Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2017-06-08 13:49:16 |
Smashing Security #024: Reality Winner, Gordon Ramsay and a leaky bucket (lien direct) |
In this latest edition of the "Smashing Security" podcast, the team are joined by Ian Whalley to discuss NSA leaks, the secret yellow dots on your printouts, careless cloud security and Gordon Ramsay's entanglement with hackers.
|
|
|
|
|
2017-06-08 12:01:53 |
What\'s the difference between first- and third-party cookies? (lien direct) |
David Bisson explains the difference between the different types of cookie.
|
|
|
|
|
2017-06-07 20:24:29 |
Annoying Android app demands admin rights to display ads (lien direct) |
An annoying Android app asks a user to grant it administrator rights in order to display ads that lead to potential drive-by downloads.
David Bisson reports.
|
Guideline
|
|
|
|
2017-06-07 10:12:45 |
See a real attack on a virtual network in this free webinar by Nehemiah Security (lien direct) |
Graham Cluley Security News is sponsored this week by the folks at Nehemiah Security. Thanks to the great team there for their support!
Nehemiah Security operates throughout an enterprises' network to make security operations - and the business - run better.
Security teams struggle to quantify the protection levels of their networks, endpoints and data assets. Nehemiah Security's AtomicEye RQ (Risk Quantifier) provides organizations with a security scorecard as well as actionable suggestions on how to better resist a vast range of cyberattacks.
Watch the free webinar to see AtomicEye RQ:
Virtualize a complex environment
Prepare an experiment using real exploits
Launch the attack
Quantify the results
Can you justify your security spend?
See how AtomicEye RQ can help you measure security risks in both cyber and financial terms, then calculate the benefits of specific changes - before you invest to implement them.
If you're interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.
|
|
|
|
|
2017-06-07 09:48:49 |
UK cops arrest man picked out by automatic facial recognition software (lien direct) |
In our pursuit of greater security, we must not throw away our fundamental human rights for privacy.
|
|
|
|
|
2017-06-06 21:43:36 |
How The Intercept might have helped unmasked Reality Winner to the NSA (lien direct) |
The Intercept might have unwittingly helped unmask Reality Winner, a government contractor who allegedly leaked a NSA document about Russian hacking to the news outlet.
David Bisson reports.
|
|
|
|
|
2017-06-06 09:39:17 |
British Airways blames IT meltdown on human error (lien direct) |
Big companies like British Airways have a variety of safety nets in place. Should one system fail, then it should be easy to switch over to another.
So how did things go so badly wrong?
|
|
|
|
|
2017-06-06 07:57:34 |
QakBot trojan triggers Active Directory lockouts while seeking to drain bank accounts (lien direct) |
QakBot (also known as PinkSlip) relies on exploit kits and spam campaigns to target unsuspecting webmail users.
David Bisson reports.
|
|
|
|
|
2017-06-05 13:41:16 |
Don\'t let politicians use the excuse of murderous assholes to scapegoat the internet (lien direct) |
In the wake of terrorist attacks in the UK, politicians are beating a familiar drum: it's the internet's fault.
|
|
|
|
|
2017-06-05 08:36:52 |
(Déjà vu) Bid farewell to your browsing data in the stock Android browsers - for better privacy (lien direct) |
David Bisson explains how users of the stock Android brower can clear their caches, browsing history, and cookies for better privacy.
|
|
|
|
|
2017-06-02 18:13:36 |
Fireball malware\'s flames infect a quarter of a BILLION computers (lien direct) |
A new family of malware called Fireball has infected more than 250 million computers worldwide thanks to some crafty monetizing.
David Bisson reports.
|
|
|
|
|
2017-06-02 11:00:37 |
Watch this webinar to learn about email security threats (lien direct) |
Email security matters. Check out this free webinar where I discuss the threats.
|
|
|
|
|
2017-06-02 10:39:26 |
US defense contractor secures Amazon S3 bucket after leaving sensitive data publicly exposed (lien direct) |
A defense contractor has secured an Amazon S3 bucket containing sensitive intelligence data after accidentally leaving it publicly exposed.
David Bisson reports.
|
|
|
|
|
2017-06-01 08:09:22 |
Windows XP \'did not contribute much\' to WannaCry infection totals (lien direct) |
Even in the absence of encrypted files, no one wants a Blue Screen of Death.
David Bisson reports.
|
|
Wannacry
|
|
|
2017-06-01 08:05:29 |
Free Invisible Mobile App Security white paper from VASCO (lien direct) |
Graham Cluley Security News is sponsored this week by the folks at VASCO. Thanks to the great team there for their support!
Mobile apps are hard to secure because they are often written with no built-in security. Delivering secure mobile apps requires invisible technologies, which assesses the integrity of the mobile app, and behaviometrics, which accurately authenticates users by the unique way they interact with their device. The net result is a more secure and frictionless mobile transaction experience.
More than 10,000 customers in 100 countries rely on VASCO to secure access, manage identities, verify transactions, simplify document signing and protect high value assets and systems.
Download VASCO's 10-page white paper to learn how to:
Use Layered Protection Techniques
Identify & Block Malware Attacks in Real-Time
Integrate Biometric Authentication
Fortify the authentication chain from app through device
Secure the mobile app with invisible security
Interested in learning more? Download VASCO's white paper about Invisible Security Technologies and Behaviometrics now.
If you're interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.
|
|
|
|
|
2017-05-31 23:13:16 |
Smashing Security #023: Covfefe (lien direct) |
In this latest edition of the "Smashing Security" podcast, the team are joined by John Hawes to discuss bare naked blackmail, the British Airways IT catastrophe, and Facebook fines.
Check it out, and subscribe to the show on iTunes!
|
|
|
|
|
2017-05-31 12:50:19 |
Cosmetic surgery hacked. Nude photos and data exposed on the dark web, as hackers blackmail patients (lien direct) |
A chain of cosmetic surgery clinics in Lithuania has been hacked, and fallen victim to cold-hearted extortionists who have no qualms about blackmailing both the business and its customers.
Read more in my article on the Hot for Security blog.
|
|
|
|
|
2017-05-31 08:18:37 |
(Déjà vu) How to remove all your cookies, cached data, and browsing history from Opera (lien direct) |
David Bisson explains how Opera users can clear their caches, browsing history, and cookies for better privacy.
|
|
|
|
|
2017-05-30 15:52:00 |
Surprise! Extortionists have no qualms about claiming they \'hacked\' your business (lien direct) |
No one likes to have their company hacked.
But imagine how much more galling it would be to give in to the hackers' blackmail threats and pay a ransom for the movie not to be leaked online, only to discover later that the extortionists never had a copy of the film in the first place?
Read more in my article on the Hot for Security blog.
|
|
|
|
|
2017-05-30 13:35:52 |
Judy malware campaign victimized as many as 36.5 million Android users (lien direct) |
A malware campaign on Google Play has victimized as many as 36.5 million Android users with adware known as "Judy."
David Bisson reports.
|
|
|
|
|
2017-05-30 11:48:01 |
Get hacked, and watch your company\'s share price plummet (lien direct) |
A new report has explored the impact of data breaches on a company's reputation and share value, and come up with some interesting conclusions.
Read more in my article on the Bitdefender Business Insights blog.
|
|
|
|
|
2017-05-30 10:36:38 |
How to get away with hacking the Department of Homeland Security (lien direct) |
But more and more organisations are actually welcoming attempts to test their security, in the hope that vulnerabilities will be reported to them responsibly before a malicious hacker exploits a weakness to inflict damage.
Read more in my article on the Tripwire State of Security blog.
|
|
|
|
|
2017-05-28 18:02:01 |
Android \'design shortcomings\' allow for Cloak and Dagger series of attacks (lien direct) |
A series of "vulnerabilities and design shortcomings" in the Android user interface sets the stage for a new class of attacks called "Cloak and Dagger."
David Bisson reports.
|
|
|
|
|
2017-05-25 22:38:27 |
Samba users urged to patch 7-year-old remote code execution flaw ASAP (lien direct) |
Samba network filesystem administrators are being urged to patch a seven-year-old remote execution vulnerability as soon as possible.
David Bisson reports.
|
|
|
|
|
2017-05-25 08:36:59 |
Yup, the Android app store is full of useless, unwanted anti-WannaCry apps (lien direct) |
Apps claiming to protect Android users against WannaCry ransomware are popping up on Google Play, but all of them are a bunch of hogwash.
David Bisson reports.
|
|
Wannacry
|
|
|
2017-05-25 00:07:24 |
Smashing Security #022: Walk this way... to defeat biometrics (lien direct) |
In this latest edition of the "Smashing Security" podcast, the team are joined by Paul Ducklin to discuss bizarre biometrics, Mac malware, emails sent to the Bank of England, Jane Austen and The Bangles.
Check it out, and subscribe to the show on iTunes!
|
|
|
|
|
2017-05-24 17:23:56 |
Europol busts 27 burglars for Black box-based ATM logic attacks (lien direct) |
Europol has arrested 27 members of an international conspiracy that sought to commit ATM "Black box" attacks across Europe and parts of Scandinavia.
David Bisson reports.
|
|
|
|
|
2017-05-24 17:16:53 |
EU security body calls for a security trust mark for IoT devices (lien direct) |
For all the excitement and buzz around the Internet of Things, spurred on by connected gadgets being sold in great numbers both online and on the high street, there is no denying that it has a serious problem.
Read more in my article on the Bitdefender Box blog.
|
|
|
|
|
2017-05-23 16:54:08 |
Tencent users beware! There\'s a mobile ransomware coming after you (lien direct) |
Customers of Tencent, China's biggest technology company, need to be on the lookout for ransomware attackers who would love nothing more than to infect their Android devices.
David Bisson reports.
|
|
|
|
|
2017-05-23 11:08:47 |
Ashley Madison claims to be gaining 500,000 new members each month (lien direct) |
If their numbers are to believed, half a million braindead bozos are signing up for the Ashley Madison website each month.
If their numbers are to be believed.
|
|
|
|
|
2017-05-23 09:51:31 |
(Déjà vu) How to remove all your cookies, cached data, and browsing history from Safari (lien direct) |
David Bisson explains how Safari users can clear their caches, browsing history, and cookies for better privacy.
|
|
|
|
|
2017-05-23 06:23:20 |
US politicians think companies should be allowed to \'hack back\' after WannaCry (lien direct) |
ACDC bill would give green light for firms to launch counterattacks against hackers. But is that really a good idea?
|
|
Wannacry
|
|
|
2017-05-22 13:40:31 |
North Korea denies link to WannaCry ransomware attack (lien direct) |
Some security researchers have found similarities between WannaCry and malware previously written by a hacking group linked to North Korea.
Read more in my article on the Hot for Security blog.
|
|
Wannacry
|
|
|
2017-05-22 10:39:29 |
Rogues reset \'passwords\', steal W-2 info from Equifax subsidiary customer employees (lien direct) |
Computer criminals reset the "passwords" and stole W-2 tax information from customer employees of an Equifax subsidiary over the past year.
David Bisson reports.
|
|
Equifax
|
|
|
2017-05-19 10:01:36 |
Companies keeping Bitcoin on hand in case of ransomware attacks (lien direct) |
Companies are stockpiling Bitcoin just in case they suffer a ransomware attack and need to quickly regain access to their data.
David Bisson reports.
|
|
|
|
|
2017-05-19 08:47:06 |
New NIST guidelines banish periodic password changes (lien direct) |
New draft guidelines have been issued by NIST are recommending that users should not be forced to periodically change their passwords.
Guest contributor Bob Covello reports.
|
|
|
|
|
2017-05-19 08:27:32 |
How to delete your browser history in Microsoft Edge, block cookies, and increase your privacy (lien direct) |
To help protect your online privacy and get the most out of your web browsing sessions, David Bisson explains how you can delete your web browsing data in Microsoft Edge.
|
|
|
|
|
2017-05-18 09:01:35 |
Zomato hacked! Database of 17 million users stolen (lien direct) |
Restaurant search website Zomato has announced that it has suffered a major security breach, resulting in the theft of a user database containing 17 million users' names, email addresses and passwords.
Read more in my article on the Tripwire State of Security blog.
|
|
|
|
|
2017-05-18 06:08:35 |
Smashing Security #21: WannaCry - Who\'s to blame? (lien direct) |
The WannaCry ransomware predictably dominates the discussion in our podcast this week, but that's not the only security story that caught our eye.
Computer security veterans Graham Cluley and Carole Theriault are joined on the podcast this week by special guest Paul Baccas.
|
|
Wannacry
|
★★★★
|
|
2017-05-17 13:27:37 |
New Pirates of the Caribbean movie leaked online after hackers fail to extort money (lien direct) |
Hackers leaked the newest "Pirates of the Caribbean"movie online after Disney refused to meet the attackers' demands.
David Bisson reports.
|
|
|
|
|
2017-05-17 10:17:26 |
Edmodo confirms hackers breached its education platform, stole user data and hashed passwords (lien direct) |
Details of 77 million students, teachers and parents are thought to have leaked on the web.
|
|
|
|
|
2017-05-17 06:30:11 |
Cryptocurrency-mining malware has been using WannaCry\'s NSA exploit for weeks (lien direct) |
A cryptocurrency-mining malware began exploiting a leaked NSA vulnerability several weeks before WannaCry sank its teeth into it.
David Bisson reports.
|
|
Wannacry
|
|
|
2017-05-16 17:49:47 |
DocuSign admits hackers accessed its customer email database, sent out malware (lien direct) |
Digital signature service DocuSign has discovered that hackers managed to breach its systems, grab customers' email addresses, and send them malware.
Read more in my article on the Hot for Security blog.
|
|
|
|
|
2017-05-16 09:52:23 |
(Déjà vu) How to delete cookies, clear your cache, and wipe your history in Internet Explorer (lien direct) |
David Bisson explains how Internet Explorer users can clear their caches, browsing history, and cookies for better privacy.
|
|
|
|
|
2017-05-15 19:11:40 |
50 Google Play apps found containing info-stealing adware (lien direct) |
An adware family that comes equipped with an information-stealing component hid itself within at least 50 apps available for download on Google's Play Store.
David Bisson reports.
|
|
|
★★★
|
|
2017-05-15 17:12:08 |
Microsoft: WannaCry outbreak reveals why governments shouldn\'t hoard vulnerabilities (lien direct) |
The NSA built the exploit which was used by the WannaCry ransomware to spread. But the NSA only told Microsoft because hackers had stolen the details from them.
Understandably, Microsoft is less than impressed...
David Bisson reports.
|
|
Wannacry
|
★★
|
|
2017-05-12 21:21:02 |
Hacking your boss after being caught faking your overtime? That\'ll be a $300,000 fine please (lien direct) |
A security officer is facing a hefty fine for having hacked his former employer after the company caught him manipulating his work time records.
David Bisson reports.
|
|
|
★★★★
|
|
2017-05-12 19:26:48 |
US intelligence chiefs don\'t trust Kaspersky. But why? (lien direct) |
The chiefs of the United States's intelligence agencies have publicly stated that they wouldn't feel comfortable running Kaspersky anti-virus software on their computers.
Would be nice if they explained why...
|
|
|
|
|
2017-05-12 17:54:08 |
WannaCry ransomware hits systems worldwide (lien direct) |
The WannaCry ransomware is hitting organisations around the world - including the UK's National Health Service - assisted by a vulnerability that the NSA chose to keep secret from MIcrosoft.
|
|
Wannacry
|
|
|
2017-05-11 13:52:04 |
Reports claim US will ban laptops in all cabins of flights from Europe (lien direct) |
Tough luck if you're taking an expensive laptop with you on a trip from Europe to the States, and wouldn't dream of checking it into the airplane's hold.
You might have to stay at home.
|
|
|
|