What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-04-01 13:27:25 | The free Nintendo Switch emulator you stumbled upon? Sorry, it\'s a fake! (lien direct) |  If you want to play a game available for Nintendo Switch, you should just buy a Nintendo Switch. You shouldn't go online looking for free workarounds or substitutes.
David Bisson reports.
|
|||
|
2017-03-30 13:28:40 | LastPass has a secret major vulnerability - and, as yet, there\'s no fix (lien direct) |  The popular password management firm LastPass is working to fix major vulnerability in its software, responsibly disclosed to it by a security researcher.
David Bisson reports.
|
LastPass | ||
|
2017-03-30 11:09:30 | Five scams that won\'t make you laugh on April Fool\'s Day (lien direct) |  If there's one day of the year when everyone has their guard up, it's April Fool's Day.
After all, who can put their hand up and say that they have never been duped by an April Fool's trick?
Read more in my article on the Tripwire State of Security blog.
|
|||
|
2017-03-30 09:24:51 | Smashing Security #014: Protecting webmail (lien direct) |  What can you do to better protect your online email accounts?
In this special edition of the "Smashing Security" podcast, regular hosts Graham Cluley and Carole Theriault, joined by special guest Paul Ducklin, share tips on how to better defend your Gmail/Yahoo/Hotmail/Outlook/etc account.
|
Yahoo | ||
|
2017-03-29 13:15:51 | Phishers target World of Warcraft users with fake in-game pet offer (lien direct) |  Play World of Warcraft and keen to get your paws on an in-game pet? Be careful not to fall for their phishing attack.
David Bisson reports.
|
|||
|
2017-03-29 11:26:09 | Scareware scammers lock iOS Safari to extort ransom from users (lien direct) |  Extortionists have locked iPhone users' browsers with infinite pop-ups in an attempt to scare users into paying up.
David Bisson reports.
|
|||
|
2017-03-27 20:35:47 | Users leak sensitive data via Microsoft document-sharing site (lien direct) |  If you feel you must use a cloud-based service to store your confidential data, then please be careful to think before you click.
Read more in my article on the Hot for Security blog.
|
|||
|
2017-03-27 14:23:31 | GiftGhostBot - the malicious bot attempting to compromise gift cards across 1,000 websites (lien direct) |  A malicious bot called GiftGhostBot is seeking to compromise gift cards purchased and activated by consumers across nearly 1,000 websites.
David Bisson reports.
|
|||
|
2017-03-27 13:40:33 | Why it\'s a good idea to clear your browser history and cookies (lien direct) |  David Bisson explains why you might want to consider deleting and clearing your browsing history and cookies every now and then.
|
|||
|
2017-03-27 11:09:27 | Encryption is a good thing (lien direct) |  I use the internet. You use the internet. Just about all of us use the internet.
Including bad guys...
|
|||
|
2017-03-27 09:26:01 | 87 fake Minecraft mods exposed Android users to scammy websites, aggressive ads (lien direct) |  Google has removed 87 fake Minecraft mods from its Play Store that exposed Android users to scammy websites and aggressive ads.
David Bisson reports.
|
|||
|
2017-03-23 15:03:56 | Apple: If hackers have our customers passwords, they didn\'t steal them from us (lien direct) |  Apple reassures worried customers that it has not suffered a security breach, as hackers threaten to remotely wipe users' devices.
Read more in my article on the Hot for Security blog.
|
|||
|
2017-03-23 14:57:52 | Android adware abusing plugin frameworks to promote potentially malicious apps (lien direct) |  Android adware has embraced an innovative way to promote potentially malicious apps: abuse Android plugin frameworks.
David Bisson reports.
|
|||
|
2017-03-23 10:16:49 | Smashing Security 013: Assaulted with a deadly tweet (lien direct) |  Graham is embarrassed by a Twitter security snafu. How an animated GIF could prove deadly. Social engineering threats against your workforce. And will you be able to do any work on your laptop next time you catch an airplane?
Take a listen to the latest Smashing Security podcast, with Graham Cluley, Carole Theriault and special guest Alex Eckelberry.
|
|||
|
2017-03-22 14:38:53 | Smut surfers infected with Ramnit trojan as malvertising campaign deploys pop-under ads (lien direct) |  This isn't the kind of thing you want to pop up when you're surfing a porn site.
David Bisson reports.
|
|||
|
2017-03-22 10:40:36 | Victims\' real details helping hackers trick victims into installing banking malware (lien direct) |  Remember to always be wary of opening unsolicited email attachments and clicking on unknown links. Clicking before you think could lead to your downfall.
David Bisson reports.
|
Guideline | ||
|
2017-03-21 13:56:42 | Hackers claim they will wipe iPhones and iCloud accounts unless Apple pays ransom (lien direct) |  A group of hackers are allegedly threatening to remotely wipe millions of iPhones and iCloud accounts, unless Apple agrees to pay a ransom by April 7th.
Read more in my article on the Hot for Security blog.
|
|||
|
2017-03-21 13:07:46 | Three\'s website exposes mobile phone customers\' details to strangers (lien direct) |  Three appears to have made a blunder, after customers logging into the British mobile phone company's website found themselves looking at other customers' accounts - including the names, addresses, call histories and data usage of complete strangers.
|
|||
|
2017-03-21 10:47:34 | Laptops, tablets and other gadgets banned from cabin on some US-bound flights (lien direct) |  Thinking of bringing your laptops, tablet, camera, or DVD players into the airplane cabin?
|
|||
|
2017-03-21 10:07:40 | Malicious hackers discovered way to deliver malware through unloved Ask Toolbar (lien direct) |  For years people have been opening their browser and asking, "how the heck did that Ask Toolbar get installed?"
Enough is enough. Remove it.
|
|||
|
2017-03-20 16:36:24 | Stop shifting the blame onto third parties. That breach is still your firm\'s responsibility (lien direct) |  If it's data that your customers gave you that's breached, it's your responsibility.
Read more in my article on the Bitdefender Business Insights blog.
|
|||
|
2017-03-20 13:37:41 | Scammers target tax preparers with last-minute phishing attacks (lien direct) |  Scammers are sending last-minute phishing attacks to tax preparers in the hopes of making off with taxpayers' refunds.
It seems nothing is certain, except scams, death, and taxes.
David Bisson reports.
|
|||
|
2017-03-18 02:00:00 | Surprise! WikiLeaks won\'t just hand over details of zero-day vulnerabilities to tech firms (lien direct) |  WikiLeaks' Julian Assange may be making unreasonable demands about how he will share details of the alleged zero-day vulnerabilities that have been leaked from the CIA
|
|||
|
2017-03-17 16:20:53 | Graham Cluley named Best IT Security blog at SysAdmin blog awards (lien direct) |  We have been named "Best IT Security blog" at the 2017 SysAdmin Blog Awards. Huzzah!
|
|||
|
2017-03-17 15:53:11 | Kirk ransomware sports Star Trek-themed decryptor and little-known crypto-currency (lien direct) |  "It's ransomware, Jim, but not as we know it!"
David Bisson reports.
|
|||
|
2017-03-16 14:15:08 | New cloud-based keylogger gaining momentum among criminals (lien direct) |  Cloud-based NexusLogger's user-friendly web portal makes it simple for non-skilled criminals to configure the malware however they want.
David Bisson reports.
|
|||
|
2017-03-16 11:17:26 | Smashing Security #012: Eau de Eugene Kaspersky (lien direct) |  Androids pre-installed with malware - can the supply chain be trusted? Will WikiLeaks help vendors get zero-days fixed? And what on earth has the Kaspersky marketing department dreamt up this time?
All this and more is discussed in the latest podcast by computer security veterans Graham Cluley, Carole Theriault and special guest Nick FitzGerald. Give it a listen.
|
|||
|
2017-03-16 08:29:59 | Bye bye, botnet! Kibosh put on Chamois Android fraud network (lien direct) |  Google has shut down an ad fraud network that was targeting Android users.
David Bisson reports.
|
|||
|
2017-03-15 10:06:54 | Sorry for the Nazi spam from my Twitter account (lien direct) |  It happened to me (and many others). It could happen to you.
|
|||
|
2017-03-14 22:12:42 | Proof-of-concept confirms Nintendo Switch videogame console vulnerable to WebKit exploit (lien direct) |  A researcher has published a proof-of-concept (POC) confirming that the Nintendo Switch system is vulnerable to an exploit that could allow the playing of pirated games and homebrew projects.
David Bisson reports.
|
|||
|
2017-03-14 08:58:21 | Poorly-configured online backup leaks US Air Force documents (lien direct) |  Sensitive records related to the United States Air Force has been found exposed publicly on the internet, allowing anyone with a web connection to peruse them without authorisation and no need for a password.
Read more in my article on the Bitdefender BOX blog.
|
|||
|
2017-03-13 15:25:28 | Malware found pre-installed on dozens of different Android devices (lien direct) |  Malware in the form of info-stealers, rough ad networks, and even ransomware came pre-installed on more than three dozen Android devices.
Can the supply chain be trusted?
David Bisson reports.
|
|||
|
2017-03-13 11:26:08 | Typo in IP address led to innocent father\'s arrest for paedophilia (lien direct) |  One extra digit added to an IP address led police in the wrong direction.
|
|||
|
2017-03-12 17:30:50 | WikiLeaks says it will work with software vendors to fix CIA zero-day exploits... but when? (lien direct) |  After the media hystericane, Julian Assange says he will help bugs get fixed.
|
|||
|
2017-03-10 23:41:28 | New Linux malware hijacks one vendor\'s IoT devices by exploiting CGI bug (lien direct) |  A new form of Linux malware is hijacking Internet of Things (IoT) devices made by one Chinese vendor by exploiting a common gateway interface (CGI) vulnerability.
David Bisson reports.
|
|||
|
2017-03-10 13:33:56 | TeamViewer stopped working? Let me guess, your ISP is TalkTalk... (lien direct) |  TeamViewer can be used for good. TeamViewer can be used for bad. UK ISP TalkTalk doesn't want you to use it at all.
Read more in my article on the Hot for Security blog.
|
|||
|
2017-03-10 12:48:55 | The perils of working from home with young children (lien direct) |  I work from home. I frequently do media interviews via Skype. I have a young child.
It's a dangerous cocktail.
|
|||
|
2017-03-10 08:25:45 | Android YouTube download apps flood devices with ads to secure high ratings for droppers (lien direct) |  The adware, detected as Android/Hiddad.BZ, hid itself inside seven applications available for download from the official Google Play app store.
David Bisson reports.
|
|||
|
2017-03-09 11:56:39 | Smashing Security #011: WikiLeaks and the CIA (lien direct) |  Has the CIA been using a Weeping Angel to spy on you via your Smart TV? Have WhatsApp, Telegram and Signal been compromised? What is the secret of the SATAN ransomware? And can you avoid having your data searched as you pass through border control?
All this and more is discussed in the latest podcast by computer security veterans Graham Cluley, Carole Theriault and special guest Paul Ducklin. Give it a listen.
|
|||
|
2017-03-09 00:16:32 | Buggy backups! Unplug your WD My Cloud until these flaws are fixed (lien direct) |  Consumers who use a Western Digital My Cloud for data backups should unplug their units for the time being due to a series of unpatched vulnerabilities.
David Bisson reports.
|
|||
|
2017-03-08 12:03:29 | Lame comment spam campaign attempts to promote iPhone app (lien direct) |  Who could possibly be behind a campaign of spam comments being left on my blog promoting an iPhone app?
|
|||
|
2017-03-08 02:55:32 | Is the CIA\'s Weeping Angel spying on TV viewers? (lien direct) |  WikiLeaks has published thousands of pages of what appeared to be leaked internal CIA documents.
The haul, which WikiLeaks has somewhat pretentiously dubbed "Vault 7", is claimed to be "the largest ever publication of confidential documents on the agency."
|
|||
|
2017-03-08 01:26:09 | Firefox 52 warns when you try to enter passwords on non-encrypted websites (lien direct) |  Mozilla patches 28 security vulnerabilities and protects users from entering their sensitive information on insecure webpages.
|
|||
|
2017-03-08 00:01:00 | Hacking the hackers: Draft US bill would allow hacking victims to hack back (lien direct) |  A U.S. representative has proposed a bill that would allow hacking victims to hack back their attackers. But is that a good idea?
David Bisson reports.
|
|||
|
2017-03-06 16:48:00 | Hackers could bypass protective measures to gain access to locked Twitter accounts (lien direct) |  Twitter has patched an issue that allowed attackers to bypass protective measures for user accounts that have been locked.
David Bisson reports.
|
|||
|
2017-03-06 13:48:26 | Third party patch released for Microsoft zero-day that Google made public (lien direct) |  In the absence of an official fix from Microsoft, a third-party security firm has produced its own temporary patch for a zero-day Windows vulnerability.
Read more in my article on the Hot for Security blog.
|
|||
|
2017-03-06 10:14:21 | Realistic crisis simulations are the backbone of cyber preparedness - ENISA plays a role in EU cyber preparedness (lien direct) |  Graham Cluley Security News is sponsored this week by the folks at ENISA. Thanks to the great team there for their support!
Regular readers of this blog will be more than familiar with the myriad of cyber threat and vulnerabilities which internet users are unknowingly faced with on a daily basis. But recently, the topic of cybersecurity has been dominating the headlines of more than just tech-focused outlets. From concerns about the targeting of critical infrastructure, to increasingly-substantiated accusations around nation-state hacking of electoral systems, cybersecurity is no longer a niche topic, but a matter for far wider public concern.
With this in mind, it is essential that Europe be as prepared as possible to mitigate ever-evolving cyber threats. They say there's no substitute for experience – but that doesn't mean learning on the job. Instead of waiting for the next cyber crisis to strike just so we can learn lessons, we prefer another motto: practice makes perfect.
Realistic crisis simulations are the backbone of cyber preparedness efforts. With just enough unknown variables to keep participants on their toes, without actually jeopardising their operations, a cyber exercise allows security experts to test their capacity for problem-solving, troubleshooting and crisis management in a realistic timeframe but a non-hostile environment.
We need the practice. Europe's economic welfare is increasingly rooted in its provision and exploitation of digital services. This provides massive opportunities for growth, job creation and social prosperity. But it also makes us a prime target for cyber criminals looking to perform industrial reconnaissance, tamper with customer data, manipulate stock markets, or even sabotage critical infrastructures.
At the EU Agency for Network and Information Security (ENISA), we want as many people as possible to get this practice in. That's why, every two years, we organise the EU's largest and most comprehensive cybersecurity exercise, Cyber Europe.
The latest edition of this event, held in October 2016, brought together over 300 organisations and 700 technical experts to test how ready they would be if a major cybersecurity incident were to strike. These included Members States' cybersecurity agencies, EU institutions and national ministries, and cybersecurity experts from internet, telecoms and cloud service providers. All were focused on securing Europe's digital defences within a fictional scenario which unfolded across six months and culminated in the largest, most realistic and most comprehensive such exercise to date.
This time around, our scenario had all the hallmarks of a Hollywood blockbuster – the sudden disabling of Internet services continent-wide and a city-wide blackout, a spate of confidential data leaks and data centre fires, rumours of a shadowy organisation at |
|||
|
2017-03-05 21:50:22 | Is Obama planning a coup? Yes, says Google Home (lien direct) |  To err is human. Google proves once again that to really screw things up you need the internet of things.
|
★★★ | ||
|
2017-03-04 23:12:50 | Telegram lets scammers connect directly with potential victims by way of stored contacts (lien direct) |  Scammers can use the Telegram mobile messaging app to connect with a potential victim if they already have their phone number in their contact list.
David Bisson reports.
|
★★★ | ||
|
2017-03-03 15:21:38 | Mike Pence used personal AOL account for government business as Indiana governor (lien direct) |  While serving as Governor of Indiana, Mike Pence routinely used his personal AOL email account to conduct government business.
Surprise! It was hacked.
David Bisson reports.
|
★★★★ |
To see everything:
Our RSS (filtrered)
