Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2016-11-11 12:54:45 |
Capgemini sloppily leaks data of 780,000 Michael Page job seekers to anyone on the internet (lien direct) |
International recruitment agency Michael Page is contacting hundreds of thousands of job seekers, warning them that their personal information was exposed on a publicly accessible web server.
|
|
|
|
|
2016-11-10 12:37:17 |
Brand new TalkTalk customer is targeted by phone scammer (lien direct) |
How *did* scammers know that a brand new TalkTalk customer was experiencing a technical problem?
Or did they just get lucky?
|
|
|
|
|
2016-11-10 10:24:01 |
Some Yahoo staff knew in 2014 that it had been hacked (lien direct) |
Yahoo has admitted that some of its staff knew back in 2014 that its systems had been breached by hackers.
|
|
Yahoo
|
|
|
2016-11-09 19:56:46 |
Fake pharmacy sites gets crafty with modified goodbye messages (lien direct) |
Fake pharmaceutical web services are always looking for new methods to trick unsuspecting users. And now they're displaying marketing messages when users try to close their browser tab.
David Bisson reports.
|
|
|
|
|
2016-11-09 13:12:40 |
Locky ransomware disguises itself as account suspensions and suspicious movements (lien direct) |
One of the golden rules of computer security for the last twenty-or-so years has been to be extremely cautious of unsolicited emails. Yet, the same old tricks are still being used to successfully spread ransomware.
Read more in my article on the Hot for Security blog.
|
|
|
|
|
2016-11-09 03:11:23 |
Microsoft has patched the zero-day security hole disclosed by Google (lien direct) |
This Patch Tuesday update includes a fix for the vulnerability that Google engineers controversially chose to make public last week.
|
|
|
|
|
2016-11-09 02:27:36 |
Update now! Bug means large PAC files can crash Android phones (lien direct) |
A security hole allows attackers to crash Android phones and force them to soft-reboot.
David Bisson reports.
|
|
|
|
|
2016-11-08 16:04:55 |
Android\'s security update for November 2016 - good news and bad moos (lien direct) |
Has your smartphone or tablet been protected yet against the Dirty COW vulnerability?
|
|
|
|
|
2016-11-08 12:09:46 |
Insecure IoT gear can help hackers turn your phone into a GPS tracker (lien direct) |
A hacker could exploit a series of vulnerabilities in Belkin home automation gear to turn your Android phone into a secret GPS tracker.
David Bisson reports.
|
|
|
|
|
2016-11-08 11:38:46 |
VASCO white paper: Why RASP technology is critical for modern app security (lien direct) |
Graham Cluley Security News is sponsored this week by the folks at VASCO Data Security. Thanks to the great team there for their support!
More than 10,000 customers in 100 countries rely on VASCO to secure access, manage identities, verify transactions, simplify document signing and protect high value assets and systems.
In a new white paper VASCO explains how RASP - Runtime Application Self-Protection - makes your business applications more secure and reliable, while managing the increased risks of rising mobile app use amidst increasingly sophisticated malware.
RASP strengthens mobile app security - effectively neutralizing potential threats, and proactively securing businesses in ways that other security tools can't easily deliver.
In the white paper you'll learn more about integrated application security solutions, including:
How RASP bridges the divide between infrastructure and app server owners
Which intrusions RASP can detect and prevent
How natively integrated RASP technology strengthens mobile apps
Why applications secured with RASP result in a lower cost, higher benefit ratio
Interested in learning more? Download VASCO's white paper: RASP Technology is Critical for Modern App Security.
If you're interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.
|
|
|
|
|
2016-11-07 14:19:39 |
Applied for a job at Cisco? Your personal data and passwords could have been stolen (lien direct) |
An incorrect setting could make the difference between your website being insecure, or wide open for hackers to steal massive amounts of your users' personal data.
Read more in my article on the Hot for Security blog.
|
|
|
|
|
2016-11-07 14:13:56 |
Need to review 650,000 emails in eight days? Easy with a computer (lien direct) |
Here's a wake-up call for anyone who hasn't heard that technology can do things a heck of a lot quicker than humans shuffling paper.
|
|
|
|
|
2016-11-07 10:54:19 |
20,000 Tesco Bank accounts raided by hackers, money stolen (lien direct) |
Tesco Bank customers are likely to have their confidence rattled after it is confirmed that tens of thousands of accounts were raided by hackers this weekend.
|
|
|
|
|
2016-11-06 23:45:23 |
Did the Mirai botnet knock Liberia offline? Not so much (lien direct) |
A story spread like wildfire across the world's media claiming that the small West African country of Liberia had been blasted off the internet by a massive DDoS attack.
But don't be too quick to believe everything you read in the papers...
|
|
|
|
|
2016-11-06 22:52:49 |
Election-themed spam spikes as U.S. presidential race comes to an end (lien direct) |
Election-themed spam has picked up considerably as the United States' 2016 presidential election enters the home stretch.
David Bisson reports.
|
|
|
|
|
2016-11-03 14:42:32 |
Browser hanging? Don\'t call that support number! It\'s a scam! (lien direct) |
An annoying browser-locking bug is being exploited by tech support scammers to trick unsuspecting users into phoning them up.
David Bisson reports.
|
|
|
|
|
2016-11-02 15:16:32 |
Services slowly resume after malware strikes UK hospitals (lien direct) |
Services at a number of UK hospitals are slowly beginning to resume after a computer virus infected the electronic systems of their managing health care trust.
David Bisson reports.
|
|
|
|
|
2016-11-01 22:44:29 |
Microsoft says you\'ll have to wait another week for critical Windows zero-day patch (lien direct) |
The Russian-linked Fancy Bear group (also known as Strontium, APT28, Sednit or Sofacy) have been linked to targeted attacks.
|
|
APT 28
|
|
|
2016-11-01 15:55:38 |
Beware! This Android banking trojan intercepts SMS messages and bypasses 2SV (lien direct) |
A type of Android banking trojan capable of intercepting SMS messages is currently targeting at least 50 major banking organizations worldwide.
David Bisson reports.
|
|
|
|
|
2016-11-01 14:28:20 |
\'Good\' anti-Mirai worm is pulled from Github following backlash (lien direct) |
An anti-worm worm, designed to clean-up the Internet of insecure Things, has had its code pulled from Github.
Which is probably a good thing.
|
|
|
|
|
2016-11-01 12:06:32 |
Microsoft: Google has put our customers at potential risk (lien direct) |
Google shares details of unpatched zero-day vulnerability in Windows, just ten days after telling Microsoft about it.
|
|
|
|
|
2016-10-31 21:52:09 |
Hacker busted after laundering money using his own email and IP address (lien direct) |
If only more online criminals were as dumb as this...
David Bisson reports.
|
|
|
|
|
2016-10-31 14:26:18 |
Could a \'good worm\' save the Internet of Things from the Mirai botnet? (lien direct) |
Researcher Leo Linsky calls his creation an "anti-worm worm (or nematode)".
I call it a potential breach of computer crime legislation.
Read more in my article on the Hot for Security blog.
|
|
|
|
|
2016-10-31 12:59:57 |
This is the email that hacked Hillary Clinton\'s campaign chief (lien direct) |
The truth is that the breach of John Podesta's email did not require sophisticated hacking skills. It just depended on the right combination of human error and carelessness.
Read more in my article on the Hot for Security blog.
|
|
|
★★★★★
|
|
2016-10-30 08:28:17 |
As the clocks go back, UK Apple users targeted by smishing campaign (lien direct) |
As Brits slept, the phishing gangs were up to their old tricks - spamming out SMS messages purporting to be warnings from Apple that our Apple IDs were due to expire today, and that we should act quickly.
|
|
|
|
|
2016-10-28 23:11:58 |
Australian Red Cross apologizes for largest Aussie data breach to date (lien direct) |
The Australian Red Cross Blood Service has apologized for the country's largest data breach to date.
David Bisson reports.
|
|
|
|
|
2016-10-28 09:48:13 |
Nude celebrity photo hacker sentenced to 18 months in prison (lien direct) |
At least 50 celebrity Apple iCloud accounts and 72 Gmail inboxes were broken into by 36-year old Ryan Collins, whose victims included Jennifer Lawrence, Kirsten Dunst, Avril Lavigne, Kate Hudson, and Rihanna.
Read more in my article on the We Live Security blog.
|
|
|
|
|
2016-10-28 08:56:22 |
Researchers exploit unencrypted radio to hack wireless mice, keyboards (lien direct) |
Researchers have demonstrated that an attacker can hack unencrypted radio communication to seize control of many leading wireless keyboards and mice.
David Bisson reports.
|
Guideline
|
|
|
|
2016-10-28 00:29:48 |
Scare tactics! Tech support scam claims your hard drive will be deleted (lien direct) |
Scammers are trying to frighten their victims into phoning them up, claiming that their hard drive is only minutes away from being wiped.
David Bisson reports.
|
|
|
|
|
2016-10-27 09:50:27 |
Conspiracy or cockup? Google hid ProtonMail\'s encrypted email service in search results (lien direct) |
Did Google deliberately downrank encrypted email service ProtonMail in its search results?
The jury is out...
|
|
|
|
|
2016-10-26 23:16:44 |
Patch Flash now (lien direct) |
Shock - horror!
There's another critical security exploit in Adobe Flash, and it is being exploited in targeted attacks.
Update Flash now or... you know... kick it to the kerb.
|
|
|
|
|
2016-10-26 22:36:27 |
Blue screen of death with a support number? Beware the malware scam (lien direct) |
In the old days tech support scammers called you up on the phone, trying to dupe you into believing your Windows PC had malware on it.. Now they trick you into calling them...
David Bisson reports.
|
|
|
|
|
2016-10-26 06:50:50 |
No, the Jester didn\'t hack the Russian Foreign Ministry website (lien direct) |
Don't be fooled by The Jester. He didn't hack the Russian Foreign Ministry's website but instead used tried-and-trusted techniques to make it *look* that way.
|
|
|
|
|
2016-10-25 20:55:16 |
This modded phone helps you secretly cheat at Poker (lien direct) |
You can purchase a specially-modified smartphone online that uses infrared light to spot cards and helps you cheat at gambling.
David Bisson reports.
|
|
|
|
|
2016-10-25 10:10:30 |
VASCO white paper- Strong authentication to solve your everyday banking problems (lien direct) |
Graham Cluley Security News is sponsored this week by the folks at VASCO Data Security. Thanks to the great team there for their support!
Experts argue that e-banking authentication has become so stagnant since the 2005 Guidance that it is no longer considered "cool" or innovative. Tokens, key fobs, mobile tokens, SMS codes, phone calls certainly did their job confirming a customer's identity and combating cyber-attacks for many years. What has changed since 2005?
We want you to pause for a moment and take a fresh look at how strong authentication can serve banks in areas you never thought of using it for. Can strong authentication help achieve a much needed convenience, security, and cost savings beyond online banking login?
Discover nine innovative use cases from VASCO that will help you visualize how application security, multi-factor authentication, and fraud prevention solutions can play out to create a secure and frictionless user experience.
Download this executive summary by American Banker and VASCO to learn more about:
Authentication across all channels
Convenient retail mobile banking
Cardless ATM
Bank card PIN issuance and mailers
Call center and IVR authentication
ACH batch payments
Functionality vs security in commercial mobile banking app
Cross-channel authentication for commercial banking
Branch employee and device authentication
Interested in learning more? Download VASCO's white paper on how to Innovate with Strong Authentication to Solve your Everyday Banking Problems.
If you're interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.
|
|
|
|
|
2016-10-24 21:04:12 |
A boobytrapped JPEG could infect your iPhone. Upgrade to iOS 10.1 now (lien direct) |
iOS 10.1 is out, and it includes a number of serious security patches - including one designed to protect you from malicious code hiding inside a boobytrapped JPEG image file.
|
|
|
|
|
2016-10-24 14:21:50 |
For rent: An IoT botnet to take down much of the internet (lien direct) |
Want to hire 100,000 IoT devices to launch a massive denial-of-service attack? That will cost just $7,500.
Read more in my article on the Hot for Security blog.
|
|
|
|
|
2016-10-24 14:14:14 |
Post-Mirai, how to better protect your IoT devices (lien direct) |
The Mirai Internet of Things botnet is making its unpleasant presence felt.
Yasin Soliman reports on how you should defend your IoT devices.
|
|
|
|
|
2016-10-24 09:51:40 |
PayPal\'s 2FA proves too easy to bypass (lien direct) |
A worrying failure in how PayPal had implemented its two-factor authentication security feature has been uncovered.
|
|
|
|
|
2016-10-24 09:09:12 |
How to delete your Yahoo account (lien direct) |
Thinking of deleting your Yahoo account? Here are the steps, and things you should consider first...
David Bisson reports.
|
|
Yahoo
|
|
|
2016-10-23 21:01:19 |
Data breach at Weebly affects 43 million users (lien direct) |
A data breach at free website builder Weebly has compromised the personal information of over 43 million users.
And has Foursquare suffered a data breach of 22.5 million of its users or not?
David Bisson reports.
|
|
|
|
|
2016-10-21 13:58:38 |
DDoS attack against DNS provider knocks major sites offline (lien direct) |
Web users are struggling to reach some of the world's most well-known websites - including Twitter, Spotify, Github, Reddit and AirBnB - after the managed DNS service they use, Dyn, was hit by a massive DDoS attack.
Read more in my article on the Hot for Security blog.
|
|
|
|
|
2016-10-20 21:59:04 |
Dirty COW Linux vulnerability - what you need to know (lien direct) |
A newly discovered vulnerability in virtually all versions of the Linux operating system has been discovered.
|
|
|
|
|
2016-10-20 15:29:27 |
What\'s that noise? The sound of attackers logging your keystrokes via Skype (lien direct) |
Perhaps users would be wise never to type out sensitive information like passwords when they're on a Skype call.
David Bisson reports.
|
|
|
|
|
2016-10-19 17:34:58 |
Who cut off Julian Assange\'s internet access? Ecuador, accusing him of interfering in US election (lien direct) |
Ecuador has said it pulled the plug on Julian Assange's web access out of concern that he was using WikiLeaks to influence the U.S. presidential election.
David Bisson reports.
|
|
|
|
|
2016-10-19 13:35:42 |
Many Sierra Wireless devices compromised by Mirai botnet, warns US government (lien direct) |
DDoS malware is infecting cellular gateways warns the Department of Homeland Security.
Read more in my article on the Hot for Security blog.
|
|
|
|
|
2016-10-18 21:12:59 |
Cops serve warrant to enter property, demand everyone\'s fingerprints to unlock phone (lien direct) |
Law enforcement served a modified search warrant that allowed agents to collect the thumbprints and fingerprints of everyone at the premises, in order to unlock a smartphone.
David Bisson reports.
|
|
|
|
|
2016-10-18 08:10:49 |
GCHQ broke the law for 17 years... spying on UK citizens (lien direct) |
For more than 17 years British security and intelligence agencies broke the law, illegally collecting vast amounts of data about UK citizens without proper oversight.
|
|
|
|
|
2016-10-18 08:05:23 |
ATM explosive attacks up 80 percent. Take cover! (lien direct) |
ATM explosive attacks increased by as much as 80 percent in the first half of 2016, reveals a new report.
David Bisson reports.
|
|
|
|
|
2016-10-17 16:24:38 |
To make it easier, we\'ve published the password on front of our magazine... (lien direct) |
What's the point of a password, if it's published on the front cover of a magazine?
|
|
|
|