Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2018-07-02 11:56:01 |
Typeform data breach exposes users of many websites (lien direct) |
You may have never heard of Typeform, but they may have just lost some of your personal data.
|
Data Breach
|
|
|
|
2018-06-28 15:25:00 |
Hitherto unknown marketing firm exposed hundreds of millions of Americans\' data (lien direct) |
The detailed personal information of 230 million consumers and 110 million business contacts – including phone numbers, addresses, dates of birth, estimated income, number of children, age and gender of children - has been left exposed for anyone on the internet to grab.
Read more in my article on the Tripwire State of Security blog.
|
|
|
|
|
2018-06-28 13:47:03 |
Ticketmaster breached for months, personal data stolen by hackers (lien direct) |
Ticketmaster has warned customers that their personal information may have been compromised, after malicious code was discovered running on its website.
Read more in my article on the Hot for Security blog.
|
|
|
|
|
2018-06-28 11:22:02 |
Smashing Security #084: No! My voice is not my password (lien direct) |
Who's been collecting the voice prints of millions of people saying “My voice is my password”? Why has it become tougher for law enforcement to scoop up cellphone data? And who's been turning up your central heating?
All this and much much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes from AMTSO.
|
|
|
|
|
2018-06-27 13:47:05 |
Reality Winner pleads guilty after being unmasked by microdots (lien direct) |
Reality Winner, the US government contractor who leaked top secret documents about Russian hacking, has pleaded guilty.
|
Guideline
|
|
|
|
2018-06-27 11:07:05 |
Twitter gets physical – with support for hardware security keys (lien direct) |
Twitter has given millions of users a way of making their accounts even harder to hack, with the introduction of support for physical keys.
Read more in my article on the Hot for Security blog.
|
|
|
|
|
2018-06-25 07:37:05 |
Beware malicious software updates for legitimate apps (lien direct) |
The ACLU warns of the risk that malicious code planted in legitimate software updates could compromise security.
Read more in my article on the Bitdefender Business Insights blog.
|
|
|
|
|
2018-06-22 22:19:05 |
WannaCry ransomware scam tries to extort money without actually infecting your computer (lien direct) |
Someone is trying to pull a fast one, attempting to trick unsuspecting users into paying a ransom… even though they *haven't* infected your computer with ransomware.
|
Ransomware
|
Wannacry
|
|
|
2018-06-21 10:33:02 |
Ex-Tesla employee sued for hacking and stealing company data (lien direct) |
Tesla claims former employee has admitted writing software that hacked company systems, and leaked data to external third parties.
|
|
Tesla
|
|
|
2018-06-21 10:04:03 |
Smashing Security #083: Fake email derails clarinetist\'s dream (lien direct) |
Hell hath no fury like a jealous clarinetist's girlfriend! Your Google ChromeCast could be letting stalkers find out where you live! And why on earth is Graham recommending people write their passwords down in a book!?
Learn more in the latest episode of the award-winning “Smashing Security” podcast, with hosts Graham Cluley and Carole Theriault.
|
|
|
|
|
2018-06-19 13:22:01 |
Rex Mundi hacking extortion gang busted by Europol (lien direct) |
There's so much bad news about computer security that we sometimes forget to applaud when something good happens.
Let's change that right now.
|
|
|
|
|
2018-06-19 11:44:03 |
Tesla saboteur caused extensive damage and leaked highly sensitive data, claims Elon Musk (lien direct) |
Tesla CEO Elon Musk believes that the company is the victim of deliberate sabotage perpetrated by an employee.
Read more in my article on the Hot for Security blog.
|
|
Tesla
|
|
|
2018-06-18 10:52:01 |
US Government warns of more North Korean malware attacks (lien direct) |
Just days after the two countries signed a joint agreement at their unprecedented talks, the US Department of Homeland Security has issued a warning about more malware being used by the North Korean government against US organisations.
Read more in my article on the Hot for Security blog.
|
|
|
|
|
2018-06-16 07:29:01 |
Paul Manafort accused of \'foldering\' to hide communications (lien direct) |
Foldering is a way of communicating without sending a message.
|
|
|
|
|
2018-06-14 10:39:03 |
Apple confirms it\'s closing security loophole that police were using to crack iPhones (lien direct) |
Yes, Apple is toughening up the security of iPhones with iOS 12. Yes, the steps Apple is taking will make it harder for law enforcement agencies to thwart iPhone security. But no, that's not the reason Apple is doing it.
Read more in my article on the Tripwire State of Security blog.
|
|
|
|
|
2018-06-14 07:36:01 |
Smashing Security #082: World Cup cybersecurity, crypto crashes, and a bang of a password fail (lien direct) |
Coinrail cryptocurrency exchange goes offline after hack, Russia appears to be 'live testing' cyber attacks, and Florida stopped running background checks on gun buyers because of forgotten password.
All this and much much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by football-mad John Leyden from The Register.
|
|
|
|
|
2018-06-13 12:22:00 |
Dixons Carphone data breach - millions put at risk of fraud (lien direct) |
Once again a large company has suffered a huge data breach, putting millions of innocent customers at risk.
Read more in my article on the Hot for Security blog.
|
|
|
|
|
2018-06-11 21:15:05 |
Tens of thousands of Android devices are leaving their debug port exposed (lien direct) |
Countless Android devices are leaving themselves open to attack after being shipped with a critical port left unsecured.
Read more in my article on the Hot for Security blog.
|
|
|
|
|
2018-06-11 12:55:00 |
Bitcoin price takes a dive after another cryptocurrency exchange hack (lien direct) |
There's bad news if you're a cryptocurrency investor. Billions of dollars worth of wealth were wiped out this weekend after a South Korean cryptocurrency exchange was hacked.
|
|
|
|
|
2018-06-07 20:45:00 |
Creepy CloudPets pulled from stores over security fears (lien direct) |
Major retailers have begun pulling CloudPets cuddly toys from their shelves after warnings were issued that the internet-enabled toys posed a risk to privacy.
Read more in my article on the Bitdefender BOX blog.
|
|
|
|
|
2018-06-07 12:14:00 |
We won! Smashing Security named Best Security Podcast (lien direct) |
“Smashing Security” has been named the “Best Security Podcast” at the European Security Blogger Awards in London.
And we're well chuffed…
|
|
|
|
|
2018-06-07 10:40:05 |
Delete all your emails and acid wash your hard drives, says security expert Sean Hannity (lien direct) |
Some people don't know if you should trust the media anymore, with accusations of fake news flying here, there, and everywhere.
Which makes me wonder who can you trust for computer security advice? How about a TV host?
|
|
|
|
|
2018-06-07 09:32:00 |
Smashing Security #081: Hacker no-hopers, Wessex Water has a word, and we win an award (lien direct) |
The 'mastermind' behind the Owari botnet doesn't seem to have learnt anything from his victims, someone at Wessex Water forgets to remove an embarrassing sentence from a letter sent to customers, and we're officially the best security podcast!
All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, with cameo appearances by John Hawes, John Leyden, Paul Ducklin, and Mikko Hyppönen.
|
|
|
|
|
2018-06-05 09:00:02 |
End-to-end encryption doesn\'t stop the FBI reading your messages. Just ask Paul Manafort (lien direct) |
End-to-end encryption is really neat, but it only encrypts *between* those who are doing the communicating.
|
|
|
|
|
2018-06-01 09:41:05 |
An advert against online privacy (lien direct) |
Not everyone is in favour of better privacy online.
The advertising industry, for instance, has its knickers in a twist so tightly about European privacy regulations that it made an over-the-top video.
|
|
|
|
|
2018-05-31 07:59:04 |
Smashing Security #080: Country bans Facebook, eavesdropping Alexa, and PornHub VPN (lien direct) |
The country of Papua New Guinea is planning a month-long nationwide ban of Facebook, PornHub wants to keep your online activities more private, and Amazon Alexa forwards a married couple's private conversation to a random contact.
All this and much much more is discussed in the latest 100% GDPR-compliant edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by ESET's Tommi Uhlemann.
|
|
|
|
|
2018-05-30 13:10:05 |
Jail for the man who helped Russia hack Yahoo\'s email accounts (lien direct) |
A hacker who lived the high life with expensive cars has been sentenced to jail for his part in a serious security breach at Yahoo.
Read more in my article on the Hot for Security blog.
|
|
Yahoo
|
|
|
2018-05-30 10:18:04 |
See me speak at the Cloud Security Summit in London (lien direct) |
There is another chance to see me speak in London next month, as I'll be keynoting at the Cloud Security Summit on Wednesday 20th June.
Find out how to reserve your place at this event.
|
|
|
|
|
2018-05-29 10:09:05 |
Papua New Guinea to ban Facebook for a month (lien direct) |
The country of Papua New Guinea is reportedly planning a month-long national ban of Facebook.
Why? To research the effect that the addictive social network has on the South Pacific island's populace, and to root out “fake users.”
But important questions remain unanswered.
|
|
|
|
|
2018-05-24 07:46:03 |
Smashing Security #079: Mugshots, mobile mania, and back end gurus (lien direct) |
A website which demands money if you want your mugshot removed, could “sharenting” lead to a rise in fraud and identity theft, and how could the FBI have overcounted encrypted phones so badly?
All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest Maria Varmazis.
|
Guideline
|
|
|
|
2018-05-23 12:11:02 |
800,000 DrayTek routers at risk of DNS hijacking attack - update your firmware! (lien direct) |
Got a DrayTek router? Take steps now to ensure that you aren't the victim of a DNS hijack.
Read more in my article on the Bitdefender BOX blog.
|
|
|
|
|
2018-05-22 14:20:02 |
Donald Trump\'s smartphone security: an inconvenient truth (lien direct) |
According to reports, US President Donald Trump hasn't been following the advice of his security team, and is resisting their attempts to regularly check his iPhone to see if it has been hacked.
|
|
|
|
|
2018-05-21 14:02:03 |
See me speak at the Sunny Side Up Security breakfast event in London next month (lien direct) |
If you're going to be in London in June, attending Infosec 2018, you may want to register for the “Sunny Side Up Security” breakfast at the Hilton Olympia (just next door to the Olympia Center where Infosec is being held).
|
|
|
|
|
2018-05-21 12:19:00 |
Best Security Podcast: “Smashing Security” up for top award (lien direct) |
“Smashing Security”, the weekly cybersecurity podcast I co-host with Carole Theriault, has made the finals of the European Security Blogger Awards. Now all that we need is some people to vote for it.
|
|
|
|
|
2018-05-18 12:49:00 |
Suspected Syrian Electronic Army hackers indicted for conspiracy and identity theft (lien direct) |
But don't imagine that the two suspected hackers will be defending themselves in a US court anytime soon…
Read more in my article on the Hot for Security blog.
|
|
|
|
|
2018-05-17 15:16:00 |
The Dark Overlord: Suspected hacking group member arrested in Serbia (lien direct) |
Is The Dark Overlord's days numbered?
Serbian police have arrested a man suspected of being a member of the notorious and high profile hacking and extortion group.
Read more in my article on the Hot for Security blog.
|
|
|
|
|
2018-05-17 07:18:00 |
Rail Europe data breach lasted almost three months (lien direct) |
Travel website Rail Europe has informed customers that their lifelong dream to see the sights of Europe by train may have turned into a nightmare.
Read more in my article on the Hot for Security blog.
|
|
|
|
|
2018-05-16 23:18:05 |
Smashing Security #078: Hounds hunt hackers, too-human Google AI, and ethnic recognition tech - WTF? (lien direct) |
Dogs are trained to sniff out hackers' hard drives, facial recognition takes an ugly turn, and do you trust Google to book your hair appointment?
All this and more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by investigative journalist Geoff White.
|
|
|
|
|
2018-05-16 10:58:02 |
Four-million Facebook users\' data wide open for anyone to download for years (lien direct) |
Yet another instance of a Facebook app putting innocent users' sensitive private data at risk has been uncovered.
|
|
|
|
|
2018-05-16 09:05:01 |
Kaspersky Lab plays Swiss gambit in attempt to assuage Russian spying fears (lien direct) |
Kaspersky Lab has announced that it is moving some of its core infrastructure from Russia to Switzerland.
|
|
|
|
|
2018-05-14 15:40:01 |
Despite Efail, the sky is not falling (lien direct) |
The Efail attack on encrypted emails is sneaky, but it doesn't seem to be all that it's hyped up to be.
|
|
|
|
|
2018-05-14 10:10:03 |
Critical vulnerabilities in PGP/GPG and S/MIME email encryption, warn researchers (lien direct) |
Brace yourself, there's a security scare involving encrypted email that could see your past sensitive messages exposed.
It's name? “Efail.”
|
|
|
|
|
2018-05-11 07:14:00 |
Text bombs and \'Black Dots of Death\' plague WhatsApp and iMessage users (lien direct) |
Please don't be tempted to try any of these text bomb attack out on anyone else, even as a prank. It's simply not funny.
Read more in my article on the Hot for Security blog.
|
|
|
|
|
2018-05-10 22:17:04 |
Zero-day flaw exploited in targeted attacks is fixed by Microsoft (lien direct) |
This month's Patch Tuesday bundle of updates from Microsoft included a fix for a critical vulnerability that has been actively exploited by at least one hacking gang in targeted attacks.
Read more in my article on the Tripwire State of Security blog.
|
|
|
|
|
2018-05-10 07:57:03 |
Data breach disclosure is still taking too long, report reveals as GDPR looms (lien direct) |
The accepted wisdom in the field of cybersecurity is that things are getting worse, and that more businesses are losing control of more data than ever before.
What a bunch of pessimists we are… The truth, however, might be rather different.
Read more in my article on the Bitdefender Business Insights blog.
|
|
|
|
|
2018-05-09 17:09:03 |
Paris Hilton\'s hacker sentenced to 57 months in prison (lien direct) |
Celebrity heiress Paris Hilton says she no longer trusts the iCloud.
|
|
|
|
|
2018-05-09 16:06:04 |
Smashing Security #077: Why Paris Hilton doesn\'t use iCloud, lottery hacking, and Facebook dating (lien direct) |
The tricky-to-pronounce Paytsar Bkhchadzhyan is jailed for hacking Paris Hilton, we hear the story of the man who hacked the lottery and almost got away with $16.5 million, and Facebook thinks it is the perfect partner to find you a date.
Find out in this special splinter episode of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest Dave Bittner from The Cyberwire podcast.
|
|
|
|
|
2018-05-09 12:02:02 |
Drupe app removed from Google Play store after photos and messages leaked publicly (lien direct) |
A popular Android app called Drupe, downloaded over 10 million times, has been leaving users' selfie snapshots, audio messages, and other sensitive data exposed for anybody to see.
Read more in my article on the Hot for Security blog.
|
|
|
|
|
2018-05-09 07:15:01 |
Cryptomining with JavaScript in an Excel spreadsheet (lien direct) |
It didn't take long at all for a security researcher to demonstrate how easy it was to turn an Excel spreadsheet into a cryptomining machine.
|
|
|
|
|
2018-05-08 12:49:02 |
Bad guys have something new to play with! Microsoft Excel adds support for JavaScript (lien direct) |
Microsoft has launched some new features in its Excel spreadsheet software that will boost its power. But will that only be for the benefit of users?
|
|
|
|