What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-11-23 17:54:21 | FBI warns of criminals spoofing its website domain names (lien direct) | The FBI is warning internet users to be on their guard against copycat websites that spoof FBI-related domain names. | |||
|
2020-11-20 15:51:07 | Robot vacuum cleaners can eavesdrop on your conversations, researchers reveal (lien direct) | Ingenious researchers were able to use data collected by a robot vacuum's LiDAR navigation sensors to record audio signals. Read more in my article on the Bitdefender BOX blog. | |||
|
2020-11-19 17:58:03 | Get the free Security Intelligence Handbook from Recorded Future (lien direct) | Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! Security intelligence is an outcomes-centric approach to reducing risk that fuses internal and external threat, security, and business insights across an entire organization. It easily scales up and down to match the … Continue reading "Get the free Security Intelligence Handbook from Recorded Future" | |||
|
2020-11-19 00:05:30 | Smashing Security podcast #205: Zoom password pinching and Parler problems (lien direct) | Watch out for a whole different type of shoulder-surfing, researchers uncover the CostaRicto hackers-for-hire gang, and we take a peek at who is behind Parler. All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Chris Cochran from the Hacker Valley Studio podcast. | |||
|
2020-11-18 22:35:50 | Reeling from ransomware attack, Managed.com takes took down its entire web hosting infrastructure (lien direct) | In the early hours of Monday morning, Managed.com - a major provider of managed web hosting solutions - discovered it was the victim of a co-ordinated ransomware attack. Such is the severity of the attack that Managed.com has taken client websites offline out of "an abundance of caution" as a $500,000 ransom is demanded by the attackers. | Ransomware | ||
|
2020-11-18 21:46:16 | Cryptocurrency exchange Liquid suffers security breach, user data exposed (lien direct) | Cryptocurrency exchange Liquid has revealed that it was hacked last week, after a malicious attacker managed to seize control of its DNS records, seized control of some internal email accounts, and gained access to the firm's document storage infrastructure. And, as a consequence, personal details of customers may now be in the hands of hackers. | ★★★★★ | ||
|
2020-11-18 10:58:45 | Hackers steal 46 million Animal Jam account records, dating back 10 years (lien direct) | WildWorks, the developer of Animal Jam, has confirmed that early last month a hacker broke into its systems and stole 46 million Animal Jam records. Read more in my article on the Hot for Security blog. | |||
|
2020-11-16 13:31:12 | Up to 350,000 people at risk after Capcom ransomware attack (lien direct) | The video game company's investigation into precisely how much data might have been exfiltrated from its network has been hampered by its servers being encrypted by the targeted ransomware attack, and access logs being deleted by the hackers. | Ransomware | ||
|
2020-11-13 10:26:36 | (Déjà vu) Free tools from Recorded Future that can make you a security intelligence expert (lien direct) | Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! There has never been a better time to be a cybercriminal. From extortion ransomware to cyberespionage campaigns, malicious hackers are capitalizing on uncertainty in 2020, causing chaos, and cashing in. The best … Continue reading "Free tools from Recorded Future that can make you a security intelligence expert" | Ransomware | ||
|
2020-11-12 14:36:53 | Microsoft says it\'s time for you to stop using SMS and voice calls for multi-factor authentication (lien direct) | Microsoft says you would be better off using a smartphone authentication app or hardware security key to generate your one-time-password instead. Read more in my article on the Hot for Security blog. | |||
|
2020-11-12 09:12:39 | Ransomware gang takes out Facebook ads to apply pressure on victim (lien direct) | At least one cybercrime gang appears to have found a new method to raise the pressure on those companies they are blackmailing. Read more in my article on the Hot for Security blog. | Ransomware | ||
|
2020-11-12 09:00:52 | Smashing Security podcast #204: Green buttons, Olympic attacks, and… an apology (lien direct) | There's been a cybersecurity goof in the wake of the US presidential elections, the US fingers the hackers responsible for disrupting the Winter Olympics in South Korea, and we take a long hard look at long hard legal mumbojumbo... All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Jack Rhysider from Darknet Diaries. | |||
|
2020-11-11 12:20:36 | Windows users told to patch now after active zero-day attacks disclosed by Google (lien direct) | A zero-day vulnerability that has been exploited in active attacks against users of Windows 7 and Windows 10 has been patched by Microsoft. | Vulnerability | ||
|
2020-11-09 22:42:04 | Millions of hotel guests worldwide have their private details exposed (lien direct) | A sloppy lack of security by a hotel reservation platform has left highly sensitive information about millions of people worldwide exposed. Security experts uncovered a misconfigured AWS S3 bucket containing over 10 million files, containing information about hotel guests dating as far back as 2013. | |||
|
2020-11-09 14:50:15 | Campari staggers to its feet following $15 million Ragnar Locker ransomware attack (lien direct) | Campari was targeted by hackers using the Ragnar Locker ransomware. According to some reports, the malware attack managed to encrypt data on 24 of the company's servers around the world, and the hackers responsible have demanded a cryptocurrency ransom worth $15 million. | Ransomware Malware | ||
|
2020-11-06 16:25:52 | Business VOIP phone systems are being hacked for profit worldwide. Is yours secure? (lien direct) | Security researchers have uncovered an organised gang of cybercriminals who are compromising the VOIP phone systems of over 1000 organisations worldwide. Check Point has identified a malicious campaign that has targeted a critical vulnerability in the Sangoma PBX open-source GUI, used to manage installations of Asterisk - the world's most popular VOIP phone system for businesses. Read more in my article on the Bitdefender Business Insights blog. | Vulnerability | ||
|
2020-11-05 15:47:27 | Following Ubisoft cyber attack, hackers claim to leak Watch Dogs: Legion code online (lien direct) | Ubisoft says that it is investigating media claims that the Egregor ransomware gang has published a 558 GB archive of the source code and resources of the video game Watch Dogs: Legion on file-sharing site networks. The Egregor group claims that it obtained the source code of the newest game in the Watch Dogs series, following a security breach of Ubisoft's internal servers. | Ransomware | ||
|
2020-11-05 10:20:09 | Smashing Security podcast #203: Testing times, naming names, and the bald truth about AI (lien direct) | Students are being spied on as they do online exams, how did a televised football match reveal the truth about artificial intelligence, and what on earth is the Canny Lumpsucker vulnerability? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Thom Langford from The Host Unknown podcast. Plus don't miss the second part of our featured interview with LastPass's Dalia Hamzeh. | LastPass | ||
|
2020-11-04 21:20:20 | (Déjà vu) You can be a security intelligence expert, with these free tools from Recorded Future (lien direct) | Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! If 2020 taught the security industry anything, it is this: There has never been a better time to be a cybercriminal. From extortion ransomware to cyberespionage campaigns, adversaries are capitalizing on uncertainty, … Continue reading "You can be a security intelligence expert, with these free tools from Recorded Future" | Ransomware | ||
|
2020-11-02 13:46:35 | Is Hunter Biden\'s laptop password really “Hunter02”? (lien direct) | Is it possible that somebody is having a joke at the media's expense, and has duped some non-tech savvy journalists into believing that the son of US Presidential candidate Joe Biden might have used a joke password like "hunter02"? | |||
|
2020-11-02 10:50:25 | Maze ransomware gang says it has quit the cybercrime business (lien direct) | A press release on the website of a notorious cybercrime gang, who stole data from organisations and demanded a ransom be paid for its safe return, says that it is closing down. The Maze gang not only encrypted files on corporate networks with their ransomware so they could no longer be accessed, they also exfiltrated the data from systems they infected and threatened to release it if a ransom was not paid. | Ransomware | ||
|
2020-10-30 13:53:13 | Marriott data breach fine slashed to £18.4 million by UK regulator (lien direct) | Marriott International has been fined £18.4 million (US $23.8 million) for its failure to adequately protect the personal records 339 million guests. The fine, imposed by UK data regulator, the Information Commissioner's Office (ICO), is a massive 81% less than the £99.2 million fine originally imposed upon the hotel group last year. Read more in my article on the Hot for Security blog. | Data Breach | ||
|
2020-10-30 13:46:12 | Japanese nuclear agency warns of cyber attack, turns off email systems (lien direct) | Japan's Nuclear Regulation Authority is asking people to contact it via phone or fax, as it is unable to receive emails from the outside world. The reason? It turned off its email following a suspected cyber attack. | |||
|
2020-10-29 22:33:33 | US hospitals warned of threat of imminent ransomware attack (lien direct) | US hospitals and healthcare providers have been warned that there is evidence of a credible and imminent threat that they will be targeted by ransomware. In an alert jointly released by the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS), the agencies reveal that it has "credible information of an increased and imminent cybercrime threat to US hospitals and healthcare providers." Read more in my article on the Bitdefender Business Insights blog. | Ransomware Threat | ||
|
2020-10-29 16:33:03 | Become a security intelligence expert, with these free tools from Recorded Future (lien direct) | Many thanks to the great folks at Recorded Future, who have sponsored my writing for the past week. If 2020 taught the security industry anything, it is this: There has never been a better time to be a cybercriminal. From extortion ransomware to cyberespionage campaigns, adversaries are capitalizing on uncertainty, causing chaos, and cashing in. … Continue reading "Become a security intelligence expert, with these free tools from Recorded Future" | Ransomware | ||
|
2020-10-29 12:00:03 | Smashing Security podcast #202: The Wu-Tang Clan are Among Us (lien direct) | Voting machines are under the microscope, scammers are posing as rap stars, and American politician AOC isn't the only one who's been getting into the Among Us game. All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by James Thomson. Plus don't miss the first part of our featured interview with LastPass's Dalia Hamzeh. | LastPass | ||
|
2020-10-28 09:46:42 | Donald Trump\'s website briefly defaced by cryptomining scammers (lien direct) | Donald Trump's official presidential re-election campaign website was briefly defaced by hackers last night. Visitors to the website donaldjtrump.com were not greeted with the normal calls for campaign contributions or offers of Trump-related merchandise, but instead a message which parodied the look of those typically used when the FBI seizes control of servers operated by cybercriminals. | |||
|
2020-10-27 15:46:57 | Finnish therapy clinic\'s CEO fired after despicable data breach and blackmail threats (lien direct) | A Finnish psychotherapy clinic has dismissed its CEO in the wake of a disastrous data breach which has seen patients' personal details, as well as notes of what has been discussed in confidential therapy sessions, exposed... and clients blackmailed. | Data Breach | ||
|
2020-10-27 13:55:10 | Amazon fires employee for leaking customer data (lien direct) | Multiple Amazon customers have turned to social media to describe how they have received a notification from the online retail giant that their email addresses have been leaked to an unnamed third party. Emails sent by Amazon to customers admit that a rogue employee unlawfully passed on users' personal email details to a third-party, violating the company's rules Read more in my article on the Hot for Security blog. | |||
|
2020-10-26 11:14:23 | Sopra Steria confirms it has been hit by new strain of Ryuk ransomware, will take weeks to return to normal operations (lien direct) | Sopra Steria confirms it has been hit by a new strain of the Ryuk ransomware, and that it will take weeks for its IT network to return to normal operation. | |||
|
2020-10-22 16:55:24 | Fake Instagram follower services slapped with lawsuit (lien direct) | Facebook has filed federal lawsuits against four individuals who it claims have been selling fake Instagram followers. Read more in my article on the Hot for Security blog. | |||
|
2020-10-22 15:04:42 | Donald Trump\'s Twitter password is “maga2020!”, and there\'s no 2FA, claims hacker (lien direct) | According to Dutch ethical hacker Victor Gevers, as recently as last week the US President's @realDonaldTrump account was protected by the incredibly-dumb password "maga2020!" and did not have two-factor authentication (2FA) enabled. | |||
|
2020-10-22 12:35:55 | Fort Bragg fails to keep a firm grip on its Twitter account, as it blames hacker for saucy tweets (lien direct) | The Twitter account of the Fort Bragg US military base was deleted last night, after what it claimed was a hack. But whether it really was hacked or not is up for debate. | |||
|
2020-10-22 11:51:20 | Over one million WordPress sites receive forced update to security plugin after severe vulnerability discovered (lien direct) | Loginizer, a popular plugin for protecting WordPress blogs from brute force attacks, has been found to contain its own severe vulnerabilities that could be exploited by hackers. The flaw opened up opportunities for cybercriminals to completely compromise WordPress sites. Read more in my article on the Tripwire State of Security blog. | Vulnerability | ||
|
2020-10-22 09:52:39 | Sopra Steria hit by cyber attack. IT services group suspected of falling victim to ransomware (lien direct) | European IT services group Sopra Steria has been hit by a cyber attack. Which would be unfortunate for any business at the best of times, but is possibly even more galling for a firm like Sopra Steria which has a specialist cybersecurity branch which claims to help customers “protect sensitive information, and prevent costly data breaches.” | Ransomware | ||
|
2020-10-22 00:51:01 | Smashing Security podcast #201: Robin Hood, Flippy, and the web ad bubble (lien direct) | The Darkside ransomware gang thinks it's a modern-day Robin Hood when it donates extorted Bitcoins to charity, the micro-targeted ad industry could pop like a bubble, and would you trust a burger-flipping robot? All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Tim Hwang. | Ransomware | ||
|
2020-10-21 11:39:57 | (Déjà vu) The Recorded Future Express browser extension – elite security intelligence for zero cost (lien direct) | Many thanks to the fab folks at Recorded Future, who are sponsoring my writing this week. Recorded Future empowers your organization, revealing unknown threats before they impact your business, and helping your teams respond to alerts 10 times faster. How does it do this? By automatically collecting and analyzing intelligence from technical, open web, and … Continue reading "The Recorded Future Express browser extension – elite security intelligence for zero cost" | ★★★ | ||
|
2020-10-19 13:26:35 | Albion Online gamers told to change passwords following forum hack (lien direct) | Sandbox Interactive, the developers of the free medieval fantasy video game Albion Online, have warned players that a hacker managed to break into its systems and gain access to its user database. Read more in my article on the Hot for Security blog. | Hack | ||
|
2020-10-19 11:48:23 | Google reveals the most powerful DDoS attack in history… albeit three years late (lien direct) | At the end of last week, Google slipped out a blog post that probably went under the radars of some folks. In it, they revealed that they had mitigated against the largest known distributed denial-of-service (DDoS) attack, when its infrastructure blocked a whopping 2.5 Tbps (Terabits per second) attack. | |||
|
2020-10-19 09:01:28 | Hackney Council can\'t pay housing benefit after cyber attack (lien direct) | The trials and tribulations of London's Hackney Council continue after it suffered a "serious cyber attack" last week. The real-life victims of a cyber attack are the thousands of innocent residents, some of whom may desperately need money in their pocket to pay their rent, living in fear of eviction and homelessness. | |||
|
2020-10-16 18:53:59 | Celebrating 200 episodes of the “Smashing Security” podcast (lien direct) | Carole and I have been producing a light-hearted look at the world of cybersecurity and privacy just about every week since December 2016. And this week, after millions of downloads, we released our 200th episode! We wanted to celebrate reaching that milestone, and thank the many many people who listen each week, by doing something special... and so last night we met up on YouTube for a livestream party. | |||
|
2020-10-16 16:55:26 | Having saved credit card details in plaintext since 2015, British Airways is fined £20 million (lien direct) | British Airways has been fined £20 million (US $26 million) following a data breach which saw its systems hacked and the personal and payment card information of 400,000 customers stolen. Read more in my article on the Hot for Security blog. | Data Breach | ||
|
2020-10-15 13:43:27 | Beware COVID-19 charity fraudsters, warns the FBI (lien direct) | From the as-if-you-didn't-have-enough-to-worry-about-in-2020 department, the FBI has warned that scammers are attempting to defraud the public by exploiting the COVID-19 pandemic. Read more in my article on the Hot for Security blog. | |||
|
2020-10-15 07:44:22 | (Déjà vu) Elite security intelligence for zero cost. Meet the Recorded Future Express browser extension (lien direct) | Many thanks to the great folks at Recorded Future, who are sponsoring my writing this week. Recorded Future empowers your organization, revealing unknown threats before they impact your business, and helping your teams respond to alerts 10 times faster. How does it do this? By automatically collecting and analyzing intelligence from technical, open web, and … Continue reading "Elite security intelligence for zero cost. Meet the Recorded Future Express browser extension" | ★★ | ||
|
2020-10-15 00:03:24 | Smashing Security podcast #200: Two flipping hundred (lien direct) | We're in celebratory mood as we celebrate our 200th episode, but there's still time to discuss Fatima the ballerina who the UK government wants to become a cybersecurity expert, why women are quitting the tech industry, and a smartwatch which might be putting your kids at risk. All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis. | |||
|
2020-10-14 22:12:11 | Hackney Council\'s cyber attack update is more interesting for what it doesn\'t say than what it does (lien direct) | Hackney Council in London is keeping surprisingly schtum about what is actually going on behind-the-scenes of its "serious cyber attack". | |||
|
2020-10-13 14:38:37 | Hackney hacked. Council hit by “serious cyber attack”, data breached (lien direct) | Hackney Council says it has suffered a "serious cyber attack," which has impacted many of its IT systems and services. The London borough council has informed UK regulators that data has been breached as a result of the attack, but it's not known if ransomware is to blame. | Ransomware | ||
|
2020-10-12 17:33:29 | Home security cams hacked in Singapore, and stolen footage sold on adult websites (lien direct) | Video clips stolen from more than 50,000 hacked cameras have been uploaded to pornographic websites, and X-rated footage sold to people prepared to pay a subscription fee of US $150. Read more in my article on the Bitdefender BOX blog. | |||
|
2020-10-12 15:31:14 | Android ransomware learns new tricks to lock devices (lien direct) | Microsoft security experts claim to have uncovered the latest trick being used by Android ransomware, subverting the operating system's built-in protection mechanisms to lock devices and hold them to ransom. | Ransomware | ||
|
2020-10-10 13:36:16 | Taking a screwdriver to unlock your IoT sex toy is nuts (lien direct) | The Bluetooth Qiui Cellmate attaches itself to a man's penis, allowing a remote partner to lock up your proverbials if they think you don't deserve to use them for a while. And with no umm.. manual over-ride, you could find your pickle in a right pickle if an unauthorised third-party exploits the flaws to lock the cage without your permission. Built from a mixture of polycarbonate and toughened steel, removal is non-trivial and might involve taking an angle grinder or bolt cutters to a delicate part of your anatomy. That's not when you want to find out that there is a security flaw in the sex toy's API that means anyone can hijack your cock lock. |
To see everything:
Our RSS (filtrered)
