Practical steps for strengthening your company's password rules

Practical steps for strengthening your company's password rules

If we can build better rules for acceptable passwords, we can do a better job of protecting users' privacy and confidential company databases.

Read more in my article on the Bitdefender Business Insights blog.

Read more...

Tags: , ,

Subscribe to the free GCHQ newsletter


Epic Games forums hacked again – personal information put at risk

Epic Games forums hacked again – over 800,000 gamers put at risk

More than 800,000 usernames, email addresses, and birth dates are thought to have been stolen by hackers from online forums run by Epic Games.

Read more in my article on the We Live Security blog.

Read more...

Tags: , , , ,

Subscribe to the free GCHQ newsletter


Ransom thumb

DetoxCrypto ransomware-as-a-service rears its ugly head

Pokémon-friendly ransomware has monstrous intentions.

David Bisson reports.

Read more...

Tags: , ,

Subscribe to the free GCHQ newsletter


Wikipedia's Jimmy Wales didn't die this weekend, despite what his hacked Twitter account said

Wikipedia's Jimmy Wales didn't die this weekend, despite what his hacked Twitter account said

No, Jimmy Wales, founder of Wikipedia, isn't dead.

But his Twitter *did* get hacked.

Read more in my article on the Hot for Security blog.

Read more...

Tags: , , ,

Subscribe to the free GCHQ newsletter


Smart IoT socket suffers from dumb security vulnerabilities

Smart IoT socket suffers from dumb security vulnerabilities

Researchers have come across flaws in an internet-enabled power socket as part of their ongoing efforts to raise awareness about IoT security.

David Bisson reports.

Read more...

Tags: , ,

Subscribe to the free GCHQ newsletter


Now WikiLeaks is distributing malware

Veteran anti-virus researcher Vesselin Bontchev has discovered that there are thousands of samples of malware available for download from the WikiLeaks website.

The malware found by Bontchev is found in a large tranche of emails leaked from AKP, a Turkish political party.

Bontchev writes:

Since many of the AKP members have been recipients of malware sent by e-mail (most likely random spam but could have also been targeted attacks), the received malware in the e-mails is also present in the dump. As a result, the Wikileaks site is hosting malware. For the record, I consider this to be extremely irresponsible from the part of Wikileaks. Malware distribution is not "journalism" by any definition of the term.

Bontchev found 3277 malicious files on the WikiLeaks site, accessible to anyone on the internet via a single click.

Of course, it's perfectly possible that the true number of malware samples published on the WikiLeaks site is much larger than this. Bontchev's focus so far has been on one particular email dump, and used the VirusTotal service to determine if a file was identified as malicious or not.

Furthermore, one cannot discount the possibility that some of the email dumps published by WikiLeaks contain targeted attacks that are not presently detected by any anti-virus product.

WikiLeaks has been criticised before for its unwillingness to curate the leaked information that it leaks - by, amongst others, no less than Edward Snowden.

Anti-virus industry old-timers like me and Bontchev are left with our heads in our hands when we hear that WikiLeaks is apparently making no efforts whatsoever to prevent its readers from encountering malware samples.

Tags: ,

Subscribe to the free GCHQ newsletter


Macher thumb

New firmware update? No, it's the devious Marcher Android trojan up to no good

The Marcher trojan has come up with a new way to infect Android users: pose as a fake firmware update.

David Bisson reports.

Read more...

Tags: ,

Subscribe to the free GCHQ newsletter


Get trending info on hackers, exploits, and vulnerabilities every day for FREE with the Recorded Future Cyber Daily [Sponsor] SPONSOR

Get FREE threat intelligence on hackers and exploits with the Recorded Future Cyber Daily

Many thanks to the great folks at Recorded Future, who have sponsored my writing for the last few weeks.

Recorded Future provides deep, detailed insight into emerging threats by automatically collecting, analyzing, and organizing billions of data points from the Web.

And now, with its FREE Cyber Daily email all IT security professionals can access information about the top trending threat indicators - helping you use threat intelligence to help make better decisions quickly and easily.

Which means that you will be able to benefit from a daily update of the following:

  • Information Security Headlines: Top trending news stories.
  • Top Targeted Industries: Companies targeted by cyber attacks, grouped by their industries.
  • Top Hackers: Organizations and people recognized as hackers by Recorded Future.
  • Top Exploited Vulnerabilities: Identified vulnerabilities with language indicating malcode activity. These language indicators range from security research ("reverse engineering," "proof of concept") to malicious exploitation ("exploited in the wild," "weaponized").
  • Top Vulnerabilities: Identified vulnerabilities that generated significant amounts of event reporting, useful for general vulnerability management.

Infosec professionals agree that the Cyber Daily is an essential tool:

"I look forward to the Cyber Daily update email every morning to start my day. It's timely and exact, with a quick overview of emerging threats and vulnerabilities. For organizations looking to strengthen their security program with threat intelligence, Recorded Future’s Cyber Daily is the perfect first step that helps to prioritize security actions." - Tom Doyle, CIO at EBI Consulting.

So, what are you waiting for?

Sign up for the Cyber Daily today, and starting tomorrow you'll receive the top trending threat indicators.


If you’re interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.

Read more...

Subscribe to the free GCHQ newsletter


Following data breach, Sage employee arrested at Heathrow airport

City of London Police arrested a 32-year-old woman at Heathrow airport yesterday on "suspicion of conspiracy to defraud".

According to police, the arrested woman is a current employee of Sage.

Sage made the headlines earlier this week after the online accounting and payroll company announced it had suffered a data breach, putting the details of approximately 280 UK and Irish companies at risk.

Sage described this as a "small number" of their customers. And it is a small percentage, considering over half a million British businesses are thought to be using Sage's payroll software.

But, of course, that's little consolation if you're one of the customers whose data was put at risk by the breach. And the number alone doesn't tell us anything about the size of the companies affected, or how many employees of those companies could also potentially have had their identities and financial details put in danger.

Police say that the woman arrested at Heathrow airport has been released on bail.

Sage said that an internal login had been used to access the sensitive information.

It's worth underlining that the woman arrested has not been charged with any offence, let alone convicted... but this might be a timely reminder for all businesses to not focus solely on external attackers over the internet but recognise that there can also be considerable dangers posed by insiders if your workforce turns rogue.

Tags: , ,

Subscribe to the free GCHQ newsletter


Why do we ignore up to 90% of computer security alerts? Because we’re terrible at multi-tasking…

Why do we ignore up to 90% of computer security alerts? Because we’re terrible at multi-tasking…

Interrupting security pop-ups are ineffective, researchers claim after studying brain activity.

Read more in my article on the State of Security blog.

Read more...

Tags: ,

Subscribe to the free GCHQ newsletter


A new low! SMS scammers prey on parents' fears to make a few bucks

A new low! SMS scammers prey on parents' fears to make a few bucks

Fraudsters are sending fake SMS messages to parents, purporting to be about a terrible car accident involving their children.

David Bisson reports.

Read more...

Tags: ,

Subscribe to the free GCHQ newsletter


Video of Hillary Clinton meeting ISIS leader? Nah, it's a malware attack

Symantec writes:

Cybercriminals are using clickbait, promising a video showing Democratic Party presidential nominee Hillary Clinton exchanging money with an ISIS leader, in order to distribute malicious spam emails.

The email's subject announces “Clinton Deal ISIS Leader caught on Video,” however there is no video contained in the email, just malware. Adding to the enticement, the email body also discusses voting, asking recipients to “decide on who to vote [for]” after watching the non-existent clip.

Attached to the email is a ZIP archive, containing a Java file. Make the mistake of opening the Java file (in the mistaken belief that you are going to see a controversial video) and you will be infecting your computer with the Adwind backdoor Trojan horse.

It's not unusual for criminals to use these kind of disguises to make their malicious emails more tempting to click on, and we've seen attacks like this during previous presidential election campaigns. Expect more of the same, and be on your guard.

Tags: , ,

Subscribe to the free GCHQ newsletter


IT security woman hits back at sexist trolls on LinkedIn

UK IT security firm Foursys writes:

Should we police or dictate how our employees dress? Should we only allow them to represent our brand if they have a specific body type or sense of style?

What about internet commenters or trolls? Is it ok for them to bombard our employees with abuse?

Foursys is asking these questions after Jayde, one of its sales executives, appeared in a harmless social media post on LinkedIn - celebrating that the firm now had 500 followers on the professional social network.

The response on LinkedIn was ghastly, with many offensive, derogatory and often sexual comments made towards Jayde.

Jayde, however, has stood up to the bullies - making her own brave video response where she details some of the abuse she received:

"For all of those who say that I know nothing about IT security: Shame on you. I know more than 99% of people you'd meet on the street. I can tell you what a denial-of-service attack is, how SQL injection works, and how to your protect against ransomware. To be perfectly clear: Bullying and shaming people because of the way that they look or how they choose to dress is nasty, and I am not just going to take it - and neither should you."

Hear hear.

I find it extraordinary that some people would make such hurtful and mean remarks... and particularly dumb that so many did so on LinkedIn, which details their real names, jobs and places of employment.

Seriously, the IT security world needs to grow up and stop thinking that women can be treated in such an appalling way.

Watch Jayde's video response to the cyber-bullies on YouTube, and read more in Foursys's blog post.

Tags: , , ,

Subscribe to the free GCHQ newsletter