Apple confirms it’s closing security loophole that police were using to crack iPhones

Yes, Apple is toughening up the security of iPhones with iOS 12. Yes, the steps Apple is taking will make it harder for law enforcement agencies to thwart iPhone security. But no, that’s not the reason Apple is doing it.

Read more in my article on the Tripwire State of Security blog.

0 sec read

Bitcoin price takes a dive after another cryptocurrency exchange hack

There’s bad news if you’re a cryptocurrency investor. Billions of dollars worth of wealth were wiped out this weekend after a South Korean cryptocurrency exchange was hacked.

2 min read

Delete all your emails and acid wash your hard drives, says security expert Sean Hannity

Some people don’t know if you should trust the media anymore, with accusations of fake news flying here, there, and everywhere.

Which makes me wonder who can you trust for computer security advice? How about a TV host?

1 min read

End-to-end encryption doesn’t stop the FBI reading your messages. Just ask Paul Manafort

End-to-end encryption is really neat, but it only encrypts *between* those who are doing the communicating.

59 sec read

Despite Efail, the sky is not falling

The Efail attack on encrypted emails is sneaky, but it doesn’t seem to be all that it’s hyped up to be.

2 min read

Critical vulnerabilities in PGP/GPG and S/MIME email encryption, warn researchers

Brace yourself, there’s a security scare involving encrypted email that could see your past sensitive messages exposed.

It’s name? “Efail.”

1 min read


The NSA wants its algorithms to be a global IoT standard. But they’re simply not trusted

Part of the concern is that the Simon and Speck algorithms might contain encryption backdoors that would be abused by US authorities.

Read more in my article on the Bitdefender Box blog.

0 sec read

Signal and Telegram messaging services offline for some hours

Users of the popular encrypted messaging services Signal and Telegram have been reporting problems accessing the services.

44 sec read


All HTTP websites to soon be marked as ‘not secure’ by Google Chrome

If you’re still running a website that is using insecure HTTP then it’s time to wake up and drink the coffee.

Because unless you take action soon, you’re going to find many of your visitors are going to distrust your website.

Read more in my article on the We Live Security blog.

0 sec read

Smashing Security #062: Tinder spying, Amazon shoplifting, and petrol pump malware

Your Tinder swipes can be spied upon, Amazon is opening high street stores that don’t require any staff, and Russian fuel pumps are being infected with malware in an elaborate scheme to make large amounts of money.

With Carole on a top secret special assignment, it’s left to security veteran Graham Cluley to discuss all this and much much more on the “Smashing Security” podcast with special guests David McClelland and Vanja Švajcer.

1 min read

Smashing Security podcast #059: An intro to Bitcoin and Blockchain

In this special “splinter” episode of the “Smashing Security” podcast we take a look at Bitcoin and Blockchain. What’s all the fuss about cryptocurrencies? How can you protect your Bitcoin wallet? And how does the Blockchain work?

Listen to the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Peter Ullrich of the “Explain Blockchain” podcast.

34 sec read


Amazon moves to stop S3 buckets leaking business data

Businesses don’t need to be targeted by sophisticated hackers to have private and sensitive data splashed across the newspaper headlines.

Read more in my article on the Bitdefender Business Insights blog.

0 sec read


FBI failed to break into nearly 7000 mobiles due to encryption

Unless law enforcement agencies can find a way to bypass the device’s security by exploiting a software flaw, the best they can hope for is to guess a mobile phone’s passcode or to find a suspect willing to cough up.

Read more in my article on the Hot for Security blog.

0 sec read

Smashing Security podcast #048: KRACK, North Korea, and an 18th century cyber attack

KRACK! Has the Wi-Fi vulnerability got you worried? Did North Korea hack a British TV company? And what have Dutch police learnt from Pokémon?

All this and more is discussed in the latest edition of the “Smashing Security” podcast by Graham Cluley and Carole Theriault, joined this week by Virus Bulletin editor Martijn Grooten.

50 sec read

KRACK Wi-Fi attack – the rules haven’t changed

KRACK may be the biggest vulnerability of the year – a flaw in the WPA2 protocol used to encrypt Wi-Fi communications.

1 min read


Disqus reveals data breach, but wins points for transparency

Disqus has public announced that its user database leaked in 2012, exposing the usernames, email addresses, sign-up dates, and last login dates of more than 17 million users.

Read more in my article on the Hot for Security blog.

0 sec read