Carole details how companies are spying on their stay-at-home workers, Mikko Hyppönen discusses the trustworthiness of video chat apps, and Graham gets embarrassed when he admits he’s bought a Facebook Portal for his in-laws. All this and much much more is discussed in the latest edition of the award-winning “Smashing Security” podcast with Graham Cluley and Carole Theriault.
In recent days warnings have spread rapidly across social networking sites that the Houseparty app – which makes it easy for anyone to drop in for a video chat with friends locked down during the Coronavirus pandemic – is unsafe. But is there any evidence?
A notorious ransomware gang claims to have successfully compromised the infrastructure… of a company selling cyberinsurance. Read more in my article on the Hot for Security blog.
Past and present employees of General Electric (GE) are learning that their sensitive information has been exposed by a data breach at a third-party service provider. Read more in my article on the Tripwire State of Security blog.
A massive database, containing more than five billion records derived from past security breaches between 2012 and 2019, has been left unprotected, without any password protection on the internet. And who left it exposed? A security firm.
In the last few days it has come to light that blender manufacturer NutriBullet and guitar tuition website Truefire fell foul of hackers who planted Magecart-style malicious code on their sites which went undetected for months, stealing the credit card details and personal information from users. Read more in my article on the Bitdefender Business Insights blog.
How one guy’s exercise routine made him a burglary suspect, how multi-factor authentication can cause headaches as well as stop hacks, and how Virgin Media got itself in a pickle over its sloppy data security. All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.
Security researchers raised the alarm after discovering that hundreds of millions of Whisper users’ intimate messages, tied to their locations, had been left publicly available since the app’s launch in 2012. Read more in my article on the Hot for Security blog.
Nearly 200,000 customers in the United States, who thought they were paying Comcast Xfinity to keep their information safely out of the public eye, have had their details exposed on the company’s online directory… putting their safety and privacy at risk.
One of the UK’s largest internet providers has admitted that it left a database containing the unencrypted details of more than 900,000 UK residents – including existing and potential customers – freely accessible to anybody on the internet, with no password required. Exposed data included records which could have linked users to pornographic websites.
The UK’s Information Commissioner’s Office (ICO) has fined Cathay Pacific for “a number of basic security inadequacies” which resulted in hackers stealing the data of 9.4 million people worldwide – including 111,578 from the UK. Read more in my article on the Hot for Security blog.
Over 10 million people who have stayed at MGM Resorts hotels – including Twitter boss Jack Dorsey and pop idol Justin Bieber – have had their personal details posted online by hackers. Read more in my article on the Tripwire State of Security blog.
China has denied that it was behind the hack of Equifax in 2017, which saw the personal data of hundreds of millions of individuals stolen – including the names, birth dates and social security numbers for nearly half of all American citizens. Read more in my article on the Hot for Security blog.
It may not be the most efficient way to steal data from an organisation, let alone the most practical, but researchers at Ben-Gurion University in Israel have once again detailed an imaginative way to exfiltrate information from an air-gapped computer. Read more in my article on the Tripwire State of Security blog.
Twitter admits to a bug that might have put privacy-conscious users at risk – by revealing what phone numbers are associated with which Twitter accounts.
Despite a previous brush with the law, Ryan Hernandez went on to hack and hack again. Read more in my article on the Hot for Security blog.