Graham Cluley - Feed https://www.grahamcluley.com Computer security news, advice, and opinion Mon, 01 Jun 2020 09:54:14 +0000 hourly 1 https://wordpress.org/?v=5.4.1 https://www.grahamcluley.com/wp-content/uploads/2015/08/cropped-gc-icon-site-32x32.jpeg Graham Cluley – Computer security news, advice, and opinion https://www.grahamcluley.com 32 32 Coronavirus-tracing scammers won’t sound professional, claims UK’s Deputy Chief Medical Officer https://www.grahamcluley.com/coronavirus-tracing-scammers/ Mon, 01 Jun 2020 08:51:22 +0000 Graham Cluley https://www.grahamcluley.com/?p=312792

Some members of the UK public will soon start receiving text messages and emails claiming to come from the NHS Test and Trace Service, as part of the country’s fight against the Coronavirus pandemic.

The problem is that many of them won’t know if the communication is genuine, or from a scammer.

Some members of the UK public will soon start receiving text messages and emails claiming to come from the NHS Test and Trace Service, as part of the country’s fight against the Coronavirus pandemic.

The problem is that many of them won’t know if the communication is genuine, or from a scammer.

]]>
Pablo Escobar’s brother says FaceTime flaw revealed his address, sues Apple for a publicity stunt (and $2.6 billion) https://hotforsecurity.bitdefender.com/blog/pablo-escobars-brother-says-facetime-flaw-revealed-his-address-sues-apple-for-a-publicity-stunt-and-2-6-billion-23408.html#new_tab Fri, 29 May 2020 15:31:16 +0000 Graham Cluley https://www.grahamcluley.com/?p=312768

As YouTubers warn the public not to buy smartphones from Escobar Inc, the notorious drug lord’s brother orchestrates a publicity stunt.

Read more in my article on the Hot for Security blog.

As YouTubers warn the public not to buy smartphones from Escobar Inc, the notorious drug lord’s brother orchestrates a publicity stunt.

Read more in my article on the Hot for Security blog.

]]>
OPSEC fail! “Super-hacker” accidentally outs himself through careless clues left on social media https://www.grahamcluley.com/opsec-fail-vandathegod-hacker-clues-revealed-identity/ Fri, 29 May 2020 13:26:25 +0000 Graham Cluley https://www.grahamcluley.com/?p=312729

Hacker VandaTheGod didn’t realise he was leaving clues scattered across Facebook and Twitter that helped security researchers uncover his true identity.

Hacker VandaTheGod didn’t realise he was leaving clues scattered across Facebook and Twitter that helped security researchers uncover his true identity.

]]>
Microsoft warns of PonyFinal ransomware attacks https://hotforsecurity.bitdefender.com/blog/microsoft-warns-of-ponyfinal-ransomware-attacks-23387.html#new_tab Thu, 28 May 2020 16:14:45 +0000 Graham Cluley https://www.grahamcluley.com/?p=312711

Malware experts at Microsoft have warned businesses to be on their guard against hackers plotting to plant the PonyFinal ransomware on compromised IT systems.

Read more in my article on the Hot for Security blog.

Malware experts at Microsoft have warned businesses to be on their guard against hackers plotting to plant the PonyFinal ransomware on compromised IT systems.

Read more in my article on the Hot for Security blog.

]]>
NetWalker ransomware – what you need to know https://www.tripwire.com/state-of-security/featured/netwalker-ransomware-what-need-know/#new_tab Thu, 28 May 2020 14:41:25 +0000 Graham Cluley https://www.grahamcluley.com/?p=312696

The NetWalker gang are infecting corporations’ computer systems, encrypting and stealing data, and holding it to ransom.

And they’re looking for criminals to join their affiliate scheme.

Read more in my article on the Tripwire State of Security blog.

The NetWalker gang are infecting corporations’ computer systems, encrypting and stealing data, and holding it to ransom.

And they’re looking for criminals to join their affiliate scheme.

Read more in my article on the Tripwire State of Security blog.

]]>
Smashing Security podcast #180: Taking care of Clare https://www.grahamcluley.com/smashing-security-podcast-180-taking-care-of-clare/ Thu, 28 May 2020 09:13:15 +0000 Graham Cluley https://www.grahamcluley.com/?p=312675

On this special splinter episode of the podcast, we’re joined by actor and comedian Clare Blackwood in the hope of convincing her that cybersecurity is no laughing matter.

Hear what happens in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault.

On this special splinter episode of the podcast, we’re joined by actor and comedian Clare Blackwood in the hope of convincing her that cybersecurity is no laughing matter.

Hear what happens in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault.

]]>
26 million LiveJournal users warned that their passwords have been breached https://hotforsecurity.bitdefender.com/blog/26-million-livejournal-users-warned-that-their-passwords-have-been-breached-23375.html#new_tab Wed, 27 May 2020 13:46:16 +0000 Graham Cluley https://www.grahamcluley.com/?p=312642

On underground criminal marketplaces the email addresses and plaintext passwords of over 26 million LiveJournal blogging accounts are being traded, despite LiveJournal’s owners refusing to acknowledge that any security breach has occurred.

Read my article on the Hot for Security blog.

On underground criminal marketplaces the email addresses and plaintext passwords of over 26 million LiveJournal blogging accounts are being traded, despite LiveJournal’s owners refusing to acknowledge that any security breach has occurred.

Read my article on the Hot for Security blog.

]]>
Password security is critical in a remote work environment – see where businesses are putting themselves at risk https://www.grahamcluley.com/feed-sponsor-lastpass/ Wed, 27 May 2020 13:25:59 +0000 Graham Cluley https://www.grahamcluley.com/?p=310608

Graham Cluley Security News is sponsored this week by the folks at LastPass. Thanks to the great team there for their support! LastPass has analyzed over 47,000 businesses to bring you insights into security behavior worldwide. The takeaway is clear: Many businesses are making significant strides in some areas of password and access security – […]

Graham Cluley Security News is sponsored this week by the folks at LastPass. Thanks to the great team there for their support! LastPass has analyzed over 47,000 businesses to bring you insights into security behavior worldwide. The takeaway is clear: Many businesses are making significant strides in some areas of password and access security – […]

]]>
How EasyJet customers could make money out of the airline being hacked https://www.grahamcluley.com/easyjet-hack-compensation/ Tue, 26 May 2020 13:44:14 +0000 Graham Cluley https://www.grahamcluley.com/?p=312615

If you were one of the many EasyJet customers who received an email from the airline disclosing that your personal information may have been accessed by hackers, you might be eligible for compensation.

Here’s one way you might try to do that.

If you were one of the many EasyJet customers who received an email from the airline disclosing that your personal information may have been accessed by hackers, you might be eligible for compensation.

Here’s one way you might try to do that.

]]>
The Civil Service’s rogue tweet about “Truth Twisters” https://www.grahamcluley.com/civil-service-dominic-cummings-twitter/ Mon, 25 May 2020 06:41:36 +0000 Graham Cluley https://www.grahamcluley.com/?p=312549

You can have a strong, unique password, you can have multi-factor authentication in place, but good luck preventing a member of your social media team ‘going rogue’.

You can have a strong, unique password, you can have multi-factor authentication in place, but good luck preventing a member of your social media team ‘going rogue’.

]]>
As hackers sell 8 million user records, Home Chef confirms data breach https://hotforsecurity.bitdefender.com/blog/as-hackers-sell-8-million-user-records-home-chef-confirms-data-breach-23337.html#new_tab Fri, 22 May 2020 16:23:46 +0000 Graham Cluley https://www.grahamcluley.com/?p=312408

Meal kit and food delivery company Home Chef has confirmed that hackers breached its systems, making off with the personal information of customers.

But only after a hacking group put the stolen data up for sale…

Read more in my article on the Hot for Security blog.

Meal kit and food delivery company Home Chef has confirmed that hackers breached its systems, making off with the personal information of customers.

But only after a hacking group put the stolen data up for sale…

Read more in my article on the Hot for Security blog.

]]>
EasyJet’s breach notification email to customers – a closer look https://www.grahamcluley.com/easyjet-breach-email/ Fri, 22 May 2020 15:32:03 +0000 Graham Cluley https://www.grahamcluley.com/?p=312420

Let’s take a closer look at the email EasyJet is sending to customers affected by its recent security breach.

Including a brief exploration of how EasyJet’s definition of “recent” might differ from yours or mine…

Let’s take a closer look at the email EasyJet is sending to customers affected by its recent security breach.

Including a brief exploration of how EasyJet’s definition of “recent” might differ from yours or mine…

]]>
BlockFi hacked following SIM swap attack, but says no funds lost https://www.tripwire.com/state-of-security/featured/blockfi-hacked-following-sim-swap-attack-says-no-funds-lost/#new_tab Thu, 21 May 2020 16:24:49 +0000 Graham Cluley https://www.grahamcluley.com/?p=312339

For just under 90 minutes last Thursday, hackers were able to compromise the systems of cryptocurrency lending platform BlockFi, and gain unauthorised access to users’ names, email addresses, dates of birth, address and activity history.

Read more in my article on the Tripwire State of Security blog.

For just under 90 minutes last Thursday, hackers were able to compromise the systems of cryptocurrency lending platform BlockFi, and gain unauthorised access to users’ names, email addresses, dates of birth, address and activity history.

Read more in my article on the Tripwire State of Security blog.

]]>
Mitsubishi hackers may have stolen details of prototype missile https://www.grahamcluley.com/mitsubishi-hackers-missile/ Thu, 21 May 2020 13:19:24 +0000 Graham Cluley https://www.grahamcluley.com/?p=312351

Hackers exploited vulnerabilities in one of Trend Micro’s anti-virus products last year to steal information from Japanese manufacturer Mitsubishi Electric.

Now, the Japanese Defense Ministry believes the state-sponsored hackers may have been after details of a prototype missile.

Hackers exploited vulnerabilities in one of Trend Micro’s anti-virus products last year to steal information from Japanese manufacturer Mitsubishi Electric.

Now, the Japanese Defense Ministry believes the state-sponsored hackers may have been after details of a prototype missile.

]]>
Smashing Security podcast #179: Deepfake Jay-Z, and beer apps spilling your data https://www.grahamcluley.com/smashing-security-podcast-179-deepfake-jay-z-and-beer-apps-spilling-your-data/ Thu, 21 May 2020 10:45:17 +0000 Graham Cluley https://www.grahamcluley.com/?p=312315

Apps that belch out sensitive military information, what could the world learn from South Korea’s digital response to the Coronavirus pandemic, and who has been deepfaking Bill Clinton, Jay-Z, and Donald Trump… and why?

All this and much much more is discussed in the latest episode by computer security veterans Graham Cluley and Carole Theriault, joined this week by Brian Klaas of the “Power Corrupts” podcast.

Apps that belch out sensitive military information, what could the world learn from South Korea’s digital response to the Coronavirus pandemic, and who has been deepfaking Bill Clinton, Jay-Z, and Donald Trump… and why?

All this and much much more is discussed in the latest episode by computer security veterans Graham Cluley and Carole Theriault, joined this week by Brian Klaas of the “Power Corrupts” podcast.

]]>
EasyJet hack impacts nine million passengers https://www.grahamcluley.com/easyjet-hack-impacts-nine-million-passengers/ Tue, 19 May 2020 11:52:45 +0000 Graham Cluley https://www.grahamcluley.com/?p=312261

The personal details of nine million customers of budget airline EasyJet have been accessed by hackers in what the budget airline is describing as a “highly sophisticated attack.”

The personal details of nine million customers of budget airline EasyJet have been accessed by hackers in what the budget airline is describing as a “highly sophisticated attack.”

]]>
FBI warns hackers are planting card skimmers on online stores running a vulnerable Magento plugin https://www.grahamcluley.com/fbi-warns-hackers-magento-plugin/ Tue, 19 May 2020 11:25:11 +0000 Graham Cluley https://www.grahamcluley.com/?p=312237

The FBI has issued a “flash alert” warning that hackers are planting Magecart-style credit card-skimming code on Magento-powered online stores running an out-of-date plugin.

The FBI has issued a “flash alert” warning that hackers are planting Magecart-style credit card-skimming code on Magento-powered online stores running an out-of-date plugin.

]]>
Prioritize alerts and jump-start your investigations with Recorded Future’s free browser extension. Sign up now. https://www.grahamcluley.com/feed-sponsor-recorded-future-4/ Mon, 18 May 2020 16:11:11 +0000 Graham Cluley https://www.grahamcluley.com/?p=312207

Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! Drowning in alerts from many different sources and systems? Spending too much valuable time researching potential threats and vulnerabilities? You need Recorded Future Express, a new browser extension from the experts at […]

Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! Drowning in alerts from many different sources and systems? Spending too much valuable time researching potential threats and vulnerabilities? You need Recorded Future Express, a new browser extension from the experts at […]

]]>
Hackers steal $10M in “wonderfully done” fraud from Norway’s State Investment Fund https://businessinsights.bitdefender.com/hackers-steal-fraud-from-norway-state-investment-fund#new_tab Mon, 18 May 2020 15:16:56 +0000 Graham Cluley https://www.grahamcluley.com/?p=312195

Norfund, the Norwegian state-owned investment fund for developing countries, has revealed that it has been swindled out of $10,000,000 intended for an institution in Cambodia.

Read more in my article on the Bitdefender Business Insight blog.

Norfund, the Norwegian state-owned investment fund for developing countries, has revealed that it has been swindled out of $10,000,000 intended for an institution in Cambodia.

Read more in my article on the Bitdefender Business Insight blog.

]]>
The ProLock ransomware doesn’t tell you one important thing about decrypting your files https://www.grahamcluley.com/prolock-ransomware-decryption/ Mon, 18 May 2020 12:33:37 +0000 Graham Cluley https://www.grahamcluley.com/?p=312147

Have your computers been hit by the ProLock ransomware? You might want to read this before you pay any money to the criminals behind the attack.

Have your computers been hit by the ProLock ransomware? You might want to read this before you pay any money to the criminals behind the attack.

]]>
Edison Mail bug exposed iPhone users’ email accounts to complete strangers https://hotforsecurity.bitdefender.com/blog/edison-mail-bug-exposed-users-email-accounts-to-complete-strangers-23272.html#new_tab Mon, 18 May 2020 12:28:27 +0000 Graham Cluley https://www.grahamcluley.com/?p=312135

The makers of a popular iOS email app have warned their users that their accounts may have been compromised after a buggy software update made it possible to see strangers’ emails.

Read more in my article on the Hot for Security blog.

The makers of a popular iOS email app have warned their users that their accounts may have been compromised after a buggy software update made it possible to see strangers’ emails.

Read more in my article on the Hot for Security blog.

]]>
An outbreak of Coronavirus trojans and scams https://www.grahamcluley.com/outbreak-coronavirus-trojans-scams/ Fri, 15 May 2020 14:51:23 +0000 Graham Cluley https://www.grahamcluley.com/?p=312066

Recent weeks have seen a spate of scams and attacks associated with the Coronavirus pandemic, and there is little evidence of the end being in sight.

Recent weeks have seen a spate of scams and attacks associated with the Coronavirus pandemic, and there is little evidence of the end being in sight.

]]>
The most-targeted security vulnerabilities – despite patches having been available for years https://www.tripwire.com/state-of-security/featured/most-targeted-security-vulnerabilities-patches-available-years/#new_tab Thu, 14 May 2020 14:34:07 +0000 Graham Cluley https://www.grahamcluley.com/?p=312051

Newly-discovered zero-day vulnerabilities may make the biggest headlines, but that doesn’t mean that they’re necessarily the thing that will get your company hacked.

This week, US-CERT has published its list of the “Top 10 Routinely Exploited Vulnerabilities”.

Read more in my article on the Tripwire State of Security blog.

Newly-discovered zero-day vulnerabilities may make the biggest headlines, but that doesn’t mean that they’re necessarily the thing that will get your company hacked.

This week, US-CERT has published its list of the “Top 10 Routinely Exploited Vulnerabilities”.

Read more in my article on the Tripwire State of Security blog.

]]>
Smashing Security podcast #178: Office pranks, meat dresses, and robocop dogs https://www.grahamcluley.com/smashing-security-178/ Wed, 13 May 2020 23:01:05 +0000 Graham Cluley https://www.grahamcluley.com/?p=312030

Graham shares stories of email storms, Carole describes the steps being taken by firms as they try to coax employees back to the office, and special guest Lisa Forte details a hack that has impacted Lady Gaga and other celebrities.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast with computer security veterans Graham Cluley and Carole Theriault.

Graham shares stories of email storms, Carole describes the steps being taken by firms as they try to coax employees back to the office, and special guest Lisa Forte details a hack that has impacted Lady Gaga and other celebrities.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast with computer security veterans Graham Cluley and Carole Theriault.

]]>
Info on NHS Coronavirus app leaks out via Google Drive snafu https://www.grahamcluley.com/nhs-coronavirus-app-data-leak-google-drive/ Wed, 13 May 2020 12:27:37 +0000 Graham Cluley https://www.grahamcluley.com/?p=312009

Sensitive documents about the UK’s Coronavirus-tracing app have reportedly been carelessly leaked via a publicly accessible Google Drive link.

Sensitive documents about the UK’s Coronavirus-tracing app have reportedly been carelessly leaked via a publicly accessible Google Drive link.

]]>
Hacking group puts millions of Zoosk dating profiles up for sale https://www.grahamcluley.com/zoosk-hacking/ Mon, 11 May 2020 14:07:49 +0000 Graham Cluley https://www.grahamcluley.com/?p=311778

If you have been trying to find love on the Zoosk app I’ve got some bad news for you.

Hackers are offering for sale what they claim is the stolen account information of millions of online daters who have used the popular app.

If you have been trying to find love on the Zoosk app I’ve got some bad news for you.

Hackers are offering for sale what they claim is the stolen account information of millions of online daters who have used the popular app.

]]>
Chatbooks security breach. Users told to change their passwords https://hotforsecurity.bitdefender.com/blog/chatbooks-security-breach-users-told-to-change-their-passwords-23225.html#new_tab Mon, 11 May 2020 13:40:40 +0000 Graham Cluley https://www.grahamcluley.com/?p=311766

A hacking group known as ShinyHunters is claiming to be responsible for the security breach, and is offering to sell stolen customer records for US $3,500 via an underground web marketplace.

Read more in my article on the Hot for Security blog.

A hacking group known as ShinyHunters is claiming to be responsible for the security breach, and is offering to sell stolen customer records for US $3,500 via an underground web marketplace.

Read more in my article on the Hot for Security blog.

]]>
Could this be the world’s most harmless IoT botnet? https://www.bitdefender.com/box/blog/iot-news/worlds-harmless-iot-botnet/#new_tab Fri, 08 May 2020 17:43:40 +0000 Graham Cluley https://www.grahamcluley.com/?p=311682

When researchers investigate suspected malware on an IoT device they normally expect to find a cryptominer to earn a hacker digital cash or perhaps botnet code to launch DDoS attacks against websites.

But that wasn’t the case with the Cereals botnet.

Read more in my article on the Bitdefender BOX blog.

When researchers investigate suspected malware on an IoT device they normally expect to find a cryptominer to earn a hacker digital cash or perhaps botnet code to launch DDoS attacks against websites.

But that wasn’t the case with the Cereals botnet.

Read more in my article on the Bitdefender BOX blog.

]]>
TalkTalk’s ex-CEO Dido Harding heads up the UK’s Coronavirus tracing app… https://www.grahamcluley.com/you-wont-believe-whos-heading-up-the-uks-coronavirus-tracing-app/ Fri, 08 May 2020 13:53:42 +0000 Graham Cluley https://www.grahamcluley.com/?p=311694

Imagine you’re the UK Government in the middle of the biggest crisis the country has faced since World War II.

How are you going to instill some confidence that citizens should install a new Coronavirus tracing app?

Imagine you’re the UK Government in the middle of the biggest crisis the country has faced since World War II.

How are you going to instill some confidence that citizens should install a new Coronavirus tracing app?

]]>
Over 300 websites taken down in just two weeks as UK public report suspicious emails https://www.grahamcluley.com/over-300-websites-taken-down-in-just-two-weeks-as-uk-public-report-suspicious-emails/ Thu, 07 May 2020 14:01:22 +0000 Graham Cluley https://www.grahamcluley.com/?p=311646

The National Cyber Security Centre (NCSC), which tasks itself with “helping to make the UK the safest place to live and do business online,” is making impressive inroads against scam websites.

The National Cyber Security Centre (NCSC), which tasks itself with “helping to make the UK the safest place to live and do business online,” is making impressive inroads against scam websites.

]]>