This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-05T09:46:41+00:00 www.secnews.physaphae.fr Graham Cluley - Blog Security TV fraudsters are using the disguise of emails from the TV Licensing authority to steal large sums of money from the bank accounts of unwary Brits. ]]> 2019-01-14T17:08:01+00:00 https://www.grahamcluley.com/british-tv-viewers-targeted-by-email-fraudsters/ www.secnews.physaphae.fr/article.php?IdArticle=992020 False None None None Graham Cluley - Blog Security A 34-year old man has been jailed after being found guilty of launching a massive denial-of-service attack against Boston Children's Hospital. Read more in my article on the Hot for Security blog. ]]> 2019-01-14T10:07:00+00:00 https://hotforsecurity.bitdefender.com/blog/the-ddos-attacker-rescued-by-a-disney-cruise-ship-is-sentenced-to-over-10-years-in-prison-20730.html#new_tab www.secnews.physaphae.fr/article.php?IdArticle=991289 False None None None Graham Cluley - Blog Security A large number of Reddit users are being told that they will have to reset their passwords in order to regain access to their accounts following what the site is calling a “security concern.” The lockout has occurred as Reddit's security team investigates what appears to have been an attempt to log into many users' accounts through a credential-stuffing attack. Read more in my article on the Tripwire State of Security blog. ]]> 2019-01-10T14:27:01+00:00 https://www.tripwire.com/state-of-security/featured/reddit-users-locked-accounts-security-concern/#new_tab www.secnews.physaphae.fr/article.php?IdArticle=984873 False None None None Graham Cluley - Blog Security Twitter and the not-so-ethical hacking of celebrity accounts, study discovers how you can pay someone to quit Facebook for a year, and the millions of dollars you can make from uncovering software vulnerabilities. All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis. ]]> 2019-01-10T12:35:02+00:00 https://www.grahamcluley.com/smashing-security-110-what-you-can-get-paid-to-leave-facebook/ www.secnews.physaphae.fr/article.php?IdArticle=984682 False None None 3.0000000000000000 Graham Cluley - Blog Security Modlishka may help raise awareness of the danger of reverse proxy phishing attacks, but it's easy to imagine that many criminals will be tempted to put it to malicious use. ]]> 2019-01-09T12:43:04+00:00 https://www.grahamcluley.com/automated-phishing-attack-tool-bypasses-2fa-protection/ www.secnews.physaphae.fr/article.php?IdArticle=982530 False Tool None None Graham Cluley - Blog Security Research claims Facebook users are prepared to give up the social network for a year… if paid over $1000. ]]> 2019-01-09T11:27:02+00:00 https://www.grahamcluley.com/being-paid-to-quit-facebook/ www.secnews.physaphae.fr/article.php?IdArticle=982437 False None None None Graham Cluley - Blog Security Will anyone come up with a zero-day remote exploitation of iOS 12.x without user interaction? The sad truth is that we may never know for sure… but intelligence agencies might. ]]> 2019-01-07T16:24:01+00:00 https://www.grahamcluley.com/earn-2000000-by-remotely-jailbreaking-an-iphone/ www.secnews.physaphae.fr/article.php?IdArticle=979223 False None None None Graham Cluley - Blog Security Just before Christmas, hackers managed to break into a database belonging to a popular online game and steal the details of over seven million players. Read more in my article on the Hot for Security blog. ]]> 2019-01-04T16:04:02+00:00 https://hotforsecurity.bitdefender.com/blog/town-of-salem-hack-exposes-details-of-7-6-million-gamers-20692.html#new_tab www.secnews.physaphae.fr/article.php?IdArticle=976218 False Hack None None Graham Cluley - Blog Security The private communications, emails, contact details, mobile phone numbers, memos, and financial information of hundreds of politicians have been published online. ]]> 2019-01-04T11:43:03+00:00 https://www.grahamcluley.com/german-politicians-suffer-massive-hack-of-personal-details-and-private-communications/ www.secnews.physaphae.fr/article.php?IdArticle=975790 False Hack None None Graham Cluley - Blog Security TheHackerGiraffe, the hacker who breached innocent users' unsecured printers, Google Chromecast streaming devices, and smart TVs to promote the PewDiePie YouTube channel, has announced his retirement. ]]> 2019-01-03T15:39:00+00:00 https://www.grahamcluley.com/thehackergiraffe-says-hes-retired-from-hacking-smart-tvs-to-promote-pewdiepie/ www.secnews.physaphae.fr/article.php?IdArticle=974857 False None None None Graham Cluley - Blog Security The website of Luas, the tram system operating in Ireland's capital city of Dublin, has been taken offline this morning after hackers defaced the site and demanded a ransom be paid within five days. Read more in my article on the Tripwire State of Security blog. ]]> 2019-01-03T13:06:01+00:00 https://www.tripwire.com/state-of-security/security-data-protection/hackers-demand-ransom-luas-website-defaced/#new_tab www.secnews.physaphae.fr/article.php?IdArticle=974654 False None None None Graham Cluley - Blog Security Just before Christmas I was fortunate enough to be invited onto the “Random but Memorable” podcast, hosted by Matt Davey and Michael Fey of 1Password. Take a listen. ]]> 2019-01-02T10:17:04+00:00 https://www.grahamcluley.com/appearing-on-the-random-but-memorable-podcast/ www.secnews.physaphae.fr/article.php?IdArticle=973367 False None None None Graham Cluley - Blog Security Here's something a bit different (and utterly unrelated to computer security). ]]> 2018-12-30T21:13:01+00:00 https://www.grahamcluley.com/graham-cluleys-desert-planet-picks/ www.secnews.physaphae.fr/article.php?IdArticle=970972 False None None None Graham Cluley - Blog Security The “white hat” hacker, who claimed to be part of a group calling itself the “Anonymous Calgary Mindhive”, said it hadn't been hard for him to hijack control of Gregg's Nest security camera. Read more in my article on the Bitdefender Box blog. ]]> 2018-12-20T11:50:00+00:00 https://hotforsecurity.bitdefender.com/blog/spooked-by-a-speaking-security-camera-polite-hacker-tells-owner-how-to-fix-his-iot-security-20673.html#new_tab www.secnews.physaphae.fr/article.php?IdArticle=956416 False None None None Graham Cluley - Blog Security Join us for our special Christmas episode as we tell tales of printer hacking, website defacement, Grinches, and how Google is snooping on your private YouTube videos. All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The CyberWire's Dave Bittner. ]]> 2018-12-20T00:00:01+00:00 https://www.grahamcluley.com/smashing-security-109-grinches-target-amazon-and-reddit-stealing-christmas-from-the-poor/ www.secnews.physaphae.fr/article.php?IdArticle=955275 False None None None Graham Cluley - Blog Security At the end of last week Facebook revealed that an API bug had given developers of third-party apps access to the photos of millions of users. But Facebook didn't find out about the problem last week. It found out about it in September. ]]> 2018-12-19T13:47:00+00:00 https://www.grahamcluley.com/facebook-waited-months-before-admitting-privacy-bug-exposed-millions-of-users-unposted-photos/ www.secnews.physaphae.fr/article.php?IdArticle=954305 False None None None Graham Cluley - Blog Security Authorities in the United States, Canada, Australia, and New Zealand are said to be investigating a wave of bogus bomb threats that have been sent to a variety of organisations late on Thursday. But if the hoaxer thought they were going to make a lot of money through the scam, they're going to be disappointed. ]]> 2018-12-14T17:50:00+00:00 https://www.grahamcluley.com/international-email-bomb-hoax-proves-to-be-a-spectacular-failure/ www.secnews.physaphae.fr/article.php?IdArticle=946540 False None None None Graham Cluley - Blog Security Week after week, month after month, 2018 saw organisations and companies struck by massive and damaging data breaches, putting the personal details of innocent members of the public at risk. Read more in my article on the Bitdefender Business Insights blog. ]]> 2018-12-14T10:59:04+00:00 https://businessinsights.bitdefender.com/2018-data-breaches-review#new_tab www.secnews.physaphae.fr/article.php?IdArticle=945824 False None None None Graham Cluley - Blog Security The curious case of George Duke-Cohan, Huawei's CFO finds herself in hot water, and the crazy world of mobile phone mental health apps. All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guests Mikko Hyppönen from F-Secure and technology journalist Geoff White. ]]> 2018-12-13T09:52:02+00:00 https://www.grahamcluley.com/smashing-security-108-hoaxes-huawei-and-chatbots-with-mikko-hypponen/ www.secnews.physaphae.fr/article.php?IdArticle=943785 False None None None Graham Cluley - Blog Security An independent audit has found no evidence that malicious chips were planted on Supermicro's motherboards, debunking Bloomberg claims that servers at Amazon and Apple were being spied upon by China. ]]> 2018-12-12T21:49:02+00:00 https://www.grahamcluley.com/supermicro-says-independent-investigation-found-no-spy-chips-on-its-motherboards/ www.secnews.physaphae.fr/article.php?IdArticle=943173 False None None None Graham Cluley - Blog Security Scammers want you to send $2000 to help Huawei's CFO bribe her way out of jail. ]]> 2018-12-12T14:48:05+00:00 https://www.grahamcluley.com/huawei-meng-wanzhou-scam/ www.secnews.physaphae.fr/article.php?IdArticle=943007 False None None None Graham Cluley - Blog Security Google has admitted that Google Plus suffered another security failure last month, allowing the personal information of 52 million users to be accessed by third-party apps and developers without permission. ]]> 2018-12-11T02:30:04+00:00 https://www.grahamcluley.com/google-admits-google-plus-hit-by-another-privacy-flaw-speeds-up-sites-closure/ www.secnews.physaphae.fr/article.php?IdArticle=943008 False None None None Graham Cluley - Blog Security It's a bad day when your computers get hit by ransomware. But it only gets worse when you realise that you not only don't have backups, but also have no way of contacting the criminals who encrypted your data. ]]> 2018-12-11T01:20:04+00:00 https://www.grahamcluley.com/globeimposter-ransomware-victims-find-themselves-abandoned-by-their-extortionists/ www.secnews.physaphae.fr/article.php?IdArticle=943009 False Ransomware None None Graham Cluley - Blog Security British teenager George Duke-Cohan has been jailed for three years for making hoax bomb threats that closed hundreds of schools up and down the UK. ]]> 2018-12-07T15:35:04+00:00 https://www.grahamcluley.com/jail-teenager-bomb-threats/ www.secnews.physaphae.fr/article.php?IdArticle=939697 False None None None Graham Cluley - Blog Security Computer users are being reminded once again to take care over the browser extensions they install after security experts discovered a hacking campaign that has been targeting academic institutions since at least May 2018. Read more in my article on the Tripwire State of Security blog. ]]> 2018-12-06T13:04:01+00:00 https://www.tripwire.com/state-of-security/security-data-protection/malicious-chrome-extension-which-sloppily-spied-on-academics-believed-to-originate-from-north-korea/#new_tab www.secnews.physaphae.fr/article.php?IdArticle=937397 False None None None Graham Cluley - Blog Security Fitness apps exploit TouchID through a sneaky user interface trick, tech giants claim to have a plan to banish passwords, and you won't believe who was behind a sextortion scam that targeted over 400 members of the US military. All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by ferret-loving ethical hacker Zoë Rose. ]]> 2018-12-06T01:16:01+00:00 https://www.grahamcluley.com/smashing-security-107-sextorting-the-us-army-and-a-touch-id-scam/ www.secnews.physaphae.fr/article.php?IdArticle=936578 False None None None Graham Cluley - Blog Security Guest contributor Bob Covello isn't happy about a password reset email that Citrix has been sending its customers. If you're a company contacting your customers via email, please make sure it doesn't look phishy. ]]> 2018-12-05T14:48:01+00:00 https://www.grahamcluley.com/citrix-sharefile-not-phishing-email/ www.secnews.physaphae.fr/article.php?IdArticle=935594 False None None None Graham Cluley - Blog Security Approximately 100 million Quora users may have had their information accessed by hackers. ]]> 2018-12-04T12:58:04+00:00 https://www.grahamcluley.com/quora-hacked/ www.secnews.physaphae.fr/article.php?IdArticle=933745 False Hack None None Graham Cluley - Blog Security Two iOS fitness apps have been found exploiting a sneaky user interface trick to fool users into making unwanted in-app purchases with Touch ID. ]]> 2018-12-03T19:53:02+00:00 https://www.grahamcluley.com/fitness-tracking-apps-caught-misusing-touch-id-to-steal-money-from-iphone-users/ www.secnews.physaphae.fr/article.php?IdArticle=932803 False None None None Graham Cluley - Blog Security Graham Cluley Security News is sponsored this week by the folks at OneSpan. Thanks to the great team there for their support! More than 10,000 customers in 100 countries rely on OneSpan to secure access, manage identities, verify transactions, simplify document signing and protect high value assets and systems. OneSpan is now giving you the chance to download its Financial Agreement Automation RFP Guide for Account Opening, Digital Lending and Leasing Automation. Trillions of dollars in financial transactions are processed each year. These include credit agreements, loans, new account openings, mortgages, pensions and annuities. Today's customer is looking for speed, ease and convenience. To meet these demands, financial institutions must offer fully digital experiences. This guide is for financial institutions evaluating technology for agreement automation. Agreement automation refers to the digitization of the customer agreement process for financial transactions – including application data validation, digital identity verification, agreement signing and storage, and audit trail capture. This guide will assist you in: Determining your agreement automation requirement Deciding which stakeholders to involve in the RFP process Developing RFP questions (14 pages of sample RFP questions provided) Evaluating options for implementation Download your copy of OneSpan's guide now.

---

If you're interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here. ]]> 2018-12-03T19:05:02+00:00 https://www.grahamcluley.com/feed-sponsor-onespan-7/ www.secnews.physaphae.fr/article.php?IdArticle=932804 False None None None Graham Cluley - Blog Security There's bad news if you're one of the 500 million hotel guests whose data was included on the Starwood guest reservation database. ]]> 2018-11-30T12:35:03+00:00 https://www.grahamcluley.com/marriott-hack-starwood/ www.secnews.physaphae.fr/article.php?IdArticle=927665 False None None None Graham Cluley - Blog Security Authorities in the United States have charged two people in connection with a series of notorious ransomware attacks. Read more in my article on the Tripwire State of Security blog. ]]> 2018-11-29T14:27:01+00:00 https://www.tripwire.com/state-of-security/featured/iranian-hackers-samsam-ransomware/#new_tab www.secnews.physaphae.fr/article.php?IdArticle=926244 True Ransomware None None Graham Cluley - Blog Security Dell has revealed that earlier this month it discovered that hackers had breached its security and were attempting to access customer details - including names, email addresses, and hashed passwords. ]]> 2018-11-29T14:23:00+00:00 https://www.grahamcluley.com/dell-suffers-security-breach-resets-customer-passwords/ www.secnews.physaphae.fr/article.php?IdArticle=926245 False None None None Graham Cluley - Blog Security How are scammers stealing your money through Google Maps? Why did the FBI create a fake FedEx website? And how are US senators hoping to stop Grinch bots ruining Christmas? All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis. And don't miss our special bonus interview about passwords with Rachael Stockton of LastPass. ]]> 2018-11-29T12:04:05+00:00 https://www.grahamcluley.com/smashing-security-106-google-maps-fed-phishing-and-grinch-bots/ www.secnews.physaphae.fr/article.php?IdArticle=926026 False None LastPass,FedEx None Graham Cluley - Blog Security The German government has published draft guidelines on how it believes broadband routers should be secured. But some people think more could be done. Read more in my article on the Bitdefender Box blog. ]]> 2018-11-28T16:53:01+00:00 https://www.bitdefender.com/box/blog/iot-news/germany-proposes-security-guidelines-routers-not-everybody-happy/#new_tab www.secnews.physaphae.fr/article.php?IdArticle=924317 False None None None Graham Cluley - Blog Security A school district in Indiana which had $120,000 transferred from its bank account after its email account was hacked, has failed in an attempt to reclaim the cash. Read more in my article on the Hot for Security blog. ]]> 2018-11-28T16:49:05+00:00 https://hotforsecurity.bitdefender.com/blog/school-district-fails-to-reclaim-120000-wired-by-bank-to-scammer-20610.html#new_tab www.secnews.physaphae.fr/article.php?IdArticle=924318 False None None None Graham Cluley - Blog Security New information has come to light which makes it more difficult to defend York city council's actions and communications in response to being told about a vulnerability in its One Planet York app. ]]> 2018-11-27T14:01:02+00:00 https://www.grahamcluley.com/more-details-on-one-planet-york-app-vulnerability-doesnt-paint-council-in-a-good-light/ www.secnews.physaphae.fr/article.php?IdArticle=922238 False Vulnerability None None Graham Cluley - Blog Security Fraudsters beware! The Feds are prepared to use your own tricks against you. ]]> 2018-11-27T12:33:04+00:00 https://www.grahamcluley.com/when-the-fbi-rather-than-the-fraudsters-make-the-fake-fedex-website/ www.secnews.physaphae.fr/article.php?IdArticle=922115 False None FedEx None Graham Cluley - Blog Security Some in the computer security community feel that the council over-reacted by reporting the incident to the police. I'm not so sure. ]]> 2018-11-26T23:41:00+00:00 https://www.grahamcluley.com/one-city-york-vulnerability/ www.secnews.physaphae.fr/article.php?IdArticle=921389 False Vulnerability None None Graham Cluley - Blog Security Prosecutors believe 21-year-old Manhattan resident Nicholas Truglia targeted the cellphones of Silicon Valley executives in “SIM-swapping” attacks. Read more in my article on the Tripwire State of Security blog. ]]> 2018-11-22T13:58:05+00:00 https://www.tripwire.com/state-of-security/featured/sim-swap-man-charged-cryptocurrency-theft/#new_tab www.secnews.physaphae.fr/article.php?IdArticle=912191 False None None None Graham Cluley - Blog Security Tesla takes customer service a step too far, is it a romantic gesture or stalking when you email 246 women called Nicole, and Carole finds herself in a Facebook dilemma. All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Jessica Barker. ]]> 2018-11-22T00:22:05+00:00 https://www.grahamcluley.com/smashing-security-105-facebook-nietzsche-tesla-and-nicole/ www.secnews.physaphae.fr/article.php?IdArticle=911317 False None Tesla None Graham Cluley - Blog Security What aren't you telling us Amazon, and why? ]]> 2018-11-21T15:29:02+00:00 https://www.grahamcluley.com/amazon-warns-customers-it-leaked-their-names-and-email-addresses/ www.secnews.physaphae.fr/article.php?IdArticle=910399 False None None None Graham Cluley - Blog Security An online fantasy role-playing game where participants can dress up as buxom furry animals has had its user database leaked onto the internet. ]]> 2018-11-21T14:52:01+00:00 https://www.grahamcluley.com/high-tail-hall-data-breach-exposes-over-400000-furry-fans/ www.secnews.physaphae.fr/article.php?IdArticle=910276 False Data Breach None None Graham Cluley - Blog Security A recently discovered vulnerability in a popular WordPress plugin is being actively exploited in attacks by hackers attempting to install backdoors on websites, inject custom code, and grant themselves admin rights. Read more in my article on the Hot for Security blog. ]]> 2018-11-21T13:53:01+00:00 https://hotforsecurity.bitdefender.com/blog/hackers-target-critical-wordpress-plugin-flaw-to-install-backdoors-and-create-admin-accounts-20597.html#new_tab www.secnews.physaphae.fr/article.php?IdArticle=910189 False Vulnerability None None Graham Cluley - Blog Security Judge describes men connected to TalkTalk hack as “individuals of extraordinary talent.” Sigh… Read more in my article on the Hot for Security blog. ]]> 2018-11-20T13:13:04+00:00 https://hotforsecurity.bitdefender.com/blog/two-friends-jailed-for-talktalk-hack-plot-20594.html#new_tab www.secnews.physaphae.fr/article.php?IdArticle=908485 False Hack None None Graham Cluley - Blog Security Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! At Recorded Future, we believe every security team can benefit from threat intelligence. That's why we've published “The Threat Intelligence Handbook.” It's aimed at helping security professionals realize the advantages of threat intelligence by offering practical steps for applying threat intelligence in any organization. Download your free copy now. About Recorded Future Recorded Future delivers the only complete threat intelligence solution powered by patented machine learning to lower risk. We empower organizations to reveal unknown threats before they impact business, and enable teams to respond to alerts 10 times faster. To supercharge the efforts of security teams, our technology automatically collects and analyzes intelligence from technical, open web, and dark web sources and aggregates customer-proprietary data. Recorded Future delivers more context than threat feeds, updates in real time so intelligence stays relevant, and centralizes information ready for human analysis, collaboration, and integration with security technologies. 91 percent of the Fortune 100 use Recorded Future.

---

If you're interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here. ]]> 2018-11-19T21:31:00+00:00 https://www.grahamcluley.com/feed-sponsor-recorded-future/ www.secnews.physaphae.fr/article.php?IdArticle=907485 True Threat None None Graham Cluley - Blog Security Users of Microsoft Azure and Office 365 are struggling to access their accounts today, due to a multi-factor authentication malfunction. ]]> 2018-11-19T19:22:05+00:00 https://www.grahamcluley.com/multi-factor-failure-locks-out-microsoft-office-365-and-azure-users/ www.secnews.physaphae.fr/article.php?IdArticle=907279 False None None None Graham Cluley - Blog Security Criminals planted credit-card skimming code on Vision Direct online store. ]]> 2018-11-19T17:12:02+00:00 https://www.grahamcluley.com/vision-direct-hack-reveals-customer-credit-card-details/ www.secnews.physaphae.fr/article.php?IdArticle=907048 False Hack None None Graham Cluley - Blog Security Are targeted companies missing a trick? Could they not use their tech skills to penetrate their attacker's own computer systems, and launch a counter-attack which might knock out their adversaries' infrastructure? Read more in my article on the Bitdefender Business Insights blog. ]]> 2018-11-15T23:17:00+00:00 https://businessinsights.bitdefender.com/under-attack-should-your-company-ever-hack-back#new_tab www.secnews.physaphae.fr/article.php?IdArticle=901518 False None None None Graham Cluley - Blog Security MageCart, the notorious malware that has been haunting online stores by stealing payment card details from online shoppers at checkout, is reinfecting the same websites time and time again. Read more in my article on the Tripwire State of Security blog. ]]> 2018-11-15T15:12:01+00:00 https://www.tripwire.com/state-of-security/featured/20-magecart-compromised-merchants-reinfected/#new_tab www.secnews.physaphae.fr/article.php?IdArticle=898437 False Malware None None Graham Cluley - Blog Security Does your employer want to turn you into a cyborg? Was this phishing test devised by an evil genius? And how did a cinema chain get scammed out of millions, time and time again…? All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Scott Helme. ]]> 2018-11-15T00:12:03+00:00 https://www.grahamcluley.com/smashing-security-104-evil-phishing-cyborg-workplace/ www.secnews.physaphae.fr/article.php?IdArticle=897383 False None None None Graham Cluley - Blog Security Has someone been trying to hack into a large number of Apple ID accounts? Read more in my article on the Hot for Security blog. ]]> 2018-11-14T14:44:00+00:00 https://hotforsecurity.bitdefender.com/blog/apple-says-nothing-as-apple-id-accounts-mysteriously-locked-down-20568.html#new_tab www.secnews.physaphae.fr/article.php?IdArticle=896457 False Hack None None Graham Cluley - Blog Security The latest high profile account to be abused by scammers to promote a cryptocurrency giveaway? US retail giant Target. ]]> 2018-11-13T14:35:05+00:00 https://www.grahamcluley.com/target-twitter-cryptocurrency-scam/ www.secnews.physaphae.fr/article.php?IdArticle=894861 False None None None Graham Cluley - Blog Security Graham Cluley Security News is sponsored this week by the folks at OneSpan. Thanks to the great team there for their support! More than 10,000 customers in 100 countries rely on OneSpan to secure access, manage identities, verify transactions, simplify document signing and protect high value assets and systems. Often, the first hurdle in customer engagement is the login password. Not only is creating and managing passwords a major annoyance, the login password is also notoriously vulnerable to data breaches. FIDO authentication solves this problem by replacing the traditional password with strong authentication options ranging from biometrics to software and hardware tokens. In essence, FIDO authentication offers an interoperable and standardized ecosystem of authenticators for use with mobile and online applications. It enables organizations to deploy strong authentication for login and transaction validation, without the incremental cost of in-house development. Recently, the FIDO Alliance (Fast Identity Online) announced the availability of its FIDO2 protocol. Read more on the OneSpan blog and discover: What FIDO2 is How it impacts the traditional login and password Why financial institutions (FIs) should pay attention To learn more, make sure to check out the full article on the OneSpan blog.

---

If you're interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here. ]]> 2018-11-13T11:46:03+00:00 https://www.grahamcluley.com/feed-sponsor-onespan-6/ www.secnews.physaphae.fr/article.php?IdArticle=894489 False None None None Graham Cluley - Blog Security A man has been jailed for six and a half years after sending a letter bomb to Bitcoin exchange Cryptopay. Why would anyone do such a horrendous thing? Police believe it was because he couldn't remember his password. ]]> 2018-11-12T16:14:05+00:00 https://www.grahamcluley.com/password-letter-bomb-bitcoin-exchange/ www.secnews.physaphae.fr/article.php?IdArticle=893225 False None None None Graham Cluley - Blog Security A Chinese headmaster has lost his job after it was discovered he was stealing the school's electricity to power a secret cryptocurrency-mining rig. Read more in my article on the Hot for Security blog. ]]> 2018-11-09T14:37:01+00:00 https://www.grahamcluley.com/chinese-headmaster-fired-after-setting-up-his-own-secret-cryptomining-rig-at-school/ www.secnews.physaphae.fr/article.php?IdArticle=888604 False None None None Graham Cluley - Blog Security Travel blogger Delaine Maria D'Costa had her account wiped after she failed to pay an extortionist $200. That was bad enough, but then she had to try to convince Instagram to let her have it back again. ]]> 2018-11-08T17:08:00+00:00 https://www.grahamcluley.com/when-your-instagram-account-has-been-hacked-how-do-you-get-it-back/ www.secnews.physaphae.fr/article.php?IdArticle=887070 False None None None Graham Cluley - Blog Security Security researchers are warning that a botnet has been exploiting a five-year-old vulnerability to hijack home routers over the last couple of months. Read more in my article on the Tripwire State of Security blog. ]]> 2018-11-08T14:09:04+00:00 https://www.tripwire.com/state-of-security/off-topic/iot-botnet-infects-100000-routers/#new_tab www.secnews.physaphae.fr/article.php?IdArticle=886724 False Vulnerability None None Graham Cluley - Blog Security One travel blogger finds you don't have to be Kylie Jenner to be targeted by an Instagram hacker. When 40 iPhones at a hospital mysteriously die, what could be the explanation? And, surprise surprise, political parties in the USA are throwing around hacking accusations. All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Naked Security's Mark Stockley. ]]> 2018-11-08T12:20:02+00:00 https://www.grahamcluley.com/smashing-security-103-an-instagram-nightmare-crazy-iphone-deaths-and-election-hack-claims/ www.secnews.physaphae.fr/article.php?IdArticle=886511 False Hack None None Graham Cluley - Blog Security Security researchers at ESET discovered that hackers managed to compromise StatCounter and change the analytics script used by hundreds of thousands of websites. ]]> 2018-11-07T14:20:00+00:00 https://www.grahamcluley.com/statcounter-web-analytics-script-poisoned-to-steal-bitcoins/ www.secnews.physaphae.fr/article.php?IdArticle=884901 False None None None Graham Cluley - Blog Security Dutch police have revealed that they were able to spy on the communications of more than 100 suspected criminals, watching live as over a quarter of a million chat messages were exchanged. Read more in my article on the Hot for Security blog. ]]> 2018-11-07T11:24:02+00:00 https://hotforsecurity.bitdefender.com/blog/police-crack-encrypted-chat-service-ironchat-and-read-258000-messages-from-suspected-criminals-20530.html#new_tab www.secnews.physaphae.fr/article.php?IdArticle=884902 False None None None Graham Cluley - Blog Security Just hours before the US mid-term elections opened, Facebook responded to a tip from law enforcement agencies and shut down 115 accounts that were behaving suspiciously, and potentially linked to a foreign entity. ]]> 2018-11-06T11:26:02+00:00 https://www.grahamcluley.com/facebook-blocks-accounts-election/ www.secnews.physaphae.fr/article.php?IdArticle=882527 False None None None Graham Cluley - Blog Security The cryptocurrency giveaway scammers are up to their tricks again on Twitter, and it seems that Twitter simply can't keep up with them. My advice to Twitter? Make Login Verification compulsory for verified accounts. ]]> 2018-11-05T17:37:05+00:00 https://www.grahamcluley.com/another-wave-of-elon-musk-bitcoin-scams-spread-by-verified-twitter-accounts/ www.secnews.physaphae.fr/article.php?IdArticle=881244 False None None None Graham Cluley - Blog Security If you've stayed in one of the over 1400 hotels in 70 countries that make up the Radisson Hotel Group, you could be in for a rude awakening. ]]> 2018-11-01T16:43:03+00:00 https://www.grahamcluley.com/radisson-hotel-group-reveals-hack-of-rewards-site/ www.secnews.physaphae.fr/article.php?IdArticle=874862 False None None None Graham Cluley - Blog Security If you're one of the millions of people who travels under the English Channel each year, then there's a good chance you may have to change your password for the Eurostar website. ]]> 2018-11-01T15:39:05+00:00 https://www.grahamcluley.com/eurostar-resets-customers-passwords-after-accounts-breached/ www.secnews.physaphae.fr/article.php?IdArticle=874728 False None None None Graham Cluley - Blog Security Who deserves to die in a driverless car crash? Who has been sniffing around the Girl Scouts' email account? And just how long would it take for a geologist to visit 9,000 adult web pages? All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by journalist and “Friends” fan Dan Raywood. ]]> 2018-11-01T14:54:02+00:00 https://www.grahamcluley.com/smashing-security-102-ethical-dilemmas-girl-scouts-and-porn-loving-us-officials/ www.secnews.physaphae.fr/article.php?IdArticle=874579 False None None None Graham Cluley - Blog Security The latest iOS passcode bypass bug appears to have been introduced by Apple's new Group Facetime feature. Read more in my article on the Hot for Security blog. ]]> 2018-10-31T12:06:01+00:00 https://hotforsecurity.bitdefender.com/blog/yes-you-should-update-your-iphone-to-ios-12-1-but-its-lock-screen-is-still-unsafe-20506.html#new_tab www.secnews.physaphae.fr/article.php?IdArticle=872514 False None None None Graham Cluley - Blog Security Fresh from launching a £500 million group action against British Airways after a serious security breach, a UK law firm has wasted no time responding to the announcement last week of a hack at Cathay Pacific which saw the personal data of 9.4 million Cathay Pacific passengers breached. ]]> 2018-10-30T14:00:01+00:00 https://www.grahamcluley.com/post-breach-cathay-pacific-hit-by-group-action-by-uk-law-firm/ www.secnews.physaphae.fr/article.php?IdArticle=870576 False Hack None None Graham Cluley - Blog Security Security researchers say that they have uncovered a new way to serve up malware to computer users, by exploiting the way in which videos are embedded inside Microsoft Office documents. And Microsoft has no plans to fix it. ]]> 2018-10-29T21:52:02+00:00 https://www.grahamcluley.com/videos-office-documents-malware/ www.secnews.physaphae.fr/article.php?IdArticle=869564 False Malware None None Graham Cluley - Blog Security Graham Cluley Security News is sponsored this week by the folks at OneSpan. Thanks to the great team there for their support! More than 10,000 customers in 100 countries rely on OneSpan to secure access, manage identities, verify transactions, simplify document signing and protect high value assets and systems. Did you know that under the Regulatory Technical Standards for PSD2 (also known as the Revised Payment Services Directive), transaction monitoring is now a requirement for all Payment Service Providers? Download this new white paper from OneSpan, and discover recommendations to establish a compliant fraud prevention and risk analysis strategy. Topics covered include: The specific requirements regarding mandatory transaction monitoring Possible exemptions from Strong Customer Authentication requirements Recommendations for a PSD2-compliant transaction monitoring solution Download OneSpan's free white paper now to learn more.

---

If you're interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here. ]]> 2018-10-29T20:01:00+00:00 https://www.grahamcluley.com/feed-sponsor-onespan-5/ www.secnews.physaphae.fr/article.php?IdArticle=869401 False None None None Graham Cluley - Blog Security It's 2018, and you can still end up with your computer compromised by searching for Google Chrome in Microsoft Bing. Read more in my article on the Hot for Security blog. ]]> 2018-10-29T16:07:04+00:00 https://hotforsecurity.bitdefender.com/blog/search-for-chrome-on-bing-and-you-might-get-a-nasty-surprise-20501.html#new_tab www.secnews.physaphae.fr/article.php?IdArticle=869190 False None None None Graham Cluley - Blog Security A deeper investigation has revealed that hackers were stealing information for much longer than initially thought, and an additional 185,000 British Airways customer payment cards were compromised. ]]> 2018-10-26T16:37:01+00:00 https://www.grahamcluley.com/british-airways-hack-is-worse-than-originally-thought/ www.secnews.physaphae.fr/article.php?IdArticle=864550 False Hack None None Graham Cluley - Blog Security Police in Australia have arrested a 23-year-old woman in Melbourne, Australia, in connection with an email hack that resulted in a huge amount of virtual currency being stolen. Read more in my article on the Hot for Security blog. ]]> 2018-10-26T13:55:01+00:00 https://hotforsecurity.bitdefender.com/blog/23-year-old-woman-charged-with-stealing-320000-worth-of-cryptocurrency-20494.html#new_tab www.secnews.physaphae.fr/article.php?IdArticle=864305 False Hack None None Graham Cluley - Blog Security Most people in the world would describe it as a company “admitting they've been hacked.” But if you're the breached company and want to apply the maximum amount of PR spin, you might instead issue a release saying you're “announcing a data security event affecting customer data.” Read more in my article on the Tripwire State of Security blog. ]]> 2018-10-25T10:20:00+00:00 https://www.tripwire.com/state-of-security/featured/hackers-steal-data-cathay-pacific/#new_tab www.secnews.physaphae.fr/article.php?IdArticle=862141 False None None None Graham Cluley - Blog Security A Facebook friend request leads to arrest, Twitter scams ride again via promoted ads, and adult websites expose their members. Oh, and Graham finds out what Rule 34 is. All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis. ]]> 2018-10-25T08:32:01+00:00 https://www.grahamcluley.com/smashing-security-101-rule-34-twitter-scams-and-facebook-fails/ www.secnews.physaphae.fr/article.php?IdArticle=861928 False Guideline None None Graham Cluley - Blog Security Morrisons didn't know it, but in 2014 it had a huge problem. The UK's fourth largest supermarket chain, with over 500 stores, had a disgruntled member of staff who had access to sensitive data, such as the payroll information of 100,000 current and former employees. Read more in my article on the Bitdefender Business Insights blog. ]]> 2018-10-24T19:11:01+00:00 https://businessinsights.bitdefender.com/compensate-workers-payroll-data-deliberately-leaked-rogue-employee#new_tab www.secnews.physaphae.fr/article.php?IdArticle=860979 False None None None Graham Cluley - Blog Security It's an odd state of affairs when the bogus Elon Musk accounts offering bitcoin giveaways appear more legitimate than the real Elon's tweets. ]]> 2018-10-24T10:10:05+00:00 https://www.grahamcluley.com/twitter-elon-musk-hacked/ www.secnews.physaphae.fr/article.php?IdArticle=860082 False None None None Graham Cluley - Blog Security According to reports, Facebook is planning to acquire a cybersecurity firm. But what will the security boffins think of working for Mark Zuckerberg of all people? ]]> 2018-10-22T23:30:01+00:00 https://www.grahamcluley.com/if-facebook-buys-a-security-company-how-will-it-retain-the-staff-who-absolutely-hate-facebook/ www.secnews.physaphae.fr/article.php?IdArticle=857397 False None None None Graham Cluley - Blog Security Criminals were able to dupe the Tesla's passive entry system into giving them access, and letting them drive away. (But only after they struggled to unplug it.) ]]> 2018-10-22T21:59:04+00:00 https://www.grahamcluley.com/watch-how-a-tesla-model-s-was-stolen-with-just-a-tablet/ www.secnews.physaphae.fr/article.php?IdArticle=857216 False None Tesla None Graham Cluley - Blog Security Facebook has confirmed that its new Portal AI-powered video camera will collect data from you that could be used to target ads. ]]> 2018-10-19T21:57:01+00:00 https://www.grahamcluley.com/facebook-portal-privacy/ www.secnews.physaphae.fr/article.php?IdArticle=855334 False None None None Graham Cluley - Blog Security To celebrate 100 episodes of the “Smashing Security” podcast I co-host with Carole Theriault each week, we asked listeners to let us know some of their favourite moments from the show. ]]> 2018-10-19T15:23:05+00:00 https://www.grahamcluley.com/celebrating-100-episodes-of-the-smashing-security-podcast/ www.secnews.physaphae.fr/article.php?IdArticle=855335 False None None None Graham Cluley - Blog Security Sudhakar Reddy Bonthu wasn't told he was working on Equifax's breach notification website, but when he worked it out he used the information for his financial advantage. Read more in my article on the Hot for Security blog. ]]> 2018-10-19T14:55:01+00:00 https://hotforsecurity.bitdefender.com/blog/manager-who-worked-on-equifaxs-breach-website-sentenced-for-insider-trading-20465.html#new_tab www.secnews.physaphae.fr/article.php?IdArticle=855172 False None Equifax None Graham Cluley - Blog Security A US court has sentenced a programmer to 30 months in a federal prison in connection with software that claimed to be a legitimate tool for Windows sysadmins to remotely manage computers, but was actually used by criminals to backdoor PCs and secretly spy on victims. Read more in my article on the Tripwire State of Security blog. ]]> 2018-10-18T11:59:04+00:00 https://www.tripwire.com/state-of-security/security-data-protection/rat-author-jailed-for-30-months-ordered-to-hand-over-725k-worth-of-bitcoin/#new_tab www.secnews.physaphae.fr/article.php?IdArticle=853272 False Tool None None Graham Cluley - Blog Security Yes, it's the 100th edition of the “Smashing Security” podcast. There's a little celebration at both ends of this week's podcast - but the meat of the sandwich is our normal look at the security stories of the last week - including an alarming IoT failure and a dating app disaster for Donald Trump devotees. ]]> 2018-10-17T23:06:05+00:00 https://www.grahamcluley.com/smashing-security-100-one-flippin-hundred/ www.secnews.physaphae.fr/article.php?IdArticle=852630 False None None None Graham Cluley - Blog Security A former high school teacher is to plead guilty to hacking into the online accounts of celebrities and stealing naked photographs and other private information. ]]> 2018-10-17T21:59:01+00:00 https://www.grahamcluley.com/naked-photo-hacker/ www.secnews.physaphae.fr/article.php?IdArticle=852506 False Guideline None None Graham Cluley - Blog Security Graham Cluley Security News is sponsored this week by the folks at OneSpan. Thanks to the great team there for their support! More than 10,000 customers in 100 countries rely on OneSpan to secure access, manage identities, verify transactions, simplify document signing and protect high value assets and systems. In today's digital era, more and more organizations choose e-Signature technology as part of their digitization process. OneSpan Sign is the white-labeled solution behind some of the most trusted brands and security-conscious organizations in the world. The last ten industry reports show that OneSpan Sign received the highest overall customer satisfaction score among e-signature products. 99% of users rated it four or five stars. Try sending and e-signing documents now, free of charge, and discover how to: Enhance user experience across all channels Increase operational efficiency Meet compliance challenges Start e-signing in minutes on web and mobile, by signing-up for an Unlimited 30-Day Trial now!

---

If you're interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here. ]]> 2018-10-16T11:06:05+00:00 https://www.grahamcluley.com/feed-sponsor-onespan-4/ www.secnews.physaphae.fr/article.php?IdArticle=849838 False None None None Graham Cluley - Blog Security The Pentagon has admitted that up to 30,000 military workers and civilian personnel have had their personal information and credit card data exposed following a security breach. Read more in my article on the Hot for Security blog. ]]> 2018-10-16T08:07:05+00:00 https://hotforsecurity.bitdefender.com/blog/pentagon-data-breach-puts-personal-details-of-30000-staff-at-risk-20459.html#new_tab www.secnews.physaphae.fr/article.php?IdArticle=849573 False Data Breach None None Graham Cluley - Blog Security A Turkish newspaper claims that audio files of journalist's death were recorded on his Apple Watch. Such a claim, if true, would be rather convenient for the intelligence services in Turkey - who might not want to reveal their methods. ]]> 2018-10-15T17:09:00+00:00 https://www.grahamcluley.com/jamal-khashoggi-apple-watch/ www.secnews.physaphae.fr/article.php?IdArticle=848510 False None None None Graham Cluley - Blog Security Online criminals are planting cryptomining code on victims' Windows computers, using the camouflage of an update to Adobe Flash Player. Read more in my article on the Tripwire State of Security blog. ]]> 2018-10-15T13:21:00+00:00 https://www.tripwire.com/state-of-security/featured/fake-adobe-update-cryptominer/#new_tab www.secnews.physaphae.fr/article.php?IdArticle=848094 False None None None Graham Cluley - Blog Security You can bet mischievous hackers are right now trying to crack into Kanye West's online accounts with equally diabolical passwords. ]]> 2018-10-11T23:49:04+00:00 https://www.grahamcluley.com/kanye-west-iphone-passcode/ www.secnews.physaphae.fr/article.php?IdArticle=843167 False None None None Graham Cluley - Blog Security Passwords - everything you need to know about how to make them safer, and better secure your online accounts. In this replay of our podcast from February 2017, Graham Cluley, Carole Theriault and Vanja Švajcer discuss the perennial problem of passwords and offer some advice and tips for computer users. ]]> 2018-10-10T23:31:02+00:00 https://www.grahamcluley.com/smashing-security-099-passwords-a-smashing-security-splinter-replay/ www.secnews.physaphae.fr/article.php?IdArticle=841256 False None None None Graham Cluley - Blog Security Getting rid of hardcoded default passwords is not enough. There is a long way to go before we can feel confident that IoT devices have become significantly safer. Read more in my article on the Bitdefender BOX blog. ]]> 2018-10-09T09:18:05+00:00 https://www.bitdefender.com/box/blog/iot-news/californias-ban-weak-default-passwords-isnt-going-fix-iot-security/#new_tab www.secnews.physaphae.fr/article.php?IdArticle=838189 False None None None Graham Cluley - Blog Security The really big news today is not that Google is shutting down Google Plus (who cares?), but rather that Google knew months ago that user data had been exposed and kept the fact quiet. ]]> 2018-10-08T18:29:00+00:00 https://www.grahamcluley.com/google-chose-not-to-go-public-about-bug-that-exposed-google-plus-users-data/ www.secnews.physaphae.fr/article.php?IdArticle=837234 False None None None Graham Cluley - Blog Security Assassin's Creed Odyssey, the action role-playing video game set in Ancient Greece, had its launch on Friday disrupted by crippling distributed denial-of-service attacks. ]]> 2018-10-08T16:31:04+00:00 https://www.grahamcluley.com/assassins-creed-odyssey-suffers-ddos-attack-at-launch/ www.secnews.physaphae.fr/article.php?IdArticle=837026 False None None None Graham Cluley - Blog Security The US Department of Homeland Security and UK's GCHQ have rallied behind the vigorous denials issued by Amazon and Apple, after Bloomberg BusinessWeek reported China had planted malicious computer chips on systems used by the tech giants. ]]> 2018-10-08T15:23:01+00:00 https://www.grahamcluley.com/department-of-homeland-security-and-gchq-back-apple-and-amazons-denials-they-were-hacked-by-china/ www.secnews.physaphae.fr/article.php?IdArticle=836919 False None None None Graham Cluley - Blog Security New research has revealed that business email compromise is being made easier for any criminal to add to their arsenal. Is your company doing enough to protect itself? Read more in my article on the Tripwire blog. ]]> 2018-10-05T15:15:03+00:00 https://www.tripwire.com/state-of-security/security-data-protection/bec-as-a-service-offers-hacked-business-accounts-for-as-little-as-150/#new_tab www.secnews.physaphae.fr/article.php?IdArticle=831986 False None None None Graham Cluley - Blog Security An extraordinary report released by Bloomberg BusinessWeek, which claims that China has been exploiting the supply-chain, planting a tiny microchip on servers which ended up in the server rooms of almost 30 companies, including the likes of Apple and Amazon. ]]> 2018-10-05T00:13:02+00:00 https://www.grahamcluley.com/china-accused-of-sabotaging-thousands-of-servers-at-major-us-companies-with-tiny-microchips-hidden-on-motherboards/ www.secnews.physaphae.fr/article.php?IdArticle=831016 False None None None Graham Cluley - Blog Security Millions of Facebook user accounts put at risk after hack! The UK Conservative party's conference app causes a privacy omnishambles! And Facebook (again) has been doing something naughty with the phone numbers you give it for security reasons! Oh, and Maria gets very excited about something to do with Star Trek. All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis. ]]> 2018-10-04T20:41:05+00:00 https://www.grahamcluley.com/smashing-security-098-a-facebook-omnishambles/ www.secnews.physaphae.fr/article.php?IdArticle=830697 False None None None Graham Cluley - Blog Security Once again, a way of bypassing the iPhone's passcode lock to expose users' photos and contacts has been discovered. Read more in my article on the Hot for Security blog. ]]> 2018-10-02T13:29:05+00:00 https://hotforsecurity.bitdefender.com/blog/even-with-the-latest-ios-12-update-your-iphones-lockscreen-is-unsafe-20410.html#new_tab www.secnews.physaphae.fr/article.php?IdArticle=828383 False None None None Graham Cluley - Blog Security It's been a bad week for Facebook and its two billion-plus users. Not only was it revealed that millions of users had their accounts exposed by a vulnerability, but the site has been up to dirty tricks with mobile phone numbers you gave them to supposedly enhance your security. ]]> 2018-10-01T11:09:05+00:00 https://www.grahamcluley.com/two-reasons-to-reconsider-your-facebook-membership/ www.secnews.physaphae.fr/article.php?IdArticle=826569 False None None None