Ransomware gang outraged at “bandit-mugging behavior of the United States” after REvil group pushed offline
The Conti ransomware gang is outraged that the United States appears to have hacked into the REvil ransomware gang's infrastructure, and knocked it offline...
Man who “scraped and sold 178 million users’ data” is sued by Facebook
Facebook is suing a Ukrainian man for allegedly stealing the data of more than 178 million users, and then selling it on an underground cybercrime forum.
Read more in my article on the Hot for Security blog.
Sharpen your security knowledge with 1Password University
Graham Cluley Security News is sponsored this week by the folks at 1Password. Thanks to the great team there for their support! Understanding how to secure your digital life is more important than ever, but with so much advice...
Donald Trump’s Truth Social account posts a picture of a pig defecating
There's a lesson here for anyone else building a website. Be sure to keep everything safely secured under lock-and-key until you are ready to properly launch.
Recorded Future Identity Intelligence prevents identity fraud and disrupts attackers – learn more now
Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! Strong identity authentication is more important than ever as organizations face an unprecedented level of attacks...
Romance scam suspects rounded up in South Africa after 100 women targeted
Eight suspected members of an international crime consortium have been arrested in South Africa, and accused of participating in money laundering schemes, financial fraud, and internet-based romance scams.
Read more in my article on the Hot for Security blog.
US Government warns of BlackMatter ransomware attacks against critical infrastructure
The US Government has issued an alert to organisations about the threat posed by the BlackMatter ransomware group.
Read more in my article on the Tripwire State of Security blog.
Smashing Security podcast #248: Press F12 to hack
A journalist is threatened with prosecution after choosing to "View Source" on a public webpage, Amazon Ring owners might be in line for a hefty fine if their neighbours complain, and is the school lunch queue a good place...
Free BlackByte decryptor released, after researchers say they found flaw in ransomware code
Security experts have released a free decryption tool that can be used by BlackByte ransomware victims to decrypt and recover their files. That's right - you don't need to pay the ransom.
Predictably, the ransomware gang isn't happy.
Acer hacked (for the second time this year)
Hardware and electronics giant Acer has suffered a data breach, with hackers claiming they have stolen 60GB worth of files from the company's Indian servers.
Disrupt adversaries and prevent identity fraud with Recorded Future Identity Intelligence
Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! Strong identity authentication is more important than ever as organizations face an unprecedented level of attacks...
Analysis of 80 million ransomware samples reveals a world under attack
VirusTotal's first Ransomware Activity Report reveals that it received ransomware submissions from 140 different countries around the world, and discovered at least 130 different ransomware families had been active since January 2020.
Read more in my article on the Tripwire...
Smashing Security podcast #247: Rickrolling submarine secrets
A married couple are accused of selling nuclear sub secrets, Facebook continues to make young lives a misery, and a school hacker lets loose one heck of a prank.
All this and much more is discussed in the latest edition...
Bank of America employee indicted for email scam that targeted businesses
A 30-year-old man employed at Bank of America and TD Mark is alleged to have exploited his position to defraud five businesses out of more than $1.1 million in a Business Email Compromise plot.
Read more in my article on...
Google gives away 10,000 free security keys to high-risk users
10,000 high-risk users are being provided with free hardware security keys by Google, with the aim of better protecting their accounts from hackers.
Read more in my article on the Hot for Security blog.
New Zealand budget details leaked due to website sloppiness, not hackers
Earlier this week, the New Zealand government was claiming that it had suffered a “deliberate and systematic” hacking attack that resulted in budget details ending up in the hands of its political opponents.
But that’s not what had really happened…
HiddenWasp malware seizes control of Linux systems
Security researchers have discovered a new strain of malware that they believe is being used in targeted attacks to seize control of Linux systems and open backdoors for remote hackers.
Read more in my article on the Tripwire State of...
Smashing Security #130: Doctored videos, Bcc blunders, and a diva
You won’t believe who had to report themselves to the data protection agency for a breach, or who has been sharing doctored videos of political rivals, or how much money you can make selling a laptop infected with malware…...
Hackers stole Flipboard users’ email addresses and hashed passwords
Flipboard warns that hackers gained access to its systems and accessed hashed passwords for nine months.
Free eBook: A Business Owner’s Guide to Cybersecurity
Download the free VIPRE e-book “A Business Owner’s Guide to Cybersecurity” to learn more about how and where cybercriminals are likely to strike and how to protect your business from cyberattacks using a layered security approach.
China Telecom booted out of USA as Feds worry it could disrupt or spy on local networks
FCC urges more action against Huawei and DJI, too The US Federal Communications Commission (FCC) has terminated China Telecom's authority to provide communications services in the USA.…
150 People Arrested in US-Europe Darknet Drug Probe
Law enforcement officials in the U.S. and Europe have arrested 150 people and seized more than $31 million in an international drug trafficking investigation stemming from sales on the darknet, the Justice Department said Tuesday.
read more
Free Tool Helps Security Teams Measure Their API Attack Surface
Data Theorem's free API Attack Surface Calculator helps security teams understand potential API exposures.
SquirrelWaffle Loader Malspams, Packing Qakbot, Cobalt Strike
Say hello to what could be the next big spam player: SquirrelWaffle, which is spreading with increasing frequency via spam campaigns and infecting systems with a new malware loader.
North Korea's Lazarus Group Turns to Supply Chain Attacks
State-backed group is among a growing number of threat actors looking at supply chain companies as an entry point into enterprise networks.
