What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-04-27 10:25:18 | Talking malware party tricks and cybersecurity trends (lien direct) | I had great fun this week appearing as a guest on Recorded Future's podcast. Tune in to the podcast to hear host Dave Bittner and I have a casual chat where we share some stories from the trenches, and I confess a malware-related party trick that I used to perform. | Malware | ||
|
2021-04-26 14:43:22 | Secure, orchestrate, and manage your company\'s infrastructure secrets with 1Password Secrets Automation (lien direct) | Graham Cluley Security News is sponsored this week by the folks at 1Password. Thanks to the great team there for their support! With Secrets Automation, 1Password now provides one place to house and manage all your secrets, from your team's logins to infrastructure secrets. With everything under one roof, there’s no more disconnected audit logs, … Continue reading "Secure, orchestrate, and manage your company's infrastructure secrets with 1Password Secrets Automation" | |||
|
2021-04-23 13:02:11 | Apple AirDrop flaws could let hackers grab users\' phone numbers and email addresses (lien direct) | Users of Apple products have long loved the ability to wirelessly share files with each other, using AirDrop to transmit files between their iPhones and Macbooks. But researchers have discovered that security weaknesses could allow an attacker to obtain a victim's phone number and even email address. Read more in my article on the Hot for Security blog. | |||
|
2021-04-23 06:53:03 | Received an unexpected request to “confirm your Twitter account”? (lien direct) | Did you receive an email claiming to come from Twitter that asked you to confirm your account? Don't panic - it wasn't a phishing attack. Twitter goofed up. | |||
|
2021-04-22 13:46:48 | REvil ransomware – what you need to know (lien direct) | Learn more about the notorious REvil ransomware in my article on the Tripwire State of Security blog. | Ransomware | ||
|
2021-04-22 08:30:22 | Smashing Security podcast #224: The Lazarus Heist, Facebook faux pas, and no-cost security (lien direct) | Facebook has managed to do the seemingly impossible - and had a data breach about its handling of a data breach. Meanwhile, we chat to the host of the brand new podcast about North Korea's hackers targeting the rest of the world, and discuss if an intern can be trusted to monitor your security. All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Geoff White and featuring an interview with Duo's Helen Patton. | Data Breach | APT 38 APT 28 | |
|
2021-04-20 15:47:59 | Facebook suffers a data breach about how it\'s hoping to stop the media talking about its last data breach (lien direct) | The social network has goofed again. But this time it's Facebook's PR team's handling of a data breach rather than its users who have been left exposed. | Data Breach | ||
|
2021-04-20 11:48:33 | Cluley and Cisco: Preparing for cybersecurity threats in a permanently hybrid world (lien direct) | Thanks to the folks at Cisco who have invited me to participate in an online chat on Monday April 26. Learn more and register your interest to ensure you don't miss it. | |||
|
2021-04-19 15:46:19 | Six million male members may have been exposed after hack of gay dating service (lien direct) | Manhunt, a popular gay dating service, has suffered a data breach which may have put members at risk of exposure. | Data Breach Hack | ||
|
2021-04-19 12:59:28 | Sysadmin of fake cybersecurity company sentenced to jail after billion-dollar crime spree (lien direct) | A key member of the FIN7 cybercrime gang - which is said to have caused over one billion dollars worth of damage around the world - has been sentenced to 10 years in jail. Read more in my article on the Hot for Security blog. | |||
|
2021-04-15 14:19:17 | White House launches plan to protect US critical infrastructure against cyber attacks (lien direct) | The White House is reportedly moving swiftly forward with a plan to harden the security of the US power grid against hacking attacks. Read more in my article on the Tripwire State of Security blog. | |||
|
2021-04-14 23:05:23 | Smashing Security podcast #223: Booze, nudes, and insurance dudes (lien direct) | Should insurance companies be banned from helping companies pay ransomware demands? How has malware messed with motorcars in the United States? And how are cybercriminals exploiting alcohol drinking during the pandemic? All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis. | Ransomware Malware | ||
|
2021-04-14 19:17:59 | School janitor says she was fired for not installing smartphone tracking app (lien direct) | A school janitor has lost her job, and she says it's because she refused to download a smartphone app that would track her location. | |||
|
2021-04-13 19:18:36 | Ransomware attack causes supermarket cheese shortage in the Netherlands (lien direct) | Shoppers at Dutch supermarkets may have noticed that some cheeses were in short supply last week, and it was cybercriminals who are to blame. Read more in my article on the Hot for Security blog. | |||
|
2021-04-13 17:32:11 | A helpful reminder about just how much Facebook stalks you on the internet (lien direct) | Many Facebook users think they only have to worry about the data that they personally share about themselves on Facebook, by posting messages on the site, connecting with their friends, and liking posts. But the truth is that Facebook knows much more about you than that, by collecting data from your activities off-site as well. | |||
|
2021-04-12 17:01:25 | Upstox warns of serious data breach, resets passwords (lien direct) | Indian stock trading firm Upstox has revealed to users that it has suffered a serious security breach that may have seen unauthorised criminal access to millions of customers' personal information. | |||
|
2021-04-08 07:49:07 | Smashing Security podcast #222: Facebook, deepfakes, and April Fools scandals – with Nina Schick (lien direct) | Deepfake expert Nina Schick joins us as we discuss synthetic media, Facebook's latest data fiasco, and some less-than-brilliant April Fool's tricks. All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast, hosted by computer security veterans Graham Cluley and Carole Theriault. | |||
|
2021-04-07 12:23:12 | A new headache for ransomware-hit companies. Extortionists emailing your customers (lien direct) | Cybercriminal extortionists have adopted a new tactic to to apply even more pressure on their corporate victims: contacting the victims' customers, and asking them to demand a ransom is paid to protect their own privacy. Read more in my article on the Tripwire State of Security blog. | |||
|
2021-04-07 10:51:37 | Facebook isn\'t sorry for letting someone steal personal details of half a billion users (lien direct) | Would it have been so hard for Facebook to apologise for allowing 533 million personal records - including users' phone numbers - to leak onto the internet? I don't think so. And yet sorry seems to be the hardest word... | |||
|
2021-04-06 09:36:15 | Check you own the website before you send out the press release (lien direct) | Cybersecurity can be hard. Even for the professionals. Read more in my article on the Bitdefender Business Insights blog. | |||
|
2021-04-05 13:57:38 | How Deliveroo scared customers into believing they had been scammed (lien direct) | Food-delivery company Delveroo thought it would be fun to play an April Fool's trick on its customers in France. Unfortunately, what Deliveroo France did just wasn't funny. Read more in my article on the Hot for Security blog. | |||
|
2021-04-01 13:58:49 | Federal agencies given five days to find hacked Exchange servers (lien direct) | CISA, the US Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, has told federal agencies that they have until 1April 5 to scan their networks for evidence of intrusion by hackers, and report back the results. Read more in my article on the Tripwire State of Security blog. | |||
|
2021-03-31 23:21:47 | Smashing Security podcast #221: God bless his hairy palms (lien direct) | FatFace stumps up $2 million to its ransomware extortionists, an IT administrator is caught with his pants down, Mobikwik blames its users for a data breach, and we burgle a house... virtually. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford. | Ransomware | ||
|
2021-03-31 22:41:59 | US nuclear command agency\'s gibberish tweet was sent by a child (lien direct) | When an unintelligible tweet was made by the US Strategic Command's Twitter account, it's understandable that some folks might imagine a password was accidentally published to the world, or that perhaps the account had been compromised, or... gulp!... that it might be a US nuclear launch code. | |||
|
2021-03-30 07:41:39 | Cyber attack forces live TV shows off-air at Australia\'s Channel 9 (lien direct) | Live broadcasts from Australia's Channel 9 TV network were disrupted this weekend following what is believed to have been a cyber attack. Read more in my article on the Hot for Security blog. | |||
|
2021-03-28 14:15:13 | Alex Salmond\'s Alba party website leaks data in IDOR foul-up (lien direct) | It's just two days since former SNP leader Alex Salmond launched a brand new political party to campaign for an independent Scotland. And already it has suffered a data breach. | Guideline | ||
|
2021-03-28 13:35:55 | (Déjà vu) FatFace pays out $2 million to Conti ransomware gang (lien direct) | UK fashion retailer FatFace, which made headlines this week by appearing to ask its customers to keep its cyber attack “strictly private and confidential”, has reportedly paid a $2 million ransom to the criminals responsible. | Ransomware | ||
|
2021-03-28 10:27:12 | Cyber insurance giant CNA hit by ransomware attack (lien direct) | Insurance firm CNA Hardy says that it has suffered a “sophisticated cybersecurity attack” that has impacted its operations, including its email system. According to a statement posted on the firm’s website, CNA determined it had fallen foul of hackers on March 21: “Out of an abundance of caution, we have disconnected our systems from our … Continue reading "Cyber insurance giant CNA hit by ransomware attack" | Ransomware | ||
|
2021-03-25 13:05:28 | Average ransomware payouts shoot up 171% to over $300,000 (lien direct) | Organisations hit by ransomware attacks are finding themselves paying out more than ever before, according to a new report. According to the research, the average payment following a ransomware attack in 2020 rocketed up 171% to $312,493 compared to $115,123 in 2019. And it's not just the case that the criminals behind ransomware attacks are making more from their victims – they're also becoming greedier. Read more in my article on the Tripwire State of Security blog. | Ransomware | ||
|
2021-03-25 12:54:46 | FatFace would like everyone to keep its data breach “strictly private and confidential” (lien direct) | British fashion retailer FatFace has been hacked. Whoops! I said it. Sorry. I'm not sure they wanted anyone to talk about it, so maybe I shouldn't have mentioned it. | Data Breach | ||
|
2021-03-25 10:26:00 | Smashing Security podcast #220: Ransoms, scandals, and glitter bombs (lien direct) | PC manufacturer Acer might have received a $50 million ransom demand, a warning spreads on Facebook about a trick being used by hackers, and why are the City of London's police not happy about Sci Hub? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Alex Eckelberry. | |||
|
2021-03-24 10:57:32 | Businesses! Beware the vengeful IT contractor! (lien direct) | A man has been sentenced to two years in a federal prison after wreaking an act of revenge against a company, deleting so many staff's user accounts that the firm had to shut down completely for two days. Read more in my article on the Bitdefender Business Insights blog. | |||
|
2021-03-24 07:50:55 | Bank loses customers\' social security numbers after ransomware attack (lien direct) | Things don't get much worse than having to admit to your employees that a gang of cybercriminals have broken into your infrastructure, stolen the private details (social security numbers, names and home addresses) of your staff, and are demanding that your company pays a ransom before further sensitive data is leaked. Well, actually they do... Read more in my article on the Hot for Security blog. | Ransomware | ||
|
2021-03-22 10:59:49 | Ransomware gang says it targets firms with cyber insurance (lien direct) | A member of the REvil ransomware gang claims that the group specifically targets firms who have taken our cyberinsurance. And what's more, it will hack insurance firms to identify them... | Ransomware Hack | ||
|
2021-03-21 20:58:30 | Fighting back against phone scammers with glitter bombs (lien direct) | What do phone scammers who prey on the vulnerable deserve? Fart spray and glitterbombs, of course! A fun video makes some serious points, and could be a valuable lesson for your family and friends. | |||
|
2021-03-19 15:41:51 | Hacker who breached Verkada charged with stealing data from over 100 companies (lien direct) | The hacker who claimed responsibility for breaching the live video streams of 150,000 CCTV cameras at police departments, hospitals, and well-known businesses has been charged by the US Department of Justice with hacking more than 100 companies. Read more in my article on the Hot for Security blog. | |||
|
2021-03-18 13:36:11 | 64 times worse than ransomware? FBI statistics underline the horrific cost of business email compromise (lien direct) | The FBI is reminding organisations of the serious threat posed by business email compromise (BEC) scams, declaring that it caused over $1.8 billion worth of losses to businesses last year. Read more in my article on the Tripwire State of Security blog. | Threat | ||
|
2021-03-18 12:20:03 | Smashing Security podcast #219: Cheerleaders, dating apps, and crisis PR (lien direct) | How are cheerleaders being creeped out by deepfakes? What might Tinder tell potential dates about your murky past? And how should companies respond to the press when a security breach occurs? All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Yvonne Eskenzi. | Guideline | ||
|
2021-03-17 13:09:17 | Celebrity Twitter hacker agrees to three year prison sentence (lien direct) | A teenager who hacked into the Twitter accounts of the rich and famous in an attempt to trick millions of their followers into a cryptocurrency scam will spend three years in prison as part of a plea agreement with prosecutors. Read more in my article on the Hot for Security blog. | |||
|
2021-03-17 12:50:58 | (Déjà vu) Recorded Future\'s free Cyber Daily brings the latest trending threat insights to your inbox (lien direct) | Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! Recorded Future are experts at providing deep, detailed insight into emerging threats by automatically collecting, analyzing, and organizing billions of data points from the web. The FREE Cyber Daily email from Recorded … Continue reading "Recorded Future’s free Cyber Daily brings the latest trending threat insights to your inbox" | Threat | ||
|
2021-03-17 11:04:34 | Smart doorbells may be signalling to burglars that you have something worth stealing (lien direct) | Researchers claim that not only are smart doorbells "unlikely" to have "any significant effect on residential burglary" rates, but they might actually increase the risk of burglary. | |||
|
2021-03-16 13:40:55 | Ransomware attack forces college to tell students to stay at home (lien direct) | A UK college says it has closed its campus buildings for one week, and advised students that all lessons and lectures will be taking place online, following a ransomware attack. | Ransomware | ||
|
2021-03-13 13:45:56 | Police raid apartment of alleged Verkada hacker, as questions asked about employees\' access to customer video feeds (lien direct) | Following news that the video streams of 150,000 webcams managed by Verkada had been breached, police in Switzerland have raided the alleged hacker's apartment. | |||
|
2021-03-11 17:18:56 | 150,000 security cameras are hacked exposing jails, hospitals, and well-known firms (lien direct) | A hacking group has gained access to the feeds of 150,000 surveillance cameras used inside businesses, schools, police departments, hospitals, and well-known companies. Read more in my article on the Bitdefender BOX blog. | |||
|
2021-03-11 15:16:58 | Criminals arrested after trusting encrypted chat app cracked by the police (lien direct) | Police in the Netherlands and Belgium have made hundreds of raids, and arrested at least 80 people, after cracking into an encrypted phone network used by organised criminals. Read more in my article on the Tripwire State of Security blog. | |||
|
2021-03-11 08:54:59 | Smashing Security podcast #218: Microsoft, McAfee, and mayhem (lien direct) | Is it the end of the road for John McAfee? Is PornHub more legitimate than Facebook? And do you know as much as you think you do about the Microsoft Exchange Server mega-hack? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner. | |||
|
2021-03-10 21:58:41 | (Déjà vu) Recorded Future\'s free Cyber Daily newsletter delivers trending threat insights straight to your inbox (lien direct) | Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! The team at Recorded Future are experts at providing deep, detailed insight into emerging threats. They do it by automatically collecting and analyzing billions of data points across the web. The FREE … Continue reading "Recorded Future's free Cyber Daily newsletter delivers trending threat insights straight to your inbox" | Threat | ||
|
2021-03-10 16:51:18 | Told your organisation is leaking data? Here\'s how not to respond (lien direct) | Platform engineer and open source enthusiast Rob Dyke says that he's found himself in a sticky pickle. You see, in late February he discovered two public repositories on Github which contained code for an application, API keys, usernames nad passwords, and a database dump. Anyone in the world could access the sensitive information. What's disappointing, however, is how the organisation responded when he told them about the problem. | |||
|
2021-03-09 11:09:51 | The Microsoft Exchange Server mega-hack – what you need to know (lien direct) | In case you've missed the news - hundreds of thousands of Microsoft Exchange Server systems worldwide are thought to have been compromised by hackers, who exploited zero-day vulnerabilities to steal emails. Read more in my article on the Hot for Security blog. | |||
|
2021-03-08 13:19:43 | Airline passenger data breached following “highly sophisticated attack” (lien direct) | SITA, which provides IT services to about 90% of the global aviation industry, has revealed that it suffered a cyber attack which exposed details of passengers from many airlines. |
To see everything:
Our RSS (filtrered)
