What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-01-19 08:29:27 | Scottish environmental agency still struggling after Christmas Eve ransomware attack (lien direct) | The Scottish Environment Protection Agency (SEPA) has confirmed that it is continuing to respond to an ongoing ransomware attack that has encrypted files, disrupted systems and seen 1.2 GB of data stolen by cybercriminals. Read more in my article on the Hot for Security blog. | Ransomware | ||
|
2021-01-18 22:58:57 | Swanky Wentworth golf club hacked, details of 4000 members stolen in ransomware attack (lien direct) | Members of one of England's most exclusive golf clubs has warned its 4000 members that their personal details may have fallen into the hands of hackers following a ransomware attack. | Ransomware | ||
|
2021-01-18 16:43:31 | Cryptocurrency scammers hijack verified accounts once again, jumping on Elon Musk\'s Twitter threads (lien direct) | Hackers are still making hay hijacking the accounts of verified celebrity users to promote cryptocurrency scams. | |||
|
2021-01-14 14:47:01 | Cybercriminals are bypassing multi-factor authentication to access organisation\'s cloud services (lien direct) | The US Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to companies to better protect their cloud-based accounts after several recent successful attacks. Read more in my article on the Tripwire State of Security blog. | |||
|
2021-01-14 10:48:21 | Orca Security public cloud security report reveals how most large cloud breaches happen (lien direct) | Graham Cluley Security News is sponsored this week by the folks at Orca Security. Thanks to the great team there for their support! You're probably familiar with the shared responsibility model. The basic idea is that public cloud providers such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) keep their platforms … Continue reading "Orca Security public cloud security report reveals how most large cloud breaches happen" | |||
|
2021-01-14 10:33:46 | Smashing Security podcast #210: DC rioters ID\'d, Energydots, and ransomware gets you in a pickle (lien direct) | Penile penal problems, identifying rioters in Washington DC, and can a sticker protect you from radiation? All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner. And don't miss our featured interview with CrowdSec's Philippe Humeau. | Ransomware | ||
|
2021-01-13 20:17:59 | Microsoft patches anti-virus bug that allowed boobytrapped files to run malicious code when scanned (lien direct) | Microsoft has patched a security vulnerability that was - ironically - exploiting usage of the company's own Windows security product, Microsoft Defender Antivirus. | Vulnerability | ||
|
2021-01-12 12:19:21 | Ubiquiti users told to change their passwords following security breach (lien direct) | IoT device vendor Ubiquiti has told customers that they should change their passwords after a security breach left user details exposed. Read more in my article on the Hot for Security blog. | |||
|
2021-01-11 23:28:01 | Russia-linked postcard was “sent to FireEye\'s CEO after cybersecurity firm uncovered hack” (lien direct) | The CEO of FireEye, the cybersecurity company hacked by a state-sponsored attack, received a postcard at his home mocking any claims that Russia might have been responsible. | |||
|
2021-01-11 22:39:03 | Donald Trump\'s presidency ended today, claims altered US State Department website (lien direct) | The biographies of outgoing US President Donald Trump and his Vice President Mike Pence were mysteriously changed on the official US State Department website at some point on Monday. Visitors to www.state.gov were unable to view facts about the country's top politicians, as somebody appeared to have mysteriously wiped them - only to be replace them with a solitary line detailing the end of their term. | |||
|
2021-01-11 12:07:14 | Ransomware gangs scavenge for sensitive data by targeting top executives (lien direct) | In their attempt to extort as much money as quickly as possible out of companies, ransomware gang know some effective techniques to get the full attention of a firm's management team. And one of them is to specifically target the sensitive information stored on the computers used by a company's top executives, in the hope of finding valuable data that can best pressure bosses into approving the payment of a sizeable ransom. Read more in my article on the Tripwire State of Security blog. | Ransomware | ||
|
2021-01-07 17:56:49 | (Déjà vu) Data stolen from Hackney Council posted on dark web by ransomware gang (lien direct) | The cybercrime gang behind the PYSA ransomware has released files which they claim to have stolen from the London borough council of Hackney during an attack last year. | Ransomware | ||
|
2021-01-06 15:54:10 | Ill-conceived Donald Trump sex video malware attack attempts to install RAT on Windows PCs (lien direct) | Have you been emailed a file claiming to be video evidence of a Donald Trump sex scandal? Don't click! | Malware | ||
|
2021-01-06 12:45:15 | Ransomware today: What\'s new and how to protect your organization – a free webinar (lien direct) | Please join me on Tuesday 12 January, for a live webinar where I will be discussing ransomware, with the lovely folks from Cloudian. | |||
|
2021-01-06 12:21:43 | (Déjà vu) Elite security intelligence at zero cost – use Recorded Future Express! (lien direct) | Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! Recorded Future empowers your organization, revealing unknown threats before they impact your business, and helping your teams respond to alerts 10 times faster. How does it do this? By automatically collecting and … Continue reading "Elite security intelligence at zero cost – use Recorded Future Express!" | |||
|
2021-01-05 18:16:51 | One month after ransomware attack, Metro Vancouver\'s transit system still not up to speed (lien direct) | TransLink, Metro Vancouver's public transportation agency, has warned its staff that hackers accessed their personal bank account details and other information. The warning came in an internal email to workers approximately one month after Translink was struck by the Egregor ransomware and passengers had their journeys disrupted. Read more in my article on the Hot for Security blog. | Ransomware | ||
|
2021-01-05 13:09:45 | T-Mobile suffers its fourth hack in less than three years – still “takes the security of your information very seriously” (lien direct) | T-Mobile says that its security team recently discovered that hackers had managed to access information related to T-Mobile accounts. And it's not the first time... | Hack | ||
|
2021-01-01 13:05:51 | Ticketmaster fined $10 million after hack of business rival (lien direct) | The US Department of Justice has announced that Ticketmaster has been fined $10 million for repeatedly accessing a competitor's computer systems in order to gain a commercial advantage. | Hack | ||
|
2020-12-23 15:14:19 | Police bring down “bulletproof” VPN services beloved by cybercriminals (lien direct) | The FBI, working with law enforcement agencies across Europe, have seized three web domains and the server infrastructure used by a VPN service to allegedly help cybercriminals compromise networks around the world, and evade detect by police. Read more in my article on the Hot for Security blog. | |||
|
2020-12-22 16:24:09 | UK cryptocurrency exchange EXMO suffers breach, funds stolen (lien direct) | EXMO says that it is the latest in a longer line of cryptocurrency exchanges to have suffered at the hands of hackers, having spotted suspicious activity in the early hours of yesterday morning, where client's accounts were accessed and large amounts withdrawn. | |||
|
2020-12-21 15:53:22 | Hacker publishes stolen email and mailing addresses of 270,000 Ledger cryptocurrency wallet users (lien direct) | The details of Ledger hardware wallet customers provide a golden opportunity for criminals to scam the unwary. Read more in my article on the Hot for Security blog. | |||
|
2020-12-21 15:52:44 | Business and enterprise anti-virus products put through a long-term test – which performed the best? (lien direct) | Many thanks to the great folks at AV-Comparatives, who have sponsored my writing for the past week. Anti-malware testing lab AV-Comparatives carries out independent intensive tests of security software, and has just published its long-term test report into the performance of business and enterprise endpoint security products, taking a close look 19 products designed to … Continue reading "Business and enterprise anti-virus products put through a long-term test – which performed the best?" | |||
|
2020-12-18 14:15:36 | Ransomware attackers are making threatening phone calls to their victims, warns FBI (lien direct) | It's scary to receive a ransom demand from a cybercriminal, but I would argue it's even more frightening to receive a threatening phone call from your attackers if you refuse to pay. Read more in my article on the Hot for Security blog. | |||
|
2020-12-17 11:00:07 | Smashing Security podcast #209: Vengeful ex-staff, bad Santas, and iOS app nutrition facts (lien direct) | Watch out for Santas wearing hoodies! A rogue employee takes down WebEx for thousands of people, and Apple forces apps to show a privacy health warning. All this and much much more is discussed in the final episode of the "Smashing Security" podcast for 2020, with computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis. | |||
|
2020-12-15 12:47:40 | Cruise line operator Hurtigruten crippled in ransomware attack (lien direct) | Norwegian shipping and cruise line Hurtigruten has revealed it is the latest maritime firm to suffer at the hands of cybercriminals, following a crippling ransomware attack that it sustained leaving its systems down around the world. Read more in my article on the Hot for Security blog. | Ransomware | ||
|
2020-12-15 11:09:07 | Up to 18,000 SolarWinds customers installed poisoned update that could allow state-sponsored attack (lien direct) | The United States Department of Commerce, Treasury, State Department, National Institutes of Health, Homeland Security, and Pentagon have had their networks compromised in what appears to have been a massive supply-chain attack on American government systems. | |||
|
2020-12-14 20:09:51 | House purchases in Hackney fall through following cyber attack against council (lien direct) | They say buying a house is one of the most stressful things that you might experience in your life (along with getting divorced, or dealing with the death of a loved one). So you probably don't want ransomware throwing a spanner in the works if you're planning a house move. | Ransomware | ||
|
2020-12-14 15:07:17 | You\'re invited to the “Smashing Security” Christmas party! (lien direct) | Following the popularity of the YouTube livestream we did to celebrate 200 episodes of the “Smashing Security” podcast a couple of months ago, Carole Theriault and I have made the bold and some would say foolhardy decision to hold a live Christmas party this Thursday (December 17th). And you are invited! | |||
|
2020-12-11 12:24:14 | (Déjà vu) These free tools from Recorded Future can make you a security intelligence expert (lien direct) | Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! There has never been a better time than 2020 to be a cybercriminal. From extortion ransomware to cyberespionage campaigns, malicious hackers are capitalizing on uncertainty, causing chaos, and cashing in. The best … Continue reading "These free tools from Recorded Future can make you a security intelligence expert" | Ransomware | ||
|
2020-12-11 11:23:57 | After police raid on COVID-19 whistleblower, it\'s revealed password was publicly posted on Florida Department of Health\'s website (lien direct) | The same username and password was shared with all employees... and the entire internet. | |||
|
2020-12-10 15:10:11 | Goodbye to Flash – if you\'re still running it, uninstall Flash Player now (lien direct) | It's time to say a final “Goodbye” to Flash. (Or should that be “Good riddance”?) With earlier this week seeing the final scheduled release of Flash Player, Adobe has confirmed that it will no longer be supporting the software after December 31 2020, and will actively block Flash content from running inside Flash Player from January 12 2021. Read more in my article on the Tripwire State of Security blog. | ★★★ | ||
|
2020-12-10 12:45:15 | Smashing Security podcast #208: Hidden treasure, COVID tracker trauma, and happy holidays with IoT (lien direct) | Was hidden treasure found with help from a hack? What security lessons can be learnt from a controversial police raid in Florida? And are you ready for safer online get-togethers this Christmas? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Anna Brading. | |||
|
2020-12-09 00:10:55 | FireEye hacked. “State-sponsored attackers” blamed as Red Team tools stolen. Here\'s what you need to know (lien direct) | Cybersecurity firm FireEye has admitted that it has fallen foul of hackers, who stole secret tools used by the company to test the security of its customers. | |||
|
2020-12-08 12:53:00 | Foxconn hit with record-breaking $34 million ransom demand after cyber attack (lien direct) | The world's largest electronics manufacturer, Foxconn, has suffered a cyber attack and extortionists are reportedly demanding a $34 million ransom be paid for the recovery of its data. Read more in my article on the Hot for Security blog. | |||
|
2020-12-07 18:14:33 | Recruitment giant Randstad hit by ransomware, sensitive data stolen (lien direct) | One of the world’s leading recruitment agencies has found itself the victim of ransomware. In a statement published on Thursday last week, Randstad said that it had “recently become aware of malicious activity” on its network. That “malicious activity” was the Egregor ransomware, and although Randstad says that its operations have not been compromised by … Continue reading "Recruitment giant Randstad hit by ransomware, sensitive data stolen" | Guideline | ||
|
2020-12-07 17:36:43 | Israel shaken by data leak after ransomware attack at Shirbit insurance company (lien direct) | A hacking gang calling itself Black Shadow has demanded a giant insurance firm pay a US $3.8 million ransom after encrypting and stealing sensitive data and documents about its clients. Customers of the victim, Israel's Shirbit insurance company, have been advised to consider obtaining new identity cards and driving licenses due to the risk of identity theft after the hackers released a third wave of stolen data this past weekend. | Ransomware | ||
|
2020-12-07 13:45:12 | Australia Post isn\'t smoking meth, despite what its website may have said (lien direct) | This weekend visitors to the Australia Post website may have seen a somewhat eyebrow-raising message. For where the site normally displays "Latest news", it was instead suggesting that postal workers were trying out a new technique for coping with the Christmas rush: "We're smoking meth." | |||
|
2020-12-05 23:04:03 | Food bank loses nearly $1,000,000 in Business Email Compromise scam (lien direct) | A food bank in Philadelphia has ended up out of pocket after scammers successfully tricked it out of almost one million dollars. | |||
|
2020-12-04 11:56:37 | Metro Vancouver TransLink hit by Egregor ransomware attack, travellers disrupted (lien direct) | Passengers on Vancouver's transit system were unable to use their credit and debit cards for ticket payments after the service was badly hit by a ransomware attack. TransLink, the public transport operator in Vancouver, Canada, first indicated its IT systems were suffering problems on 1 December, when it said it was "investigating an issue." That "issue" turned out to be the Egregor ransomware, which hijacked TransLink's printers and spewed out a ransom note. Read more in my article on the Hot for Security blog. | Ransomware | ||
|
2020-12-03 12:56:36 | (Déjà vu) FBI warns of hackers abusing email forwarding rules in recent attacks (lien direct) | ||||
|
2020-12-03 10:29:58 | Smashing Security podcast #207: Cyber biowarfare, giant ladybugs, and strippers (lien direct) | Fears are raised about cyber bioterrorists, there's a widespread blackout for IoT devices caused by a cloud cock-up, and what role do strippers play in a revamp of the United States's computer crime laws? All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley. | |||
|
2020-12-02 16:26:10 | Mac users warned of more Ocean Lotus malware targeted attacks (lien direct) | Security researchers have warned of the latest incarnation of a backdoor trojan horse that has been used in the past to target Mac users. If you're a Mac user, I really hope you're running anti-virus software. | Malware | APT 32 | |
|
2020-11-30 13:32:50 | Conti ransomware attack demands $14 million from industrial IoT firm Advantech (lien direct) | The world's largest maker of industrial computers, Taiwan's Advantech, has reportedly been hit by a ransomware attack - with cybercriminals demanding a ransom worth approximately US $14 million for a decryption key, and to prevent the public leaking of stolen data. Read more in my article on the Hot for Security blog. | Ransomware | ||
|
2020-11-27 14:16:21 | (Déjà vu) You too can be a security intelligence expert, with these free tools from Recorded Future (lien direct) | Many thanks to the great folks at Recorded Future, who have sponsored my writing for the past week. If 2020 taught the security industry anything, it is this: There has never been a better time to be a cybercriminal. From extortion ransomware to cyberespionage campaigns, adversaries are capitalizing on uncertainty, causing chaos, and cashing in. … Continue reading "You too can be a security intelligence expert, with these free tools from Recorded Future" | Ransomware | ||
|
2020-11-27 11:32:30 | Fertility patients\' sensitive personal information stolen during ransomware attack (lien direct) | Fertility clinics across the United States have been struck by a ransomware attack that has not only encrypted networks, but also stolen patients' sensitive personal and medical information. Read more in my article on the Hot for Security blog. | Ransomware | ||
|
2020-11-26 15:34:29 | Suspected BEC scammers arrested in Nigeria following year-long Interpol investigation (lien direct) | Three men have been arrested in Nigeria, suspected of being members of an organised cybercrime gang that has targeted over 500,000 government agencies and private sector companies around the world. Read more in my article on the Tripwire State of Security blog. | |||
|
2020-11-26 11:02:55 | Smashing Security podcast #206: Robo dogs, deepfakes and dirty deceptions with Tim Harford (lien direct) | Author and broadcaster Tim Harford joins us as we discuss the merits of robotic canine security guards, deepfakes, and the curious tale of an art forgery. All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault. And don’t miss … Continue reading "Smashing Security podcast #206: Robo dogs, deepfakes and dirty deceptions with Tim Harford" | |||
|
2020-11-26 10:37:43 | Sophos security breach exposes customer support records (lien direct) | Security firm Sophos is contacting "a small subset" of its customers warning that their details have been exposed following a breach in security. | |||
|
2020-11-24 11:43:44 | Fake Minecraft mods installed on over one million Android devices (lien direct) | If you or your kids are fans of Minecraft then take care before installing apps that modify the immensely popular game. Security researchers say that they have discovered over 20 fake 'modpack' apps that are actually designed to bombard users with adverts in such an intrusive and aggressive fashion that using the phone becomes virtually impossible. | |||
|
2020-11-23 21:03:14 | Manchester United versus a “sophisticated” cyber attack (lien direct) | Last Friday, the day before it was scheduled to play a football match against West Bromwich Albion, Manchester United revealed that it had fallen victim to a cyber attack. What Manchester United chose not to do is give any details of the “cyber attack” it had suffered. |
To see everything:
Our RSS (filtrered)
