What's new arround internet

Src Date (GMT) Titre Description Tags Stories Notes
grahamcluley.png 2019-01-18 19:26:02 Ingenious! The Android malware which only triggers if you\'re moving (lien direct)
Ingenious! The Android malware which only activates if you're moving

Android malware in the Google Play Store could tell whether it was likely to be running on a genuine victim\'s device or being analysed by a security team.

grahamcluley.png 2019-01-17 15:04:01 The Collection #1 data breach - what you need to do about it (lien direct)
The Collection #1 data breach - what you need to do about it

A huge collection of email addresses and passwords, which can be used in attempts to break into online accounts, has been discovered.

If you are one of the affected users, what should you do about it?

grahamcluley.png 2019-01-17 00:02:05 Smashing Security #111: When rivals hack, and \'extreme\' baby monitors (lien direct)
Smashing Security #111: When rivals hack, and 'extreme' baby monitors

Why a business spat resulted in Liberia falling off the internet, how the US Government shutdown is impacting website security, and the perplexing world of extreme IoT devices.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Zoë Rose.

grahamcluley.png 2019-01-15 14:10:02 Huge prizes up for grabs for anyone who can hack a Tesla (lien direct)
Huge prizes up for grabs for anyone who can hack a Tesla

This year, for the first time ever, a popular car will be amongst the products hackers will be trying to exploit at the Pwn2Own contest.

Read more in my article on the Hot for Security blog.

grahamcluley.png 2019-01-14 17:08:01 British TV viewers targeted by email fraudsters (lien direct)
British TV viewers targeted by email fraudsters

TV fraudsters are using the disguise of emails from the TV Licensing authority to steal large sums of money from the bank accounts of unwary Brits.

grahamcluley.png 2019-01-14 10:07:00 The DDoS attacker rescued by a Disney cruise ship is sentenced to over 10 years in prison (lien direct)
The DDoS attacker rescued by a Disney cruise ship is sentenced to over 10 years in prison

A 34-year old man has been jailed after being found guilty of launching a massive denial-of-service attack against Boston Children\'s Hospital.

Read more in my article on the Hot for Security blog.

grahamcluley.png 2019-01-10 14:27:01 Reddit users locked out of accounts after \'security concern\' (lien direct)
Reddit users locked out of accounts after 'security concern'

A large number of Reddit users are being told that they will have to reset their passwords in order to regain access to their accounts following what the site is calling a “security concern.”

The lockout has occurred as Reddit\'s security team investigates what appears to have been an attempt to log into many users\' accounts through a credential-stuffing attack.

Read more in my article on the Tripwire State of Security blog.

grahamcluley.png 2019-01-10 12:35:02 Smashing Security #110: What? You can get paid to leave Facebook? (lien direct)
Smashing Security #110: What? You can get paid to leave Facebook?

Twitter and the not-so-ethical hacking of celebrity accounts, study discovers how you can pay someone to quit Facebook for a year, and the millions of dollars you can make from uncovering software vulnerabilities.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

grahamcluley.png 2019-01-09 12:43:04 Automated phishing attack tool bypasses 2FA protection (lien direct)
Automated phishing attack tool bypasses 2FA protection

Modlishka may help raise awareness of the danger of reverse proxy phishing attacks, but it\'s easy to imagine that many criminals will be tempted to put it to malicious use.

grahamcluley.png 2019-01-09 11:27:02 Being paid to quit Facebook (lien direct)
Facebook money thumb

Research claims Facebook users are prepared to give up the social network for a year… if paid over $1000.

grahamcluley.png 2019-01-07 16:24:01 Earn $2,000,000 by remotely jailbreaking an iPhone (lien direct)
Earn $2,000,000 by remotely jailbreaking an iPhone

Will anyone come up with a zero-day remote exploitation of iOS 12.x without user interaction?

The sad truth is that we may never know for sure… but intelligence agencies might.

grahamcluley.png 2019-01-04 16:04:02 Town of Salem hack exposes details of 7.6 million gamers (lien direct)
Town of Salem hack exposes details of 7.6 million gamers

Just before Christmas, hackers managed to break into a database belonging to a popular online game and steal the details of over seven million players.

Read more in my article on the Hot for Security blog.

grahamcluley.png 2019-01-04 11:43:03 German politicians suffer massive hack of personal details and private communications (lien direct)
Germany thumb

The private communications, emails, contact details, mobile phone numbers, memos, and financial information of hundreds of politicians have been published online.

grahamcluley.png 2019-01-03 15:39:00 TheHackerGiraffe says he\'s retired from hacking smart TVs to promote PewDiePie (lien direct)
HackerGiraffe says he's retired from hacking smart TVs to promote PewDiePie

TheHackerGiraffe, the hacker who breached innocent users\' unsecured printers, Google Chromecast streaming devices, and smart TVs to promote the PewDiePie YouTube channel, has announced his retirement.

grahamcluley.png 2019-01-03 13:06:01 Hackers demand ransom from Dublin\'s tram system, after Luas website defaced (lien direct)
Hackers demand ransom from Dublin's tram system, after Luas website defaced

The website of Luas, the tram system operating in Ireland\'s capital city of Dublin, has been taken offline this morning after hackers defaced the site and demanded a ransom be paid within five days.

Read more in my article on the Tripwire State of Security blog.

grahamcluley.png 2019-01-02 10:17:04 Appearing on the \'Random but Memorable\' podcast (lien direct)
Appearing on Random but Memorable

Just before Christmas I was fortunate enough to be invited onto the “Random but Memorable” podcast, hosted by Matt Davey and Michael Fey of 1Password.

Take a listen.

grahamcluley.png 2018-12-30 21:13:01 Graham Cluley\'s Desert Planet Picks (lien direct)
Graham Cluley's Desert Planet Picks

Here\'s something a bit different (and utterly unrelated to computer security).

grahamcluley.png 2018-12-20 11:50:00 Spooked by a speaking security camera? Polite hacker tells owner how to fix his IoT security (lien direct)
Spooked by a speaking security camera? Polite hacker tells owner how to fix his IoT security

The “white hat” hacker, who claimed to be part of a group calling itself the “Anonymous Calgary Mindhive”, said it hadn\'t been hard for him to hijack control of Gregg\'s Nest security camera.

Read more in my article on the Bitdefender Box blog.

grahamcluley.png 2018-12-20 00:00:01 Smashing Security #109: Grinches target Amazon and Reddit, stealing Christmas from the poor (lien direct)
Smashing Security #109: Grinches target Amazon and Reddit, stealing Christmas from the poor

Join us for our special Christmas episode as we tell tales of printer hacking, website defacement, Grinches, and how Google is snooping on your private YouTube videos.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The CyberWire\'s Dave Bittner.

grahamcluley.png 2018-12-19 13:47:00 Facebook waited months before admitting privacy bug exposed millions of users\' unposted photos (lien direct)
Unlike thumb

At the end of last week Facebook revealed that an API bug had given developers of third-party apps access to the photos of millions of users.

But Facebook didn\'t find out about the problem last week. It found out about it in September.

grahamcluley.png 2018-12-14 17:50:00 International email bomb hoax proves to be a spectacular failure (lien direct)
International email bomb hoax proves to be a spectacular failure

Authorities in the United States, Canada, Australia, and New Zealand are said to be investigating a wave of bogus bomb threats that have been sent to a variety of organisations late on Thursday.

But if the hoaxer thought they were going to make a lot of money through the scam, they\'re going to be disappointed.

grahamcluley.png 2018-12-14 10:59:04 2018 - a year of data breaches in review (lien direct)
2018 - a year of data breaches

Week after week, month after month, 2018 saw organisations and companies struck by massive and damaging data breaches, putting the personal details of innocent members of the public at risk.

Read more in my article on the Bitdefender Business Insights blog.

grahamcluley.png 2018-12-13 09:52:02 Smashing Security #108: Hoaxes, Huawei and chatbots - with Mikko Hyppönen (lien direct)
Smashing Security #108: Hoaxes, Huawei and chatbots - with Mikko Hyppönen

The curious case of George Duke-Cohan, Huawei\'s CFO finds herself in hot water, and the crazy world of mobile phone mental health apps.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guests Mikko Hyppönen from F-Secure and technology journalist Geoff White.

grahamcluley.png 2018-12-12 21:49:02 Supermicro says independent investigation found no spy chips on its motherboards (lien direct)
Supermicro says independent investigation found no spy chips on its motherboards

An independent audit has found no evidence that malicious chips were planted on Supermicro\'s motherboards, debunking Bloomberg claims that servers at Amazon and Apple were being spied upon by China.

grahamcluley.png 2018-12-12 14:48:05 Bad news for scammers. Huawei executive Meng Wanzhou has been released on bail (lien direct)
Huawei jail thumb

Scammers want you to send $2000 to help Huawei\'s CFO bribe her way out of jail.

grahamcluley.png 2018-12-11 02:30:04 Google admits Google Plus hit by *another* privacy flaw, speeds up site\'s closure (lien direct)
Google admits Google Plus hit by *another* privacy flaw, says it will shut it down four months sooner

Google has admitted that Google Plus suffered another security failure last month, allowing the personal information of 52 million users to be accessed by third-party apps and developers without permission.

grahamcluley.png 2018-12-11 01:20:04 GlobeImposter ransomware victims find themselves abandoned by their extortionists (lien direct)
GlobeImposter ransomware victims find themselves abandoned by their extortionists

It\'s a bad day when your computers get hit by ransomware.

But it only gets worse when you realise that you not only don\'t have backups, but also have no way of contacting the criminals who encrypted your data.

grahamcluley.png 2018-12-07 15:35:04 Three years in jail for teenager who spammed out school bomb threats (lien direct)
Three years in jail for teenager who spammed out school bomb threats

British teenager George Duke-Cohan has been jailed for three years for making hoax bomb threats that closed hundreds of schools up and down the UK.

grahamcluley.png 2018-12-06 13:04:01 Malicious Chrome extension which sloppily spied on academics believed to originate from North Korea (lien direct)
Malicious Chrome extension which sloppily spied on academics believed to originate from North Korea

Computer users are being reminded once again to take care over the browser extensions they install after security experts discovered a hacking campaign that has been targeting academic institutions since at least May 2018.

Read more in my article on the Tripwire State of Security blog.

grahamcluley.png 2018-12-06 01:16:01 Smashing Security #107: Sextorting the US army, and a Touch ID scam (lien direct)
Smashing Security #107: Sextorting the US army, and a Touch ID scam

Fitness apps exploit TouchID through a sneaky user interface trick, tech giants claim to have a plan to banish passwords, and you won\'t believe who was behind a sextortion scam that targeted over 400 members of the US military.

All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by ferret-loving ethical hacker Zoë Rose.

grahamcluley.png 2018-12-05 14:48:01 It looked like a Citrix ShareFile phishing attack, but wasn\'t (lien direct)
It looked like a Citrix ShareFile phishing attack, but wasn't

Guest contributor Bob Covello isn\'t happy about a password reset email that Citrix has been sending its customers.

If you\'re a company contacting your customers via email, please make sure it doesn\'t look phishy.

grahamcluley.png 2018-12-04 12:58:04 Quora hack leaves details of 100 million accounts exposed (lien direct)
Quora hack leaves details of 100 million accounts exposed

Approximately 100 million Quora users may have had their information accessed by hackers.

grahamcluley.png 2018-12-03 19:53:02 Fitness-tracking apps caught misusing Touch ID to steal money from iPhone users (lien direct)
Print thumb

Two iOS fitness apps have been found exploiting a sneaky user interface trick to fool users into making unwanted in-app purchases with Touch ID.

grahamcluley.png 2018-12-03 19:05:02 Digitize and automate your customer agreement process for financial transactions. Download this free OneSpan guide. (lien direct)
Digitize and automate your customer agreement process for financial transactions. Download this free OneSpan guide.

Graham Cluley Security News is sponsored this week by the folks at OneSpan. Thanks to the great team there for their support!

More than 10,000 customers in 100 countries rely on OneSpan to secure access, manage identities, verify transactions, simplify document signing and protect high value assets and systems.

OneSpan is now giving you the chance to download its Financial Agreement Automation RFP Guide for Account Opening, Digital Lending and Leasing Automation.

Trillions of dollars in financial transactions are processed each year. These include credit agreements, loans, new account openings, mortgages, pensions and annuities.

Today\'s customer is looking for speed, ease and convenience. To meet these demands, financial institutions must offer fully digital experiences.

This guide is for financial institutions evaluating technology for agreement automation.

Agreement automation refers to the digitization of the customer agreement process for financial transactions – including application data validation, digital identity verification, agreement signing and storage, and audit trail capture.

This guide will assist you in:

  • Determining your agreement automation requirement
  • Deciding which stakeholders to involve in the RFP process
  • Developing RFP questions (14 pages of sample RFP questions provided)
  • Evaluating options for implementation

Download your copy of OneSpan\'s guide now.


If you\'re interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.

grahamcluley.png 2018-11-30 12:35:03 Marriott warns of hack. 500 million Starwood hotel guests\' personal data could be exposed. (lien direct)
Sheraton thumb

There\'s bad news if you\'re one of the 500 million hotel guests whose data was included on the Starwood guest reservation database.

grahamcluley.png 2018-11-29 14:27:01 US charges Iranian hackers for SamSam ransomware attacks (lien direct)
US charges Iranian hackers for SamSam ransomware attacks

Authorities in the United States have charged two people in connection with a series of notorious ransomware attacks.

Read more in my article on the Tripwire State of Security blog.

grahamcluley.png 2018-11-29 14:23:00 Dell suffers security breach, reset customer passwords (but didn\'t tell customers why until now) (lien direct)
Dell thumb

Dell has revealed that earlier this month it discovered that hackers had breached its security and were attempting to access customer details - including names, email addresses, and hashed passwords.

grahamcluley.png 2018-11-29 12:04:05 Smashing Security #106: Google Maps, Fed phishing, and Grinch bots (lien direct)
Smashing Security #106: Google Maps, Fed phishing, and Grinch bots

How are scammers stealing your money through Google Maps? Why did the FBI create a fake FedEx website? And how are US senators hoping to stop Grinch bots ruining Christmas?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

And don\'t miss our special bonus interview about passwords with Rachael Stockton of LastPass.

grahamcluley.png 2018-11-28 16:53:01 Germany proposes security guidelines for routers, but not everybody is happy (lien direct)
Germany proposes security guidelines for routers, but not everybody is happy

The German government has published draft guidelines on how it believes broadband routers should be secured. But some people think more could be done.

Read more in my article on the Bitdefender Box blog.

grahamcluley.png 2018-11-28 16:49:05 School district fails to reclaim $120,000 wired by bank to scammer (lien direct)
School district fails to reclaim $120,000 wired by bank to scammer

A school district in Indiana which had $120,000 transferred from its bank account after its email account was hacked, has failed in an attempt to reclaim the cash.

Read more in my article on the Hot for Security blog.

grahamcluley.png 2018-11-27 14:01:02 More details on One Planet York app vulnerability don\'t paint council in a good light (lien direct)
More details on One Planet York app vulnerability doesn't paint council in a good light

New information has come to light which makes it more difficult to defend York city council\'s actions and communications in response to being told about a vulnerability in its One Planet York app.

grahamcluley.png 2018-11-27 12:33:04 When the FBI rather than the fraudsters make the fake FedEx website (lien direct)
When the FBI rather than the fraudsters make the fake FedEx website

Fraudsters beware! The Feds are prepared to use your own tricks against you.

grahamcluley.png 2018-11-26 23:41:00 Did UK city council over-react to a vulnerability report in its recycling app or not? (lien direct)
York city council over-reacts to a vulnerability report in its recycling app

Some in the computer security community feel that the council over-reacted by reporting the incident to the police.

I\'m not so sure.

grahamcluley.png 2018-11-22 13:58:05 SIM swap! Man charged after million dollar cryptocurrency theft (lien direct)
SIM swap! Man charged after million dollar cryptocurrency theft

Prosecutors believe 21-year-old Manhattan resident Nicholas Truglia targeted the cellphones of Silicon Valley executives in “SIM-swapping” attacks.

Read more in my article on the Tripwire State of Security blog.

grahamcluley.png 2018-11-22 00:22:05 Smashing Security #105: Facebook, Nietzsche, Tesla, and Nicole (lien direct)
Smashing Security #105: Facebook, Nietzsche, Tesla, and Nicole

Tesla takes customer service a step too far, is it a romantic gesture or stalking when you email 246 women called Nicole, and Carole finds herself in a Facebook dilemma.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Jessica Barker.

grahamcluley.png 2018-11-21 15:29:02 Amazon warns customers it leaked their names and email addresses (lien direct)
Amazon thumb

What aren\'t you telling us Amazon, and why?

grahamcluley.png 2018-11-21 14:52:01 High Tail Hall data breach exposes over 400,000 furry fans (lien direct)
High Tail Hall data breach exposes over 400,000 furry fans

An online fantasy role-playing game where participants can dress up as buxom furry animals has had its user database leaked onto the internet.

grahamcluley.png 2018-11-21 13:53:01 Hackers target critical WordPress plugin flaw to install backdoors and create admin accounts (lien direct)
Hackers target critical WordPress plugin flaw to install backdoors and create admin accounts

A recently discovered vulnerability in a popular WordPress plugin is being actively exploited in attacks by hackers attempting to install backdoors on websites, inject custom code, and grant themselves admin rights.

Read more in my article on the Hot for Security blog.

grahamcluley.png 2018-11-20 13:13:04 Two friends jailed for TalkTalk hack plot (lien direct)
Two friends jailed for TalkTalk hack plot

Judge describes men connected to TalkTalk hack as “individuals of extraordinary talent.” Sigh…

Read more in my article on the Hot for Security blog.

grahamcluley.png 2018-11-19 21:31:00 Unlock the power of threat intelligence with this practical guide. Get your free copy now (lien direct)
Unlock the power of threat intelligence with this practical guide. Get your free copy now

Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support!

At Recorded Future, we believe every security team can benefit from threat intelligence. That\'s why we\'ve published “The Threat Intelligence Handbook.”

It\'s aimed at helping security professionals realize the advantages of threat intelligence by offering practical steps for applying threat intelligence in any organization.

Download your free copy now.

About Recorded Future

Recorded Future delivers the only complete threat intelligence solution powered by patented machine learning to lower risk. We empower organizations to reveal unknown threats before they impact business, and enable teams to respond to alerts 10 times faster. To supercharge the efforts of security teams, our technology automatically collects and analyzes intelligence from technical, open web, and dark web sources and aggregates customer-proprietary data. Recorded Future delivers more context than threat feeds, updates in real time so intelligence stays relevant, and centralizes information ready for human analysis, collaboration, and integration with security technologies. 91 percent of the Fortune 100 use Recorded Future.


If you\'re interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21

Information mise à jours le: 2019-01-19 06:03:28
Voir la liste des sources.

Mon email:

Vous souhaitez ne rien manquer: Notre RSS (filtré) Twitter