This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-10T14:45:40+00:00 www.secnews.physaphae.fr Graham Cluley - Blog Security International recruitment agency Michael Page is contacting hundreds of thousands of job seekers, warning them that their personal information was exposed on a publicly accessible web server. ]]> 2016-11-11T12:54:45+00:00 https://www.grahamcluley.com/capgemini-sloppily-leaks-data-780000-michael-page-job-seekers-internet/ www.secnews.physaphae.fr/article.php?IdArticle=252617 False None None None Graham Cluley - Blog Security How *did* scammers know that a brand new TalkTalk customer was experiencing a technical problem? Or did they just get lucky? ]]> 2016-11-10T12:37:17+00:00 https://www.grahamcluley.com/brand-new-talktalk-customer-targeted-phone-scammer/ www.secnews.physaphae.fr/article.php?IdArticle=251755 False None None None Graham Cluley - Blog Security Yahoo has admitted that some of its staff knew back in 2014 that its systems had been breached by hackers. ]]> 2016-11-10T10:24:01+00:00 https://www.grahamcluley.com/yahoo-staff-knew-2014-hacked/ www.secnews.physaphae.fr/article.php?IdArticle=251530 False None Yahoo None Graham Cluley - Blog Security Fake pharmaceutical web services are always looking for new methods to trick unsuspecting users. And now they're displaying marketing messages when users try to close their browser tab. David Bisson reports. ]]> 2016-11-09T19:56:46+00:00 https://www.grahamcluley.com/fake-pharmacy-sites-gets-crafty-modified-goodbye-messages/ www.secnews.physaphae.fr/article.php?IdArticle=251316 False None None None Graham Cluley - Blog Security One of the golden rules of computer security for the last twenty-or-so years has been to be extremely cautious of unsolicited emails. Yet, the same old tricks are still being used to successfully spread ransomware. Read more in my article on the Hot for Security blog. ]]> 2016-11-09T13:12:40+00:00 https://www.hotforsecurity.com/blog/locky-ransomware-disguises-itself-as-account-suspensions-and-suspicious-movements-17101.html www.secnews.physaphae.fr/article.php?IdArticle=250898 False None None None Graham Cluley - Blog Security This Patch Tuesday update includes a fix for the vulnerability that Google engineers controversially chose to make public last week. ]]> 2016-11-09T03:11:23+00:00 https://www.grahamcluley.com/microsoft-patched-zero-day-security-hole-disclosed-google/ www.secnews.physaphae.fr/article.php?IdArticle=250381 False None None None Graham Cluley - Blog Security A security hole allows attackers to crash Android phones and force them to soft-reboot. David Bisson reports. ]]> 2016-11-09T02:27:36+00:00 https://www.grahamcluley.com/update-bug-means-large-pac-files-crash-android-phones/ www.secnews.physaphae.fr/article.php?IdArticle=250382 False None None None Graham Cluley - Blog Security Has your smartphone or tablet been protected yet against the Dirty COW vulnerability? ]]> 2016-11-08T16:04:55+00:00 https://www.grahamcluley.com/androids-security-update-november-2016-good-news-bad-moos/ www.secnews.physaphae.fr/article.php?IdArticle=250383 False None None None Graham Cluley - Blog Security A hacker could exploit a series of vulnerabilities in Belkin home automation gear to turn your Android phone into a secret GPS tracker. David Bisson reports. ]]> 2016-11-08T12:09:46+00:00 https://www.grahamcluley.com/insecure-iot-gear-turn-phone-gps-tracker/ www.secnews.physaphae.fr/article.php?IdArticle=249977 False None None None Graham Cluley - Blog Security Graham Cluley Security News is sponsored this week by the folks at VASCO Data Security. Thanks to the great team there for their support! More than 10,000 customers in 100 countries rely on VASCO to secure access, manage identities, verify transactions, simplify document signing and protect high value assets and systems. In a new white paper VASCO explains how RASP - Runtime Application Self-Protection - makes your business applications more secure and reliable, while managing the increased risks of rising mobile app use amidst increasingly sophisticated malware. RASP strengthens mobile app security - effectively neutralizing potential threats, and proactively securing businesses in ways that other security tools can't easily deliver. In the white paper you'll learn more about integrated application security solutions, including: How RASP bridges the divide between infrastructure and app server owners Which intrusions RASP can detect and prevent How natively integrated RASP technology strengthens mobile apps Why applications secured with RASP result in a lower cost, higher benefit ratio Interested in learning more? Download VASCO's white paper: RASP Technology is Critical for Modern App Security.

---

If you're interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here. ]]> 2016-11-08T11:38:46+00:00 https://www.grahamcluley.com/vasco-feed-sponsor-10/ www.secnews.physaphae.fr/article.php?IdArticle=249978 False None None None Graham Cluley - Blog Security An incorrect setting could make the difference between your website being insecure, or wide open for hackers to steal massive amounts of your users' personal data. Read more in my article on the Hot for Security blog. ]]> 2016-11-07T14:19:39+00:00 https://www.hotforsecurity.com/blog/applied-for-a-job-at-cisco-your-personal-data-and-passwords-could-have-been-stolen-17083.html www.secnews.physaphae.fr/article.php?IdArticle=249531 False None None None Graham Cluley - Blog Security Here's a wake-up call for anyone who hasn't heard that technology can do things a heck of a lot quicker than humans shuffling paper. ]]> 2016-11-07T14:13:56+00:00 https://www.grahamcluley.com/need-review-650000-emails-days-easy/ www.secnews.physaphae.fr/article.php?IdArticle=249532 False None None None Graham Cluley - Blog Security Tesco Bank customers are likely to have their confidence rattled after it is confirmed that tens of thousands of accounts were raided by hackers this weekend. ]]> 2016-11-07T10:54:19+00:00 https://www.grahamcluley.com/20000-tesco-bank-accounts-raided-hackers/ www.secnews.physaphae.fr/article.php?IdArticle=249151 False None None None Graham Cluley - Blog Security A story spread like wildfire across the world's media claiming that the small West African country of Liberia had been blasted off the internet by a massive DDoS attack. But don't be too quick to believe everything you read in the papers... ]]> 2016-11-06T23:45:23+00:00 https://www.grahamcluley.com/did-mirai-botnet-liberia-offline/ www.secnews.physaphae.fr/article.php?IdArticle=248649 False None None None Graham Cluley - Blog Security Election-themed spam has picked up considerably as the United States' 2016 presidential election enters the home stretch. David Bisson reports. ]]> 2016-11-06T22:52:49+00:00 https://www.grahamcluley.com/election-themed-spam-spikes-presidential-election-closes/ www.secnews.physaphae.fr/article.php?IdArticle=248650 False None None None Graham Cluley - Blog Security An annoying browser-locking bug is being exploited by tech support scammers to trick unsuspecting users into phoning them up. David Bisson reports. ]]> 2016-11-03T14:42:32+00:00 https://www.grahamcluley.com/browser-hanging-dont-support-number-scam/ www.secnews.physaphae.fr/article.php?IdArticle=247501 False None None None Graham Cluley - Blog Security Services at a number of UK hospitals are slowly beginning to resume after a computer virus infected the electronic systems of their managing health care trust. David Bisson reports. ]]> 2016-11-02T15:16:32+00:00 https://www.grahamcluley.com/services-slowly-resume-malware-strikes-hospitals/ www.secnews.physaphae.fr/article.php?IdArticle=243893 False None None None Graham Cluley - Blog Security The Russian-linked Fancy Bear group (also known as Strontium, APT28, Sednit or Sofacy) have been linked to targeted attacks. ]]> 2016-11-01T22:44:29+00:00 https://www.grahamcluley.com/microsoft-says-youll-wait-week-critical-windows-zero-day-patch/ www.secnews.physaphae.fr/article.php?IdArticle=241754 False None APT 28 None Graham Cluley - Blog Security A type of Android banking trojan capable of intercepting SMS messages is currently targeting at least 50 major banking organizations worldwide. David Bisson reports. ]]> 2016-11-01T15:55:38+00:00 https://www.grahamcluley.com/android-banking-trojan-intercept-sms-messages/ www.secnews.physaphae.fr/article.php?IdArticle=240666 False None None None Graham Cluley - Blog Security An anti-worm worm, designed to clean-up the Internet of insecure Things, has had its code pulled from Github. Which is probably a good thing. ]]> 2016-11-01T14:28:20+00:00 https://www.grahamcluley.com/good-anti-mirai-worm-pulled-github-following-backlash/ www.secnews.physaphae.fr/article.php?IdArticle=240500 False None None None Graham Cluley - Blog Security Google shares details of unpatched zero-day vulnerability in Windows, just ten days after telling Microsoft about it. ]]> 2016-11-01T12:06:32+00:00 https://www.grahamcluley.com/microsoft-google-customers-potential-risk/ www.secnews.physaphae.fr/article.php?IdArticle=240215 False None None None Graham Cluley - Blog Security If only more online criminals were as dumb as this... David Bisson reports. ]]> 2016-10-31T21:52:09+00:00 https://www.grahamcluley.com/hacker-busted-laundering-money-using-email-address/ www.secnews.physaphae.fr/article.php?IdArticle=238646 False None None None Graham Cluley - Blog Security Researcher Leo Linsky calls his creation an "anti-worm worm (or nematode)". I call it a potential breach of computer crime legislation. Read more in my article on the Hot for Security blog. ]]> 2016-10-31T14:26:18+00:00 https://www.hotforsecurity.com/blog/could-a-good-worm-save-the-internet-of-things-from-the-mirai-botnet-17050.html www.secnews.physaphae.fr/article.php?IdArticle=237331 False None None None Graham Cluley - Blog Security The truth is that the breach of John Podesta's email did not require sophisticated hacking skills. It just depended on the right combination of human error and carelessness. Read more in my article on the Hot for Security blog. ]]> 2016-10-31T12:59:57+00:00 https://www.hotforsecurity.com/blog/this-is-the-email-that-hacked-hillary-clintons-campaign-chief-17039.html www.secnews.physaphae.fr/article.php?IdArticle=236995 False None None 5.0000000000000000 Graham Cluley - Blog Security As Brits slept, the phishing gangs were up to their old tricks - spamming out SMS messages purporting to be warnings from Apple that our Apple IDs were due to expire today, and that we should act quickly. ]]> 2016-10-30T08:28:17+00:00 https://www.grahamcluley.com/clocks-apple-users-targeted-smishing-campaign/ www.secnews.physaphae.fr/article.php?IdArticle=234703 False None None None Graham Cluley - Blog Security The Australian Red Cross Blood Service has apologized for the country's largest data breach to date. David Bisson reports. ]]> 2016-10-28T23:11:58+00:00 https://www.grahamcluley.com/australian-red-cross-apologizes-largest-aussie-data-breach-date/ www.secnews.physaphae.fr/article.php?IdArticle=232304 False None None None Graham Cluley - Blog Security At least 50 celebrity Apple iCloud accounts and 72 Gmail inboxes were broken into by 36-year old Ryan Collins, whose victims included Jennifer Lawrence, Kirsten Dunst, Avril Lavigne, Kate Hudson, and Rihanna. Read more in my article on the We Live Security blog. ]]> 2016-10-28T09:48:13+00:00 http://www.welivesecurity.com/2016/10/28/nude-celebrity-photo-hacker-sentenced-18-months-prison/ www.secnews.physaphae.fr/article.php?IdArticle=230600 False None None None Graham Cluley - Blog Security Researchers have demonstrated that an attacker can hack unencrypted radio communication to seize control of many leading wireless keyboards and mice. David Bisson reports. ]]> 2016-10-28T08:56:22+00:00 https://www.grahamcluley.com/researchers-exploit-unencrypted-radio-hack-wireless-mice-keyboards/ www.secnews.physaphae.fr/article.php?IdArticle=230516 False Guideline None None Graham Cluley - Blog Security Scammers are trying to frighten their victims into phoning them up, claiming that their hard drive is only minutes away from being wiped. David Bisson reports. ]]> 2016-10-28T00:29:48+00:00 https://www.grahamcluley.com/faker-alert-tech-support-scam-claims-users-hard-drive-deleted/ www.secnews.physaphae.fr/article.php?IdArticle=229924 False None None None Graham Cluley - Blog Security Did Google deliberately downrank encrypted email service ProtonMail in its search results? The jury is out... ]]> 2016-10-27T09:50:27+00:00 https://www.grahamcluley.com/conspiracy-cockup-google-hid-protonmails-encrypted-email-service-search-results/ www.secnews.physaphae.fr/article.php?IdArticle=228161 False None None None Graham Cluley - Blog Security Shock - horror! There's another critical security exploit in Adobe Flash, and it is being exploited in targeted attacks. Update Flash now or... you know... kick it to the kerb. ]]> 2016-10-26T23:16:44+00:00 https://www.grahamcluley.com/patch-flash/ www.secnews.physaphae.fr/article.php?IdArticle=227185 False None None None Graham Cluley - Blog Security In the old days tech support scammers called you up on the phone, trying to dupe you into believing your Windows PC had malware on it.. Now they trick you into calling them... David Bisson reports. ]]> 2016-10-26T22:36:27+00:00 https://www.grahamcluley.com/blue-screen-death-malware/ www.secnews.physaphae.fr/article.php?IdArticle=227090 False None None None Graham Cluley - Blog Security Don't be fooled by The Jester. He didn't hack the Russian Foreign Ministry's website but instead used tried-and-trusted techniques to make it *look* that way. ]]> 2016-10-26T06:50:50+00:00 https://www.grahamcluley.com/jester-didnt-hack-russian-foreign-ministry-website/ www.secnews.physaphae.fr/article.php?IdArticle=224744 False None None None Graham Cluley - Blog Security You can purchase a specially-modified smartphone online that uses infrared light to spot cards and helps you cheat at gambling. David Bisson reports. ]]> 2016-10-25T20:55:16+00:00 https://www.grahamcluley.com/modded-phone-cheat-poker/ www.secnews.physaphae.fr/article.php?IdArticle=223802 False None None None Graham Cluley - Blog Security Graham Cluley Security News is sponsored this week by the folks at VASCO Data Security. Thanks to the great team there for their support! Experts argue that e-banking authentication has become so stagnant since the 2005 Guidance that it is no longer considered "cool" or innovative. Tokens, key fobs, mobile tokens, SMS codes, phone calls certainly did their job confirming a customer's identity and combating cyber-attacks for many years. What has changed since 2005? We want you to pause for a moment and take a fresh look at how strong authentication can serve banks in areas you never thought of using it for. Can strong authentication help achieve a much needed convenience, security, and cost savings beyond online banking login? Discover nine innovative use cases from VASCO that will help you visualize how application security, multi-factor authentication, and fraud prevention solutions can play out to create a secure and frictionless user experience. Download this executive summary by American Banker and VASCO to learn more about: Authentication across all channels Convenient retail mobile banking Cardless ATM Bank card PIN issuance and mailers Call center and IVR authentication ACH batch payments Functionality vs security in commercial mobile banking app Cross-channel authentication for commercial banking Branch employee and device authentication Interested in learning more? Download VASCO's white paper on how to Innovate with Strong Authentication to Solve your Everyday Banking Problems.

---

If you're interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here. ]]> 2016-10-25T10:10:30+00:00 https://www.grahamcluley.com/vasco-feed-sponsor-9/ www.secnews.physaphae.fr/article.php?IdArticle=221789 False None None None Graham Cluley - Blog Security iOS 10.1 is out, and it includes a number of serious security patches - including one designed to protect you from malicious code hiding inside a boobytrapped JPEG image file. ]]> 2016-10-24T21:04:12+00:00 https://www.grahamcluley.com/boobytrapped-jpeg-infect-iphone-upgrade-ios-10-1/ www.secnews.physaphae.fr/article.php?IdArticle=219854 False None None None Graham Cluley - Blog Security Want to hire 100,000 IoT devices to launch a massive denial-of-service attack? That will cost just $7,500. Read more in my article on the Hot for Security blog. ]]> 2016-10-24T14:21:50+00:00 https://www.hotforsecurity.com/blog/for-rent-an-iot-botnet-to-take-down-much-of-the-internet-16994.html www.secnews.physaphae.fr/article.php?IdArticle=218717 False None None None Graham Cluley - Blog Security The Mirai Internet of Things botnet is making its unpleasant presence felt. Yasin Soliman reports on how you should defend your IoT devices. ]]> 2016-10-24T14:14:14+00:00 https://www.grahamcluley.com/protect-iot-devices/ www.secnews.physaphae.fr/article.php?IdArticle=218718 False None None None Graham Cluley - Blog Security A worrying failure in how PayPal had implemented its two-factor authentication security feature has been uncovered. ]]> 2016-10-24T09:51:40+00:00 https://www.grahamcluley.com/paypals-2fa-proves-easy-bypass/ www.secnews.physaphae.fr/article.php?IdArticle=218184 False None None None Graham Cluley - Blog Security Thinking of deleting your Yahoo account? Here are the steps, and things you should consider first... David Bisson reports. ]]> 2016-10-24T09:09:12+00:00 https://www.grahamcluley.com/deactivate-yahoo-account/ www.secnews.physaphae.fr/article.php?IdArticle=218185 False None Yahoo None Graham Cluley - Blog Security A data breach at free website builder Weebly has compromised the personal information of over 43 million users. And has Foursquare suffered a data breach of 22.5 million of its users or not? David Bisson reports. ]]> 2016-10-23T21:01:19+00:00 https://www.grahamcluley.com/data-breach-weebly-affects-43-million-users/ www.secnews.physaphae.fr/article.php?IdArticle=217173 False None None None Graham Cluley - Blog Security Web users are struggling to reach some of the world's most well-known websites - including Twitter, Spotify, Github, Reddit and AirBnB - after the managed DNS service they use, Dyn, was hit by a massive DDoS attack. Read more in my article on the Hot for Security blog. ]]> 2016-10-21T13:58:38+00:00 https://www.hotforsecurity.com/blog/ddos-attack-against-dns-provider-knocks-major-sites-offline-16977.html www.secnews.physaphae.fr/article.php?IdArticle=213158 False None None None Graham Cluley - Blog Security A newly discovered vulnerability in virtually all versions of the Linux operating system has been discovered. ]]> 2016-10-20T21:59:04+00:00 https://www.grahamcluley.com/dirty-cow-linux-vulnerability-need-know/ www.secnews.physaphae.fr/article.php?IdArticle=211519 False None None None Graham Cluley - Blog Security Perhaps users would be wise never to type out sensitive information like passwords when they're on a Skype call. David Bisson reports. ]]> 2016-10-20T15:29:27+00:00 https://www.grahamcluley.com/whats-noise-sound-attackers-logging-keystrokes-skype/ www.secnews.physaphae.fr/article.php?IdArticle=210709 False None None None Graham Cluley - Blog Security Ecuador has said it pulled the plug on Julian Assange's web access out of concern that he was using WikiLeaks to influence the U.S. presidential election. David Bisson reports. ]]> 2016-10-19T17:34:58+00:00 https://www.grahamcluley.com/cut-julian-assange-internets-access-ecuador-accusing-interfering-election/ www.secnews.physaphae.fr/article.php?IdArticle=208379 False None None None Graham Cluley - Blog Security DDoS malware is infecting cellular gateways warns the Department of Homeland Security. Read more in my article on the Hot for Security blog. ]]> 2016-10-19T13:35:42+00:00 https://www.hotforsecurity.com/blog/many-sierra-wireless-gateways-compromised-by-mirai-botnet-warns-us-government-16963.html www.secnews.physaphae.fr/article.php?IdArticle=207783 False None None None Graham Cluley - Blog Security Law enforcement served a modified search warrant that allowed agents to collect the thumbprints and fingerprints of everyone at the premises, in order to unlock a smartphone. David Bisson reports. ]]> 2016-10-18T21:12:59+00:00 https://www.grahamcluley.com/cops-served-warrant-collect-everyones-thumbprints-property/ www.secnews.physaphae.fr/article.php?IdArticle=206460 False None None None Graham Cluley - Blog Security For more than 17 years British security and intelligence agencies broke the law, illegally collecting vast amounts of data about UK citizens without proper oversight. ]]> 2016-10-18T08:10:49+00:00 https://www.grahamcluley.com/gchq-broke-law-spying-citizens/ www.secnews.physaphae.fr/article.php?IdArticle=204696 False None None None Graham Cluley - Blog Security ATM explosive attacks increased by as much as 80 percent in the first half of 2016, reveals a new report. David Bisson reports. ]]> 2016-10-18T08:05:23+00:00 https://www.grahamcluley.com/atm-explosive-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=204697 False None None None Graham Cluley - Blog Security What's the point of a password, if it's published on the front cover of a magazine? ]]> 2016-10-17T16:24:38+00:00 https://www.grahamcluley.com/make-easier-weve-published-password-magazine/ www.secnews.physaphae.fr/article.php?IdArticle=202974 False None None None Graham Cluley - Blog Security Come hear me talk in Stockholm about my time in the anti-virus industry, as I give the keynote presentation at Nordic IT Security. ]]> 2016-10-17T14:43:08+00:00 https://www.grahamcluley.com/nordic-security-hear-speak-stockholm/ www.secnews.physaphae.fr/article.php?IdArticle=202725 False None None 5.0000000000000000 Graham Cluley - Blog Security A Linux threat known as NyaDrop is exploiting a lack of security in Internet of Things (IoT) devices to infect them with malware. David Bisson reports. ]]> 2016-10-17T14:12:23+00:00 https://www.grahamcluley.com/nyadrop-exploiting-iot-insecurity-infect-devices-malware/ www.secnews.physaphae.fr/article.php?IdArticle=202726 False None None 3.0000000000000000 Graham Cluley - Blog Security How do you think your customers would feel if they visited your business's website and were greeted with an offensive image or malicious code? And how would you feel knowing that hackers could pull off an attack like this without changing a single byte of your site? Read more in my article on the Bitdefender Business Insights blog. ]]> 2016-10-14T15:13:11+00:00 http://businessinsights.bitdefender.com/domain-name-hijacking www.secnews.physaphae.fr/article.php?IdArticle=197567 False None None None Graham Cluley - Blog Security Verizon could reduce the price it will pay to acquire Yahoo, or walk away from the $5 billion deal completely. ]]> 2016-10-14T14:34:43+00:00 https://www.grahamcluley.com/verizon-playing-hard-ball-yahoo-hack/ www.secnews.physaphae.fr/article.php?IdArticle=197424 False None Yahoo None Graham Cluley - Blog Security A new Android malware loves users' love of selfies. How much? Enough to ask them to take one so that it can steal access to their accounts. David Bisson reports. ]]> 2016-10-13T17:21:18+00:00 https://www.grahamcluley.com/enjoy-taking-selfies-plays-right-hands-this-malware/ www.secnews.physaphae.fr/article.php?IdArticle=196089 False None None None Graham Cluley - Blog Security Clinton campaign chief John Podesta tweeted what must have been a surprising turn of events, even in the most dramatic of presidential races. Read more in my article on the Hot for Security blog. ]]> 2016-10-13T13:07:19+00:00 https://www.hotforsecurity.com/blog/clinton-campaign-chief-tweets-vote-trump-after-his-account-is-hacked-16919.html www.secnews.physaphae.fr/article.php?IdArticle=195671 False None None None Graham Cluley - Blog Security Malware takes cues from Carbanak, and comes equipped with lots of hacking tools... David Bisson reports. ]]> 2016-10-13T11:22:10+00:00 https://www.grahamcluley.com/trojan-borrows-carbanak-target-swift-users-financial-orgs/ www.secnews.physaphae.fr/article.php?IdArticle=195394 False None None None Graham Cluley - Blog Security It's not as easy to up sticks and leave your Yahoo account for dead as it used to be... ]]> 2016-10-12T12:42:15+00:00 https://www.grahamcluley.com/yahoo-accused-deliberately-making-hard-close-account/ www.secnews.physaphae.fr/article.php?IdArticle=193386 False None Yahoo None Graham Cluley - Blog Security DXXD doesn't display a ransom note like other ransomware... David Bisson reports. ]]> 2016-10-12T11:01:25+00:00 https://www.grahamcluley.com/decrypt-this-ransomware-dev-taunts-researchers-tech-support-forum/ www.secnews.physaphae.fr/article.php?IdArticle=193033 False None None None Graham Cluley - Blog Security Gives a whole new meaning for an expensive gadget burning a hole in your pocket... ]]> 2016-10-10T22:20:45+00:00 https://www.grahamcluley.com/samsung-tells-galaxy-note-7-users-turn-stop-using/ www.secnews.physaphae.fr/article.php?IdArticle=188784 False None None None Graham Cluley - Blog Security Would the fact that you have an operating system installed on your USB cufflink prove that you're up to no good, or just a bit of a geek? ]]> 2016-10-10T21:43:23+00:00 https://www.grahamcluley.com/cyber-terrorist-trades-cufflinks-handcuffs/ www.secnews.physaphae.fr/article.php?IdArticle=188785 False None None None Graham Cluley - Blog Security The billboards would use a variety of sensor systems, including cameras and proximity technology, to capture real-time audio, video and even biometric information about potential target audiences. David Bisson reports. ]]> 2016-10-10T20:43:37+00:00 https://www.grahamcluley.com/yahoo-creepy-plan-advertising-billboards-spy/ www.secnews.physaphae.fr/article.php?IdArticle=188582 False None Yahoo None Graham Cluley - Blog Security As long as there is a demand for cheap IoT devices, there will be plenty of manufacturers happy to cut corners and put the internet community at risk. ]]> 2016-10-10T13:43:52+00:00 https://www.grahamcluley.com/mirai-botnet-password/ www.secnews.physaphae.fr/article.php?IdArticle=187298 False None None None Graham Cluley - Blog Security According to a report in "The Intercept", the snooping code was implemented in such a way that it could have allowed a hacker to "basically read everyone's Yahoo mail." ]]> 2016-10-09T21:34:53+00:00 https://www.grahamcluley.com/spy-program-given-hacker-access-yahoo-email-claims-employee/ www.secnews.physaphae.fr/article.php?IdArticle=184784 False None Yahoo None Graham Cluley - Blog Security What you should do *before* your computer or laptop is lost or stolen, and what you should do after! David Bisson reports. ]]> 2016-10-09T21:04:54+00:00 https://www.grahamcluley.com/lost-stolen-laptop/ www.secnews.physaphae.fr/article.php?IdArticle=184785 False None None None Graham Cluley - Blog Security Privacy watchdogs based in the European Union are concerned Yahoo violated European users' privacy with its secret email-scanning program. David Bisson reports. ]]> 2016-10-09T19:38:21+00:00 https://www.grahamcluley.com/privacy-watchdog-yahoo-email-scanning/ www.secnews.physaphae.fr/article.php?IdArticle=184400 False None Yahoo None Graham Cluley - Blog Security A new attack allows OS X malware to record video and audio whenever a victim legitimately turns on their webcam, without drawing attention to itself. David Bisson reports. ]]> 2016-10-06T14:50:12+00:00 https://www.grahamcluley.com/attack-allows-malware-piggyback-webcam-use/ www.secnews.physaphae.fr/article.php?IdArticle=172519 False None None None Graham Cluley - Blog Security Apple's iMessage isn't doing all it can to protect users' information when it previews a link in a conversation. David Bisson reports. ]]> 2016-10-06T10:14:00+00:00 https://www.grahamcluley.com/apple-messages-exposing-privacy-previews-link/ www.secnews.physaphae.fr/article.php?IdArticle=171091 False None None None Graham Cluley - Blog Security Webpages vulnerable to SQL injection and software left unpatched for 3.5 years... ICO investigation reveals the shoddy state of security at TalkTalk. ]]> 2016-10-05T15:11:19+00:00 https://www.grahamcluley.com/talktalk-fined-record-400000-failing-prevent-hack/ www.secnews.physaphae.fr/article.php?IdArticle=167377 False None None None Graham Cluley - Blog Security Signal got hit by a US government subpoena, demanding the encrypted messaging app cough up any information they had on accounts associated with two phone numbers... And it turned into a victory for those who believe in online privacy. ]]> 2016-10-05T12:13:24+00:00 https://www.grahamcluley.com/little-signal-knows-privacy-loving-users/ www.secnews.physaphae.fr/article.php?IdArticle=166792 False None None None Graham Cluley - Blog Security Facebook has finally finished rolling out "Secret Conversations" to its billion-or-so users, making it the biggest end-to-end encrypted messaging network on the internet. But it hasn't turned it on by default. Read more in my article on the Bitdefender blog. ]]> 2016-10-05T12:09:59+00:00 https://www.hotforsecurity.com/blog/finally-everyone-can-encrypt-their-facebook-conversations-heres-how-16829.html www.secnews.physaphae.fr/article.php?IdArticle=166793 False None None None Graham Cluley - Blog Security Hundreds of millions of Yahoo Mail accounts had their emails scanned on behalf of US intelligence, reports Reuters. ]]> 2016-10-04T20:05:08+00:00 https://www.grahamcluley.com/time-close-yahoo-account/ www.secnews.physaphae.fr/article.php?IdArticle=163582 False None Yahoo None Graham Cluley - Blog Security You'll be surprised to hear that there is a disagreement in the world of Linux admins about how serious a systemd vulnerability really is. David Bisson reports. ]]> 2016-10-04T14:19:28+00:00 https://www.grahamcluley.com/48-characters-crash-linux-distros-finds-admin/ www.secnews.physaphae.fr/article.php?IdArticle=162253 False None None None Graham Cluley - Blog Security Trojanised apps continue to be uncovered in the official Google Play Android app store, including a Grand Theft Auto-themed mod for Minecraft. David Bisson reports. ]]> 2016-10-04T09:28:21+00:00 https://www.grahamcluley.com/400-android-apps-hiding-dresscode-malware-google-play-store/ www.secnews.physaphae.fr/article.php?IdArticle=161191 False None None None Graham Cluley - Blog Security It's just over two years since a critical Shellshock vulnerability was uncovered. But it has far from disappeared... Read more in my article on the Bitdefender Business Insights blog. ]]> 2016-10-03T14:05:09+00:00 http://businessinsights.bitdefender.com/shellshock-company-breach www.secnews.physaphae.fr/article.php?IdArticle=157750 False None None None Graham Cluley - Blog Security Find out what new steps you can take to better protect your privacy on iOS 10. Yasin Soliman reports. ]]> 2016-10-03T13:44:52+00:00 https://www.grahamcluley.com/ios-10-privacy-round/ www.secnews.physaphae.fr/article.php?IdArticle=157493 False None None None Graham Cluley - Blog Security Macros can be malicious, as David Bisson reports. Make sure you have disabled them by default in Microsoft Office. ]]> 2016-10-03T13:25:07+00:00 https://www.grahamcluley.com/disable-macros-microsoft-office/ www.secnews.physaphae.fr/article.php?IdArticle=157494 False None None None Graham Cluley - Blog Security Graham Cluley Security News is sponsored this week by the folks at VASCO. Thanks to the great team there for their support! VASCO, a global leader in authentication, electronic signatures, and identity management, is sharing its expertise in a free on-demand webinar entitled "Top 10 tips for a successful and secure mobile first strategy." Mobile banking has definitely shifted focus from transaction to customer interaction, enabling users to engage with their bank anytime, anywhere and more frequently. But how can you establish a successful and secure mobile first strategy, while keeping an eye on user convenience? Check out this FREE on-demand webinar now! Discover the necessary tips to establish a successful and secure mobile first strategy: Enable more services on mobile Make user experience fast, convenient and secure Score your user's device and context Combat malware and other attacks Adopt mobile as the key to all your banking channels and many more...

---

If you're interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here. ]]> 2016-10-03T09:14:26+00:00 https://www.grahamcluley.com/vasco-feed-sponsor-8/ www.secnews.physaphae.fr/article.php?IdArticle=156633 True Guideline None None Graham Cluley - Blog Security Hijacking millions of IoT devices for evil just became that little bit easier. ]]> 2016-10-03T08:52:29+00:00 https://www.grahamcluley.com/download-mirai-source-code-run-internet-things-botnet/ www.secnews.physaphae.fr/article.php?IdArticle=156535 False None None None Graham Cluley - Blog Security A security company has found evidence that suggests state-sponsored attackers may not have been responsible for the hack that saw 500 million Yahoo users' account details stolen. David Bisson reports. ]]> 2016-09-30T17:26:23+00:00 https://www.grahamcluley.com/security-firm-pours-cold-water-yahoos-claim-suffered-state-sponsored-hack/ www.secnews.physaphae.fr/article.php?IdArticle=148844 False None Yahoo None Graham Cluley - Blog Security Hosted desktop and cloud provider VESK pays hackers almost £20,000 after being hit by ransomware, even though it had backups. ]]> 2016-09-30T16:48:14+00:00 https://www.grahamcluley.com/virtual-desktop-cloud-service-pays-18600-ransomware-extortionists/ www.secnews.physaphae.fr/article.php?IdArticle=148605 False None None None Graham Cluley - Blog Security If you had a zero-day vulnerability for remotely hacking an iPhone who would you tell? The people who will give you $1.5 million dollars or the company that can protect every iOS user in the world? ]]> 2016-09-30T10:26:27+00:00 https://www.grahamcluley.com/earn-1-5-million-remotely-jailbreaking-ios-10/ www.secnews.physaphae.fr/article.php?IdArticle=147279 False None None None Graham Cluley - Blog Security When investigative journalists reporting on the shooting down of Malaysia Airlines flight MH17 in eastern Ukraine are targeted by hackers, it doesn't take long before conclusions are made as to who might be responsible. David Bisson reports. ]]> 2016-09-29T16:01:26+00:00 https://www.grahamcluley.com/russian-hackers-likely-targeted-journalists-investigating-flight-mh17/ www.secnews.physaphae.fr/article.php?IdArticle=144243 False None None None Graham Cluley - Blog Security Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! Make sure to download your free copy of the industry's first lab test measuring productivity gains from threat intelligence. Recorded Future provides deep, detailed insight into emerging threats by automatically collecting, analyzing, and organizing billions of data points from the Web. Operational defenders want threat intelligence to add tangible and quantifiable value to their organization's security. As a provider of real-time threat intelligence, Recorded Future strives to provide measurable benefits to its customers, who have reported back some impressive results. Inspired by this feedback, Recorded Future commissioned an independent lab test to measure the quantifiable value - in terms of productivity and security - that a SOC (security operations center) analyst gains from integrating Recorded Future with a SIEM (security information and event management) solution. The results showed that one SOC analyst, in a controlled environment, experienced a 10x gain in productivity after Recorded Future real-time threat intelligence was integrated with a SIEM. To review the full independent lab test, download the report.

---

If you're interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here. ]]> 2016-09-29T10:55:00+00:00 https://www.grahamcluley.com/lab-test-reveals-10x-productivity-gain-real-time-threat-intelligence-siems/ www.secnews.physaphae.fr/article.php?IdArticle=143229 False None None None Graham Cluley - Blog Security Yahoo insiders say that protecting against hackers took a back seat. ]]> 2016-09-29T00:24:27+00:00 https://www.grahamcluley.com/yahoo-reset-user-passwords-years-ago-chose/ www.secnews.physaphae.fr/article.php?IdArticle=141257 False None Yahoo None Graham Cluley - Blog Security An unknown hacker has downloaded 2.2 million plaintext passwords from a teen social site. To make matters worse, a further 3.3 million are up for grabs... David Bisson reports. ]]> 2016-09-28T15:52:39+00:00 https://www.grahamcluley.com/hacker-downloads-2-2-million-plaintext-passwords-teen-social-site/ www.secnews.physaphae.fr/article.php?IdArticle=139321 False None None None Graham Cluley - Blog Security No-one knows who TheDarkOverlord is. No-one even knows if he or she is one lone hacker, or a group of hackers. But one thing is certain, TheDarkOverlord must be giving some companies sleepless nights as they struggle to work out the best way to respond. Read more in my article on the Hot for Security blog. ]]> 2016-09-28T13:28:09+00:00 https://www.hotforsecurity.com/blog/thedarkoverlord-holds-investment-bank-to-ransom-or-else-hacked-files-will-be-released-16764.html www.secnews.physaphae.fr/article.php?IdArticle=138868 False None None None Graham Cluley - Blog Security Some are tall, some are short, some may even be Mexican. But Donald Trump takes prime-time TV to paint a stereotypical portrait of hackers. ]]> 2016-09-28T00:29:59+00:00 https://www.grahamcluley.com/donald-trump-says-hackers-sit-bedrooms-weighing-400lb/ www.secnews.physaphae.fr/article.php?IdArticle=136333 False None None None Graham Cluley - Blog Security The Sofacy hacking group (also known as APT28, Sednit, and Fancy Bear) has developed a new trojan called 'Komplex' to help it target OS X users. David Bisson reports. ]]> 2016-09-28T00:01:28+00:00 https://www.grahamcluley.com/aerospace-industry-warned-targeted-attacks-komplex-mac-trojan/ www.secnews.physaphae.fr/article.php?IdArticle=136202 False None APT 28 None Graham Cluley - Blog Security Janus Cybercrime Solutions are the outfit behind the notorious Petya and Mischa ransomware business. And, it seems, they're keen on building their brand. David Bisson reports. ]]> 2016-09-27T10:15:51+00:00 https://www.grahamcluley.com/ransomware-brand-marketing/ www.secnews.physaphae.fr/article.php?IdArticle=132958 False None None None Graham Cluley - Blog Security Could Yahoo could have done more to protect itself, and why didn't it notice it had suffered a data breach sooner? While those questions are being pondered, legal eagles will be earning a pretty penny working on this lawsuit... ]]> 2016-09-26T14:27:10+00:00 https://www.grahamcluley.com/yahoo-sued-massive-hack/ www.secnews.physaphae.fr/article.php?IdArticle=128304 False None Yahoo None Graham Cluley - Blog Security It turns out it's not as simple as just checking whether you have a Yahoo, BT Yahoo Mail or Sky email address... You could have a Yahoo account without even knowing it. ]]> 2016-09-26T13:53:43+00:00 https://www.grahamcluley.com/yahoo-email-address-hack/ www.secnews.physaphae.fr/article.php?IdArticle=128108 False None Yahoo None Graham Cluley - Blog Security The latest member of a notorious family of Android trojans downloads and launches malicious apps without the user's knowledge on infected devices. Its purpose? To display ads, intercepts IM chat messages and target online bankers. David Bisson reports. ]]> 2016-09-26T09:31:06+00:00 https://www.grahamcluley.com/2016/09/xiny-android-trojan-evolves-root-phones-infect-processes/ www.secnews.physaphae.fr/article.php?IdArticle=127195 False None None None Graham Cluley - Blog Security Password cracking a local iTunes backup is now 2,500 faster than with iOS 9, claims Russian firm. ]]> 2016-09-23T13:23:41+00:00 https://www.grahamcluley.com/2016/09/upgrading-ios-10-backups-lot-faster-crack/ www.secnews.physaphae.fr/article.php?IdArticle=116351 False None None None Graham Cluley - Blog Security A scan seemingly of Michelle Obama's passport is amongst the haul of leaked information. Read more in my article on the Hot for Security blog. ]]> 2016-09-23T13:00:46+00:00 https://www.hotforsecurity.com/blog/hackers-hit-white-house-staffers-gmail-account-raises-security-concerns-by-leaking-sensitive-emails-16732.html www.secnews.physaphae.fr/article.php?IdArticle=116111 False None None None Graham Cluley - Blog Security Do you have a Sky email account? There's potentially bad news - that service comes courtesy of Yahoo. ]]> 2016-09-23T10:43:06+00:00 https://www.grahamcluley.com/2016/09/sky-customers-told-change-passwords-massive-yahoo-hack/ www.secnews.physaphae.fr/article.php?IdArticle=115662 False None Yahoo None Graham Cluley - Blog Security With at least 500 million Yahoo users exposed by the 2014 hack, other services are also advising customers to reset their passwords. ]]> 2016-09-23T10:30:56+00:00 https://www.grahamcluley.com/2016/09/investigates-yahoo-hack-tells-yahoo-mail-users-reset-passwords/ www.secnews.physaphae.fr/article.php?IdArticle=115663 False None Yahoo None Graham Cluley - Blog Security writes: We have confirmed that a copy of certain user account information was stolen from the company's network in late 2014 by what it believes is a state-sponsored actor. The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers. The ongoing investigation suggests that stolen information did not include unprotected passwords, payment card data, or bank account information; payment card data and bank account information are not stored in the system that the investigation has found to be affected. Based on the ongoing investigation, Yahoo believes that information associated with at least 500 million user accounts was stolen and the investigation has found no evidence that the state-sponsored actor is currently in Yahoo's network. My advice? Reset your Yahoo password. Make it a strong, complex password - and make sure that you are not using the same password anywhere else on the net. If you were using the same password in multiple places, you need to get out of that habit right now. Reusing passwords is a disaster waiting to happen, and could allow hackers to crack open other accounts using the same credentials. Invest in a decent password manager program to generate random, hard-to-crack passwords, store them securely and remember them for you. If you haven't already done so, enable two-step verification on your Yahoo account. Watch out for phishing emails that pretend to come from Yahoo. More as this news develops. ]]> 2016-09-22T19:01:25+00:00 https://www.grahamcluley.com/2016/09/yahoo-confirms-500-million-accounts-hacked-2014-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=111845 False None Yahoo None Graham Cluley - Blog Security Cybercriminals are spreading malware via torrent distribution networks, using an automated tool to disguise the downloads as trending audio, video and other digital content... David Bisson reports. ]]> 2016-09-22T15:12:27+00:00 https://www.grahamcluley.com/2016/09/hackers-automatically-seeding-trackers-malware-disguised-popular-downloads/ www.secnews.physaphae.fr/article.php?IdArticle=110902 False None None None Graham Cluley - Blog Security As Yahoo poises to sell up to Verizon, it may have some bad news to share. Recode reports that "several hundred million" account credentials may have been impacted by a data breach. ]]> 2016-09-22T08:24:29+00:00 https://www.grahamcluley.com/2016/09/yahoo-expected-confirm-massive-data-breach-says-recode/ www.secnews.physaphae.fr/article.php?IdArticle=109273 False None Yahoo None