All Stories

DLA Piper and its insurers clash over multi-million NotPetya payout

Multinational law firm was hit in the crossfire as Russia-backed ransomware spread, and Hiscox is reportedly declining to pay up citing an “act of war”.


1 min read

bitdefender.com

Popular family tracking app exposed real-time location data onto the internet – no password required

More than 238,000 individuals users have had their family’s real-time location exposed for weeks on end after an app developer left sensitive data exposed on the internet, without a password.

Read more in my article on the Hot for Security blog.


0 sec read

Some 2000 Facebook staff had access to millions of Facebook users’ passwords… stored in plaintext

Stretching back as far as 2012, Facebook has been storing the passwords of hundreds of millions of users unencrypted, in plaintext.

And those passwords were searchable by Facebook staff…


2 min read

tripwire.com

Google and Facebook scammed out of $123 million by man posing as hardware vendor

Even the most tech savvy companies in the world can fall for business email compromise.

A Lithuanian man has this week pleaded guilty to tricking Google and Facebook into transferring over $100 million into a bank account under his control after posing as a company that provided the internet giants with hardware for their data centers.

Read more in my article on the Tripwire State of Security blog.


0 sec read

Smashing Security #120: Silk Road with Deliveroo

Online drug dealers get busted due to poor OPSEC! People are still failing to wipe their USB sticks properly! A potential presidential candidate is outed as a former hacker! Flat Earthers! Pi! Empathy!

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.


1 min read

Hydro working hard to recover following ransomware attack

You can’t help but get the feeling that this was a highly-organised extortion attempt against Norsk Hydro.


1 min read

bitdefender.com

Aluminium plants hit by cyber-attack, global company turns to manual operations

Norsk Hydro, one of the world’s largest producers of aluminium, says that it is battling an “extensive cyber-attack” that first hit its systems on Monday evening and then escalated overnight.

Read more in my article on the Hot for Security blog.


0 sec read

bitdefender.com

Google Play is flooded with hundreds of unsafe Android anti-virus products

A new study has closely examined whether 250 security products for Android smartphones are capable of protecting users at all.

The results are in… and disturbing.

Read more in my article on the Hot for Security blog.


0 sec read

53% of Britain’s most frequent porn watchers aren’t aware that they’re about to be blocked

A new survey has revealed that the majority of Brits are blissfully unaware that next month the UK Government will be requiring porn websites to verify that their users have obtained a “porn passport.”


1 min read

Myspace has lost all the music users uploaded between 2003 and 2015

You cannot trust the likes of Myspace to look after your data securely. Use internet services to archive your content if you wish, but you’d be wise to have your own backup too.


1 min read

Zillow sued for $60 million after mansion listing hijacked

A hacker knocked millions off the listed price of an incredibly expensive home, and its owners aren’t at all happy…


2 min read

Online training site says it is spamming insecure printers with adverts

Online training site Skillbox says that it has come up with an imaginative way to reach out to potential clients, and invite them to change their careers from being accountants and become graphical designers instead.

The Russian firm’s idea? To send a spam message to thousands of printers left open to the internet.

Is this really happening again?


2 min read

tripwire.com

US Senators say it shouldn’t be a secret when they’ve been hacked

Federal agencies and companies are required by law to disclose breaches, but Congress is under no such obligation – meaning that the public may have no idea that their political representatives have been hit.

Read more in my article on the Tripwire State of Security blog.


0 sec read

Smashing Security #119: Hijacked homes, porn passports, and ransomware regret

A $150 million mansion is hijacked online, Brits will soon have to scan their passport to watch internet porn, and are organisations right to pay up when hit by ransomware?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology broadcaster David McClelland.


1 min read

Online safety cartoons for young kids

A series of cartoons are aiming to educate children as young as four about how to stay safe online.


40 sec read