News

Coinbase stopped scammers from stealing an extra $280,000 during Twitter hack

Maybe Coinbase should send Twitter an invoice, because it certainly sounds like their quick thinking helped prevent last week’s hack from leaving a lot more Twitter users with empty wallets.

Read more in my article on the Hot for Security blog.

UK Government chose not to investigate if Russian hackers interfered in Brexit referendum, report reveals

No-one in Government knew if Russia had interfered in the EU vote, and they actively avoided any effort to ask questions to find out…

Mitre, the creepy company checking your fingerprints on Facebook for the US Government

Cybercrime reporter Thomas Brewster has written a fascinating exposé of the activities of Mitre Corporation, which has taken on some eyebrow-raising projects for the US government.

Career Notes podcast – Have to be able to communicate to everybody

The folks behind The Cyberwire podcast interviewed me for a new series of shows, looking at how people joined the cybersecurity industry.

Insecure IoT devices could be banned and destroyed if they fail to meet UK security standards

IoT devices could be banned from sale and destroyed if they fail to meet basic security standards, according to proposals put forward by the UK Government.

Read more in my article on the Bitdefender BOX blog.

The Twitter hack: Why Elon Musk, Bill Gates, Jeff Bezos and others might have reason to be worried

The real worry of the Twitter hack is not the cryptocurrency scam that was spammed out, but that attackers might have accessed private messages sent and received by the rich and powerful.

The Twitter mega-hack. What you need to know

Multiple Twitter accounts have been hacked as part of a Bitcoin scam, and it’s one of the biggest security disasters in Twitter’s history.

Read more in my article on the Tripwire State of Security.

Smashing Security podcast #187: Huawei ban, MGM hack, and a contact-tracing cock-up

Login chaos for England’s contact tracing service, our drill-down on the Britain’s Huawei 5G ban, MGM’s blockbuster breach, and how to pronounce “Gigabyte.”

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast with Graham Cluley and Carole Theriault, and special guest Maria Varmazis.

“Secure in your thoughts” – malware memories and brain passwords in the Stroke of Genius podcast

I’m in the latest episode of the “Stroke of Genius” podcast, which looks at passwords and how researchers are exploring ways to use brain patterns as a way to unlock devices.

I’m on hand to describe the workings of some notorious password-stealing malware, and also share some stories of how computer games helped me get a job in the cybersecurity industry.

Man who lived luxury lifestyle after hacking LinkedIn and Dropbox is found guilty

Yevgeniy Nikulin lived the high life, funded by a life of cybercrime.

Now he faces a significant prison sentence after stealing millions of user records from the likes of LinkedIn and Dropbox.

Read more in my article on the Hot for Security blog.

Millions of LiveAuctioneers passwords offered for sale following data breach

Researchers claim to have found evidence that cybercriminals are offering for sale a database containing the personal details of 3.4 million users of an online art and antiques auction website, as well as three million cracked passwords.

LiveAuctioneers security breach puts users at risk

LiveAuctioneers, the online website which broadcasts live auctions selling antiques, art, and collectibles, has warned that user details have fallen into unauthorised hands following a security breach.

Google’s ad ban won’t stop stalkerware apps from promoting themselves

Google has announced that from August 2020 it will be prohibiting ads for stalkerware products and services.

But a loophole means that the companies behind creepy stalkerware apps will still be able to advertise themselves.

Cosmic Lynx: The highly-professional cybercrime gang scamming businesses out of millions of dollars

Things just got serious.

Business Email Compromise is no longer solely the province of chancers. Organised criminal gangs with a high level of professionalism have seen the opportunity and seized it.

Read more in my article on the Tripwire State of Security blog.