Vulnerability

High school election hacked by candidate who exploited weak passwords

When Berkeley High School in California held its first ever elections for student government last month, things went about as well you probably expected…


1 min read

The Samsung Galaxy S10’s ultrasonic fingerprint scanner is hacked

As hacker claims the entire process can be completed in just three minutes, you would be wise to remember that fingerprints are not the same as passwords.


1 min read

bitdefender.com

Unpatched D-Link routers targeted in malicious DNS hijacking campaign

Cybercriminals have been hacking into home routers for the last three months, meddling with DNS settings to redirect users surfing the web towards malicious websites.

Read more in my article on the Bitdefender BOX blog.


0 sec read

Ticketmaster is hit by a £5 million legal action after online payment card theft

A British firm of solicitors, which specialises in helping victims of cybercrime claim compensation, has launched a £5 million (US $6.5 million) legal action against Ticketmaster.


1 min read

Smashing Security #122: The big fat con at Office Depot

Office Depot and OfficeMax are fined millions for tricking customers into thinking their computers were infected with malware, car alarms can make your vehicle less secure, and facial recognition in apartment blocks comes under the microscope.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire’s Dave Bittner.


1 min read

Online training site says it is spamming insecure printers with adverts

Online training site Skillbox says that it has come up with an imaginative way to reach out to potential clients, and invite them to change their careers from being accountants and become graphical designers instead.

The Russian firm’s idea? To send a spam message to thousands of printers left open to the internet.

Is this really happening again?


2 min read

bitdefender.com

Hackable car alarms leave three million cars at risk of hijack

Millions of car owners were left at risk of having their vehicles stolen, because of the poor security of third-party app-connected car alarms.

Read more in my article on the Hot for Security blog.


0 sec read

Facebook Messenger bug made it possible for hackers to see who you have been chatting with

A security researcher has revealed details of a flaw in Facebook Messenger that made it possible for “any website to expose who you have been messaging with.”


1 min read

Smashing Security #118: The ‘s’ in IoT stands for security

Twerking robot assistants, an app from Saudi Arabia that lets men track women, and a gnarly skiing security snarl-up!

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology journalist Geoff White.


1 min read

Smashing Security #116: Stalking debtors, Facebook farce, and a cyber insurance snag

How would *you* track someone who owed you money? What was the colossal flaw Facebook left on its website for anyone to exploit and hijack accounts? And what excuse are insurance companies giving for not paying victims of the NotPetya malware millions of dollars?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Joe Carrigan of the Information Security Institute at Johns Hopkins University.


1 min read

bitdefender.com

450,000 usernames and passwords stolen from Coinmama cryptocurrency broker

Coinmama, a site that is supposed to “make it fast, safe and fun” to buy Bitcoins and Etherium with a credit card, has suffered a data breach that has resulted in almost half a million customers having their personal details breached.

Read more in my article on the Hot for Security blog.


0 sec read

bitdefender.com

Electric scooters can be hijacked remotely – no password required

Security researchers have demonstrated that it’s possible to remotely hijack control of popular electric scooters, forcing them to dangerously brake suddenly or accelerate.

Read more in my article on the Bitdefender Box blog.


0 sec read

VFEmail suffers ‘catastrophic’ attack, as hacker wipes email service’s primary and backup data

There will be many angry customers of VFEmail who will be distraught at the thought that years’ worth of irreplaceable personal and business correspondence may have been wiped out. It’s understandable that some might turn their fury towards VFEmail.

But VFEmail is a victim too.


1 min read

Smashing Security #114: Darknet Diaries, death, and beauty apps

Jack Rhysider from the “Darknet Diaries” podcast joins us to chat about his interview with the elusive Hacker Giraffe, how a death is preventing cryptocurrency investors from reaching their money, and how ‘beauty camera’ apps are redirecting users to phishing websites and stealing their selfies.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast, hosted by computer security veterans Graham Cluley and Carole Theriault.


1 min read

Patch your Android now against critical .PNG image bug

Android users are being reminded to be careful about the files they open on their smartphones, after the discovery that harmless-looking image files could be harbouring malicious code.


41 sec read

Smashing Security #113: FaceTime, Facebook, faceplant

FaceTime bug allows callers to see and hear you *before* you answer the phone, Facebook’s Nick Clegg tries to convince us the social network is changing its ways, and IoT hacking is big in Japan.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes from AMTSO.


1 min read