Security threats

Teenage girls tempt Israeli soldiers to install spyware for Hamas

It’s not the first time Israeli soldiers have been targeted with Hamas honeytraps to infect their smartphones with spyware.

tripwire.com

Puerto Rico government falls for $2.6 million email scam

As if Puerto Rico wasn’t having a hard enough time as it attempts to recover from recession, the damage caused by devastating hurricanes in recent years, and a damaging earthquake last month, it now finds itself being exploited by cybercriminals.

Read more in my article on the Tripwire State of Security blog.

Smashing Security #165: Cheapfakes, deepfakes, and Ashley Madison

Wi-Fi hopping malware, the return of Ashley Madison extortion scams, and should social media be doing anything about cheapfakes?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Jessica Barker.

bitdefender.com

2FA is being pushed out to all Google Nest users to better protect their accounts

If a Google Nest account is compromised by a malicious hacker that’s not bad news for the legitimate owner of the account, it’s also bad news for Google.

So that’s why they’re trying to do something about it…

Read more in my article on the Bitdefender Box blog.

Patch now! Microsoft releases fixes for 99 security flaws, some being actively exploited by hackers

It’s one of the largest Patch Tuesday updates ever issued by Microsoft, and includes fixes for 12 security vulnerabilities that have been given the highest severity rating of “critical.”

The clock is ticking. IT teams should waste no time in readying themselves for a roll-out across the Windows computers for which they’re responsible.

Graham Cluley on Tripwire’s Talking Cybersecurity Podcast

A couple of weeks ago the guys from Tripwire were kind enough to invite me onto their new podcast, “Talking Cybersecurity”, and now the episode is out!

Take a listen.

Coronavirus phishing attack disguises as a message from the Center for Disease Control

Once again we’re reminded that cold-hearted scammers and fraudsters don’t have any qualms about exploiting human misery, and are prepared to do anything if it might net them a rich reward.

Dutch university paid $220,000 ransom to hackers after Christmas attack

Maastricht University has admitted paying a 30 bitcoin ransom to hackers who compromised its network in the immediate run-up to Christmas 2019, and infected it with the Clop ransomware.

Android users at risk from Bluetooth hijack attack, and are warned of “short distance worm” threat

Hackers could exploit a flaw on unpatched Android 8.0 and 9.0 phones to run malicious code such as a worm, with no user interaction required.

bitdefender.com

How your network could be hacked through a Philips Hue smart bulb

Security researchers have shared some details of vulnerabilities they have found in Philips Hue smart bulbs that could be exploited by hackers to compromise networks remotely.

Read more in my article on the Hot for Security blog.

Smashing Security #164: A bitter pill to swallow

A gallery is tricked into giving millions to a fraudster, software tells doctors to push opioids onto patients, and an artist finds a novel way to trick Google Maps into thinking there’s a traffic jam.

All this and more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault.

WhatsApp flaw gave hackers access to files from Windows and Macs

If you run WhatsApp’s desktop client on your Mac or PC then you would be wise to make sure it’s up-to-date, following the revelation that a security researcher uncovered a critical security flaw.

Twitter security hole allowed state-sponsored hackers to match phone numbers to usernames

Twitter admits to a bug that might have put privacy-conscious users at risk – by revealing what phone numbers are associated with which Twitter accounts.

bitdefender.com

Man admits hacking Nintendo, leaking details of Switch games console

Despite a previous brush with the law, Ryan Hernandez went on to hack and hack again.

Read more in my article on the Hot for Security blog.

Coronavirus – hackers exploit fear of infection to spread malware

With sad predictability cybercriminals are exploiting the Coronavirus outbreak that occurred in Wuhan, mainland China, and is now causing new infections around the world.

Travelex hobbles back online, one month after ransomware hit it hard

The beleaguered company, hit by the REvil ransomware on New Year’s Eve, has not yet been able to restore all of its online services.