Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2020-03-16 14:10:15 |
UK intelligence agency warns of cybercriminals exploiting the Coronavirus outbreak (lien direct) |
A division of GCHQ (Britain's equivalent to the NSA) has warned the public to be on their guard against cybercriminals exploiting the Coronavirus outbreak.
Read more in my article on the Hot for Security blog.
|
|
|
|
|
2020-03-16 12:44:23 |
Malicious Coronavirus victim tracking app demands ransom payment from Android users (lien direct) |
A malicious Android app that pretends to warn users about those nearby infected with the COVID-19 Coronavirus actually locks devices, and demands a $100 payment in Bitcoin.
|
|
|
|
|
2020-03-16 10:49:23 |
Microsoft Teams goes down as Europe starts working from home (lien direct) |
As millions of people across Europe choose to work remotely rather than head into the office in the wake of the Coronavirus pandemic, a widely-used communication and collaboration tool has gone down.
|
Tool
|
|
|
|
2020-03-12 15:30:20 |
Phishing attacks exploit YouTube redirects to catch the unwary (lien direct) |
Attackers are increasingly exploiting the fact that email gateways turn a blind eye to links to popular sites such as YouTube, in order to phish passwords from unsuspecting computer users.
Read more in my article on the Tripwire State of Security blog.
|
|
|
|
|
2020-03-12 00:01:43 |
Smashing Security #169: Burglaries, breaches, and bidets (lien direct) |
How one guy’s exercise routine made him a burglary suspect, how multi-factor authentication can cause headaches as well as stop hacks, and how Virgin Media got itself in a pickle over its sloppy data security.
All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.
|
|
|
|
|
2020-03-11 16:12:05 |
A typical day in the life of my Twitter inbox… (lien direct) |
Don't forget, if you're a scammer you shouldn't hesitate to reach out to me on Twitter at @gcluley with your business or marriage proposal.
|
|
|
|
|
2020-03-11 14:48:49 |
Secret-sharing app Whisper failed to keep users\' fetishes and locations private (lien direct) |
Security researchers raised the alarm after discovering that hundreds of millions of Whisper users’ intimate messages, tied to their locations, had been left publicly available since the app’s launch in 2012.
Read more in my article on the Hot for Security blog.
|
|
|
|
|
2020-03-10 10:26:03 |
Android anti-virus products put to the test – which are the best at stopping new malcious apps? (lien direct) |
If there’s one clear message you can take away from the latest real-world test of Android security products, it’s that relying upon Google to protect your smartphone isn’t really good enough.
|
|
|
|
|
2020-03-09 16:16:04 |
Comcast Xfinity published the contact details of 200,000 customers who paid for them to be kept private (lien direct) |
Nearly 200,000 customers in the United States, who thought they were paying Comcast Xfinity to keep their information safely out of the public eye, have had their details exposed on the company’s online directory… putting their safety and privacy at risk.
|
|
|
|
|
2020-03-09 14:55:48 |
Coronavirus map used to spread malware (lien direct) |
Security researchers have found malicious code hiding behind a website that claimed to show an up-to-date global heatmap of Coronavirus reports.
|
Malware
|
|
|
|
2020-03-06 15:54:31 |
Virgin Media left 900,000 consumers\' details exposed in unsecured database (lien direct) |
One of the UK’s largest internet providers has admitted that it left a database containing the unencrypted details of more than 900,000 UK residents – including existing and potential customers – freely accessible to anybody on the internet, with no password required.
|
|
|
|
|
2020-03-06 14:26:09 |
Over one billion Android devices at risk as they no longer receive security updates (lien direct) |
More than one billion Android devices are at risk of being hacked or infected by malware, because they are no longer supported by security updates and built-in protection.
That’s the conclusion of an investigation which found that at-risk smartphones are still being sold, despite the range of malware and other threats to which they are vulnerable.
Read more in my article on the Hot for Security blog.
|
Malware
|
|
|
|
2020-03-06 11:35:24 |
Boots suspends loyalty card payments after hackers try to compromise accounts (lien direct) |
Hot on the heels of Tesco warning that hackers had attempted to access the accounts of Clubcard users, another UK high street retailer has warned that it has similarly been attacked.
|
|
|
|
|
2020-03-05 00:02:07 |
Smashing Security #168: The Bitcoin fraud factory (lien direct) |
Fraudsters steal millions from those hoping to jump on the Bitcoin bandwagon, Twitter verifies a fake US politician, and it’s another face palm for facial recognition.
All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire’s Dave Bittner.
|
|
|
|
|
2020-03-04 12:26:32 |
Police raid tech support scam centre who had their CCTV hacked by vigilantes (lien direct) |
An indepth investigation by online vigilantes has exposed the activities of an Indian tech support scam centre.
Extraordinarily, fraudsters had the tables turned on them as YouTuber Jim Browning was able to hack into the call centre and access recordings of scam phone calls and even watch live CCTV footage exposing the criminals at work.
|
Hack
|
Uber
|
|
|
2020-03-04 11:47:24 |
Cathay Pacific slammed for security failures following hack which exposed 9.4 million people worldwide (lien direct) |
The UK’s Information Commissioner’s Office (ICO) has fined Cathay Pacific for “a number of basic security inadequacies” which resulted in hackers stealing the data of 9.4 million people worldwide – including 111,578 from the UK.
Read more in my article on the Hot for Security blog.
|
Hack
|
|
|
|
2020-03-03 16:18:28 |
Tesco blocks 620,000 Clubcard accounts after security scare (lien direct) |
Over 600,000 Tesco Clubcard owners are being sent new cards after the supermarket giant determined hackers had attempted to access accounts.
In an email sent to affected Clubcard users, Tesco said it had spotted fraudulent activity related to some customers' Clubcard vouchers.
|
|
|
|
|
2020-02-28 12:59:14 |
“Shark Tank” TV star loses almost $400,000 in Business Email Compromise scam (lien direct) |
Barbara Corcoran, one of the business moguls who head up the judging team on US TV's “Shark Tank” investment show, has lost nearly $400,000 to an email scammer.
Read more in my article on the Hot for Security blog.
|
|
|
|
|
2020-02-27 01:21:03 |
HackerOne rewards bughunter who found critical security hole in… HackerOne (lien direct) |
Vulnerability-reporting platform HackerOne has come clean about a critical security flaw on its own website that could have been used to expose the email addresses of users.
|
|
|
|
|
2020-02-27 00:32:48 |
Smashing Security #167: Coronavirus scams and an exaggerated lion (lien direct) |
Scammers from Africa are preying on US businesses, a drug dealer makes a mistake when hiding his Bitcoin fortune, and the Coronavirus pandemic is causing scams to soar and raising questions about facial recognition.
All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast with Graham Cluley and Carole Theriault, joined this week by Naked Security’s Anna Brading.
|
|
|
|
|
2020-02-26 17:42:53 |
Exaggerated Lion and Business Email Compromise – Don\'t send that check! (lien direct) |
Well done on training your staff not to wire money into the accounts of criminal fraudsters. Unfortunately they’re sending the money by check instead.
Read more in my article on the Bitdefender Business Insights blog.
|
|
|
|
|
2020-02-21 00:50:11 |
ToTok chat app tells users to ignore Google\'s spyware warning (lien direct) |
Google is warning users that ToTok is unsafe. ToTok says that users shouldn’t trust Google’s warning…
|
|
|
|
|
2020-02-20 13:09:21 |
Smashing Security #166: What the Dickens! Ad ban thank you scam (lien direct) |
How to stop dick pics on Twitter, and a new way bad guys are extorting money from websites earning cash from Google ads.
All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault.
|
|
|
|
|
2020-02-20 12:53:00 |
MGM Resorts hacked: 10.6 million guests have their personal data exposed on hacking forum (lien direct) |
Over 10 million people who have stayed at MGM Resorts hotels – including Twitter boss Jack Dorsey and pop idol Justin Bieber – have had their personal details posted online by hackers.
Read more in my article on the Tripwire State of Security blog.
|
|
|
|
|
2020-02-20 12:48:46 |
Samsung freaks out smartphone owners with mysterious \'1\' notification (lien direct) |
Samsung has apologised after it accidentally sent a bizarre notification to smartphone owners’ devices.
|
|
|
|
|
2020-02-17 14:05:05 |
Teenage girls tempt Israeli soldiers to install spyware for Hamas (lien direct) |
It’s not the first time Israeli soldiers have been targeted with Hamas honeytraps to infect their smartphones with spyware.
|
|
|
★★★★★
|
|
2020-02-17 13:25:10 |
Twitter accounts of The Olympics and FC Barcelona hijacked by OurMine hacking group (lien direct) |
The International Olympic Committee and FC Barcelona are the latest victims of a spree of Twitter account hijacks orchestrated by the notorious OurMine gang.
Read more in my article on the Hot for Security blog.
|
|
|
|
|
2020-02-13 15:44:40 |
Puerto Rico government falls for $2.6 million email scam (lien direct) |
As if Puerto Rico wasn't having a hard enough time as it attempts to recover from recession, the damage caused by devastating hurricanes in recent years, and a damaging earthquake last month, it now finds itself being exploited by cybercriminals.
Read more in my article on the Tripwire State of Security blog.
|
|
|
|
|
2020-02-13 14:37:49 |
Secure email service Tutanota is being blocked by AT&T in parts of the United States (lien direct) |
Some US users of the Tutanota have been unable to access the secure email service while out and about on their smartphones since the end of January.
The common demoninator? They all use AT&T for their internet access.
|
|
|
|
|
2020-02-13 12:40:38 |
Smashing Security #165: Cheapfakes, deepfakes, and Ashley Madison (lien direct) |
Wi-Fi hopping malware, the return of Ashley Madison extortion scams, and should social media be doing anything about cheapfakes?
All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Jessica Barker.
|
|
|
|
|
2020-02-12 19:52:11 |
2FA is being pushed out to all Google Nest users to better protect their accounts (lien direct) |
If a Google Nest account is compromised by a malicious hacker that’s not bad news for the legitimate owner of the account, it’s also bad news for Google.
So that’s why they’re trying to do something about it…
Read more in my article on the Bitdefender Box blog.
|
|
|
|
|
2020-02-12 12:47:26 |
Patch now! Microsoft releases fixes for 99 security flaws, some being actively exploited by hackers (lien direct) |
It’s one of the largest Patch Tuesday updates ever issued by Microsoft, and includes fixes for 12 security vulnerabilities that have been given the highest severity rating of “critical.”
The clock is ticking. IT teams should waste no time in readying themselves for a roll-out across the Windows computers for which they’re responsible.
|
|
|
|
|
2020-02-11 15:52:00 |
China denies it was behind the Equifax hack, as four men charged for data breach (lien direct) |
China has denied that it was behind the hack of Equifax in 2017, which saw the personal data of hundreds of millions of individuals stolen – including the names, birth dates and social security numbers for nearly half of all American citizens.
Read more in my article on the Hot for Security blog.
|
Data Breach
Hack
|
Equifax
|
|
|
2020-02-11 13:56:10 |
Prison inmates\' sensitive data left exposed on leaky cloud bucket (lien direct) |
A completely-avoidable data leak has exposed prescription records, mugshots, and other sensitive information related to an unknown number of prison inmates.
|
|
|
|
|
2020-02-11 13:10:40 |
Graham Cluley on Tripwire\'s Talking Cybersecurity Podcast (lien direct) |
A couple of weeks ago the guys from Tripwire were kind enough to invite me onto their new podcast, “Talking Cybersecurity”, and now the episode is out!
Take a listen.
|
|
|
|
|
2020-02-11 10:56:40 |
Dashlane password manager\'s Chrome extension has disappeared (lien direct) |
The Dashlane Password Manager browser extension was suddenly removed from the Chrome web store this weekend.
|
|
|
|
|
2020-02-10 12:36:40 |
Coronavirus phishing attack disguises as a message from the Center for Disease Control (lien direct) |
Once again we’re reminded that cold-hearted scammers and fraudsters don’t have any qualms about exploiting human misery, and are prepared to do anything if it might net them a rich reward.
|
|
|
★★★★★
|
|
2020-02-10 10:49:04 |
Home anti-virus products put to the test by AV-Comparatives – which received the highest score? (lien direct) |
If you want to find out how different consumer anti-virus products performed in the tests, and whether yours won the prestigious Product of the Year Award – only given to solutions which demonstrate excellence in all categories – check out the report right now.
|
|
|
|
|
2020-02-08 00:18:12 |
Facebook\'s Twitter account is hijacked by notorious OurMine hacking group (lien direct) |
Facebook’s official Twitter account started posting message from the OurMine hacking gang just before midnight UK time on Friday.
|
|
|
|
|
2020-02-07 15:36:35 |
Dutch university paid $220,000 ransom to hackers after Christmas attack (lien direct) |
Maastricht University has admitted paying a 30 bitcoin ransom to hackers who compromised its network in the immediate run-up to Christmas 2019, and infected it with the Clop ransomware.
|
|
|
|
|
2020-02-07 14:39:10 |
Apple fined €25 million for deliberately slowing down old iPhones (lien direct) |
Apple has been hit with a 25 million Euro fine (US $27.5 million) after it added battery management features to iOS that slowed down the performance of older iPhones.
|
|
|
|
|
2020-02-07 11:46:14 |
Android users at risk from Bluetooth hijack attack, and are warned of “short distance worm” threat (lien direct) |
Hackers could exploit a flaw on unpatched Android 8.0 and 9.0 phones to run malicious code such as a worm, with no user interaction required.
|
Threat
|
|
|
|
2020-02-06 14:16:30 |
How your network could be hacked through a Philips Hue smart bulb (lien direct) |
Security researchers have shared some details of vulnerabilities they have found in Philips Hue smart bulbs that could be exploited by hackers to compromise networks remotely.
Read more in my article on the Hot for Security blog.
|
|
|
|
|
2020-02-06 14:12:33 |
Wacom drawing tablets are spying on every app you open, and sending the data back to Wacom (lien direct) |
Do you read the privacy policy for your mouse when you install it? Your keyboard? Your drawing board?
Maybe you should… because it might set you off on a journey where you’ll discover surprising things are happening with your private data.
|
|
|
|
|
2020-02-06 13:26:54 |
How your screen\'s brightness could be leaking data from your air-gapped computer (lien direct) |
It may not be the most efficient way to steal data from an organisation, let alone the most practical, but researchers at Ben-Gurion University in Israel have once again detailed an imaginative way to exfiltrate information from an air-gapped computer.
Read more in my article on the Tripwire State of Security blog.
|
|
|
|
|
2020-02-06 10:05:27 |
Smashing Security #164: A bitter pill to swallow (lien direct) |
A gallery is tricked into giving millions to a fraudster, software tells doctors to push opioids onto patients, and an artist finds a novel way to trick Google Maps into thinking there’s a traffic jam.
All this and more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault.
|
|
|
|
|
2020-02-06 00:41:36 |
WhatsApp flaw gave hackers access to files from Windows and Macs (lien direct) |
If you run WhatsApp’s desktop client on your Mac or PC then you would be wise to make sure it’s up-to-date, following the revelation that a security researcher uncovered a critical security flaw.
|
|
|
|
|
2020-02-04 12:08:24 |
Twitter security hole allowed state-sponsored hackers to match phone numbers to usernames (lien direct) |
Twitter admits to a bug that might have put privacy-conscious users at risk – by revealing what phone numbers are associated with which Twitter accounts.
|
|
|
|
|
2020-02-04 11:21:23 |
Man admits hacking Nintendo, leaking details of Switch games console (lien direct) |
Despite a previous brush with the law, Ryan Hernandez went on to hack and hack again.
Read more in my article on the Hot for Security blog.
|
Hack
|
|
|
|
2020-02-03 14:07:58 |
Did Everton sign Everton? Twitter hack blamed for soccer sign-up screwup (lien direct) |
If Everton Football Club’s Twitter account was really hacked to say it was signing Everton Soares then it needs to look at hardening its defence.
If the hack occurred at all, of course.
|
Hack
|
|
|