 04/12/2019 - 9:39am

A US court has convicted two Romanian hackers belonging to the Bayrob malware gang after they infected over 400,000 computers around the world, and stole millions of dollars.

Read more in my article on the Hot for Security blog.

Categories: Graham Cluely

Hear me speak about how to make a billion dollars through cybercrime

Graham Cluely Security Blog - Fri, 04/12/2019 - 7:55am

How did a cybercrime gang steal a billion dollars from banks and financial instituions.

Come to the talk I’m giving in London, and find out.

Categories: Graham Cluely

High-rolling hacker jailed after launching malware attacks via porn websites

Graham Cluely Security Blog - Thu, 04/11/2019 - 10:31am

A British man has been jailed for over six years after exploiting ad networks on pornographic websites to spread malware onto innocent users’ computers.

Read more in my article on the Tripwire State of Security blog.

Categories: Graham Cluely

Smashing Security #123: Backups - a necessary evil?

Graham Cluely Security Blog - Wed, 04/10/2019 - 7:03pm

With Graham incapacitated, we drag an episode out from the archives. In this special “splinter” episode of the “Smashing Security” podcast from September 2017 we tackle the tricky subject of backups - when did you last backup your data? how and what should you backup? and where should you store them?

Lots of questions and Graham gets to do his Tina Turner impression.

All this and more is discussed in this edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

Categories: Graham Cluely

The Samsung Galaxy S10’s ultrasonic fingerprint scanner is hacked

Graham Cluely Security Blog - Wed, 04/10/2019 - 6:38pm

As hacker claims the entire process can be completed in just three minutes, you would be wise to remember that fingerprints are not the same as passwords.

Categories: Graham Cluely

The scourge of stalkerware

Graham Cluely Security Blog - Wed, 04/10/2019 - 5:43pm

Stalkerware. Software that allows someone else to spy upon every SMS text message you send or receive, who you’re speaking to on your smartphone phone, the pictures in your photo library, every social media post you make, your current location, and where you go and when.

The EFF’s Eva Galperin calls on the security industry to take stalkerware more seriously.

Categories: Graham Cluely

How CISOs should respond to the cybersecurity crisis

Graham Cluely Security Blog - Sun, 04/07/2019 - 5:59am

Graham Cluley Security News is sponsored this week by the folks at CloudShare. Thanks to the great team there for their support!

As cyber hacks, ransomware, and other breaches continue to rise, companies are quickly realizing the need for increasing their cybersecurity staff. Current data however indicates that the cybersecurity manpower shortage continues to grow, with over 1,000,000 cybersecurity positions unfilled in the U.S. alone.

The relationship between this shortage of cyber security skills and hacking exposure can’t be ignored, with many companies feeling that their lack of employees with cybersecurity skills make for more desirable targets for cyber criminals. It’s imperative therefore that these employees are sufficiently trained to receive the promised benefits from products and solutions, and able to sell and support them as well.

The challenges facing the cyber industry today can be overcome in a variety of ways such as:

  • Replicating complicated products with complex networking features.
  • Running complex training scenarios (for example, injecting scripts).
  • Providing templates of complex related structures.
  • Offering timed environments.
  • Creating replication of complex environments in seconds.

Securing the enterprise is a people problem that needs immediate attention!

Download the free eBook “Under Attack!”, and get a comprehensive examination of the skill-building strategies needed to strengthen lines of defense across the organization including:

  • An examination of today’s urgent cybersecurity skills crisis
  • The top ten actions organizations can take to become more cyber resilient
  • Insights into the most effective cybersecurity training options
  • Tips for creating a corporate cybersecurity culture

“People impact security outcomes much more than any technology, policy or process.”
Joanna G. Huisman, Analyst at Gartner

Since 2007, CloudShare has been the leading supplier of virtual IT labs in the cloud, with specialized solutions designed to meet a wide variety of business needs – including training, sales enablement, and sandboxing for testing and support.

CloudShare customers include leading software and cybersecurity companies, such as Palo Alto Networks, Atlassian, ForgeRock, Sophos, Fortinet and Check Point Software Technologies.

If you’re interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.

Categories: Graham Cluely

Pages