Wednesday, November 30, 2022
Graham Cluley

Operation Elaborate – UK police text 70,000 people thought to have fallen victim to iSpoof bank fraudsters

UK police are texting 70,000 people who they believe have fallen victim to a worldwide scam that saw fraudsters steal at least £50 million from bank accounts. Read more in my article on the Tripwire State of Security blog.
Graham Cluley

Kolide gives you real-time fleet visibility across Mac, Windows, and Linux, answering questions MDMs can’t

Graham Cluley Security News is sponsored this week by the folks at Kolide. Thanks to the great team there for their support! Device security is a lot like Mount Everest: it’s tough to scale. When you’re a small company...
Graham Cluley

Smashing Security podcast #299: EV charging risks, FTX, and an ancient apocalypse

Deepfake shenanigans strike users of troubled crypto firm FTX, the perils of charging your electric vehicle, and is Microsoft’s takeover of Activision good news for video game fanatics. All this and much more is discussed in the latest edition of...
Graham Cluley

Hive ransomware has extorted $100 million in 18 months, FBI warns

$100 million. That's the amount of money that the Hive ransomware is thought to have extorted from over 1300 companies around the world, according to a joint report from the FBI, CISA, and HHS. Read more in my article on the...
Graham Cluley

For two years security experts kept secret that they were helping Zeppelin ransomware victims decrypt their files

Researchers at cybersecurity firm Unit 221B have revealed that they have been secretly helping victims of the Zeppelin ransomware decrypt their computer systems since 2020.
Graham Cluley

Ouch! Ransomware gang says it won’t attack AirAsia again due to the “chaotic organisation” and sloppy security of hacked company’s network

The Daixin ransomware gang has given a humiliating slap in the face to Air Asia, which lost the personal data of five million passengers and all of its employees earlier this month.
Graham Cluley

Police force published sexual assault victims’ names and addresses on its website

A UK police force has apologised after it published the names and addresses of victims of sexual assault on its website. Suffolk Police says that it has launched an investigation into how victims' names, addresses, dates of birth, and details...
Graham Cluley

Smashing Security podcast #298: Housing market scams, Twitter 2FA, and the fesshole

Elon Musk is still causing chaos at Twitter (and it's beginning to impact users), are scammers selling your house without your permission, and Google gets stung with a record-breaking fine. All this and much more is discussed in the latest...
Graham Cluley

Kolide can help you nail audits and compliance goals with endpoint security for your entire fleet

Graham Cluley Security News is sponsored this week by the folks at Kolide. Thanks to the great team there for their support! Do you know the old thought experiment about the AI designed to make paper clips that quickly...
Graham Cluley

It’s time. Delete your Twitter DMs

Twitter is in chaos. I'd rather delete my Direct Messages one-by-one than one day find that they are in the hands of a hacker or a disgruntled Twitter employee who goes rogue.
Graham Cluley

Healthcare sector warned of Venus ransomware attacks

Healthcare organisations in the United States are being warned to be on their guard once again, this time against a family of ransomware known as Venus. Read more in my article on the Tripwire State of Security blog.
Graham Cluley

Alleged LockBit ransomware operator arrested in Canada

A man with dual Russian and Canadian nationality has been arrested in connection with his alleged part in the LockBit ransomware conspiracy that has demanded more than $100 million from its victims. Read more in my article on the Hot...
Graham Cluley

Update your Lenovo laptop’s firmware now! Flaws could help malware survive a hard disk wipe

PC manufacturer Lenovo has been forced to push out a security update to more than two dozen of its laptop models, following the discovery of high severity vulnerabilities that could be exploited by malicious hackers. Security researchers at ESET discovered...
Graham Cluley

Smashing Security podcast #297: Mastodon 101, and the Hushpuppi saga

Graham offers some security and privacy advice for those exodusing Twitter to Mastodon, and Carole slams the door shut on a notorious scammer with a huge Instagram following. All this and more is discussed in the latest edition of the...
Graham Cluley

Having refused to pay ransom, health insurer Medibank sees customer data posted online by hackers

A ransomware gang has begun to publish data on the dark web stolen from Australia's largest health insurer Medibank. Curiously, the hackers have released details of insured customers, sorted into two files bearing the label "naughty-list" and "good-list." Read more in...

New Zealand budget details leaked due to website sloppiness, not hackers

Earlier this week, the New Zealand government was claiming that it had suffered a “deliberate and systematic” hacking attack that resulted in budget details ending up in the hands of its political opponents. But that’s not what had really happened…

HiddenWasp malware seizes control of Linux systems

Security researchers have discovered a new strain of malware that they believe is being used in targeted attacks to seize control of Linux systems and open backdoors for remote hackers. Read more in my article on the Tripwire State of...

Smashing Security #130: Doctored videos, Bcc blunders, and a diva

You won’t believe who had to report themselves to the data protection agency for a breach, or who has been sharing doctored videos of political rivals, or how much money you can make selling a laptop infected with malware…...

Hackers stole Flipboard users’ email addresses and hashed passwords

Flipboard warns that hackers gained access to its systems and accessed hashed passwords for nine months.

Free eBook: A Business Owner’s Guide to Cybersecurity

Download the free VIPRE e-book “A Business Owner’s Guide to Cybersecurity” to learn more about how and where cybercriminals are likely to strike and how to protect your business from cyberattacks using a layered security approach.
TechRepublic

Gartner: How to Respond to the 2022 Cyberthreat Landscape

A new Gartner® report, How to Respond to the 2022 Cyberthreat Landscape, focuses on the new threats organizations will face as they prepare for the future of work and accelerate digital transformations. Gartner’s advice will help security and risk...
TechRepublic

Gartner MQ WAAP 2022

Research shows that web applications and API attacks continued to explode in the first half of 2022. Does your organization have the best defense today? Akamai recommends deploying a holistic web application and API protection (WAAP) solution. The right...
TechRepublic

How Akamai Helps to Mitigate the OWASP API Security Top 10 Vulnerabilities

Experts warn that API attacks will soon become the most common type of web application attack. As a result, organizations and their security vendors need to align across people, processes, and technologies to institute the right protections. The Open...
TechRepublic

What is Account Takeover and How to Prevent It in 2022

An account takeover (ATO), in which criminals impersonate legitimate account owners to take control of an account, are on the rise in Asia and across the world. Fraudsters are swindling money and digital assets from consumers across industries, with...
TechRepublic

The OWASP Top 10 – How Akamai Helps

OWASP publishes a list of the 10 most common vulnerabilities in web applications. This white paper details how Akamai can help mitigate these threat vectors. The post The OWASP Top 10 – How Akamai Helps appeared first on TechRepublic.