data breach

Smashing Security #132: CBP cyber attack, an iPhone privacy boost, and Twitter list abuse

United States Customs and Border Protection had sensitive data stolen, but the hackers didn’t have to breach its network. Apple has ambitious plans to make iPhone users safer online. And trolls are using Twitter lists to target their victims.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.


1 min read

Donald Trump accidentally reveals “secret” plan by waving document around

The President of the United States took to the sunshine-filled garden of the White House to wave around what he claimed was a secret agreement on migration with Mexico.

It wasn’t a secret for long…


35 sec read

Radiohead refuses to pay $150,000 ransom for ‘hacked’ recordings, releases them instead

How do you stop a hacker from making a fortune out of the files they have stolen from you? Files that thousands of people are probably desperate to own?

Simple. You make the files readily available to anyone on the internet to access.


1 min read

Radisson Rewards may have leaked your data… again

If you’ve ever stayed at a Radisson Hotel and joined the Radisson Rewards loyalty program then your loyalty to the brand may be tested somewhat by an email they have been sending some members today.


1 min read

New Zealand budget details leaked due to website sloppiness, not hackers

Earlier this week, the New Zealand government was claiming that it had suffered a “deliberate and systematic” hacking attack that resulted in budget details ending up in the hands of its political opponents.

But that’s not what had really happened…


1 min read

Hackers stole Flipboard users’ email addresses and hashed passwords

Flipboard warns that hackers gained access to its systems and accessed hashed passwords for nine months.


1 min read

tripwire.com

Data on millions of Instagram accounts spills onto the internet

A security researcher has discovered a publicly-accessible database containing the details of millions of Instagram users, including their contact information.

Read more in my article on the Tripwire State of Security blog.


0 sec read

tripwire.com

Forbes subscribers warned of Magecart threat skimming credit card details

The notorious Magecart malware, that blights online stores by stealing payment card details from unsuspecting shoppers at checkout, has claimed another high profile victim.

Read more in my article on the Tripwire State of Security blog.


0 sec read

Docker Hub security breach exposes credentials of 190,000 users

Some bad news arrived late on Friday in the inboxes of users of Docker, the container platform beloved by developers. A hacker accessed usernames, hashed passwords, GitHub and Bitbucket tokens.


1 min read

bitdefender.com

Bodybuilders beware! One of the world’s largest online fitness stores hit by security breach

Fitness fanatics are being advised to change their passwords after one of the world’s largest and most popular online fitness stores admitted that it had suffered a security breach that might have exposed customer data.

Read more in my article on the Hot for Security blog.


0 sec read

Smashing Security #124: Poisoned porn ads, the A word, and why why why Wipro?

The hacker who lived the high life after spreading malware via porn sites, Wipro demonstrates how to turn a cybersecurity crisis into a PR disaster, and why are humans listening in to your Alexa conversations?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Brian Honan.


1 min read

tripwire.com

Unsecured databases found leaking half a billion resumes onto the net, no password required

A staggering 590 million resumes have leaked from poorly-secured Chinese companies in just the last three months.

Read more in my article on the Tripwire State of Security blog.


0 sec read

540 million Facebook records left exposed due to sloppy third-party developer security

Security researchers have discovered a huge amount of data containing information about tens of thousands of Facebook users, left available for anyone to access – no password required.

The culprits? Third-party developers.


2 min read

Smashing Security #121: Hijacked motel rooms, ASUS PCs, and leaky apps

An app leaking private conversations and intimate photographs is ignoring requests to fix the problem, hackers poison a security update sent to ASUS PCs, and how to protect your privacy in motel rooms.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.


1 min read

bitdefender.com

Popular family tracking app exposed real-time location data onto the internet – no password required

More than 238,000 individuals users have had their family’s real-time location exposed for weeks on end after an app developer left sensitive data exposed on the internet, without a password.

Read more in my article on the Hot for Security blog.


0 sec read

bitdefender.com

Man arrested for selling one million Netflix, Spotify, Hulu passwords

The WickedGen website bragged that it had over 120,000 users and almost one million sets of account details, offering monthly and yearly membership plans for those who wanted “access to thousands of premium accounts across a huge range of services.”

Read more in my article on the Hot for Security blog.


0 sec read