48 million people put at risk after firm that scraped info from social networks left it exposed for anyone to download

48 million people put at risk after firm that scraped social networks left data exposed for anyone to download

Chances are that you’ve never heard of Washington-based data firm LocalBlox. But that doesn’t mean that they haven’t heard of you. And it doesn’t mean that your personal information hasn’t been recklessly exposed through their sloppy disregard for the most basic security.

Read more in my article on the Hot for Security blog.

Read more...
Smashing Security #074: Smashing Security isn't bullsh*t PODCAST

Smashing Security #074: Smashing Security isn’t bullsh*t

Crime forums on Facebook, fraudsters pose as anti-fraud hotlines, and how big advertising companies are in bed with the rampant data collection of internet giants.

All this and more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest B J Mendelson, author of “Social media is bullsh*t.”

Read more...
12 Common Threat Intelligence Use Cases SPONSOR

12 Common Threat Intelligence Use Cases

Many thanks to the great folks at Recorded Future, who have sponsored my writing for the last week.

Recorded Future provides the only complete threat intelligence solution powered by patented machine learning to help security teams defend against cyberattacks.

Are you using threat intelligence to its full potential?

The term “threat intelligence” is often misunderstood and with so many security options out there, organizations struggle to find the right solution to meet their needs. The Gartner “Market Guide for Security Threat Intelligence Products and Services” explains the different use cases and how to best leverage threat intelligence in your organization.

You will learn how to:

  • Identify 12 common threat intelligence use cases.
  • Align these use cases to your specific requirements.
  • Implement strategies for getting value from threat intelligence.
  • Evaluate vendors based on your business needs.

Download this report to get clarity on threat intelligence definitions and learn how to make the right decisions for your organization today.


If you’re interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.

Read more...
Smashing Security #073: Rick Astley: Never gonna hack you up PODCAST

Smashing Security #073: Rick Astley: Never gonna hack you up

Politician admits to hacking a rival’s website, T-Mobile Austria ends up in a Twitter security storm, and siren systems are hit by a Rick Astley attack.

All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest Maria Varmazis.

Read more...
Join SC Media for their 12th annual cybersecurity conference, RiskSec, in New York! SPONSOR

Join SC Media for their 12th annual cybersecurity conference, RiskSec, in New York!

Many thanks to the great folks at SC Media, who have sponsored my writing for the last week.

SC Media’s 12th annual security conference, RiskSec (previously branded as SC Congress) will be held May 31 in New York City. This event will provide insights from thought leaders across various industries, focusing on the most significant issues that CISOs and other security professionals face every day.

Features include:

  • Interactive learning sessions
  • Demos from 25 prominent tech companies
  • 30+ industry-leading speakers
  • Ability to earn up to 9 CPE credits
  • Breakfast and lunch from executive chef
  • Cocktail reception

In 2017, there was a record number of massive data breaches that compromised millions of users’ data and cost senior-level executives their jobs. This event is a great opportunity to collaborate and continue to improve defense techniques.

Use discount code CLULEY for $100 off admission.

RiskSec is a selective event for senior security professionals. Space is limited and the event will sell out.


If you’re interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.

Read more...