What's new arround internet

Src Date (GMT) Titre Description Tags Stories Notes
grahamcluley.png 2019-09-19 23:36:53 15,000 private webcams left open to snooping, no password required (lien direct)

Once again concerns are being raised about the sorry state of IoT security, after a security researcher discovered over 15,000 private webcams that have been left wide open for anyone with an internet connection to spy upon.

Read more in my article on the Bitdefender BOX blog.

grahamcluley.png 2019-09-18 23:04:47 Smashing Security 146: Password secrets and baking brownies (lien direct)

In the latest edition of the “Smashing Security” podcast, hosted by computer security veterans Graham Cluley and Carole Theriault, Carole has suffered an injury, we journey back in time to one of our earliest episodes to discuss the perils of passwords, and Rachael Stockton from LastPass drops by for a chat.

grahamcluley.png 2019-09-18 11:13:39 How to get away with hacking a US satellite (lien direct)

The US Air Force wants to know if you can hijack control of an orbiting satellite and turn its camera from staring at Earth to point at the moon instead.

Read more in my article on the Hot for Security blog.

grahamcluley.png 2019-09-17 14:19:04 Medical images and details of 24.3 million patients left exposed on the internet (lien direct)

Researchers discover that confidential images of X-rays, CT and MRI scans related to millions of patients has been left unprotected on hundreds of servers used by health providers worldwide.

grahamcluley.png 2019-09-17 12:21:21 Police raids after data on most of Ecuador\'s citizens leaks online (lien direct)

If you’re a citizen of Ecuador, chances are that you’ve had your personal and financial information exposed after an ElasticSearch server was left unsecured.

Victims even include Wikileaks founder Julian Assange…

grahamcluley.png 2019-09-17 08:08:04 LastPass users automatically updated to fix security vulnerability in browser extension (lien direct)

Popular password manager LastPass says that it has fixed a vulnerability in its Chrome and Opera browser extensions that could have potentially seen an attacker steal the username and password previously filled-in by the software.

Vulnerability
grahamcluley.png 2019-09-11 23:21:03 Smashing Security #145: Apple and Google willy wave while home assistants spy – DoH! (lien direct)

Apple’s furious with Google over iPhone hacking attacks against Uyghur Muslims in China, DNS-over-HTTPS is good for privacy but makes ISPs angry, and concern over digital assistants listening to our private moments continues to rise.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by journalist John Leyden.

grahamcluley.png 2019-09-11 14:21:00 Toyota parts supplier loses $37 million in email scam (lien direct)

Toyota Boshoku, a seating and interiors supplier for Toyota cars, has revealed that it was tricked into moving a large amount of money into a bank account controlled by scammers.

Read more in my article on the Tripwire State of Security blog.

grahamcluley.png 2019-09-11 13:10:02 Operation reWired: 281 suspected email scammers arrested around the world (lien direct)

Law enforcement agencies around the world have arrested a total of 281 people suspected of being behind a spate of Business Email Compromise (BEC) scams that have stolen millions of dollars from businesses and individuals.

grahamcluley.png 2019-09-09 14:59:00 Wikipedia and World of Warcraft Classic targeted by DDoS attacks (lien direct)

Uou can imagine the pain that was caused to pub quiz cheats and students writing essays this weekend when crowd-sourced internet encyclopedia Wikipedia, one of the world’s most popular websites, was hit by a distributed denial-of-service attack.

Read more in my article on the Hot for Security blog.

grahamcluley.png 2019-09-09 09:54:01 Hackers who hit Texas with ransomware attack demanded $2.5 million, got nothing (lien direct)

Although it may have cost Texas more to recover from the ransomware attack than paying the ransom, in the long term a refusal to pay extortionists will help to discourage future attacks.

Ransomware
grahamcluley.png 2019-09-05 13:18:05 Hundreds of millions of Facebook users\' phone numbers found lying around on the internet (lien direct)

A security researcher stumbled across an exposed server on the internet, containing a total of more than 419 million records related to Facebook users.

No password protection was in place – meaning the treasure trove of phone numbers was available to literally anybody with an internet connection.

Read more in my article on the Tripwire State of Security blog.

grahamcluley.png 2019-09-05 09:54:01 Smashing Security #144: Google helps the FBI, Twitter Jack\'s hijack, and car data woes (lien direct)

Should Google really be helping the FBI with a bank robbery? What’s the story behind the Twitter CEO claiming there’s a bomb in their offices? And how much does your car really know about you?

And we mourn the loss of Doctor Who legend Terrance Dicks…

grahamcluley.png 2019-09-04 22:11:03 Twitter disables tweeting via SMS (temporarily at least), in wake of Jack Dorsey account hijack (lien direct)

In the wake of the CEO of Twitter having his account hijacked the site has disabled the option to tweet via SMS.

grahamcluley.png 2019-09-04 13:46:04 CEO voice deepfake blamed for scam that stole $243,000 (lien direct)

A company is said to have lost €220,000 (approximately $243,000) after receiving a phone call from a boss requesting the money be transferred into a supplier’s bank account.

But it wasn’t the real boss on the phone…

Read more in my article on the Hot for Security blog.

grahamcluley.png 2019-09-04 13:39:00 Chinese tech firm Huawei says it was hacked by the United States (lien direct)

The Chinese technology giant says the United States has launched hacking attacks against its intranet and internal network.

But attributing a cyber attack to a particular party is notoriously difficult. It would certainly be just as fascinating to see Huawei’s reasons why it believes the USA hacked it, as to see what evidence the United States has against Huawei.

grahamcluley.png 2019-09-04 10:05:04 Earn $2.5 million if you find a remote zero-day exploit for Android (lien direct)

A vulnerability broker is offering up to $2.5 million for zero-day remote exploits which would allow attackers to infect a remote Android smartphone with malware, with no user interaction required. But who will they then sell exploits to?

Vulnerability
grahamcluley.png 2019-09-03 12:38:04 Join me for a webinar about making cybersecurity relevant in modern day culture (lien direct)

Next week, on Thursday 12th September 2019 at 3pm UK (that’s 10am EST), I’ll be participating in a webinar hosted by The Register alongside MetaCompliance’s Robert O\'Brien – and I’d love it if you joined in!

grahamcluley.png 2019-09-02 15:20:01 About the Twitter CEO \'@jack hack\' (lien direct)

Twitter co-founder Jack Dorsey had his account hijacked, after his mobile phone provider allowed someone else to seize his number.

grahamcluley.png 2019-08-30 15:08:03 Google\'s bug bounty bid to make big Android apps more secure (lien direct)

Google’s bug bounty has been expanded to not only covers the firm’s own products, but additionally all apps in the official Google Play store which have had 100 million or more installs.

Read more in my article on the Hot for Security blog.

grahamcluley.png 2019-08-30 11:01:05 Hear Graham Cluley speak at “Conversations from the Vault” in London (lien direct)

You may already be going to be there without realising it, as the event is happening at the same place as IDC\'s Identity & Privacy Conference.

grahamcluley.png 2019-08-30 09:00:02 The top reason businesses make a cyber insurance claim – Business Email Compromise (lien direct)

AIG, one of the largest insurance companies in the world, has issued a report which reveals that there is a new leader in the list of top threats causing losses for businesses.

Read more in my article on the Bitdefender Business Insights blog.

grahamcluley.png 2019-08-29 14:32:03 Ex-Amazon worker – suspected of hacking Capital One – faces charges of breaching 30 other companies to mine cryptocurrency (lien direct)

Capital One isn’t the only organisation allegedly to have had its data breached by Paige Thompson, the former Amazon systems engineer.

Read more in my article on the Hot for Security blog.

grahamcluley.png 2019-08-29 06:37:02 Smashing Security #143: Hacking from outer space, Ukrainian cryptomining, and deepfaked Canadians (lien direct)

Was a cybercrime committed on the International Space Station? What on earth were Ukrainian scientists thinking when they plugged a nuclear power station into the internet? And someone has cloned Canadian clinical psychologist Jordan Peterson’s voice…

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast with Graham Cluley and Carole Theriault, joined this week by Mark Stockley.

grahamcluley.png 2019-08-27 07:30:05 Won a free iPhone? No, it\'s Calendar spam (lien direct)

An increasing number of people are reporting that their calendars are being bombarded with spam invitations. Here is how to stop them appearing in your Google calendar.

Spam
grahamcluley.png 2019-08-26 23:01:00 iOS 12.4.1 update fixes jailbreak vulnerability that Apple accidentally reintroduced (lien direct)

Apple has fixed the jailbreaking vulnerability in iOS that it previously unfixed.

Vulnerability
grahamcluley.png 2019-08-26 11:44:02 Company that was laughed off-stage sues Black Hat (lien direct)

The organisers of the Black Hat USA conference are being sued by Crown Sterling after its controversial sponsored talk in Las Vegas.

grahamcluley.png 2019-08-25 22:21:05 Hostinger resets passwords following security breach (lien direct)

Web hosting firm Hostinger has reset the passwords of all of its customers after it discovered hackers had breached its systems and accessed a database containing millions of records.

grahamcluley.png 2019-08-23 11:01:04 YouTube joins Facebook and Twitter, disabling accounts targeting Hong Kong protests (lien direct)

Good luck to the social media sites playing whack-a-mole as they try to police the activities of state-sponsored groups trying to influence the public’s opinion with co-ordinated campaigns. This isn’t going to be a problem that’s easy to fix.

grahamcluley.png 2019-08-22 10:14:05 Smashing Security #142: Mercedes secret sensors, smart cities, and ransomware runs riot (lien direct)

Darknet Diaries host Jack Rhysider joins us to discuss how cities in Texas are being hit by a wave of ransomware, how Mercedes Benz has installed a tracker in your car (but not for the reason you think), the security threats impacting smart cities, and a new feature coming to your Facebook app.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast, hosted by computer security veterans Graham Cluley and Carole Theriault.

Ransomware
grahamcluley.png 2019-08-20 12:26:00 D\'oh! Apple botches iOS update, leaves iPhones open to jailbreaking (lien direct)

For the first time in years, hackers have created a working exploit that can jailbreak the latest, fully-updated version of iOS.

And a goof by Apple has allowed them do it.

Read more in my article on the Hot for Security blog.

grahamcluley.png 2019-08-19 14:20:03 20 month prison sentence for British hacker who made fortune helping SIM-swap fraudsters (lien direct)

A teenage British hacker, who previously played a role in the infamous TalkTalk data breach, has been sentenced to 20 months in prison after pleading guilty to selling hacking services and stolen personal data for cryptocurrency.

Read more in my article on the Hot for Security blog.

grahamcluley.png 2019-08-16 09:48:05 European Central Bank confirms website hack and data breach (lien direct)

The European Central Bank (ECB), the central bank of the 19 European countries which have adopted the euro, has shut down a compromised website after it discovered that hackers had planted malware that stole information from newsletter subscribers.

Data Breach,Malware,Hack
grahamcluley.png 2019-08-15 15:07:03 “NULL” vanity plate hack to dodge parking tickets backfires to the tune of $12,000 (lien direct)

A US security researcher called Droogie thought he’d come up with the perfect wheeze to avoid being fined by the Department of Motor Vehicles (DMV) – he bought a personalised license plate which we believed would mess with the DMV’s database.

The name on Droogie’s vanity plate? “NULL”

Hack
grahamcluley.png 2019-08-15 10:04:04 Smashing Security #141: Black Hat and Bridezillas (lien direct)

Say cheese to ransomware on your camera! A sponsored speech at Black Hat causes uproar, and should you trust that Lightning cable you’re about to plug into your MacBook?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire’s Dave Bittner.

Ransomware
grahamcluley.png 2019-08-14 13:59:01 Microsoft warns of wormable vulnerabilities in Windows (lien direct)

Microsoft’s security team warns that the remote code execution vulnerabilities could be abused by malware to spread from computer to computer without requiring any user interaction. Patch your systems now!

Read more in my article on the Hot for Security blog.

Malware
grahamcluley.png 2019-08-13 19:41:03 Patch your internet-connected printer! Serious vulnerabilities discovered (lien direct)

Printers, just like any other IoT-enabled device, need to be secured, and updated with the latest firmware and patches to prevent a successful hacker attack.

Read more in my article on the Bitdefender BOX blog.

grahamcluley.png 2019-08-08 13:38:00 Cryptocurrency exchange Binance offers $290,000 bounty to unmask blackmailer (lien direct)

One of the world\'s largest cryptocurrency exchanges has revealed that it is being blackmailed to the tune of 300 Bitcoin (approximately US $3.5 million) by someone who is threatening to release some 10,000 sensitive photographs of its customers.

Read more in my article on the Tripwire State of Security blog.

grahamcluley.png 2019-08-08 08:54:02 Smashing Security #140: Love, PINs, and 8chan (lien direct)

Is the PIN you use for your bank card secure? How did one woman get duped into giving a romance scammer $200,000? And Cloudflare and other online services take aim at a vile corner of the internet…

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

grahamcluley.png 2019-08-07 16:53:04 AT&T workers bribed to install malware on company network and unlock iPhones (lien direct)

34-year-old Muhammad Fahd has been charged for his part in a criminal scheme that is said to have cost AT&T millions of dollars.

Read more in my article on the Hot for Security blog.

Malware
grahamcluley.png 2019-08-07 09:59:03 SWAPGS attack: The Spectre-like flaw affecting Intel CPUs (lien direct)

Security researchers at Bitdefender have discovered a way of exploiting a flaw in Intel chips that could be used to steal passwords and encryption keys.

grahamcluley.png 2019-08-06 14:10:04 You really should listen to the award-winning “Smashing Security” podcast (lien direct)

“Smashing Security” is a weekly podcast where I, Carole Theriault, and a special guest discuss some of the quirky stories from the last week’s cybersecurity news headlines, and anything else that takes our fancy.

grahamcluley.png 2019-08-06 12:18:00 500,000 Monzo banking customers told to change their PINs (lien direct)

Mobile-only bank Mozo has apologised for a gaffe which left the PINs of a subset of its customers exposed to its internal engineers.

grahamcluley.png 2019-08-05 13:41:00 GermanWiper isn\'t ransomware. It\'s worse than that (lien direct)

The tech press is full of stories about “a new ransomware strain” called GermanWiper, that has hit German businesses hard in the last week.

But the reality is that GermanWiper is much worse than ransomware.

Ransomware
grahamcluley.png 2019-08-05 09:47:02 Amazon now lets you opt-out of having humans review your Alexa conversations (lien direct)

Now it’s Amazon’s turn to respond to growing concerns about sensitive personal conversations recorded by digital home assistants are being reviewed by third-party contractors.

grahamcluley.png 2019-08-02 12:18:05 Apple\'s Siri contractors will no longer hear you having sex, making drug deals (lien direct)

Apple has decided to suspend what it calls Siri “grading” globally, while it conducts a “thorough review.”

grahamcluley.png 2019-08-02 11:59:04 Google contractors told to stop listening to conversations captured on your Home assistant… for now, in Europe at least (lien direct)

Google has agreed to temporarily stop listening to audio captured by its Google Home smart speaker across the European Union… after an investigation was started by German regulators.

grahamcluley.png 2019-08-01 14:51:02 Exposed internal database reveals vulnerable unpatched systems at Honda (lien direct)

Automotive giant Honda has shut down an exposed database that contained sensitive information about the security – specifically the weak points – of its internal network.

Read more in my article on the Tripwire State of Security blog.

grahamcluley.png 2019-08-01 10:09:05 Smashing Security #139: Capital One hacked, iMessage flaws, and anonymity my ass! (lien direct)

Capital One gets hacked, critical vulnerabilities are found in iMessage, and data anonymization may not be as good as we hope. But listen up, we also discuss the Legend of Zelda, a biography of tech giants, offer advice for escaping an angry moose, and are introduced to… Penelope?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast.

grahamcluley.png 2019-08-01 07:17:00 Fraudsters are trying to steal $8.7 million every single day through Business Email Compromise (lien direct)

Fraudsters are attempting to steal much more money through Business Email Compromise than previously believed.

Read more in my article on the Bitdefender Business Insights blog.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21

Information mise à jours le: 2019-09-22 08:07:45
Voir la liste des sources.

Mon email:

Vous souhaitez ne rien manquer: Notre RSS (filtré) Twitter