Tuesday, May 21, 2019

Don’t have your account hijacked. Secure your online accounts with more than a password, says Google

Research published at the end of last week argues that the typical user can significantly harden the security of their online accounts by linking a recovery phone number that can send an alert if there is suspicious activity on...

Firms, stop sending out automated emails that look suspicious as hell!

Guest contributor Bob Covello isn’t happy about automated emails being sent out by a legal firm.

$100 million GozNym cybercrime network dismantled as suspects charged

The sophisticated conspiracy saw tens of thousands of victims’ computers infected with the GozNym malware in order to steal online banking passwords, and raid accounts. Read more in my article on the Hot for Security blog.

Forbes subscribers warned of Magecart threat skimming credit card details

The notorious Magecart malware, that blights online stores by stealing payment card details from unsuspecting shoppers at checkout, has claimed another high profile victim. Read more in my article on the Tripwire State of Security blog.

Oh, the irony… Malware spread via Best of the Web security seals

The very thing that websites were using to reassure you that they were secure… was insecure, and putting website visitors’ personal data at risk.

Smashing Security #128: Shackled ankles, photo scrapes, and SIM card swaps

A bad software update causes big headaches for Dutch police, but brings temporary freedom to criminals. SIM swaps are in the news again as fraudsters steal millions. And does your cloud photo storage service have a dirty little secret? All...

Israeli TV’s Eurovision webcast hijacked by hackers. Hamas blamed

Hamas hackers have been blamed for briefly hijacking an Israeli TV webcast of the Eurovision Song Contest semi-finals last night.

Microsoft worm warning: Windows users urged to patch now

Microsoft is urging computer users to patch their systems now against a critical vulnerability that could be exploited by a fast-moving worm. Read more in my article on the Hot for Security blog.

Free eBook: A Business Owner’s Guide to Cybersecurity

Download the free VIPRE e-book “A Business Owner’s Guide to Cybersecurity” to learn more about how and where cybercriminals are likely to strike and how to protect your business from cyberattacks using a layered security approach.

Urgent! Update WhatsApp NOW… to add new sticker support

Yes, you should update WhatsApp. But not for the reasons they’re telling you.

Zara Larsson wants your password so she can watch Game of Thrones

When a celebrity asks if you can share your password…

Spying on personal alarms and GPS trackers is as simple as sending an SMS

Security experts found that the devices – manufactured in China, and rebadged by multiple companies around the world – are vulnerable to a simple hack that could allow a hacker to track their location, and even secretly listen in...

IRS extends tax filing deadline following attack on Wolters Kluwer CCH cloud accounting service

The IRS will waive penalties and interest if your tax filing was delayed due to the CCH outage.

Students pull off below-the-belt mailing list prank

Students at Labelle Senior High School sent an email addressed to all faculty, staff, and students about a “Mandatory Penis Inspection”…

Ever app users uploaded billions of photos, unaware they were being used to build a facial recognition system

Users have shared the private photos stored in their email and social networks with Ever – not realising that they were being used to feed a facial recognition system.

Robbinhood ransomware attack brings down parts of City of Baltimore’s computer network

For the second time in a year, Baltimore city government computers have been infected by ransomware. Malicious hackers are demanding that a ransom is paid for the safe recovery of encrypted files on affected computers and servers. Read more...

Smashing Security #127: I do love the Dutch

Israel strikes back at Hamas’s hacking HQ, a new sextortion email comes with a twist, and Carole saves the world with some help from hacked Roomba vacuum cleaners. All this and much more is discussed in the latest edition of...

$40 million worth of Bitcoin stolen from Binance cryptocurrency exchange

Binance, one of the world’s biggest cryptocurrency exchanges by trading volume, says that it has suffered a security breach that saw hackers steal more than $40 million worth of Bitcoin. Read more in my article on the Hot for Security...

Malware takes Wolters Kluwer CCH cloud accounting service offline

Wolters Kluwer, the company behind cloud accounting software CCH, has confirmed that its service was knocked offline after malware was discovered on its systems.

An attempt to phish my Amazon Web Services account

An email arrived purporting to be from Amazon Web Services (AWS). It claimed that unless I confirmed I had given my correct contact information for a domain’s WHOIS record, a website I administer could be suspended.

Rats leave the sinking ship as hackers’ forum gets hacked

The OGUsers forum, which trades in hijacked social accounts, has been hacked, its hard drives wiped, and its user database published online.
The Register

iPhone gyroscopes, of all things, can uniquely ID handsets on anything earlier than iOS 12.2

Cheapskate fandroids get a pass on this one, though Your iPhone can be uniquely fingerprinted by apps and websites in a way that you can never clear. Not by deleting cookies, not by clearing your cache, not even by...
Bruce Schneier

How Technology and Politics Are Changing Spycraft

Interesting article about how traditional nation-based spycraft is changing. Basically, the Internet makes it increasingly possible to generate a good cover story; cell phone and other electronic surveillance techniques make tracking people easier; and machine learning will make all...

DDoS Attacks on the Rise After Long Period of Decline

DDoS Attacks on the Rise After Long Period of DeclineThe number of DDoS attacks increased by 84% in the first quarter of 2019 compared to Q4 2018, according to new research from Kaspersky Lab. The global cybersecurity company’s findings, detailed...
SecurityWeek

Awareness Training Firm KnowBe4 Acquires Awareness Measurement Firm CLTRe

Tampa Bay, FL-based security awareness and simulated phishing firm KnowBe4 has acquired Oslo, Norway-based security culture measurement company CLTRe for an undisclosed sum. read more