News

bitdefender.com

Could this be the world’s most harmless IoT botnet?

When researchers investigate suspected malware on an IoT device they normally expect to find a cryptominer to earn a hacker digital cash or perhaps botnet code to launch DDoS attacks against websites.

But that wasn’t the case with the Cereals botnet.

Read more in my article on the Bitdefender BOX blog.

TalkTalk’s ex-CEO Dido Harding heads up the UK’s Coronavirus tracing app…

Imagine you’re the UK Government in the middle of the biggest crisis the country has faced since World War II.

How are you going to instill some confidence that citizens should install a new Coronavirus tracing app?

Over 300 websites taken down in just two weeks as UK public report suspicious emails

The National Cyber Security Centre (NCSC), which tasks itself with “helping to make the UK the safest place to live and do business online,” is making impressive inroads against scam websites.

tripwire.com

For six years Samsung smartphone users have been at risk from critical security bug. Patch now

Samsung has released a security update for its popular Android smartphones which includes a critical fix for a vulnerability that affects all devices sold by the manufacturer since 2014.

Read more in my article on the Tripwire State of Security blog.

Smashing Security podcast #177: Elon Musk, Roblox, and Love Bug author found

What can X Æ A-12 Musk teach us about passwords? How did our guest finally hunt down in Manila the author of one of history’s biggest virus outbreaks? And what on earth is a hacker doing breaching Roblox security?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology journalist Geoff White.

bitdefender.com

Kaiji – a new strain of IoT malware seizing control and launching DDoS attacks

Kaiji, a new botnet campaign, created from scratch rather than resting on the shoulders of those that went before it, is infecting Linux-based servers and IoT devices with the intention of launching distributed denial-of-service (DDoS) attacks.

Read more in my article on the Bitdefender BOX blog.

Tarkett floored by cyber attack

French flooring company Tarkett has revealed that it was hit by a cyber attack on April 29th, and that its operations continue to be disrupted as a result.

It was 20 years ago today… The Love Bug remembered

It was twenty years ago today, that the Love Bug hit computer systems worldwide.

Which means I know what I was doing exactly twenty years ago!

James Griffiths at CNN interviewed me about my memories of that historic day…

My old-fashioned view on the terms “blacklist” and “whitelist”

The UK’s National Cyber Security Centre (NCSC) has said that it will be changing the terminology it uses on its website, causing some to describe it as “political correctness gone mad.”

Here’s what I think…

Ghost blogging platform suffers security breach

Scary stuff as hackers exploit Salt vulnerability in attempt to mine cryptocurrency on breached blogging platform’s servers.

bitdefender.com

Cybercriminals are using Google reCAPTCHA to hide their phishing attacks

Security researchers say that they are seeing cybercriminals deploying Google’s reCAPTCHA anti-bot tool in an effort to avoid early detection of their malicious campaigns.

Read more in my article on the Hot for Security blog.

tripwire.com

Newly-discovered Android malware steals banking passwords and 2FA codes

Security researchers are warning of a new mobile banking trojan that steals details from over 200 financial apps and intercepts SMS messages to bypass two-factor authentication mechanisms.

Read more in my article on the Tripwire State of Security blog.

Smashing Security podcast #176: Hacking hacks and university attacks

Journalists spying on their rivals, the NHS rejects Apple and Google’s approach to Coronavirus-tracing, and universities are hit by an old-fashioned sexy lady attack.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Rik Ferguson.

Shade ransomware calls it a day, 750,000 decryption keys released

Even if you can’t pay the ransom and don’t have a backup, don’t destroy your garbled data believing that you’ll never be able to recover it. Maybe one day someone will build a tool that can do a job, or a ransomware gang will have a change of heart.

bitdefender.com

A GIF image could have let hackers hijack Microsoft Teams at your firm

A critical vulnerability has been patched in the Microsoft Teams work collaboration platform after security researchers discovered a way in which hackers could compromise accounts and steal data with a seemingly harmless .GIF image.

Read more in my article on the Bitdefender Business Insights blog.