Action Fraud? Inaction Fraud

In recent months serious questions have been raised about whether victims of cybercrime are getting the support they deserve from the UK’s national fraud reporting centre.

1 min read

Alexa and Google Home devices can be exploited to eavesdrop on users, phish passwords

Researchers have shown just how easy it is for third-parties to exploit the so-called “smart” speakers that many home owners have purchased to eavesdrop on conversations and even steal passwords and credit card details.

Read more in my article on the Bitdefender BOX blog.

0 sec read

Avast fends off hacker who breached its internal network in copycat CCleaner attack

Czech anti-virus firm Avast has been targeted for a second time by hackers seemingly attempting to plant malware inside a malicious CCleaner update.

1 min read

About that “Any fingerprint can unlock your Samsung Galaxy S10” report

Plenty of headlines are warning about anyone’s fingerprint being able to unlock a Samsung Galaxy S10, but I’m not sure it’s quite as simple as that…

2 min read

Smashing Security #150: Liverpool WAGs, Facebook politics, and a selfie stalker

Footballers’ wives go to war over Instagram leaks, it turns out fake news is fine on Facebook (just so long as it’s in a political ad), and things take a horrific turn in Japan, as a stalker uses a scary technique to find out where his pop idol lives.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Dave Bittner.

1 min read

Ransomware attack hits Pitney Bowes, impacting company mail rooms around the world

Global shipping and mailing service Pitney Bowes has fallen foul of a ransomware attack that has encrypted data on its computer systems and disrupted customer access to its online services.

Read more in my article on the Hot for Security blog.

0 sec read

Fake iOS Checkra1n jailbreak site installs slot machine game, generates click-fraud revenue

A website that promises to jailbreak your iPhone using the Checkm8 exploit actually installs apps with the intention of generating click-fraud revenue.

56 sec read

Alleged “Psycho” hacker in court over EtherDelta cryptocurrency robbery

An alleged hacker has appeared in a US federal court to answer charges related to the theft of at least $1.4 million in cryptocurrency from the EtherDelta cryptocurrency exchange platform in December 2017.

Read more in my article on the Hot for Security blog.

0 sec read

Stalker zoomed in on Japanese idol’s eyes to find out where she lived

An obsessed fan assaulted J-Pop star Ena Matsuoka after determining where she lived by zooming in on selfies she had posted on social media, and examining the reflection in her eyes.

2 min read

Smashing Security #149: Falling in love with fraudsters

We take a trip to Staten Island, New York, to hear how a case of cyberstalking resulted in the arrest of 20 alleged mobsters, learn about the nude photo-loving insider threat at Yahoo, and discover how fraudsters might be boosting’s profits.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by Graham Cluley and Carole Theriault, joined this week by Ran Levi of “Malicious Life.”

2 min read

Ransomware victim hacks attacker, turning the tables by stealing decryption keys

A victim of the Muhstik ransomware paid his attackers money to recover his files, but then wrought his revenge by hacking them right back.

Read more in my article on the Tripwire State of Security blog.

0 sec read

Yes, MFA isn’t perfect. But that’s not a reason for your company not to use it

Multi-factor authentication is one of the simplest steps you can take to harden your security. It would be an enormous mistake to think it is worthless just because it’s not a perfect solution.

Read more in my article on the Bitdefender Business Insights blog.

0 sec read

Toms Shoes newsletter “hacked by a nice man”

Footwear retailer Toms has had its email newsletter compromised by someone who calls himself “a nice man”.

And he has strong opinions on the behaviour of other hackers…

1 min read

How a GIF could let a hacker view your WhatsApp messages

A flaw in WhatsApp could have allowed hackers to snoop upon your chat history just by tricking you into opening a boobytrapped GIF image.

If you’re going to run WhatsApp, make sure that it’s properly updated.

1 min read