Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.


Graham Cluley

6027 Stories by Graham Cluley

Over 300 websites taken down in just two weeks as UK public report suspicious emails

The National Cyber Security Centre (NCSC), which tasks itself with “helping to make the UK the safest place to live and do business online,”...

0 1 min read

For six years Samsung smartphone users have been at risk from critical security bug. Patch now

Samsung has released a security update for its popular Android smartphones which includes a critical fix for a vulnerability that affects all devices sold...

0 0 sec read

Smashing Security podcast #177: Elon Musk, Roblox, and Love Bug author found

What can X Æ A-12 Musk teach us about passwords? How did our guest finally hunt down in Manila the author of one of...

0 2 min read

Kaiji – a new strain of IoT malware seizing control and launching DDoS attacks

Kaiji, a new botnet campaign, created from scratch rather than resting on the shoulders of those that went before it, is infecting Linux-based servers...

0 0 sec read

Tarkett floored by cyber attack

French flooring company Tarkett has revealed that it was hit by a cyber attack on April 29th, and that its operations continue to be...

0 36 sec read

It was 20 years ago today… The Love Bug remembered

It was twenty years ago today, that the Love Bug hit computer systems worldwide.

Which means I know what I was doing exactly twenty years...

3 1 min read

My old-fashioned view on the terms “blacklist” and “whitelist”

The UK’s National Cyber Security Centre (NCSC) has said that it will be changing the terminology it uses on its website, causing some to...

12 1 min read

Ghost blogging platform suffers security breach

Scary stuff as hackers exploit Salt vulnerability in attempt to mine cryptocurrency on breached blogging platform’s servers.

0 2 min read

Cybercriminals are using Google reCAPTCHA to hide their phishing attacks

Security researchers say that they are seeing cybercriminals deploying Google’s reCAPTCHA anti-bot tool in an effort to avoid early detection of their malicious campaigns.


0 0 sec read

Newly-discovered Android malware steals banking passwords and 2FA codes

Security researchers are warning of a new mobile banking trojan that steals details from over 200 financial apps and intercepts SMS messages to bypass...

0 0 sec read

Smashing Security podcast #176: Hacking hacks and university attacks

Journalists spying on their rivals, the NHS rejects Apple and Google’s approach to Coronavirus-tracing, and universities are hit by an old-fashioned sexy lady attack....

0 1 min read

Shade ransomware calls it a day, 750,000 decryption keys released

Even if you can’t pay the ransom and don’t have a backup, don’t destroy your garbled data believing that you’ll never be able to...

2 1 min read

A GIF image could have let hackers hijack Microsoft Teams at your firm

A critical vulnerability has been patched in the Microsoft Teams work collaboration platform after security researchers discovered a way in which hackers could compromise...

0 0 sec read

Don’t vote for me and Smashing Security in the EU Security awards

The seventh annual European Cybersecurity Blogger Awards are now open to the public vote. Let them know what your favourite security blogs, podcasts,...

0 2 min read

Hackers’ malicious script skimmed credit card details off Robert Dyas website

UK DIY, electricals, and houseware chain Robert Dyas has revealed that malicious code on Robert Dyas’s payment page was secretly skimming the credit card...

0 1 min read

Called to an urgent Zoom meeting with HR? It might be a phishing attack

Cybercriminals have sent out emails attempting to trick remote workers into believing they need to join a Zoom meeting to discuss their future employment.

1 50 sec read