Wednesday, October 27, 2021
Graham Cluley

Ransomware gang outraged at “bandit-mugging behavior of the United States” after REvil group pushed offline

The Conti ransomware gang is outraged that the United States appears to have hacked into the REvil ransomware gang's infrastructure, and knocked it offline...
Graham Cluley

Man who “scraped and sold 178 million users’ data” is sued by Facebook

Facebook is suing a Ukrainian man for allegedly stealing the data of more than 178 million users, and then selling it on an underground cybercrime forum. Read more in my article on the Hot for Security blog.
Graham Cluley

Sharpen your security knowledge with 1Password University

Graham Cluley Security News is sponsored this week by the folks at 1Password. Thanks to the great team there for their support! Understanding how to secure your digital life is more important than ever, but with so much advice...
Graham Cluley

Donald Trump’s Truth Social account posts a picture of a pig defecating

There's a lesson here for anyone else building a website. Be sure to keep everything safely secured under lock-and-key until you are ready to properly launch.
Graham Cluley

Recorded Future Identity Intelligence prevents identity fraud and disrupts attackers – learn more now

Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! Strong identity authentication is more important than ever as organizations face an unprecedented level of attacks...
Graham Cluley

Romance scam suspects rounded up in South Africa after 100 women targeted

Eight suspected members of an international crime consortium have been arrested in South Africa, and accused of participating in money laundering schemes, financial fraud, and internet-based romance scams. Read more in my article on the Hot for Security blog.
Graham Cluley

US Government warns of BlackMatter ransomware attacks against critical infrastructure

The US Government has issued an alert to organisations about the threat posed by the BlackMatter ransomware group. Read more in my article on the Tripwire State of Security blog.
Graham Cluley

Smashing Security podcast #248: Press F12 to hack

A journalist is threatened with prosecution after choosing to "View Source" on a public webpage, Amazon Ring owners might be in line for a hefty fine if their neighbours complain, and is the school lunch queue a good place...
Graham Cluley

Free BlackByte decryptor released, after researchers say they found flaw in ransomware code

Security experts have released a free decryption tool that can be used by BlackByte ransomware victims to decrypt and recover their files. That's right - you don't need to pay the ransom. Predictably, the ransomware gang isn't happy.
Graham Cluley

Acer hacked (for the second time this year)

Hardware and electronics giant Acer has suffered a data breach, with hackers claiming they have stolen 60GB worth of files from the company's Indian servers.
Graham Cluley

Disrupt adversaries and prevent identity fraud with Recorded Future Identity Intelligence

Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! Strong identity authentication is more important than ever as organizations face an unprecedented level of attacks...
Graham Cluley

Analysis of 80 million ransomware samples reveals a world under attack

VirusTotal's first Ransomware Activity Report reveals that it received ransomware submissions from 140 different countries around the world, and discovered at least 130 different ransomware families had been active since January 2020. Read more in my article on the Tripwire...
Graham Cluley

Smashing Security podcast #247: Rickrolling submarine secrets

A married couple are accused of selling nuclear sub secrets, Facebook continues to make young lives a misery, and a school hacker lets loose one heck of a prank. All this and much more is discussed in the latest edition...
Graham Cluley

Bank of America employee indicted for email scam that targeted businesses

A 30-year-old man employed at Bank of America and TD Mark is alleged to have exploited his position to defraud five businesses out of more than $1.1 million in a Business Email Compromise plot. Read more in my article on...
Graham Cluley

Google gives away 10,000 free security keys to high-risk users

10,000 high-risk users are being provided with free hardware security keys by Google, with the aim of better protecting their accounts from hackers. Read more in my article on the Hot for Security blog.

New Zealand budget details leaked due to website sloppiness, not hackers

Earlier this week, the New Zealand government was claiming that it had suffered a “deliberate and systematic” hacking attack that resulted in budget details ending up in the hands of its political opponents. But that’s not what had really happened…

HiddenWasp malware seizes control of Linux systems

Security researchers have discovered a new strain of malware that they believe is being used in targeted attacks to seize control of Linux systems and open backdoors for remote hackers. Read more in my article on the Tripwire State of...

Smashing Security #130: Doctored videos, Bcc blunders, and a diva

You won’t believe who had to report themselves to the data protection agency for a breach, or who has been sharing doctored videos of political rivals, or how much money you can make selling a laptop infected with malware…...

Hackers stole Flipboard users’ email addresses and hashed passwords

Flipboard warns that hackers gained access to its systems and accessed hashed passwords for nine months.

Free eBook: A Business Owner’s Guide to Cybersecurity

Download the free VIPRE e-book “A Business Owner’s Guide to Cybersecurity” to learn more about how and where cybercriminals are likely to strike and how to protect your business from cyberattacks using a layered security approach.
The Register

China Telecom booted out of USA as Feds worry it could disrupt or spy on local networks

FCC urges more action against Huawei and DJI, too The US Federal Communications Commission (FCC) has terminated China Telecom's authority to provide communications services in the USA.…
SecurityWeek

150 People Arrested in US-Europe Darknet Drug Probe

Law enforcement officials in the U.S. and Europe have arrested 150 people and seized more than $31 million in an international drug trafficking investigation stemming from sales on the darknet, the Justice Department said Tuesday. read more

Free Tool Helps Security Teams Measure Their API Attack Surface

Data Theorem's free API Attack Surface Calculator helps security teams understand potential API exposures.

SquirrelWaffle Loader Malspams, Packing Qakbot, Cobalt Strike

Say hello to what could be the next big spam player: SquirrelWaffle, which is spreading with increasing frequency via spam campaigns and infecting systems with a new malware loader.

North Korea's Lazarus Group Turns to Supply Chain Attacks

State-backed group is among a growing number of threat actors looking at supply chain companies as an entry point into enterprise networks.