Monday, September 23, 2019
Graham Cluley

I’m keynoting about cybercrime at the CRN MSP conference in London next week

I’m the opening keynote speaker at CRN’s MSP conference in London next week, where – amongst other things – I’ll be describing to managed service providers how it’s possible to make a billion dollars through cybercrime. I hope to see...
Graham Cluley

15,000 private webcams left open to snooping, no password required

Once again concerns are being raised about the sorry state of IoT security, after a security researcher discovered over 15,000 private webcams that have been left wide open for anyone with an internet connection to spy upon. Read more in...
Graham Cluley

Smashing Security 146: Password secrets and baking brownies

In the latest edition of the “Smashing Security” podcast, hosted by computer security veterans Graham Cluley and Carole Theriault, Carole has suffered an injury, we journey back in time to one of our earliest episodes to discuss the perils...
Graham Cluley

CookieMiner malware targets Macs, steals passwords and SMS messages, mines for cryptocurrency

Security researchers have discovered a new Mac malware threat that appears to be a sophisticated attempt to raid cryptocurrency wallets. Read more in my article on the Tripwire State of Security blog.
Graham Cluley

How to get away with hacking a US satellite

The US Air Force wants to know if you can hijack control of an orbiting satellite and turn its camera from staring at Earth to point at the moon instead. Read more in my article on the Hot for Security...
Graham Cluley

Medical images and details of 24.3 million patients left exposed on the internet

Researchers discover that confidential images of X-rays, CT and MRI scans related to millions of patients has been left unprotected on hundreds of servers used by health providers worldwide.
Graham Cluley

Unlock the power of threat intelligence with this practical guide. Get your free copy now

Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! At Recorded Future, we believe every security team can benefit from threat intelligence. That’s why we’ve...
Graham Cluley

Police raids after data on most of Ecuador’s citizens leaks online

If you’re a citizen of Ecuador, chances are that you’ve had your personal and financial information exposed after an ElasticSearch server was left unsecured. Victims even include Wikileaks founder Julian Assange…
Graham Cluley

LastPass users automatically updated to fix security vulnerability in browser extension

Popular password manager LastPass says that it has fixed a vulnerability in its Chrome and Opera browser extensions that could have potentially seen an attacker steal the username and password previously filled-in by the software.
Graham Cluley

Smashing Security #145: Apple and Google willy wave while home assistants spy – DoH!

Apple’s furious with Google over iPhone hacking attacks against Uyghur Muslims in China, DNS-over-HTTPS is good for privacy but makes ISPs angry, and concern over digital assistants listening to our private moments continues to rise. All this and much more...
Graham Cluley

Toyota parts supplier loses $37 million in email scam

Toyota Boshoku, a seating and interiors supplier for Toyota cars, has revealed that it was tricked into moving a large amount of money into a bank account controlled by scammers. Read more in my article on the Tripwire State of...
Graham Cluley

Operation reWired: 281 suspected email scammers arrested around the world

Law enforcement agencies around the world have arrested a total of 281 people suspected of being behind a spate of Business Email Compromise (BEC) scams that have stolen millions of dollars from businesses and individuals.
Graham Cluley

Wikipedia and World of Warcraft Classic targeted by DDoS attacks

Uou can imagine the pain that was caused to pub quiz cheats and students writing essays this weekend when crowd-sourced internet encyclopedia Wikipedia, one of the world’s most popular websites, was hit by a distributed denial-of-service attack. Read more in...
Graham Cluley

Hackers who hit Texas with ransomware attack demanded $2.5 million, got nothing

Although it may have cost Texas more to recover from the ransomware attack than paying the ransom, in the long term a refusal to pay extortionists will help to discourage future attacks.
Graham Cluley

Hundreds of millions of Facebook users’ phone numbers found lying around on the internet

A security researcher stumbled across an exposed server on the internet, containing a total of more than 419 million records related to Facebook users. No password protection was in place – meaning the treasure trove of phone numbers was available...

New Zealand budget details leaked due to website sloppiness, not hackers

Earlier this week, the New Zealand government was claiming that it had suffered a “deliberate and systematic” hacking attack that resulted in budget details ending up in the hands of its political opponents. But that’s not what had really happened…

HiddenWasp malware seizes control of Linux systems

Security researchers have discovered a new strain of malware that they believe is being used in targeted attacks to seize control of Linux systems and open backdoors for remote hackers. Read more in my article on the Tripwire State of...

Smashing Security #130: Doctored videos, Bcc blunders, and a diva

You won’t believe who had to report themselves to the data protection agency for a breach, or who has been sharing doctored videos of political rivals, or how much money you can make selling a laptop infected with malware…...

Hackers stole Flipboard users’ email addresses and hashed passwords

Flipboard warns that hackers gained access to its systems and accessed hashed passwords for nine months.

Free eBook: A Business Owner’s Guide to Cybersecurity

Download the free VIPRE e-book “A Business Owner’s Guide to Cybersecurity” to learn more about how and where cybercriminals are likely to strike and how to protect your business from cyberattacks using a layered security approach.
SC Magazine

Ning Wang – Offensive Security

Ning WangCEO Offensive Security Why Nominated: Ning Wang is a rising star has worked to break the boundaries in the security industry, so that people can see that anyone is capable of starting a career in cybersecurity and advancing it –...
SC Magazine

Dani Martínez – IOActive

Dani MartínezSecurity ConsultantIOActive Why nominated: Dani Martínez proved to be a self-starter, beginning his career in IT he soon developed an interest in cybersecurity and began taking online courses in his spare time. Martínez also dove write in and began a cybersecurity blog...
SC Magazine

Maurice Stebila – Harman, a Samsung Company

Maurice StebilaDigital Security,Compliance and Privacy OfficerHarman, a Samsung Company Why nominated: Maurice Stebila has spent more than 30 years in the automotive, manufacturing and financial services industry supporting two of the world’s largest companies – EDS/General Motors and Harman by Samsung...
SC Magazine

Ed Adams – Security Innovation

Ed AdamsPresident and CEOSecurity Innovation Why Nominated: A highly respected veteran of the cybersecurity industry, Security Innovation CEO Ed Adams has taken on several new leadership roles in the year or so. Last April, he was named to board of directors of...
SC Magazine

David Archer – Galois

David ArcherPrincipal scientistGalois Why Nominated: Archer, an advocate for preserving privacy of data even when it’s used in decision-making both within the U.S. at all levels of government as well as internationally, directs research in privacy-preserving information technologies. Profile:  David Archer is all...