All Stories

Facebook hoovered up 1.5 million users’ email contacts without permission… “unintentionally”

Just another day at Facebook.

Yes, they stole 1.5 million people’s address books without asking permission, but hey they say it was “unintentional” so….


1 min read

Facebook’s role in Brexit – and the threat to democracy

British investigative journalist Carole Cadwalladr gave a passionate speech at the TED conference in Vancouver this week. You should watch it.


49 sec read

tripwire.com

Man fried over 50 college computers with weaponized USB stick

Vishwanath Akuthota didn’t make it hard for authorities to prove that he was the person who destroyed $58,000 worth of college equipment using a USB stick.

Read more in my article on the Tripwire State of Security blog.


0 sec read

Smashing Security #124: Poisoned porn ads, the A word, and why why why Wipro?

The hacker who lived the high life after spreading malware via porn sites, Wipro demonstrates how to turn a cybersecurity crisis into a PR disaster, and why are humans listening in to your Alexa conversations?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Brian Honan.


1 min read

A third-party patch for Microsoft’s Internet Explorer zero-day vulnerability

Don’t want to wait for Microsoft to fix the problem in how Internet Explorer handles .MHT files? Other security researchers come to the rescue.


36 sec read

Extortion emails a go-go

Recent months seem to have seen a rise in extortion emails, designed to scare users into handing over their money.


1 min read

bitdefender.com

It doesn’t matter if you don’t use Internet Explorer, you could still be at risk from this IE zero-day vulnerability

Even if you don’t use Internet Explorer any more, it may still be posing a potential risk by being installed on your Windows PCs.

Read more in my article on the Hot for Security blog.


0 sec read

High school election hacked by candidate who exploited weak passwords

When Berkeley High School in California held its first ever elections for student government last month, things went about as well you probably expected…


1 min read

bitdefender.com

Hackers could read users’ Outlook, Hotmail, and MSN email via compromised Microsoft support account

Microsoft says that it had identified that one of its support agents had had their username and password stolen, which allowed hackers to access information stored within users’ email accounts.

Read more in my article on the Hot for Security blog.


0 sec read

bitdefender.com

Bayrob malware gang convicted of infecting over 400,000 computers worldwide, stealing millions through online auction fraud

A US court has convicted two Romanian hackers belonging to the Bayrob malware gang after they infected over 400,000 computers around the world, and stole millions of dollars.

Read more in my article on the Hot for Security blog.


0 sec read

Hear me speak about how to make a billion dollars through cybercrime

How did a cybercrime gang steal a billion dollars from banks and financial institutions?

Come to the talk I’m giving in London, and find out.


57 sec read

tripwire.com

High-rolling hacker jailed after launching malware attacks via porn websites

A British man has been jailed for over six years after exploiting ad networks on pornographic websites to spread malware onto innocent users’ computers.

Read more in my article on the Tripwire State of Security blog.


0 sec read

Smashing Security #123: Backups – a necessary evil?

With Graham incapacitated, we drag an episode out from the archives. In this special “splinter” episode of the “Smashing Security” podcast from September 2017 we tackle the tricky subject of backups – when did you last backup your data? how and what should you backup? and where should you store them?

Lots of questions and Graham gets to do his Tina Turner impression.

All this and more is discussed in this edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.


1 min read

The Samsung Galaxy S10’s ultrasonic fingerprint scanner is hacked

As hacker claims the entire process can be completed in just three minutes, you would be wise to remember that fingerprints are not the same as passwords.


1 min read

The scourge of stalkerware

Stalkerware. Software that allows someone else to spy upon every SMS text message you send or receive, who you’re speaking to on your smartphone phone, the pictures in your photo library, every social media post you make, your current location, and where you go and when.

The EFF’s Eva Galperin calls on the security industry to take stalkerware more seriously.


1 min read