password

Zara Larsson wants your password so she can watch Game of Thrones

When a celebrity asks if you can share your password…


37 sec read

bitdefender.com

Hacker could locate thousands of cars and kill their engines remotely via poorly-secured GPS tracking apps

App accounts were “protected” by a default password. That password? 123456.

Read more in my article on the Hot for Security blog.


0 sec read

High school election hacked by candidate who exploited weak passwords

When Berkeley High School in California held its first ever elections for student government last month, things went about as well you probably expected…


1 min read

Some 2000 Facebook staff had access to millions of Facebook users’ passwords… stored in plaintext

Stretching back as far as 2012, Facebook has been storing the passwords of hundreds of millions of users unencrypted, in plaintext.

And those passwords were searchable by Facebook staff…


2 min read

bitdefender.com

Man arrested for selling one million Netflix, Spotify, Hulu passwords

The WickedGen website bragged that it had over 120,000 users and almost one million sets of account details, offering monthly and yearly membership plans for those who wanted “access to thousands of premium accounts across a huge range of services.”

Read more in my article on the Hot for Security blog.


0 sec read

Find QuadrigaCX’s missing $190 million, and you could win a $100,000 bounty

There has been another twist in the curious case of QuadrigaCX, a Canadian cryptocurrency exchange whose CEO unexpectedly and suddenly died without telling anyone else his password.

And it sounds like more troubling news for investors.


2 min read

tripwire.com

Google Chrome extension warns if your password has been leaked

Google has released an optional extension for its Chrome browser that will trigger a visual warning if it determines you are using a username/password combination that it knows to be unsafe.

Read more in my article on the Tripwire State of Security blog.


0 sec read

Smashing Security #114: Darknet Diaries, death, and beauty apps

Jack Rhysider from the “Darknet Diaries” podcast joins us to chat about his interview with the elusive Hacker Giraffe, how a death is preventing cryptocurrency investors from reaching their money, and how ‘beauty camera’ apps are redirecting users to phishing websites and stealing their selfies.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast, hosted by computer security veterans Graham Cluley and Carole Theriault.


1 min read

Every day should be Safer Internet Day

To celebrate the day after Safer Internet Day, here are my top five tips for staying safe online.


1 min read

Got a Nest security camera? Enable two-step verification now

Two-step verification (2SV) combined with a unique password makes it harder for a hacker to see what you’re doing in your home.


56 sec read

The Collection #1 data breach – what you need to do about it

A huge collection of email addresses and passwords, which can be used in attempts to break into online accounts, has been discovered.

If you are one of the affected users, what should you do about it?


2 min read

tripwire.com

Reddit users locked out of accounts after ‘security concern’

A large number of Reddit users are being told that they will have to reset their passwords in order to regain access to their accounts following what the site is calling a “security concern.”

The lockout has occurred as Reddit’s security team investigates what appears to have been an attempt to log into many users’ accounts through a credential-stuffing attack.

Read more in my article on the Tripwire State of Security blog.


0 sec read

bitdefender.com

Spooked by a speaking security camera? Polite hacker tells owner how to fix his IoT security

The “white hat” hacker, who claimed to be part of a group calling itself the “Anonymous Calgary Mindhive”, said it hadn’t been hard for him to hijack control of a man’s Nest security camera.

Read more in my article on the Bitdefender Box blog.


0 sec read

Smashing Security #107: Sextorting the US army, and a Touch ID scam

Fitness apps exploit TouchID through a sneaky user interface trick, tech giants claim to have a plan to banish passwords, and you won’t believe who was behind a sextortion scam that targeted over 400 members of the US military.

All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by ferret-loving ethical hacker Zoë Rose.


1 min read

It looked like a Citrix ShareFile phishing attack, but wasn’t

Guest contributor Bob Covello isn’t happy about a password reset email that Citrix has been sending its customers.

If you’re a company contacting your customers via email, please make sure it doesn’t look phishy.


1 min read

bitdefender.com

Germany proposes security guidelines for routers, but not everybody is happy

The German government has published draft guidelines on how it believes broadband routers should be secured. But some people think more could be done.

Read more in my article on the Bitdefender Box blog.


0 sec read