Law & order

Smashing Security #137: Porn trolling lawyers, Insta hacking, and Ctrl-Alt-LED

Erection your honour! Lawyers find themselves behind bars after they make porn movies in an attempt to scam internet users, boffins in Israel detail a way to steal data from an air-gapped computer, and Instagram coughs up $30,000 after a researcher finds a simple way to hack into anybody’s account.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast.


1 min read

bitdefender.com

Marriott faces £99.2 million fine after hack exposed 393 million hotel guest records

The UK’s Information Commissioner’s Office (IOC) has announced its intention to fine the US hotel group Marriott International £99.2 million (US $123 million) for a data breach that exposed the personal details of hundreds of millions of guests.

Read more in my article on the Hot for Security blog.


0 sec read

bitdefender.com

Derp! DDoS attacker who brought down EA, Sony, and Steam jailed for 27 months

A 23-year-old man has plenty of time to mull over whether it’s funny to launch distributed denial-of-service attacks against online video gaming services, after he was sentenced to prison this week.

Read more in my article on the Hot for Security blog.


0 sec read

You lost US Customs Border data? You’re losing your government contracts…

“Evidence of conduct indicating a lack of business honesty or integrity” led to suspension of federal contracts for hacked subcontracting firm.


1 min read

Ex-Equifax CIO, who knew about huge data breach, jailed for insider trading

So, just what was Equifax doing during those 40 days between discovering it had been hacked and sharing the bad news with the world?

Well, now we know. Or at least we know what Jun Ying, the CIO of Equifax US Information Solutions, was doing.


1 min read

tripwire.com

After €24 million stolen by typosquatting a cryptocurrency exchange, six people arrested

European police have arrested six people as part of an investigation into a theft which saw €24 million (US $27 millon) stolen from users of cryptocurrency exchange.

Read more in my article on the Tripwire State of Security blog.


0 sec read

Smashing Security #134: Sextortion, silicone face masks, and a DDoS doofus

Scammers steal millions by impersonating a French politician, we offer fashion tips for DDoS attackers, and hear how a small town fought a sextortionist preying on young women.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Jessica Barker.


1 min read

400GB of hacked files from US border surveillance contractor are available for anyone to download

Stolen CBP data has been distributed via torrent sites, and is now available for anyone to download.


1 min read

bitdefender.com

Two brothers arrested for Bitfinex hack and multi-year cryptocurrency phishing campaign

Computer crime authorities in Israel have arrested two brothers in connection with a phishing campaign that spread over multiple years and the 2016 hack of the Bitfinex cryptocurrency exchange.

Read more in my article on the Hot for Security blog.


0 sec read

Smashing Security #133: Cookie cock-ups, Hong Kong protests, and smart TV virus scans

We head to Hong Kong to look at how technology has helped anti-government protesters (and how China has tried to disrupt it), Samsung is skittish over whether to tell TV owners to virus-scan their devices, and you won’t believe whose website is not GDPR-compliant.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by James Thomson.


1 min read

tripwire.com

DDoS attack that knocked Telegram secure messaging service offline linked to Hong Kong protests

An attack which targeted users of the Telegram app on Wednesday might be linked to protests in Hong Kong that turned violent.

Read more in my article on the Tripwire State of Security blog.


0 sec read

Smashing Security #132: CBP cyber attack, an iPhone privacy boost, and Twitter list abuse

United States Customs and Border Protection had sensitive data stolen, but the hackers didn’t have to breach its network. Apple has ambitious plans to make iPhone users safer online. And trolls are using Twitter lists to target their victims.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.


1 min read

Facebook lawyer argues you should have ‘no expectation of privacy’

Next time someone connected to Facebook tries to convince you that it’s now really serious about privacy you know they’re pulling your leg.


1 min read

Data protection authority reports itself to itself after data breach

The Dutch Data Protection Authority has confessed to making the same kind of mistake that many others have made before – sending out an email with a long list of email addresses listed for all to see in the Cc: rather than hidden away via the Bcc: field.


56 sec read

New Zealand budget details leaked due to website sloppiness, not hackers

Earlier this week, the New Zealand government was claiming that it had suffered a “deliberate and systematic” hacking attack that resulted in budget details ending up in the hands of its political opponents.

But that’s not what had really happened…


1 min read

Smashing Security #130: Doctored videos, Bcc blunders, and a diva

You won’t believe who had to report themselves to the data protection agency for a breach, or who has been sharing doctored videos of political rivals, or how much money you can make selling a laptop infected with malware… and how Carole gets her diva on.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault.


2 min read