News

VIDEO: “Not All Cybercriminals Are Evil Geniuses”

Check out the talk I gave in Dublin about whether we should really consider cybercriminals to all be evil geniuses…

Twitter finally upgrades its 2FA security feature. Mobile number no longer required!

Hundreds of millions of Twitter users now have an improved way to better safeguard their accounts from being compromised.

Smashing Security #155: Juice jacking, YouTube hacking, password slacking

A bank has some of the worst password advice ever, travellers are told to be wary when USB charging their smartphones and laptops, and a gamer has his YouTube account hacked.

All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Geoff White.

bitdefender.com

Millions of Android phones may be vulnerable to camera spying vulnerability

Security researchers have uncovered a vulnerability in Android smartphones that could allow an attacker to secretly take photos and record videos without any permissions being granted.

Read more in my article on the Hot for Security blog.

Twitter warns verified users against attempts to mislead public after Conservative factcheckUK stunt

The Conservative Party press office posed as an independent fact-checking service on Twitter, abusing its verified status in an attempt to fool British voters.

I find it hard to see it any other way…

Bad boy of Brexit Arron Banks hacked, private Twitter messages leaked

British businessman Arron Banks, one of the self-styled “Bad Boys of Brexit” and a leading figure of the Leave.EU campaign, has had his Twitter account hacked.

bitdefender.com

Man who made $542,925 renting out DDoS services sentenced to prison

A 21-year-old man who made half a million dollars running DDoS-for-hire services has been sentenced to prison for 13 months.

Read more in my article on the Hot for Security blog.

tripwire.com

Ransomware strikes again in the state of Louisiana

Ransomware hit Louisiana’s state government hard yesterday, shutting down multiple websites and email systems after it fell victim for the second time in just a few months to a ransomware attack.

Read more in my article on the Tripwire State of Security blog.

Come see me speak at IRISSCON in Dublin this week about cybercriminals

I’m off to Dublin this week to join the galaxy of security superstars speaking at IRISSCON 2019. Find out more about the conference and see you there!

tripwire.com

Only after running out of hard disk space did firm realise hacker had stolen one million users’ details

Yet another company has been found woefully lacking when it comes to securing consumers’ data.

Read more in my article on the Tripwire State of Security blog.

About the “easy to hack” EU Exit: ID Document Check app

The British Home Office’s app for EU citizens applying to live and work in the UK post-Brexit “could allow hackers to steal phone numbers, addresses and passport details.”

But is this something worth losing any sleep over?

Smashing Security #154: A buttock of biometrics

The UK’s Labour Party kicks off its election campaign with claims that it has suffered a sophisticated cyber-attack, Apple’s credit card is accused of being sexist, and what is Google up to with Project Nightingale?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes.

Donation details “leak” from the Labour Party website

You may have missed it amongst the many news reports of the denial-of-service attacks troubling Labour, but that wasn’t the only reason the UK political party made the cybersecurity headlines this week.

That “sophisticated” Labour cyber-attack – don’t panic

With a drama-filled general election campaign underway in the United Kingdom, the Labour Party says that its systems suffered a “sophisticated and large-scale cyber-attack.”

tripwire.com

BlueKeep: What you need to know

Currently BlueKeep attacks have been causing computers to crash, and drawing attention to themselves.

But that may be about to change…

Read more in my article on the Tripwire State of Security blog.

bitdefender.com

Mac users warned that disabling all Office macros doesn’t actually disable all Office macros

It’s been almost 25 years since macro malware first reared its head, and it would be nice to think that the defences Microsoft has built into its Office suite in the years since would do a half-decent job of stemming the threat.

Unfortunately, it seems that’s not the case – at least not for users of the Mac version of Microsoft Office.

Read more in my article on the Hot for Security blog.