Tuesday, March 31, 2020
Graham Cluley

The UK Cabinet is meeting on Zoom… here’s the meeting ID

In case you’ve lost the Zoom meeting ID for today’s UK Cabinet meeting, here it is.
Graham Cluley

Has Houseparty been hacked? $1 million reward offered to unearth who is behind widespread claims

In recent days warnings have spread rapidly across social networking sites that the Houseparty app – which makes it easy for anyone to drop in for a video chat with friends locked down during the Coronavirus pandemic – is...
Graham Cluley

Cyber volunteers needed to help protect our health services during the Coronavirus outbreak

The aim of Cyber Volunteers 19 (CV19) is to help people volunteer their IT security expertise and services to health services, during the Covid-19 Coronavirus pandemic.
Graham Cluley

I made a guest appearance on Technado, talking cybersecurity from the safety of my shed

Last week I was delighted to be invited onto ITPro.TV’s “Technado” show with Don Pezet, Justin Dennison, and Peter VanRysdam to discuss anything and everything that’s going on in the tech world. So, if you have wondered what the inside...
Graham Cluley

LastPass releases its 3rd Annual Global Password Security report

Graham Cluley Security News is sponsored this week by the folks at LastPass. Thanks to the great team there for their support! LastPass has analyzed over 47,000 businesses to bring you insights into security behavior worldwide. The report helps...
Graham Cluley

Cybersecurity insurance firm Chubb investigates its own ransomware attack

A notorious ransomware gang claims to have successfully compromised the infrastructure… of a company selling cyberinsurance. Read more in my article on the Hot for Security blog.
Graham Cluley

Third-party data breach exposes GE employees’ personal information

Past and present employees of General Electric (GE) are learning that their sensitive information has been exposed by a data breach at a third-party service provider. Read more in my article on the Tripwire State of Security blog.
Graham Cluley

Smashing Security #171: WhatsApp hoaxes, Zoombombs, and 8-bit love

Blackmailers are threatening to infect your family with Coronavirus, trolls are making Zoom an unsafe place for those of a sensitive disposition, and what is the mysterious Dr Negrin audio message spreading on WhatsApp? All this and much more is...
Graham Cluley

Free Netflix pass because of Coronavirus? It’s a scam

The public is being warned about fraudulent messages being shared on social media platforms that Netflix is offering free passes to its platform because of the Coronavirus pandemic. Read more in my article on the Hot for Security blog.
Graham Cluley

Unlock the power of threat intelligence with this practical guide. Get your free copy now

Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! At Recorded Future, we believe every security team can benefit from threat intelligence. That’s why we’ve...
Graham Cluley

Have you patched your IoT devices against the KrØØk Wi-Fi chip flaw?

Unpatched IoT gadgets, smartphones, tablets, laptops, Wi-Fi access points and routers with Broadcom chips are all at risk from the KrØØk vulnerability. Read more in my article on the Bitdefender BOX blog.
Graham Cluley

The Shield: the open source Israeli Government app which warns of Coronavirus exposure

The Israeli health ministry released a smartphone app which takes location data from users’ phones in an attempt to determine if they might have been exposed to the COVID-19 Coronavirus. Should you be worried about your privacy? Perhaps not.
Graham Cluley

The Dance of the Pope virus hoax

Friends don’t share virus hoaxes with their friends. They spend five minutes checking their facts before sharing poppycock on social media.
Graham Cluley

Security firm leaves more than five billion records exposed on unsecured database

A massive database, containing more than five billion records derived from past security breaches between 2012 and 2019, has been left unprotected, without any password protection on the internet. And who left it exposed? A security firm.
Graham Cluley

Whatever happened to cryptojacking?

A couple of years ago it felt like you couldn’t turn your head in any direction without seeing another headline about cryptomining and – its more evil sibling – cryptojacking. So, what happened? Read more in my article on the Tripwire...

New Zealand budget details leaked due to website sloppiness, not hackers

Earlier this week, the New Zealand government was claiming that it had suffered a “deliberate and systematic” hacking attack that resulted in budget details ending up in the hands of its political opponents. But that’s not what had really happened…

HiddenWasp malware seizes control of Linux systems

Security researchers have discovered a new strain of malware that they believe is being used in targeted attacks to seize control of Linux systems and open backdoors for remote hackers. Read more in my article on the Tripwire State of...

Smashing Security #130: Doctored videos, Bcc blunders, and a diva

You won’t believe who had to report themselves to the data protection agency for a breach, or who has been sharing doctored videos of political rivals, or how much money you can make selling a laptop infected with malware…...

Hackers stole Flipboard users’ email addresses and hashed passwords

Flipboard warns that hackers gained access to its systems and accessed hashed passwords for nine months.

Free eBook: A Business Owner’s Guide to Cybersecurity

Download the free VIPRE e-book “A Business Owner’s Guide to Cybersecurity” to learn more about how and where cybercriminals are likely to strike and how to protect your business from cyberattacks using a layered security approach.

Huawei’s Worrying New China Problem Just Got Worse: Here’s Why

Huawei used its 2019 results to threaten retaliation against the U.S. But the company now has serious problems closer to home.

Palantir, The $20 Billion, Peter Thiel-Backed Big Data Giant, Is Providing A Coronavirus Monitoring Tool To The CDC

Palantir will help the Centers for Disease Control keep on top of ventilator and mask needs to treat coronavirus victims, sources say.

Defense Evasion Dominated 2019 Attack Tactics

Researchers mapped tactics and techniques to the MITRE ATT&CK framework to determine which were most popular last year.

Watering-Holes Target Asian Ethnic Victims with Flash Update Decoy

About 10 compromised websites employ a multi-stage, targeted effort to fingerprint and compromise victims.

OpenWRT is vulnerable to attacks that execute malicious code

Enlarge (credit: OpenWRT) For almost three years, OpenWRT—the open source operating system that powers home routers and other types of embedded systems—has been vulnerable to remote code-execution attacks because updates were delivered over an unencrypted channel and digital...