Phishing

welivesecurity.com

Ethereum cryptocurrency wallets raided after Amazon’s internet domain service hijacked

Approximately US $150,000 worth of Ethereum-based cryptocurrency stolen from MyEtherWallet users.

Read more in my article on the We Live Security blog.


0 sec read

bitdefender.com

Hackers continue to exploit hijacked MailChimp accounts in cybercrime campaigns

MailChimp, a service that millions of people around the world use to send out email newsletters, is being abused by hackers to spam out malware.

Read more in my article on the Hot for Security blog.


0 sec read

bitdefender.com

Know who hacked the Binance cryptocurrency exchange? Earn $250,000

Binance, one of the world’s biggest cryptocurrency exchanges by trading volume, has offered a reward equivalent to $250,000 to anyone providing information that leads to the arrest of hackers who attacked the platform last week.

Read more in my article on the Hot for Security blog.


0 sec read

Hope Hicks hacked

So-called “Trump Whisperer” Hope Hicks claims that she has fallen victim to email hackers, and so cannot provide emails requested by the House Intelligence Committee.


1 min read

bitdefender.com

Apple issues advice on how to spot App Store and iTunes phishing scams

Apple has responded to a spate of legitimate-looking App Store and iTunes phishing emails by releasing a new support document, outlining how customers can better protect themselves.

Read more in my article on the Hot for Security blog.


0 sec read

bitdefender.com

Form W-2 data thefts are rocketing, warns FBI

Businesses beware! Online criminals have ramped up their attempts to steal W-2 information from the finance and human resources departments of organisations, according to a warning issued by the FBI.

Read more in my article on the Hot for Security blog.


0 sec read

How to protect your browser from Unicode domain phishing attacks

Phishers and other online crooks are taking advantage of Unicode domain names in their pursuit of your passwords and other sensitive information. Here’s a simple way to protect yourself.


2 min read

Smashing Security #066: Passwords, pirates, and postcards

Flight simulators packed with password-grabbing malware, Facebook fighting Russian trolls, and how vulnerability researchers fear being sued.

All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest Dave Bittner from The CyberWire podcast.


1 min read

tripwire.com

How a Bitcoin phishing gang made $50 million with the help of Google AdWords

A cybercrime gang based in Ukraine is estimated to have made as much as $50 million after tricking Bitcoin investors into handing over the login credentials for their online wallets.

Read more in my article on the Tripwire State of Security blog.


0 sec read

Google is bringing AMP to email

We need to keep an eye on this. Making email “richer” in terms of features has always brought new security challenges.


1 min read

Smashing Security #064: So just a ‘teeny tiny’ security issue then?

A Namecheap vulnerability allows strangers to make subdomains for your website, Troy Hunt examines password length, and ex-Google and Facebook employees are fighting to protect kids from social media addiction.

All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest HaveIBeenPwned’s Troy Hunt.


1 min read

One year later, the UK’s Active Cyber Defence is seeing good results

The National Cyber Security Centre (NCSC), which tasks itself with “helping to make the UK the safest place to live and do business online”, has published an impressive report into the progress it has made with what it calls its “Active Cyber Defence” programme.


2 min read

Smashing Security podcast #056: Peeping Toms, prison hacks, and parliamentary passwords

Why you should check your Airbnb for hidden cameras, a hacker attempts a different kind of jailbreak, and British MPs prove that they really are clueless when it comes to cybersecurity.

All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest Ian Whalley.


1 min read

welivesecurity.com

Think you deleted that embarrassing WhatsApp message you sent? Think again

if there’s one thing we should all have learnt from our years on the internet it’s this – once you say something somewhere, it’s very hard to take it back and pretend it never happened.

Read more in my article on the We Live Security blog.


0 sec read

Can you see why this WhatsApp message can’t be trusted?

Take a look at this WhatsApp message. Can you see why you should be wary of clicking?


1 min read

Smashing Security #049: Hacking funeral homes, crypto mining websites, and careful with that hairspray

Scammers show a lack of imagination after hacking a funeral home, more websites are secretly stealing visitors’ resources to mine for cryptocurrency, and everyone is very confused about the USA’s airline laptop ban.

All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Register’s John Leyden.


1 min read