Malware

Smashing Security #125: Pick of the thief!

WannaCry’s “accidental hero” pleads guilty to malware charges, Samsung and Nokia have fingerprint fumbles, the NCSC publishes a list of 100,000 dreadful passwords, and Apple finds itself at the centre of an identity mix-up.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes.


1 min read

Smashing Security #124: Poisoned porn ads, the A word, and why why why Wipro?

The hacker who lived the high life after spreading malware via porn sites, Wipro demonstrates how to turn a cybersecurity crisis into a PR disaster, and why are humans listening in to your Alexa conversations?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Brian Honan.


1 min read

bitdefender.com

Bayrob malware gang convicted of infecting over 400,000 computers worldwide, stealing millions through online auction fraud

A US court has convicted two Romanian hackers belonging to the Bayrob malware gang after they infected over 400,000 computers around the world, and stole millions of dollars.

Read more in my article on the Hot for Security blog.


0 sec read

tripwire.com

High-rolling hacker jailed after launching malware attacks via porn websites

A British man has been jailed for over six years after exploiting ad networks on pornographic websites to spread malware onto innocent users’ computers.

Read more in my article on the Tripwire State of Security blog.


0 sec read

The scourge of stalkerware

Stalkerware. Software that allows someone else to spy upon every SMS text message you send or receive, who you’re speaking to on your smartphone phone, the pictures in your photo library, every social media post you make, your current location, and where you go and when.

The EFF’s Eva Galperin calls on the security industry to take stalkerware more seriously.


1 min read

Ticketmaster is hit by a £5 million legal action after online payment card theft

A British firm of solicitors, which specialises in helping victims of cybercrime claim compensation, has launched a £5 million (US $6.5 million) legal action against Ticketmaster.


1 min read

Smashing Security #122: The big fat con at Office Depot

Office Depot and OfficeMax are fined millions for tricking customers into thinking their computers were infected with malware, car alarms can make your vehicle less secure, and facial recognition in apartment blocks comes under the microscope.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire’s Dave Bittner.


1 min read

In its ransomware response, Norsk Hydro is an example for us all

It’s been over two weeks now since Norsk Hydro, one of the world’s largest producers of aluminium, was hit by a ransomware attack that hit 160 of its plants worldwide, forcing many of its sites to switch to manual operations.

And they’re handling things really rather well…


1 min read

Terrorist’s mainfesto used to spread disk-wiping malware

Following mass-shooting in New Zealand, someone has taken a copy of the terrorist’s Word document and weaponised it to download malicious code from the internet.


58 sec read

bitdefender.com

Office Depot fined millions for tricking customers into believing their PCs were infected with malware

Office Depot, and its partner Support.com, have been fined $35 million for using the PC Health Check tune-up service to dupe people into buying unnecessary computer repair and technical services.

Read more in my article on the Hot for Security blog.


0 sec read

Smashing Security #121: Hijacked motel rooms, ASUS PCs, and leaky apps

An app leaking private conversations and intimate photographs is ignoring requests to fix the problem, hackers poison a security update sent to ASUS PCs, and how to protect your privacy in motel rooms.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.


1 min read

tripwire.com

Asus pushes out urgent security update after its own automatic Live Update tool was hacked

Taiwan-based technology giant Asus is advising concerned customers to run a newly-created diagnostic tool on their Windows computers after hackers pushed out malware to what some security researchers have estimated to be as many as one million PCs using Asus’s own Live Update software tool.

Read more in my article on the Tripwire State of Security blog.


0 sec read

Hackers poison Asus software updates, may have infected one million PCs

Hundreds of thousands of Asus PCs may have been infected with malware installed by Asus’s own automatic Live Update tool.


2 min read

DLA Piper and its insurers clash over multi-million NotPetya payout

Multinational law firm was hit in the crossfire as Russia-backed ransomware spread, and Hiscox is reportedly declining to pay up citing an “act of war”.


1 min read

Smashing Security #120: Silk Road with Deliveroo

Online drug dealers get busted due to poor OPSEC! People are still failing to wipe their USB sticks properly! A potential presidential candidate is outed as a former hacker! Flat Earthers! Pi! Empathy!

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.


1 min read

Hydro working hard to recover following ransomware attack

You can’t help but get the feeling that this was a highly-organised extortion attempt against Norsk Hydro.


1 min read