What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-08-14 07:43:47 | Plymouth Passport Office\'s pitiful password privacy (lien direct) | If you're going to lean a flipchart against a window, you had better make sure you haven't scrawled any passwords on it first... | |||
|
2020-08-13 18:12:58 | Smashing Security podcast #191: We are on the bird (lien direct) | Can a video game help your company's staff choose stronger passwords? Why might satellite-based internet communications be bad for security? And what are the alternatives to TikTok? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner. | |||
|
2020-08-06 13:30:54 | A scam letter! Warn your vulnerable loved ones to be on their guard (lien direct) | The good news is that if scammers are having to use techniques like this to get in front of potential victims, anti-spam defences and user awareness about email scams must be better than ever. The bad news is that if such letters continue to be sent, someone somewhere obviously thinks scams like this can still make them a tidy profit. | |||
|
2020-08-06 10:21:59 | Porn-wielding Zoom bombers disrupt Twitter hack court hearing (lien direct) | Uh-oh… someone didn’t lock their Zoom meeting down properly. That’s probably particularly important when the person charged is an alleged hacker. | Hack | ||
|
2020-08-06 00:22:25 | Smashing Security podcast #190: Twitter hack arrests, email bad behaviour, and Fawkes vs facial recognition (lien direct) | Special guest Geoff White can’t resist using the podcast to promote his new book, “Crime Dot Com”, but other than that we also discuss the creepy (and apparently legal) way websites can find out your email and postal address even if you don’t give it to them, take a look at how the alleged Twitter hackers were identified, and learn about Fawkes – the technology fighting back at facial recognition. | Hack | ||
|
2020-07-31 08:12:26 | Twitter says a “phone spear phishing” attack helped hackers – what\'s that? (lien direct) | What’s a phone spear phishing attack? Twitter shares some more details related to its serious security breach earlier this month which saw celebrity accounts tweeting a cryptocurrency scam. | |||
|
2020-07-30 15:36:12 | Zoom bug meant attackers could brute force their way into password-protected meetings (lien direct) | Zoom has patched a security hole that could have allowed attackers to break their way into password-protected private calls. Read more in my article on the Hot for Security blog. | |||
|
2020-07-30 14:08:30 | Smashing Security podcast #189: DNA cock-up, Garmin hack, and virtual kidnappings (lien direct) | Why are students faking their own kidnappings? What’s the story behind Garmin’s ransomware attack? And a genetic genealogy website suffers a hack or two. All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Ray REDACTED. | Ransomware Hack | ||
|
2020-07-29 13:26:05 | Thousands of websites at risk from critical WordPress commenting plugin vulnerability (lien direct) | A critical vulnerability in a third-party comments plugin installed on over 70,000 websites running WordPress could allow hackers to execute malicious code remotely. If you’re using the wpDIscuz commenting plugin, make sure you’ve kept it up to date – or your website might be hijacked… or wiped. Read more in my article on the Hot for Security blog. | Vulnerability | ||
|
2020-07-29 10:55:31 | Hacker plays cat-and-mouse with the EBRD\'s Twitter account (lien direct) | The European Bank for Reconstruction and Development (EBRD) found itself very publicly tussling with a hacker on its Twitter account this morning. | |||
|
2020-07-28 14:54:06 | Business anti-virus products put to the test – which received the highest score? (lien direct) | If you want to find out how different business anti-virus products performed in the tests, and how the one that protects your business fared, check out the report right now. | |||
|
2020-07-28 13:35:42 | Bank of Ireland fined €1.66 million after being tricked by fraudster (lien direct) | One of Ireland’s largest banks, Bank of Ireland, has been fined almost €1.7 million after regulators discovered it had failed to inform financial regulators and the police after a fraudster tricked them into transferring funds from a client’s account. Read more in my article on the Hot for Security blog. | |||
|
2020-07-28 13:28:02 | Google blames algorithm for adding porn titles to train station search results (lien direct) | If you searched on Google for details of your nearest train station in parts of New York state, you might be in for a rude surprise. | |||
|
2020-07-27 17:19:32 | Garmin staggers back online after ransomware attack (lien direct) | Garmin’s online services are beginning to come back to life after it was hit badly by ransomware last week. But did it pay a ransom to its attackers or not? | Ransomware | ||
|
2020-07-27 13:35:07 | Over 1000 Twitter staff and contractors had access to internal tools that helped hackers hijack accounts (lien direct) | As Twitter and law enforcement agencies investigate the high profile attack against Twitter accounts, there is a clear lesson for other businesses to learn. Read more in my article on the Bitdefender Business Insights blog. | |||
|
2020-07-24 10:58:34 | Garmin knocked out by ransomware attack (lien direct) | Garmin, the wearable tech company famous for its GPS fitness trackers and activity smartwatches, is suffering a global outage – and ransomware appears to be to blame. | Ransomware | ||
|
2020-07-23 16:34:20 | A free iPhone from Apple? It\'s possible, but there are some catches (lien direct) | Who wouldn’t want the latest and greatest iPhone for free? Well, if you’re a security researcher then you might be able to get just that… | |||
|
2020-07-23 13:48:23 | Smashing Security podcast #188: Dinner with Elon Musk and Kris Jenner (lien direct) | Who stopped Twitter’s hackers from stealing more money? Why are Covid-19 researchers being told to ramp up their cybersecurity? How can you find out if your smartphone is infected with stalkerware? And who does Graham think he is turning down a celebrity dinner invite? Find out in the latest “Smashing Security” podcast, with special guest Lisa Forte. | |||
|
2020-07-23 11:44:52 | (Déjà vu) Politician amongst those who had their direct messages accessed during Twitter hack (lien direct) | More information has emerged related to last week's attack which saw a number of high profile Twitter accounts hijacked for the purposes of spreading a cryptocurrency scam, as it is revealed a far-right politician had his private messages accessed. Read more in my article on the Tripwire State of Security blog. | Hack | ||
|
2020-07-21 19:51:05 | Coinbase stopped scammers from stealing an extra $280,000 during Twitter hack (lien direct) | Maybe Coinbase should send Twitter an invoice, because it certainly sounds like their quick thinking helped prevent last week's hack from leaving a lot more Twitter users with empty wallets. Read more in my article on the Hot for Security blog. | Hack | ||
|
2020-07-21 13:14:11 | UK Government chose not to investigate if Russian hackers interfered in Brexit referendum, report reveals (lien direct) | No-one in Government knew if Russia had interfered in the EU vote, and they actively avoided any effort to ask questions to find out… | |||
|
2020-07-20 13:13:05 | Mitre, the creepy company checking your fingerprints on Facebook for the US Government (lien direct) | Cybercrime reporter Thomas Brewster has written a fascinating exposé of the activities of Mitre Corporation, which has taken on some eyebrow-raising projects for the US government. | |||
|
2020-07-20 10:09:20 | Career Notes podcast – Have to be able to communicate to everybody (lien direct) | The folks behind The Cyberwire podcast interviewed me for a new series of shows, looking at how people joined the cybersecurity industry. | |||
|
2020-07-17 13:55:07 | Insecure IoT devices could be banned and destroyed if they fail to meet UK security standards (lien direct) | IoT devices could be banned from sale and destroyed if they fail to meet basic security standards, according to proposals put forward by the UK Government. Read more in my article on the Bitdefender BOX blog. | |||
|
2020-07-16 21:53:43 | The Twitter hack: Why Elon Musk, Bill Gates, Jeff Bezos and others might have reason to be worried (lien direct) | The real worry of the Twitter hack is not the cryptocurrency scam that was spammed out, but that attackers might have accessed private messages sent and received by the rich and powerful. | Hack | ||
|
2020-07-16 11:15:14 | The Twitter mega-hack. What you need to know (lien direct) | Multiple Twitter accounts have been hacked as part of a Bitcoin scam, and it’s one of the biggest security disasters in Twitter’s history. Read more in my article on the Tripwire State of Security. | |||
|
2020-07-16 08:08:42 | Smashing Security podcast #187: Huawei ban, MGM hack, and a contact-tracing cock-up (lien direct) | Login chaos for the UK’s contact tracing service, our drill-down on the Britain’s Huawei 5G ban, MGM’s blockbuster breach, and how to pronounce “Gigabyte.” All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast with Graham Cluley and Carole Theriault, and special guest Maria Varmazis. | |||
|
2020-07-15 09:50:07 | “Secure in your thoughts” – malware memories and brain passwords in the Stroke of Genius podcast (lien direct) | I’m in the latest episode of the “Stroke of Genius” podcast, which looks at passwords and how researchers are exploring ways to use brain patterns as a way to unlock devices. I’m on hand to describe the workings of some notorious password-stealing malware, and also share some stories of how computer games helped me get a job in the cybersecurity industry. | Malware | ||
|
2020-07-13 15:51:49 | Man who lived luxury lifestyle after hacking LinkedIn and Dropbox is found guilty (lien direct) | Yevgeniy Nikulin lived the high life, funded by a life of cybercrime. Now he faces a significant prison sentence after stealing millions of user records from the likes of LinkedIn and Dropbox. | |||
|
2020-07-13 15:43:38 | Millions of LiveAuctioneers passwords offered for sale following data breach (lien direct) | Researchers claim to have found evidence that cybercriminals are offering for sale a database containing the personal details of 3.4 million users of an online art and antiques auction website, as well as three million cracked passwords. | Data Breach | ||
|
2020-07-11 21:44:15 | LiveAuctioneers security breach puts users at risk (lien direct) | LiveAuctioneers, the online website which broadcasts live auctions selling antiques, art, and collectibles, has warned that user details have fallen into unauthorised hands following a security breach. | |||
|
2020-07-10 14:05:57 | Google\'s ad ban won\'t stop stalkerware apps from promoting themselves (lien direct) | Google has announced that from August 2020 it will be prohibiting ads for stalkerware products and services. But a loophole means that the companies behind creepy stalkerware apps will still be able to advertise themselves. | ★★ | ||
|
2020-07-09 13:24:26 | Cosmic Lynx: The highly-professional cybercrime gang scamming businesses out of millions of dollars (lien direct) | Things just got serious. Business Email Compromise is no longer solely the province of chancers. Organised criminal gangs with a high level of professionalism have seen the opportunity and seized it. Read more in my article on the Tripwire State of Security blog. | |||
|
2020-07-09 10:31:47 | Smashing Security podcast #186: This one\'s for all the Karens! (lien direct) | A high-rolling Hushpuppi gets extradited to the United States, Carole details her problems with clipboards and Disposophobia, and our guest becomes the subject of fake news during the Senegalese election. All this and much much more is discussed in the latest edition of the “Smashing Security” podcast with Graham Cluley and Carole Theriault, joined this week by investigative journalist Michelle Madsen. | |||
|
2020-07-06 16:02:50 | Ex-Yahoo employee avoids jail, despite hacking 6000 accounts, and stealing nude photos and videos (lien direct) | A former employee of Yahoo has been sentenced and ordered to pay a fine after exploiting his privileged access to hack into the personal accounts of thousands of Yahoo users, in his hunt for naked photographs and videos of young women. Read more in my article on the Hot for Security blog. | Hack | Yahoo | |
|
2020-07-06 13:56:36 | Appearing on the Hacker Valley Studio podcast (lien direct) | Early last month Ron Eddings and Chris Cochran were kind enough to invite me back on their podcast, “Hacker Valley Studio” – and now the episode has been published! Take a listen. | |||
|
2020-07-04 10:26:58 | Hackers hijack Twitter account of Russia\'s Ministry of Foreign Affairs, offer to sell stolen data (lien direct) | A hacked Russian government Twitter account offers to sell a tourist database for 66 bitcoins (approximately US $499,000). | |||
|
2020-07-03 15:38:47 | Has your Roblox account been hacked to support Donald Trump? (lien direct) | Over 2000 accounts on the Roblox gaming platform have been hacked… …not to make money or steal information, but to support Donald Trump’s re-election as US President. | |||
|
2020-07-03 13:23:19 | How to better protect your Roblox account from hackers with two-step verification (2SV) (lien direct) | Accounts on the popular online gaming platform keep getting hacked. So, how can you better protect your Roblox account? | |||
|
2020-07-02 16:06:55 | Websites of eight US cities poisoned by malware skimming the credit card details of residents (lien direct) | Beware if you’re paying your bills for local government services – the payment information you type into that web form may be heading straight to cybercriminals. | Malware | ||
|
2020-07-02 15:16:08 | 22,900 MongoDB databases held to ransom by hacker threatening to report firms for GDPR violations (lien direct) | Hackers are once again finding unsecured MongoDB databases, wiping their contents, and leaving ransom demands. So far, so normal. But what’s different this time is that they’re also threatening to report their victims for violating GDPR. Read more in my article on the Tripwire State of Security blog. | |||
|
2020-07-02 12:59:35 | Smashing Security podcast #185: Bieber fever, Roblox, and ransomware (lien direct) | Who’s been dressing Robox players up in red baseball caps? Which ransomware victim’s negotations got spied on by the media? And should Jason Bieber think twice before touching his hat? Oh, and we need to talk about squirrels… All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast. | Ransomware | ||
|
2020-06-29 15:47:39 | Watching a $1.14 million ransomware negotiation between hackers and scientists searching for COVID-19 treatments (lien direct) | An anonymous tip-off to BBC News enabled them to watch in real-time as an American medical university attempted to negotiate with the hackers who had infected its systems with ransomware. | Ransomware | ||
|
2020-06-29 13:43:52 | Voice recordings from domestic violence alerting app exposed on the internet (lien direct) | A smartphone app, disguised as a regular app delivering the top world, sports, and entertainment news, containing a secret feature that allows victims of domestic abuse to send a covert distress call for help at the touch of a button. What could possibly go wrong? Read more in my article on the Hot for Security blog. | |||
|
2020-06-26 12:38:19 | Man sentenced, two others charged, in connection with Satori IoT botnet (lien direct) | Even after being charged, Kenneth Schuchman continued to create and operate a DDoS botnet, and communicate with his co-conspirators. Read more in my article on the Hot for Security blog. | Satori | ||
|
2020-06-25 14:25:44 | Find a Playstation 4 vulnerability and earn over $50,000 (lien direct) | Do you think you have found a vulnerability in the Sony PlayStation 4 or the PlayStation Network? You could be heading towards a sizeable sum of money, after Sony announced details of its new bug bounty program. Just be sure to play by the rules… Read more in my article on the Tripwire State of Security blog. | Vulnerability | ★★★★★ | |
|
2020-06-25 12:48:10 | The inside story of the Maersk NotPetya ransomware attack, from someone who was there (lien direct) | Gavin Ashton was an IT security guy working at Maersk at the time of it was hit hard by the NotPetya ransomware. Now he’s written an article about his experiences, and shares advice for others. | Ransomware | NotPetya | |
|
2020-06-25 10:02:38 | Smashing Security podcast #184: Vanity Bitcoin wallets, BlueLeaks, and a Coronavirus app conspiracy (lien direct) | A conspiracy spreads on social media about Coronavirus tracing apps, US police find decades’ worth of sensitive data leaked online, and is there a Bitcoin bonanza to be had from watching Elon Musk YouTube videos? All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by BBC technology reporter Zoe Kleinman. | |||
|
2020-06-24 18:03:07 | DDoSecrets thrown off Twitter after distributing 269GB BlueLeaks data dump (lien direct) | The activist group Distributed Denial of Secrets, perhaps better known by their shorter but clumsy moniker DDoSecrets, has been permanently banned from Twitter. Read more in my article on the Hot for Security blog. | |||
|
2020-06-24 16:49:45 | HEY pulls feature which could expose email threads without participants\' knowledge (lien direct) | HEY, a new service which aims to revolutionise users’ inboxes, admits it made a mistake which could have made it too easy for private messages to be exposed. |
To see everything:
Our RSS (filtrered)
