Tag: Graham Cluley
Snatch ransomware – what you need to know
The FBI and US Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint advisory warning organisations about a ransomware-as-a-service operation called "Snatch."
Learn more about the threat in my article for the Tripwire State of Security blog.
Donald Trump Jr’s hacked Twitter account announces his father has died
Donald Trump Jr may not have just inherited his famous father's name. He may also have inherited his bad password security.
Smashing Security podcast #340: Heated seats, car privacy, and Graham’s porn video
Do you know what data your car is collecting about you? Do you think it’s right for a car manufacturer to collect a subscription to keep your bottom warm? And just why has YouPorn sent an email to Graham...
What a mess! Clorox warns of “material impact” to its financial results following cyberattack
Clorox, the household cleaning product manufacturer, has admitted that its financial results for the first quarter could see a "material impact" after hackers attacked its systems.
Read more in my article on the Hot for Security blog.
The Expel Quarterly Threat Report distills the threats and trends the Expel SOC saw in Q2. Download it now.
Graham Cluley Security News is sponsored this week by the folks at Expel. Thanks to the great team there for their support! Every quarter, the Expel security operations centre (SOC) publishes its Quarterly Threat Report (QTR) to distill all...
Yikes! My sex video has been uploaded to YouPorn, apparently
Apparently YouPorn's AI algorithm has detected me in an uploaded sex video.
All I have to do is pay hundreds of dollars worth of Bitcoin to prevent it from being published.
BLASTPASS: Government agencies told to secure iPhones against spyware attacks
CISA, the United States's Cybersecurity and Infrastructure Security Agency, has ordered federal agencies to patch their iPhones against vulnerabilities that can be used as part of a zero-click attack to install spyware from the notorious NSO Group.
Read more in...
Greater Manchester Police latest force to suffer serious data breach
Uh-oh, yet another UK police force has suffered a serious data breach.
After the incidents involving Cumbria Police, Norfolk and Suffolk Police, and – perhaps worst of all – the PSNI in Northern Ireland, it’s now Greater Manchester Police finding...
Automation is key to effective and efficient pentest reporting
Graham Cluley Security News is sponsored this week by the folks at PlexTrac. Thanks to the great team there for their support! Getting high-quality, actionable pentesting reports doesn’t have to take hours. In fact, automating your processes with PlexTrac...
Car companies are collecting data on your sex life, and apparently you’re fine with that
It seems modern cars are gobbling up all kinds of data about their drivers including - astonishingly - details of their sex lives.
Smashing Security podcast #339: Bitcoin boo-boo, deepfakes for good, and time to say goodbye to usernames?
Deepfakes are being used for good (perhaps), common usernames could pose a security threat, and someone has paid a $500,000 fee... just to send $1,865.
Oh, and our guest mentions Mr Blobby (to the horror of the show's hosts...)
All this...
North Korean hackers targeting vulnerability researchers with zero-day attacks, Google warns
State-sponsored hackers, backed by the regime in North Korea, are believed to be using zero-day exploits to target cybersecurity researchers working in the field of vulnerability research and development.
Read more in my article on the Hot for Security blog.
Thousands of dollars stolen from Texas ATMs using Raspberry Pi
A Texas court has heard how last month a gang of men used a Raspberry Pi device to steal thousands of dollars from ATMs.
Read more in my article on the Tripwire State of Security blog.
Smashing Security podcast #338: Catfishing services, bad sports, and another cockup
AI news is bad news, an online service to catch your cheating partner, and an IoT-enabled dick cage fails to keep a grip on its own security.
All this and much much more is discussed in the latest edition of...
New Zealand budget details leaked due to website sloppiness, not hackers
Earlier this week, the New Zealand government was claiming that it had suffered a “deliberate and systematic” hacking attack that resulted in budget details ending up in the hands of its political opponents.
But that’s not what had really happened…
HiddenWasp malware seizes control of Linux systems
Security researchers have discovered a new strain of malware that they believe is being used in targeted attacks to seize control of Linux systems and open backdoors for remote hackers.
Read more in my article on the Tripwire State of...
Smashing Security #130: Doctored videos, Bcc blunders, and a diva
You won’t believe who had to report themselves to the data protection agency for a breach, or who has been sharing doctored videos of political rivals, or how much money you can make selling a laptop infected with malware…...
Hackers stole Flipboard users’ email addresses and hashed passwords
Flipboard warns that hackers gained access to its systems and accessed hashed passwords for nine months.
Free eBook: A Business Owner’s Guide to Cybersecurity
Download the free VIPRE e-book “A Business Owner’s Guide to Cybersecurity” to learn more about how and where cybercriminals are likely to strike and how to protect your business from cyberattacks using a layered security approach.
From Watering Hole to Spyware: EvilBamboo Targets Tibetans, Uyghurs, and Taiwanese
Tibetan, Uyghur, and Taiwanese individuals and organizations are the targets of a persistent campaign orchestrated by a threat actor codenamed EvilBamboo to gather sensitive information.
"The attacker has created fake Tibetan websites, along with social media profiles, likely used to deploy browser-based...
In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover
A critical vulnerability in the TeamCity CI/CD server could allow unauthenticated attackers to execute code and take over vulnerable servers.
The post In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover appeared first on SecurityWeek.
Predator Spyware Delivered to iOS, Android Devices via Zero-Days, MitM Attacks
Predator spyware delivered to iPhones and Android devices using iOS and Chrome zero-day vulnerabilities and MitM attacks.
The post Predator Spyware Delivered to iOS, Android Devices via Zero-Days, MitM Attacks appeared first on SecurityWeek.
BEC Scammer Pleads Guilty to Part in $6m Scheme
Nigerian was extradited to the US from Canada
Researchers Spot Novel “Deadglyph” Backdoor
Malware is linked to UAE-backed spies
