Ransomware via a call centre? BazaCall means no email attachment or link required for infection
Unsuspecting users of Office 365 are being tricked by a cybercriminal gang into calling a bogus call centre, with the eventual intention of installing ransomware onto their computers.
Read more in my article on the Hot for Security blog.
Instagram influencer Hushpuppi admits his part in scams that stole more than $24 million
Ramon Olorunwa Abbas, also known as "Ray Hushpuppi," might have imagined he had it all.
The self-proclaimed "Billionaire Gucci Master", flamboyantly boasted about his luxurious life of expensive cars, private jets, and designer clothes to his 2.3 million Instagram followers.
But...
BlackMatter rises from the ashes of notorious cybercrime gangs to pose new ransomware threat
A new ransomware gang that calls itself BlackMatter has launched itself on the dark web, and is actively attempting to recruit criminal partners and affiliates to attack large organisations in the United States, UK, Canada, and Australia.
Read more in...
Smashing Security podcast #238: Fashion captain, fraud family, and DEF CON. D’oh!
Pygmy hippopotamus bugs, DEF CON's data slip-up, and phishing fraudsters have their collars felt.
All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault,...
Despite all the advice, 97.7% of Twitter users have still not enabled two-factor authentication
Twitter has revealed that the vast majority of its users have ignored advice to protect their accounts with two-factor authentication (2FA) - one of the simplest ways to harden account security.
Read more in my article on the Hot for...
Patch your iPhones and Macs against “actively exploited” zero-day right now
Apple has released a major security update for its devices, after finding a zero-day flaw that the company indicates has been the focus of in-the-wild attacks by hackers, and might have been used to plant malware.
Read more in my...
Who us??? Kaseya says it hasn’t paid anybody for its ransomware decryption key
Kaseya hasn't paid anyone for the decryptor it managed to get its paws on last week, and is offering to customers hit by a massive ransomware attack.
Which only raises the question - who did?
Average ransomware payments decline… but that’s not good news
The latest research finds that ransomware attackers are attempt to extort, on average, a smaller amount of money through their criminal activities.
No More Ransom website celebrates five years of providing free ransomware recovery tools and advice
The No More Ransom website has become one of the first ports of call for any individual or company whose computer has been hit by a ransomware attack.
Good news! I’m getting a salary increase!
It seems my boss here at “Grahamcluley” has decided that I deserve a wage increase. This is not only terrific news for my bank balance, but also terribly exciting as I never knew I even had a boss –...
Stay sharp this summer with security tips from the experts – sign up to 1Password’s Security Summer School today
Graham Cluley Security News is sponsored this week by the folks at 1Password. Thanks to the great team there for their support! Learn from security experts at top organizations, hear about new security and technology trends, and get quick...
Vikings hack Instagram account of SBS News in Australia
The Instagram account of SBS Australia - a group of free-to-air TV and radio stations down under - has been hacked by someone who clearly loves "Vikings".
Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands
Dutch police have arrested suspected members of a notorious cybercrime gang known as "Fraud Family," following a spate of sophisticated phishing attacks that have targeted users in the Netherlands and Belgium.
Read more in my article on the Hot for...
Kaseya offers universal decryptor to customers following ransomware attack
IT service firm Kaseya says that it has "obtained" a universal decryptor for customers hit by the REvil ransomware gang earlier this month. REvil had earlier offered to sell the decryptor for $70 million...
British man arrested in connection with Twitter mega-hack that posted cryptocurrency scam from celebrity accounts
Police in Spain have arrested a British man in connection with what many consider the worst hack in Twitter's history.
Read more in my article on the Tripwire State of Security blog.
New Zealand budget details leaked due to website sloppiness, not hackers
Earlier this week, the New Zealand government was claiming that it had suffered a “deliberate and systematic” hacking attack that resulted in budget details ending up in the hands of its political opponents.
But that’s not what had really happened…
HiddenWasp malware seizes control of Linux systems
Security researchers have discovered a new strain of malware that they believe is being used in targeted attacks to seize control of Linux systems and open backdoors for remote hackers.
Read more in my article on the Tripwire State of...
Smashing Security #130: Doctored videos, Bcc blunders, and a diva
You won’t believe who had to report themselves to the data protection agency for a breach, or who has been sharing doctored videos of political rivals, or how much money you can make selling a laptop infected with malware…...
Hackers stole Flipboard users’ email addresses and hashed passwords
Flipboard warns that hackers gained access to its systems and accessed hashed passwords for nine months.
Free eBook: A Business Owner’s Guide to Cybersecurity
Download the free VIPRE e-book “A Business Owner’s Guide to Cybersecurity” to learn more about how and where cybercriminals are likely to strike and how to protect your business from cyberattacks using a layered security approach.
Do you have a grip on the lifecycle security of your AWS-deployed applications?
Learn how to manage the risks of cloud native environments with Aqua and AWS Promo There’s no doubt that adopting DevOps methodologies and CI/CD pipelines, and extending cloud native technologies like containerization can massively accelerate your application development and...
Beef up security in Firefox with Fission
Jack Wallen shows you how to enable Fission. Firefox developers understand web browser security is at a premium, so they've rolled out a site isolation feature.
Cybersecurity professionals: Positive reinforcement works wonders with users
The blame game is not working; experts suggest using positive reinforcement to improve employee attitude and performance.
Google Patches High-Risk Android Security Flaws
Google this week pushed out a security-themed Android update with fixes for more than 30 security flaws that expose mobile users to a range of malicious hacker attacks.
The latest Android update provides documentation on 33 security bugs, some serious...
Awful transaction and timing: AT&T finally ditches DirecTV
Enlarge (credit: Getty Images | Ronald Martinez)
AT&T has completed its spinoff of DirecTV after six years of mismanagement in which nearly 10 million customers ditched the company's pay-TV services.
AT&T bought DirecTV for $49 billion ($67 billion including...
