News

Smashing Security #148: Billboard boobs, face forensics, and Alexa gets way too personal

Drivers are distracted by a hacked billboard, we take a deeper look at how the deepfake problem has… uh… deepened, and Carole is less than happy about Amazon’s announcement about new Alexa integrations.

All this, an annoying goose, and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.


2 min read

It’s been a couple of days, so Apple releases yet another iOS update

Yup, there’s a new update to iOS. But don’t expect it to have resolved the worrying Checkm8 exploit one hacker found in the iPhone’s secure ROM.


1 min read

bitdefender.com

Hack strikes Words with Friends and Draw Something, amid claims 218 million players’ details breached

Players of the popular Words with Friends and Draw Something smartphone games are being advised to change their passwords following what sounds like a security breach at game developer Zynga.

Read more in my article on the Hot for Security blog.


0 sec read

Hearing aid manufacturer hit by cyber attack slashes profits by $95 million

Demant, the manufacturer of Oticon hearing aids, has said that it expects losses of up to 650 million kroner (approximately $95 million) following a cyber attack earlier this month.


2 min read

bitdefender.com

Who is reading your CEO’s email? And how to stop it

With Business Email Compromise such a significant and growing threat, it makes sense to keep a close eye on who is forwarding email out of your business, and where it is going to…

Read more in my article on the Bitdefender Business Insights blog.


0 sec read

tripwire.com

WordPress sites hacked through defunct Rich Reviews plugin

An estimated 16,000 websites are believed to be running a vulnerable and no-longer-maintained WordPress plugin that can be exploited to display pop-up ads and redirect visitors to webpages containing porn, scams, and–worst of all–malware designed to infect users’ computers.

Read more in my article on the Tripwire State of Security blog.


0 sec read

Smashing Security #147: Don’t Snapchat and drive

How is private medical data leaking onto the streets of Milton Keynes, what is widening the cybersecurity skills gap, and how is Australia controversially tackling the problem of drivers using their mobile phones?

All this and more can be heard in the latest “Smashing Security” podcast.


2 min read

Teenage TalkTalk hacker accused of $800,000 cryptocurrency theft in the United States

Elliott Gunton – aka “Glubz” – is charged in relation to the December 2017 security breach of cryptocurrency exchange EtherDelta.


1 min read

CafePress finally warns customers that it was hacked

Online merchandise retailer CafePress, used by millions of people to host an online store where they can sell custom-designed t-shirts, mugs, stickers, and more, has finally informed its customers that its systems were hacked and their personal details stolen.


59 sec read

bitdefender.com

World of Warcraft’s suspected DDoS attacker has been arrested

Blizzard, the developers of World of Warcraft Classic, has revealed that a person suspected of orchestrating a disruptive Distributed Denial of Service (DDoS) attack against the games’ servers has been arrested.

Read more in my article on the Hot for Security blog.


0 sec read

I’m keynoting about cybercrime at the CRN MSP conference in London next week

I’m the opening keynote speaker at CRN’s MSP conference in London next week, where – amongst other things – I’ll be describing to managed service providers how it’s possible to make a billion dollars through cybercrime.

I hope to see some of you there!


51 sec read

bitdefender.com

15,000 private webcams left open to snooping, no password required

Once again concerns are being raised about the sorry state of IoT security, after a security researcher discovered over 15,000 private webcams that have been left wide open for anyone with an internet connection to spy upon.

Read more in my article on the Bitdefender BOX blog.


0 sec read

Smashing Security #146: Password secrets and baking brownies

In the latest edition of the “Smashing Security” podcast, hosted by computer security veterans Graham Cluley and Carole Theriault, Carole has suffered an injury, we journey back in time to one of our earliest episodes to discuss the perils of passwords, and Rachael Stockton from LastPass drops by for a chat.


55 sec read

tripwire.com

CookieMiner malware targets Macs, steals passwords and SMS messages, mines for cryptocurrency

Security researchers have discovered a new Mac malware threat that appears to be a sophisticated attempt to raid cryptocurrency wallets.

Read more in my article on the Tripwire State of Security blog.


0 sec read

bitdefender.com

How to get away with hacking a US satellite

The US Air Force wants to know if you can hijack control of an orbiting satellite and turn its camera from staring at Earth to point at the moon instead.

Read more in my article on the Hot for Security blog.


0 sec read

Medical images and details of 24.3 million patients left exposed on the internet

Researchers discover that confidential images of X-rays, CT and MRI scans related to millions of patients has been left unprotected on hundreds of servers used by health providers worldwide.


1 min read