News

tripwire.com

Cosmic Lynx: The highly-professional cybercrime gang scamming businesses out of millions of dollars

Things just got serious.

Business Email Compromise is no longer solely the province of chancers. Organised criminal gangs with a high level of professionalism have seen the opportunity and seized it.

Read more in my article on the Tripwire State of Security blog.

Smashing Security podcast #186: This one’s for all the Karens!

A high-rolling Hushpuppi gets extradited to the United States, Carole details her problems with clipboards and Disposophobia, and our guest becomes the subject of fake news during the Senegalese election.

All this and much much more is discussed in the latest edition of the “Smashing Security” podcast with Graham Cluley and Carole Theriault, joined this week by investigative journalist Michelle Madsen.

bitdefender.com

Ex-Yahoo employee avoids jail, despite hacking 6000 accounts, and stealing nude photos and videos

A former employee of Yahoo has been sentenced and ordered to pay a fine after exploiting his privileged access to hack into the personal accounts of thousands of Yahoo users, in his hunt for naked photographs and videos of young women.

Read more in my article on the Hot for Security blog.

Appearing on the Hacker Valley Studio podcast

Early last month Ron Eddings and Chris Cochran were kind enough to invite me back on their podcast, “Hacker Valley Studio” – and now the episode has been published!

Take a listen.

Hackers hijack Twitter account of Russia’s Ministry of Foreign Affairs, offer to sell stolen data

A hacked Russian government Twitter account offers to sell a tourist database for 66 bitcoins (approximately US $499,000).

Has your Roblox account been hacked to support Donald Trump?

Over 2000 accounts on the Roblox gaming platform have been hacked…

…not to make money or steal information, but to support Donald Trump’s re-election as US President.

How to better protect your Roblox account from hackers with two-step verification (2SV)

Accounts on the popular online gaming platform keep getting hacked. So, how can you better protect your Roblox account?

Websites of eight US cities poisoned by malware skimming the credit card details of residents

Beware if you’re paying your bills for local government services – the payment information you type into that web form may be heading straight to cybercriminals.

tripwire.com

22,900 MongoDB databases held to ransom by hacker threatening to report firms for GDPR violations

Hackers are once again finding unsecured MongoDB databases, wiping their contents, and leaving ransom demands.

So far, so normal. But what’s different this time is that they’re also threatening to report their victims for violating GDPR.

Read more in my article on the Tripwire State of Security blog.

Smashing Security podcast #185: Bieber fever, Roblox, and ransomware

Who’s been dressing Robox players up in red baseball caps? Which ransomware victim’s negotations got spied on by the media? And should Jason Bieber think twice before touching his hat? Oh, and we need to talk about squirrels…

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast.

Watching a $1.14 million ransomware negotiation between hackers and scientists searching for COVID-19 treatments

An anonymous tip-off to BBC News enabled them to watch in real-time as an American medical university attempted to negotiate with the hackers who had infected its systems with ransomware.

bitdefender.com

Voice recordings from domestic violence alerting app exposed on the internet

A smartphone app, disguised as a regular app delivering the top world, sports, and entertainment news, containing a secret feature that allows victims of domestic abuse to send a covert distress call for help at the touch of a button.

What could possibly go wrong?

Read more in my article on the Hot for Security blog.