News

Smashing Security #153: Cybercrime doesn’t pay (but Uber does)

The cybercrime lovebirds who hijacked Washington DC’s CCTV cameras in the run-up to Donald Trump’s inauguration, the truffle-snuffling bankers at the centre of an insider-trading scandal, and the hackers that Uber paid hush money to hide a security breach.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Lisa Forte.


1 min read

bitdefender.com

Nikkei worker tricked into transferring $29 million into scammer’s bank account

Nikkei, one of the largest media companies in Japan, with an empire spanning broadcasting, digital media, magazines, and newspapers such as the Financial Times, says that its US subsidiary, Nikkei America, has been scammed out of $29 million.

Read more in my article on the Hot for Security blog.


0 sec read

After months of worry, BlueKeep vulnerability is now being exploited in mass-hacking campaign

The BlueKeep vulnerability, discovered by the UK’s NCSC, is being exploited at scale in an attempt to install a cryptocurrency miner on unpatched Windows PCs.


1 min read

A guest appearance on the IT Pro podcast…

I was honoured to be invited as a guest onto the inaugural episode of the “ITPro podcast” hosted by reviews and community editor Adam Shepherd and features editor Jane McCallion.

Give it a listen.


36 sec read

tripwire.com

Men who were paid $100,000 by Uber to hush-up hack plead guilty to extortion scheme

Two hackers face up to five years in prison after pleading guilty to their involvement in a scheme which saw them attempt to extort money from Uber and LinkedIn in exchange for the deletion of stolen data.

Read more in my article on the Tripwire State of Security blog.


0 sec read

bitdefender.com

Untitled Goose Game security hole could have allowed hackers to wreak havoc

The highly popular “Untitled Goose Game” has been found to be vulnerable to an attack that could allow hackers to run malicious code on your computer.

Read more in my article on the Hot for Security blog.


0 sec read

Smashing Security #152: Cats, hoodies, and rent

What’s the problem with IoT-enabled pet feeders? Can hacking ever be illustrated without a hoodie? And just how are landlords using smart home technology to snoop upon their residents?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology journalist and broadcaster David McClelland.


1 min read

Medical data is being leaked by NHS pagers, and then broadcast for the world to see…

Medical data is being broadcast unencrypted by hospitals across the UK, as ambulances are directed to respond to 999 emergency calls.


1 min read

How Facebook helps an abusive ex-partner find out your new identity, even after you’ve blocked them

Imagine you’re in an abusive relationship, and things have turned violent.

You leave him, block his Facebook account, and update the name on your profile to hide your identity.

Would you expect your ex-partner to be able to see what your new name is?


2 min read

bitdefender.com

Update your iPhone 5 before November 3 2019, or lose its internet access

Listen up if you’re still using an iPhone 5 – you need to update to iOS 10.3.4 before Sunday November 3, or you may find your smartphone loses access to the internet.

Read more in my article on the Hot for Security blog.


0 sec read

See you at NISC, the National Information Security Conference, next week

I’m delighted to announce that I will be moderating NISC 2019 in Cheshire next week. It’s a great conference with some terrific cybersecurity speakers. Find out more about how you can participate too.


1 min read

Japanese hotel robots can be hacked to spy on guests in their bedrooms

A Japanese hotel chain has had to update its in-room robots, after a security researcher discovered they could be easily hacked to allow anyone access to their camera and microphone.


1 min read

bitdefender.com

Sensitive US government and military travel details left exposed online

Significant amounts of sensitive data about employees of the US government military personnel data could now be in the public domain following its exposure in a data leak.

Read more in my article on the Hot for Security blog.


0 sec read

tripwire.com

12 year jail sentence for man who hacked Los Angeles Superior Court to send two million phishing emails

A Texas man has been sentenced to over 12 years in prison after being found guilty of hacking into the computer system of the Los Angeles Superior Court, and then using it to send two million phishing emails.

Read more in my article on the Tripwire State of Security blog.


0 sec read

Smashing Security #151: Frankly, sometimes paying the ransom is a good idea

Remember how the City of Baltimore was badly hit by ransomware earlier this year? Turns out that wasn’t the end of their problems. Also, Carole takes a look at how smart speakers can be hacked to trick you into giving criminals your passwords or even credit card details. And we discuss the findings of the LastPass global password security report.

All this, and much much more, in the latest “Smashing Security” podcast.


2 min read

Action Fraud? Inaction Fraud

In recent months serious questions have been raised about whether victims of cybercrime are getting the support they deserve from the UK’s national fraud reporting centre.


1 min read