News

tripwire.com

Babylon Health app leaked patients’ video consultations

Babylon Health, makers of a smartphone app that allows Brits to have consultations with NHS doctors, has admitted that a “software error” resulted in some users being able to access other patients’ private video chats with GPs.

Read more in my article on the Tripwire State of Security blog.

Smashing Security podcast #182: Space Force, credit card fraud, and beep-ti-beep

Graham finds himself in hot water with a security firm after a data breach, Carole discusses credit card fraud, and we have a pleasant surprise for Thom Langford, who appears to have mostly agreed to be a guest to promote his own podcast.

All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown’s Thom Langford.

Nintendo warns 300,000 accounts have been hacked since early April

Video gaming firm Nintendo has warned customers to not reuse passwords on different services after releasing an increased tally of compromised accounts since April.

After threatening me with legal action, Keepnet Labs finally issues statement over data breach

UK security company Keepnet Labs has finally publicly confirmed that a database it had collated containing more than five billion records from past data breaches was “briefly exposed” on the internet.

bitdefender.com

Your “smart” household appliance might have a short lifespan

Are you itching for an internet fridge? Hankering for a smart washing machine? Thirsting for an IoT-enabled thermostat?

Well, think twice before you make a potentially costly mistake when deciding what appliance you will be next be purchasing for your home.

Read more in my article on the Bitdefender BOX blog.

DDoS-for-hire gang escape with light community service sentence

Two men who ran a service making it easy for anybody to launch distributed denial-of-service attacks, capable of knocking websites offline, have been given a six month community service sentence by an Israeli court.

Goodbye Naked Security?

The Naked Security blog is part of my history.

Now, as Sophos makes cut-backs, it might be history for all of us.

tripwire.com

The scammer who tried to launder over $500,000 through Business Email Compromise

A 64-year-old man has pleaded guilty in a Texan court to charges of money laundering after a series of attacks that defrauded companies, including Electrolux, out of hundreds of thousands of dollars.

Read more in my article on the Tripwire State of Security blog.

Smashing Security podcast #181: Anti-cybercrime ads, tricky tracing, and a 5G Bioshield

Police are hoping to stop kids becoming cybercriminals by bombarding them with Google Ads, phishers rub their hands in glee at the NHS track and trace service, and just how does a nano-layer of quantum holographic catalyzer technology make a USB stick cost hundreds of pounds?

All this and much much more is discussed in the latest edition of the “Smashing Security” podcast.

bitdefender.com

Coincheck cryptocurrency exchange targeted by hackers, customer emails exposed

Japanese cryptocurrency exchange Coincheck has announced that earlier this week hackers managed to access some emails sent to the firm by its customers, after its domain name registrar account was compromised.

Read more in my article on the Hot for Security blog.

What the NHS Test and Trace scheme could learn from banks about stopping scams

I’m concerned that fraudsters will disguise themselves as the NHS Test and Trace Service, and trick people into giving over sensitive personal information – and maybe even some money.

Maybe something could be learnt from the banks?

Apparently Coronavirus-tracing scammers won’t sound professional… (Yeah, right!)

Some members of the UK public will soon start receiving text messages and emails claiming to come from the NHS Test and Trace Service, as part of the country’s fight against the Coronavirus pandemic.

The problem is that many of them won’t know if the communication is genuine, or from a scammer.

And the UK Government’s advice isn’t helping.

bitdefender.com

Pablo Escobar’s brother says FaceTime flaw revealed his address, sues Apple for a publicity stunt (and $2.6 billion)

As YouTubers warn the public not to buy smartphones from Escobar Inc, the notorious drug lord’s brother orchestrates a publicity stunt.

Read more in my article on the Hot for Security blog.

OPSEC fail! “Super-hacker” accidentally outs himself through careless clues left on social media

Hacker VandaTheGod didn’t realise he was leaving clues scattered across Facebook and Twitter that helped security researchers uncover his true identity.

bitdefender.com

Microsoft warns of PonyFinal ransomware attacks

Malware experts at Microsoft have warned businesses to be on their guard against hackers plotting to plant the PonyFinal ransomware on compromised IT systems.

Read more in my article on the Hot for Security blog.

tripwire.com

NetWalker ransomware – what you need to know

The NetWalker gang are infecting corporations’ computer systems, encrypting and stealing data, and holding it to ransom.

And they’re looking for criminals to join their affiliate scheme.

Read more in my article on the Tripwire State of Security blog.