Malware

Smashing Security #137: Porn trolling lawyers, Insta hacking, and Ctrl-Alt-LED

Erection your honour! Lawyers find themselves behind bars after they make porn movies in an attempt to scam internet users, boffins in Israel detail a way to steal data from an air-gapped computer, and Instagram coughs up $30,000 after a researcher finds a simple way to hack into anybody’s account.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast.


1 min read

Smashing Security #136: Oops, we created Iran’s hacking exploit

Mac users of the Zoom video conferencing app are warned their webcams could be hijacked, security firms warn of how scammers are deepfaking audio to steal from businesses, and our guest owns up to the role he played in an Iranian cyberattack against US organisations.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Charl van der Walt.


1 min read

tripwire.com

British Airways faces record £183 million GDPR fine after data breach

British Airways is facing a record fine of £183 million, after its systems were breached by hackers last year and the personal and payment card information of around 500,000 customers were stolen.

Read more about what you need to know in my article on the Tripwire State of Security blog.


0 sec read

St John Ambulance service hit by ransomware attack

The UK’s St John Ambulance service says that it was hit by a ransomware attack earlier this week, but if the attackers hoped they might massively disrupt the volunteer first aid service then they’ll be massively disappointed.


1 min read

Smashing Security #135: Zombie grannies and unintended leaks

We take a bloodied baseball bat to Android malware, and debate the merits of a social media strike, as one of the team bites the bullet and buys a smart lock for the office.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Oli Skertchly.


1 min read

bitdefender.com

US Cyber Command warns nation-state hackers are exploiting old Microsoft Outlook bug. Make sure you’re patched!

US Cyber Command has issued an alert about an unnamed foreign country’s attempt to spread malware through the exploitation of a vulnerability in Microsoft Outlook, as concerns are raised of a rise in an Iranian-backed hacking group’s activities.

Read more in my article on the Hot for Security blog.


0 sec read

Malware makes an exhibition of itself

If you happen to be in the Netherlands in the next few months you may be interested in dropping into an unusual art exhibition.

From Friday 5 July until 10 November, you’ll be able to check out “Malware: Symptoms of Viral Infection” at the Het Nieuwe Instituut in Rotterdam.


56 sec read

tripwire.com

$1.1 million in two weeks – Florida cities pay out big to ransomware gangs

Cybercriminals have learnt something very valuable in the last couple of weeks: in order to regain access to their data, cities in Florida are prepared to pay out huge Bitcoin ransoms to hackers.

Read more in my article on the Tripwire State of Security blog.


0 sec read

bitdefender.com

Millions of Dell PCs vulnerable to attack, due to a flaw in bundled system-health software

Millions of Dell PCs and laptops running Windows are vulnerable to attack via a high severity security hole, that could be exploited by malicious hackers to seize control of devices.

Read more in my article on the Hot for Security blog.


0 sec read

Smashing Security #133: Cookie cock-ups, Hong Kong protests, and smart TV virus scans

We head to Hong Kong to look at how technology has helped anti-government protesters (and how China has tried to disrupt it), Samsung is skittish over whether to tell TV owners to virus-scan their devices, and you won’t believe whose website is not GDPR-compliant.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by James Thomson.


1 min read

BlueKeep – everyone agrees, you should patch PCs running legacy versions of Windows

I have this horrible feeling that the only way we’re going to wake the world up to the need to patch their ageing versions of Windows against the BlueKeep vulnerability is to wait until a malicious worm begins to spread around the world.

Prove me wrong. Patch now.


1 min read

Smashing Security #131: Zap yourself from the net, and patch now against BlueKeep

Microsoft issues warning to unpatched Windows users about worm risk, and how do you delete all traces of yourself off the internet after you murder your podcast co-host?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault.


1 min read

tripwire.com

HiddenWasp malware seizes control of Linux systems

Security researchers have discovered a new strain of malware that they believe is being used in targeted attacks to seize control of Linux systems and open backdoors for remote hackers.

Read more in my article on the Tripwire State of Security blog.


0 sec read

Smashing Security #130: Doctored videos, Bcc blunders, and a diva

You won’t believe who had to report themselves to the data protection agency for a breach, or who has been sharing doctored videos of political rivals, or how much money you can make selling a laptop infected with malware… and how Carole gets her diva on.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault.


2 min read

Firms, stop sending out automated emails that look suspicious as hell!

Guest contributor Bob Covello isn’t happy about automated emails being sent out by a legal firm.


1 min read

bitdefender.com

$100 million GozNym cybercrime network dismantled as suspects charged

The sophisticated conspiracy saw tens of thousands of victims’ computers infected with the GozNym malware in order to steal online banking passwords, and raid accounts.

Read more in my article on the Hot for Security blog.


0 sec read