I’m keynoting about cybercrime at the CRN MSP conference in London next week
I’m the opening keynote speaker at CRN’s MSP conference in London next week, where – amongst other things – I’ll be describing to managed service providers how it’s possible to make a billion dollars through cybercrime.
I hope to see...
15,000 private webcams left open to snooping, no password required
Once again concerns are being raised about the sorry state of IoT security, after a security researcher discovered over 15,000 private webcams that have been left wide open for anyone with an internet connection to spy upon.
Read more in...
Smashing Security 146: Password secrets and baking brownies
In the latest edition of the “Smashing Security” podcast, hosted by computer security veterans Graham Cluley and Carole Theriault, Carole has suffered an injury, we journey back in time to one of our earliest episodes to discuss the perils...
CookieMiner malware targets Macs, steals passwords and SMS messages, mines for cryptocurrency
Security researchers have discovered a new Mac malware threat that appears to be a sophisticated attempt to raid cryptocurrency wallets.
Read more in my article on the Tripwire State of Security blog.
How to get away with hacking a US satellite
The US Air Force wants to know if you can hijack control of an orbiting satellite and turn its camera from staring at Earth to point at the moon instead.
Read more in my article on the Hot for Security...
Medical images and details of 24.3 million patients left exposed on the internet
Researchers discover that confidential images of X-rays, CT and MRI scans related to millions of patients has been left unprotected on hundreds of servers used by health providers worldwide.
Unlock the power of threat intelligence with this practical guide. Get your free copy now
Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! At Recorded Future, we believe every security team can benefit from threat intelligence. That’s why we’ve...
Police raids after data on most of Ecuador’s citizens leaks online
If you’re a citizen of Ecuador, chances are that you’ve had your personal and financial information exposed after an ElasticSearch server was left unsecured.
Victims even include Wikileaks founder Julian Assange…
LastPass users automatically updated to fix security vulnerability in browser extension
Popular password manager LastPass says that it has fixed a vulnerability in its Chrome and Opera browser extensions that could have potentially seen an attacker steal the username and password previously filled-in by the software.
Smashing Security #145: Apple and Google willy wave while home assistants spy – DoH!
Apple’s furious with Google over iPhone hacking attacks against Uyghur Muslims in China, DNS-over-HTTPS is good for privacy but makes ISPs angry, and concern over digital assistants listening to our private moments continues to rise.
All this and much more...
Toyota parts supplier loses $37 million in email scam
Toyota Boshoku, a seating and interiors supplier for Toyota cars, has revealed that it was tricked into moving a large amount of money into a bank account controlled by scammers.
Read more in my article on the Tripwire State of...
Operation reWired: 281 suspected email scammers arrested around the world
Law enforcement agencies around the world have arrested a total of 281 people suspected of being behind a spate of Business Email Compromise (BEC) scams that have stolen millions of dollars from businesses and individuals.
Wikipedia and World of Warcraft Classic targeted by DDoS attacks
Uou can imagine the pain that was caused to pub quiz cheats and students writing essays this weekend when crowd-sourced internet encyclopedia Wikipedia, one of the world’s most popular websites, was hit by a distributed denial-of-service attack.
Read more in...
Hackers who hit Texas with ransomware attack demanded $2.5 million, got nothing
Although it may have cost Texas more to recover from the ransomware attack than paying the ransom, in the long term a refusal to pay extortionists will help to discourage future attacks.
Hundreds of millions of Facebook users’ phone numbers found lying around on the internet
A security researcher stumbled across an exposed server on the internet, containing a total of more than 419 million records related to Facebook users.
No password protection was in place – meaning the treasure trove of phone numbers was available...
New Zealand budget details leaked due to website sloppiness, not hackers
Earlier this week, the New Zealand government was claiming that it had suffered a “deliberate and systematic” hacking attack that resulted in budget details ending up in the hands of its political opponents.
But that’s not what had really happened…
HiddenWasp malware seizes control of Linux systems
Security researchers have discovered a new strain of malware that they believe is being used in targeted attacks to seize control of Linux systems and open backdoors for remote hackers.
Read more in my article on the Tripwire State of...
Smashing Security #130: Doctored videos, Bcc blunders, and a diva
You won’t believe who had to report themselves to the data protection agency for a breach, or who has been sharing doctored videos of political rivals, or how much money you can make selling a laptop infected with malware…...
Hackers stole Flipboard users’ email addresses and hashed passwords
Flipboard warns that hackers gained access to its systems and accessed hashed passwords for nine months.
Free eBook: A Business Owner’s Guide to Cybersecurity
Download the free VIPRE e-book “A Business Owner’s Guide to Cybersecurity” to learn more about how and where cybercriminals are likely to strike and how to protect your business from cyberattacks using a layered security approach.
Ning Wang – Offensive Security
Ning WangCEO Offensive Security
Why Nominated: Ning Wang is a rising star has worked to break the
boundaries in the security industry, so that people can see that anyone is
capable of starting a career in cybersecurity and advancing it –...
Dani Martínez – IOActive
Dani MartínezSecurity ConsultantIOActive
Why nominated:
Dani Martínez proved to be a self-starter, beginning his career in
IT he soon developed an interest in cybersecurity and began taking online
courses in his spare time. Martínez also dove write in and began a
cybersecurity blog...
Maurice Stebila – Harman, a Samsung Company
Maurice StebilaDigital Security,Compliance and Privacy OfficerHarman, a Samsung Company
Why nominated: Maurice Stebila has spent more than 30 years in the automotive,
manufacturing and financial services industry supporting two of the world’s
largest companies – EDS/General Motors and Harman by Samsung...
Ed Adams – Security Innovation
Ed AdamsPresident and CEOSecurity Innovation
Why Nominated:
A highly respected veteran of the cybersecurity industry, Security Innovation
CEO Ed Adams has taken on several new leadership roles in the year or so. Last
April, he was named to board of directors of...
David Archer – Galois
David ArcherPrincipal scientistGalois
Why Nominated: Archer, an
advocate for preserving privacy of data even when it’s used in decision-making
both within the U.S. at all levels of government as well as internationally,
directs research in privacy-preserving information technologies.
Profile: David Archer is all...
