Link list

IT security woman hits back at sexist trolls on LinkedIn

UK IT security firm Foursys writes: Should we police or dictate how our employees dress? Should we only allow them to represent our brand if they have a specific body type or sense of style? What about internet commenters or trolls? Is it ok for them to bombard our employees with abuse? Foursys is asking


1 min read

A simple way to kill off Twitter trolls

@th3j35t3r writes on his blog: Simply put. If Jim is blocked by John, Jim can no longer even utter Johns handle/twittername in a tweet. If he attempts to the tweet simply doesn’t process or gets sinkholed. Period. The end. Forever, or until John unblocks him. This approach would not infringe on Jim’s ‘freedom of speech’,


36 sec read

Tor users in the States were hacked by Australian authorities

Joseph Cox at Motherboard writes: Australian authorities hacked Tor users in the US as part of a child pornography investigation, Motherboard has learned. The contours of this previously-unreported hacking operation have come to light through recently-filed US court documents. The case highlights how law enforcement around the world are increasingly pursuing targets overseas using hacking


53 sec read

Blogger turns tables on cyber-scammer by infecting them with ransomware

BBC News reports: A French security researcher says he managed to turn the tables on a cyber-scammer by sending him malware. Technical support scams try to convince people to buy expensive software to fix imaginary problems. But Ivan Kwiatkowski played along with the scheme until he was asked to send credit card details. He instead


39 sec read

Someone seems to be trying to spy on VeraCrypt’s security audit

At the start of this month OSTIF (the Open Source Technology Improvement Fund) announced that it had agreed a plan to get the open source disk encryption tool VeraCrypt independently audited. The audit, which would look for security holes and weaknesses in VeraCrypt’s code, would be done in co-ordination with vulnerability researchers from QuarksLab. So


46 sec read

Almost all cars sold by VW Group since 1995 at risk from unlock hack

Wired writes: Later this week at the Usenix security conference in Austin, a team of researchers from the University of Birmingham and the German engineering firm Kasper & Oswald plan to reveal two distinct vulnerabilities they say affect the keyless entry systems of an estimated nearly 100 million cars. One of the attacks would allow


1 min read

Secure email service GhostMail shutting down, in fear of being abused

GhostMail, a site that offered “military encrypted and self-destructing email accounts”, has announced that it is closing down: GhostMail in its current form will be closed down as per 1. of September 2016. Since we started our project, the world has changed for the worse and we do not want to take the risk of


52 sec read

Sorry, your Motorola Android isn’t going to get monthly security updates

Well, this sucks if you’ve spent good money on a Motorola smartphone. The firm has confirmed to Ars Technica that it isn’t going to commit to monthly security updates, even though Google will have released patches for the Android operating system. Here’s what they told Ron Amadeo at Ars Technica: “Motorola understands that keeping phones


36 sec read

SentinelOne says if you get hit by ransomware, it will pay the ransom

SentinelOne writes: We’ve created the first ever Ransomware Cyber Guarantee – a warranty for our product’s performance. It’ll give you the best protection from ransomware attacks – and if we miss something and you get infected – we’ll pay the ransom. It’s that simple. And it’s how security is supposed to be. If you can


32 sec read

Police 3D print murder victim’s finger to unlock his phone

Fusion reports: A man was murdered, and the police think there might be clues to who murdered him stored in his phone. But they can’t get access to the phone without his fingerprint or passcode. So instead of asking the company that made the phone to grant them access, they’re going another route: having the


49 sec read

When the people selling you IT security solutions hack into their rival’s database…

The Register reports: Five men working at UK-based IT security reseller Quadsys confessed today to hacking into a rival’s database. Owner Paul Streeter, managing director Paul Cox, director Alistair Barnard, account manager Steve Davies and security consultant Jon Townsend appeared before the beak at Oxford Crown Court. “All pleaded guilty to obtaining unauthorised access to


49 sec read

Turns out that you can’t trust ‘Trump free Wifi’ at the Republican National Congress

The cheeky japesters at Avast created a series of fake Wi-Fi networks at various locations around the Republican National Congress in Cleveland, as Silicon Angle reports: Avast’s team set up several networks, using names such as “Trump free Wifi” or “Google Starbucks,” which were designed to look as though they were set up for convention


56 sec read

Salesforce will only support Nexus and Samsung Galaxy phones to avoid Android fragmentation

Ina Fried at Recode writes: One of the big challenges for Android app developers is the fact that there are just so many different phones out there using a variety of versions of Google’s operating system. That often means a lot more time and money spent testing and supporting Android than Apple’s iOS, but with


50 sec read

Russian security firm linked to cybercrime gang

Brian Krebs has been doing what he does best, following a trail of clues scattered across the internet and joining the dots. This week he followed-up on information shared with him by security researcher Ron Guilmette, who uncovered “interesting commonalities” in website registration records, revealing strange links between a Russian security firm called Infocube (also


56 sec read

Adobe cockup means you may have two different versions of Flash installed on your PC

Shaun Nichols writing for The Register: Adobe says a buggy installer is the reason some people have two different versions of Flash Player on their Windows PCs. The software house told The Register it had to create an additional build of the browser plugin specifically for Microsoft’s Internet Explorer after the version made for other


27 sec read

Android banking malware stops you calling customer service to cancel your cards

Symantec describes some Android banking malware making things more complicated for victims in Russia and South Korea: Typically, when a banking customer calls a customer care number through a registered mobile device, their call will be routed to an Interactive Voice Response (IVR) System. By blocking these numbers, the malware creators can stop a victim


31 sec read



Stay informed!

Join thousands of others by signing-up for the free “GCHQ” newsletter, containing the latest news and tips from security expert Graham Cluley.

Name:

Email:

Yes, I would like to subscribe to email updates from Graham Cluley. I know it’s easy to unsubscribe if I ever change my mind.