What's new arround internet

Src Date (GMT) Titre Description Tags Stories Notes
grahamcluley.png 2019-03-25 17:07:03 DLA Piper and its insurers clash over multi-million NotPetya payout (lien direct)
DLA Piper and its insurers clash over NotPetya payout

Multinational law firm was hit in the crossfire as Russia-backed ransomware spread, and Hiscox is reportedly declining to pay up citing an “act of war”.

grahamcluley.png 2019-03-25 15:35:01 Popular family tracking app exposed real-time location data onto the internet – no password required (lien direct)
Popular family tracking app exposed real-time location data onto the internet – no password required

More than 238,000 individuals users have had their family\'s real-time location exposed for weeks on end after an app developer left sensitive data exposed on the internet, without a password.

Read more in my article on the Hot for Security blog.

grahamcluley.png 2019-03-21 17:16:04 Some 2000 Facebook staff had access to millions of Facebook users\' passwords… stored in plaintext (lien direct)
Some 2000 Facebook engineers had access to millions of Facebook users' passwords... stored in plaintext

Stretching back as far as 2012, Facebook has been storing the passwords of hundreds of millions of users unencrypted, in plaintext.

And those passwords were searchable by Facebook staff…

grahamcluley.png 2019-03-21 13:30:00 Google and Facebook scammed out of $123 million by man posing as hardware vendor (lien direct)
Google and Facebook scammed out of $123 million by man posing as hardware vendor

Even the most tech savvy companies in the world can fall for business email compromise.

A Lithuanian man has this week pleaded guilty to tricking Google and Facebook into transferring over $100 million into a bank account under his control after posing as a company that provided the internet giants with hardware for their data centers.

Read more in my article on the Tripwire State of Security blog.

grahamcluley.png 2019-03-21 12:05:04 Smashing Security #120: Silk Road with Deliveroo (lien direct)
Smashing Security #120: Silk Road with Deliveroo

Online drug dealers get busted due to poor OPSEC! People are still failing to wipe their USB sticks properly! A potential presidential candidate is outed as a former hacker! Flat Earthers! Pi! Empathy!

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.

grahamcluley.png 2019-03-20 11:21:03 Hydro working hard to recover following ransomware attack (lien direct)
Norsk thumb

You can\'t help but get the feeling that this was a highly-organised extortion attempt against Norsk Hydro.

grahamcluley.png 2019-03-19 13:06:05 Aluminium plants hit by cyber-attack, global company turns to manual operations (lien direct)
Aluminium plants hit by cyber-attack, global company turns to manual operations

Norsk Hydro, one of the world\'s largest producers of aluminium, says that it is battling an “extensive cyber-attack” that first hit its systems on Monday evening and then escalated overnight.

Read more in my article on the Hot for Security blog.

grahamcluley.png 2019-03-18 16:09:00 Google Play is flooded with hundreds of unsafe Android anti-virus products (lien direct)
Google Play is flooded with hundreds of unsafe anti-virus products

A new study has closely examined whether 250 security products for Android smartphones are capable of protecting users at all.

The results are in… and disturbing.

Read more in my article on the Hot for Security blog.

grahamcluley.png 2019-03-18 11:21:05 53% of Britain\'s most frequent porn watchers aren\'t aware that they\'re about to be blocked (lien direct)
53% of Britain's most frequent porn watchers aren't aware that they're about to be blocked

A new survey has revealed that the majority of Brits are blissfully unaware that next month the UK Government will be requiring porn websites to verify that their users have obtained a “porn passport.”

grahamcluley.png 2019-03-18 10:21:03 Myspace has lost all the music users uploaded between 2003 and 2015 (lien direct)
MySpace has lost all the music users uploaded between 2003 to 2015

You cannot trust the likes of Myspace to look after your data securely. Use internet services to archive your content if you wish, but you\'d be wise to have your own backup too.

grahamcluley.png 2019-03-15 18:53:00 Zillow sued for $60 million after mansion listing hijacked (lien direct)
Zillow sued for $60 million after mansion listing hijacked

A hacker knocked millions off the listed price of an incredibly expensive home, and its owners aren\'t at all happy…

grahamcluley.png 2019-03-14 15:19:02 Online training site says it is spamming insecure printers with adverts (lien direct)
Online training site says it is spamming insecure printers with adverts

Online training site Skillbox says that it has come up with an imaginative way to reach out to potential clients, and invite them to change their careers from being accountants and become graphical designers instead.

The Russian firm\'s idea? To send a spam message to thousands of printers left open to the internet.

Is this really happening again?

grahamcluley.png 2019-03-14 12:40:05 US Senators say it shouldn\'t be a secret when they\'ve been hacked (lien direct)
US Senators say it shouldn't be a secret when they've been hacked

Federal agencies and companies are required by law to disclose breaches, but Congress is under no such obligation - meaning that the public may have no idea that their political representatives have been hit.

Read more in my article on the Tripwire State of Security blog.

grahamcluley.png 2019-03-14 00:23:04 Smashing Security #119: Hijacked homes, porn passports, and ransomware regret (lien direct)
Smashing Security #119: Hijacked homes, porn passports, and ransomware regret

A $150 million mansion is hijacked online, Brits will soon have to scan their passport to watch internet porn, and are organisations right to pay up when hit by ransomware?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology broadcaster David McClelland.

grahamcluley.png 2019-03-13 13:34:03 Online safety cartoons for young kids (lien direct)
Online safety cartoons for kids

A series of cartoons are aiming to educate children as young as four about how to stay safe online.

grahamcluley.png 2019-03-13 12:04:01 Man arrested for selling one million Netflix, Spotify, Hulu passwords (lien direct)
Man arrested for selling one million Netflix, Spotify, Hulu passwords

The WickedGen website bragged that it had over 120,000 users and almost one million sets of account details, offering monthly and yearly membership plans for those who wanted “access to thousands of premium accounts across a huge range of services.”

Read more in my article on the Hot for Security blog.

grahamcluley.png 2019-03-11 16:35:04 Citrix hackers may have stolen six terabytes worth of files (lien direct)
Citrix hack

The FBI suspects that the hackers used a technique known as “password spraying”.

grahamcluley.png 2019-03-11 13:52:03 Facebook sues quiz app developers who allegedly stole users\' private data through browser plugins (lien direct)
Facebook sues quiz app developers who allegedly stole users' private data through browser plugins

Facebook is taking a stand against a pair of Ukrainian app developers who it claims scraped personal information from users\' profiles.

Read more in my article on the Hot for Security blog.

grahamcluley.png 2019-03-08 13:53:03 Hackable car alarms leave three million cars at risk of hijack (lien direct)
Hackable car alarms leave three million cars at risk of hijack

Millions of car owners were left at risk of having their vehicles stolen, because of the poor security of third-party app-connected car alarms.

Read more in my article on the Hot for Security blog.

grahamcluley.png 2019-03-08 11:34:05 Facebook Messenger bug made it possible for hackers to see who you have been chatting with (lien direct)
Facebook Messenger bug made it possible for hackers to see who you have been chatting with

A security researcher has revealed details of a flaw in Facebook Messenger that made it possible for “any website to expose who you have been messaging with.”

grahamcluley.png 2019-03-07 11:51:03 Thousands of patients impacted by ransomware attack at medical billing company (lien direct)
Thousands of patients impacted by ransomware attack at medical billing company

Following a ransomware attack at a medical billing company, thousands of patients are being warned that their highly sensitive medical information and personal details were amongst the data that was breached.

Read more in my article on the Tripwire State of Security blog.

grahamcluley.png 2019-03-07 08:36:04 FBI boss warns businesses of Chinese hackers stealing their intellectual property (lien direct)
FBI boss warns businesses of Chinese hackers stealing their intellectual property

What\'s the biggest cybersecurity threat for US businesses?

If FBI chief Christopher Wray is to be believed, it\'s China.

Read more in my article on the Bitdefender Business Insights blog.

grahamcluley.png 2019-03-07 00:08:04 Smashing Security #118: The \'s\' in IoT stands for security (lien direct)
Smashing Security #118: The 's' in IoT stands for security

Twerking robot assistants, an app from Saudi Arabia that lets men track women, and a gnarly skiing security snarl-up!

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology journalist Geoff White.

grahamcluley.png 2019-03-05 10:42:02 Find QuadrigaCX\'s missing $190 million, and you could win a $100,000 bounty (lien direct)
Quadrigacx thumb

There has been another twist in the curious case of QuadrigaCX, a Canadian cryptocurrency exchange whose CEO unexpectedly and suddenly died without telling anyone else his password.

And it sounds like more troubling news for investors.

grahamcluley.png 2019-03-04 17:24:02 Facebook isn\'t letting you opt-out of having people search for you by your phone number (lien direct)
Facebook isn't letting you opt-out of having people search for you by your phone number

If you really must use Facebook, don\'t give it your phone number - not even for 2FA.

grahamcluley.png 2019-02-28 15:53:02 Coinhive, the in-browser cryptomining service beloved by hackers, is dead (lien direct)
Coinhive, the in-browser cryptomining service beloved by hackers, is dead

“To be completely honest, it isn\'t economically viable anymore,” says Coinhive.

Read more in my article on the Tripwire State of Security blog.

grahamcluley.png 2019-02-28 15:50:03 A video about cybersecurity threats that doesn\'t feature any computers (lien direct)
A video about cybersecurity threats that doesn't feature any computers

Check out this engaging and entertaining cybersecurity ad that doesn\'t include a single hoodie or (even more remarkably) any furtive keyboard typing in a darkened room.

grahamcluley.png 2019-02-28 11:11:02 Businesses warned of malware spread via LinkedIn job offers (lien direct)
Businesses warned of malware spread via LinkedIn job offers

Online criminals are using the temptation of a new job in a new malware campaign launched via LinkedIn.

Read more in my article on the Bitdefender Business Insights blog.

grahamcluley.png 2019-02-28 08:23:03 Smashing Security #117: SWATs on a plane (lien direct)
Smashing Security #117: SWATs on a plane

Why is Tampa\'s mayor tweeting about blowing up the airport? Are hackers trying to connect with you via LinkedIn? And has Maria succeeded in her attempt to survive February without Facebook?

All this and much much more in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

Plus, after last week\'s discussion about the legal battle between Mondelez and Zurich Insurance, we have a chat with security veteran Martin Overton to take a deeper look into cyberinsurance.

grahamcluley.png 2019-02-26 12:07:03 Two weeks after hackers tried to steal 13 million euros, Bank of Valletta goes offline again (lien direct)
Two weeks after hackers tried to steal 13 million euros, Bank of Valetta goes offline again

The Maltese Bank of Valletta went down two weeks ago as hackers tried to steal 13 million Euros.

And now its systems have gone down again…

grahamcluley.png 2019-02-25 15:42:01 Russian creator of NeverQuest banking trojan pleads guilty in American court (lien direct)
Russian creator of NeverQuest banking trojan pleads guilty in American court

Arrested as he returned his rental car at Barcelona\'s airport, a 33-year-old Russian faces up to five years in jail after admitting to being the mastermind behind the sophisticated NeverQuest banking trojan.

Read more in my article on the Hot for Security blog.

grahamcluley.png 2019-02-25 13:06:03 Your $350 Nike self-lacing sneakers aren\'t as smart as you hoped (lien direct)
Nike shoe thumb

Owners of Nike\'s “smart” sneakers are up in arms that their $350 footwear had been bricked by a faulty Android app update.

Sometimes simple is better than “smart”.

grahamcluley.png 2019-02-21 10:10:05 139 US bars, restaurants and coffeeshops infected by credit-card stealing malware (lien direct)
139 US bars, restaurants and coffeeshops infected by credit-card stealing malware

North Country Business Products (NCBP), a provider of point-of-sales systems, has revealed that 139 of its clients have been hit by a malware infection that stole the payment card details of consumers.

Read more in my article on the Hot for Security blog.

grahamcluley.png 2019-02-21 00:01:00 Smashing Security #116: Stalking debtors, Facebook farce, and a cyber insurance snag (lien direct)
Smashing Security #116: Stalking debtors, Facebook farce, and a cyber insurance snag

How would *you* track someone who owed you money? What was the colossal flaw Facebook left on its website for anyone to exploit and hijack accounts? And what excuse are insurance companies giving for not paying victims of the NotPetya malware millions of dollars?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Joe Carrigan of the Information Security Institute at Johns Hopkins University.

grahamcluley.png 2019-02-20 14:41:02 Join me to learn more about Magecart attacks - and how to defend against them (lien direct)
Join me to learn more about Magecart attacks - and how to defend against them

Attacks that can silently skim payment data as it is entered on websites have become a huge problem.

Learn more about the likes of Magecart, and how to effectively combat such threats, in an upcoming free webinar.

grahamcluley.png 2019-02-20 14:07:05 Google in hot water after not revealing it had hidden a secret microphone in home alarm product (lien direct)
Google in hot water after not revealing it had hidden a secret microphone in home alarm product

As if some folks weren\'t concerned enough about the infiltration of potentially privacy-busting devices into the home, Google has admitted it did not disclose that it hid a secret microphone inside its Nest Secure product.

Read more in my article on the Hot for Security blog.

grahamcluley.png 2019-02-20 10:22:05 The man suing Apple over two-factor authentication has \'previous\' (lien direct)
The man suing Apple over two-factor authentication has 'previous'

Many have been baffled by Jay Brodsky\'s legal action against Apple, including his claim that it takes between two and five minutes for him to pass the 2FA security check.

But things began to fall a little more into place when you discover it\'s not the first time he has sued Apple.

grahamcluley.png 2019-02-19 11:07:03 Why real-time intelligence matters for managing third-party risk (lien direct)
Why real-time intelligence matters for managing third-party risk

Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support!

As leading companies in every industry today are undergoing digital transformation, the lines are blurring between any one organization and its partners, suppliers, vendors, and other third parties.

In this new report, ESG examines how these business relationships can introduce new risks that need to be identified and managed “as if these third parties were part of the enterprise itself.”

Download your copy now of “Third-Party Risk: Why Real-Time Intelligence Matters”

About Recorded Future

Recorded Future delivers the only complete threat intelligence solution powered by patented machine learning to lower risk. We empower organizations to reveal unknown threats before they impact business, and enable teams to respond to alerts 10 times faster. To supercharge the efforts of security teams, our technology automatically collects and analyzes intelligence from technical, open web, and dark web sources and aggregates customer-proprietary data.

Recorded Future delivers more context than threat feeds, updates in real time so intelligence stays relevant, and centralizes information ready for human analysis, collaboration, and integration with security technologies. 91 percent of the Fortune 100 use Recorded Future.


If you\'re interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.

grahamcluley.png 2019-02-19 08:29:05 450,000 usernames and passwords stolen from Coinmama cryptocurrency broker (lien direct)
450,000 usernames and passwords stolen from Coinmama cryptocurrency broker

Coinmama, a site that is supposed to “make it fast, safe and fun” to buy Bitcoins and Etherium with a credit card, has suffered a data breach that has resulted in almost half a million customers having their personal details breached.

Read more in my article on the Hot for Security blog.

grahamcluley.png 2019-02-18 16:23:01 Apple sued over death blamed on faulty iPad battery (lien direct)
Apple sued over death blamed on faulty iPad battery

Was iPad\'s Lithium-ion battery to blame for apartment fire that killed 64-year-old man two years ago?

grahamcluley.png 2019-02-18 16:16:03 Apple sued because two-factor authentication… oh, I give up (lien direct)
Apple sued because two-factor authentication.. oh, I give up

An American man is bringing a class action against Apple, complaining that two-factor authentication (2FA) on an iPhone or Mac takes too much time.

grahamcluley.png 2019-02-14 13:34:03 Hacker arrested for wave of fake bomb and shooting threats against schools (lien direct)
Hacker arrested for wave of fake bomb and shooting threats against schools

FBI agents have arrested a 20-year-old man alleged to have been part of a hacking gang which not only launched distributed denial-of-service (DDoS) attacks, but also launched a wave of chilling bomb and shooting threats against thousands of schools in the United States and United Kingdom.

Read more in my article on the Tripwire State of Security blog.

grahamcluley.png 2019-02-14 11:47:05 Electric scooters can be hijacked remotely – no password required (lien direct)
Electric scooters can be hijacked remotely – no password required

Security researchers have demonstrated that it\'s possible to remotely hijack control of popular electric scooters, forcing them to dangerously brake suddenly or accelerate.

Read more in my article on the Bitdefender Box blog.

grahamcluley.png 2019-02-14 10:27:03 Smashing Security #115: Love, Nests, and is 2FA destroying the world? (lien direct)
Smashing Security #115: Love, Nests, and is 2FA destroying the world?

Is two factor authentication such a pain in the rear end that it\'s costing the economy millions? Do you feel safe having a Google Nest in your home? And don\'t get caught by a catfisher this Valentine\'s Day.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by B J Mendelson.

grahamcluley.png 2019-02-12 19:40:03 VFEmail suffers \'catastrophic\' attack, as hacker wipes email service\'s primary and backup data (lien direct)
VFEmail suffers 'catastrophic' attack, as hacker wipes email service's primary and backup data

There will be many angry customers of VFEmail who will be distraught at the thought that years\' worth of irreplaceable personal and business correspondence may have been wiped out. It\'s understandable that some might turn their fury towards VFEmail.

But VFEmail is a victim too.

grahamcluley.png 2019-02-11 14:53:04 Automatic 4K/HD for YouTube extension pulled from Chrome Store for pop-up ad abuse (lien direct)
Automatic 4K/HD for Youtube extension pulled from Chrome Store for pop-up ad abuse

A popular browser extension has been removed by Google from the Chrome Web Store after it started spamming users with irritating pop-up advertisements.

Read more in my article on the Hot for Security blog.

grahamcluley.png 2019-02-11 10:51:02 Some OkCupid users have their accounts compromised. Why don\'t more dating apps use 2FA? (lien direct)
Some OkCupid users have their accounts compromised. Why don't more dating apps use 2FA?

It\'s easy to imagine the harm that could result from a hacker reading users\' private communications on a dating app. So it\'s a disgrace that more don\'t offer a higher level of security to help prevent accounts from being hijacked.

grahamcluley.png 2019-02-10 14:33:00 Botched Mumsnet update allowed users to see details of strangers\' accounts (lien direct)
Botched Mumsnet update allowed users to see details of strangers' accounts

Popular British parenting site Mumsnet apologises after software update allows users to log into strangers\' accounts.

grahamcluley.png 2019-02-08 13:02:04 Update your iOS devices now against the FaceTime eavesdropping bug (lien direct)
Update your iOS devices now against the FaceTime eavesdropping bug

Apple has finally issued an update to iOS, iOS 12.1.4, which fixes the high profile problem which allowed FaceTime callers to listen and even see you *before* you answered an incoming call.

Read more in my article on the Hot for Security blog.

grahamcluley.png 2019-02-07 12:17:01 Google Chrome extension warns if your password has been leaked (lien direct)
Google Chrome extension warns if your password has been leaked

Google has released an optional extension for its Chrome browser that will trigger a visual warning if it determines you are using a username/password combination that it knows to be unsafe.

Read more in my article on the Tripwire State of Security blog.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21

Information mise à jours le: 2019-03-26 04:01:32
Voir la liste des sources.

Mon email:

Vous souhaitez ne rien manquer: Notre RSS (filtré) Twitter