News

bitdefender.com

DDoSecrets thrown off Twitter after distributing 269GB BlueLeaks data dump

The activist group Distributed Denial of Secrets, perhaps better known by their shorter but clumsy moniker DDoSecrets, has been permanently banned from Twitter.

Read more in my article on the Hot for Security blog.

HEY pulls feature which could expose email threads without participants’ knowledge

HEY, a new service which aims to revolutionise users’ inboxes, admits it made a mistake which could have made it too easy for private messages to be exposed.

Pubs and restaurants left guessing after being told to collect customer data as lockdown eases

In just ten days, the UK Government says English pubs, restaurants, and cafes can open again for business.

However, they are told that they should collect contact information about every customer and visitor to their premises. But what they’re not told is how they should do this in a way that protects people’s security and privacy.

Stalker Online hacked! Over one million gamers’ passwords made available for download

More than one million players of the video game Stalker Online have been put at risk after hackers offered them for sale on the darknet.

bitdefender.com

Woman who deliberately deleted firm’s Dropbox is sentenced

58-year-old Danielle Bulley may not look like your typical cybercriminal, but the act of revenge she committed against a company had just as much impact as a conventional hacker breaking into a business’s servers and causing havoc.

Read more in my article on the Hot for Security blog.

Aussie surfer’s hacked Instagram sent sexually explicit images to her 40,000 followers

18-year-old Blaze Angel Roberts is a talented surfer with 40,000 Instagram followers.

Unfortunately, her popularity also seems to have drawn the unwanted attention of hackers, who successfully tricked her into clicking on a phishing link, and handing over the password to her email account.

tripwire.com

Copied master key forces South African bank to replace 12 million cards

Fraudsters stole more than $3.2 million from the banking division of South Africa’s post office, after – in a catastrophic breach of security – employees printed out the bank’s master key.

Read more in my article on the Tripwire State of Security blog.

Smashing Security podcast #183: MAMILs, gameshows, and a surprise from eBay

A TV gameshow with cash prizes if you’re obeying Coronavirus lockdown rules, ex-Ebay staff charged in crazy cyberstalking case, and when the wrong cyclist was accused by the internet bearing pitchforks.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

New Mac malware spreads disguised as Flash Player installer via Google search results

Apple Mac users are warned of a new in-the-wild malware threat which masquerades as an installer for Adobe Flash Player.

NHS Test & Trace sends text to wrong person, telling them they tested negative for Coronavirus

A former MP warns that she received a message intended for someone else, with the results of their Coronavirus test.

bitdefender.com

Credit-card skimming malware hit websites as Coronavirus lockdown forced retailers to close high street stores

On March 20th, the Claire’s accessories retail chain beloved by young girls around the world made the sensible decision to close all of its physical stores in response to the Coronavirus Covid-19 pandemic.

A nuisance for shoppers, certainly. But also an opportunity if you were a malicious hacker.

Read more in my article on the Bitdefender Business Insights blog.

“Rebooting” – a video chat with Lisa Forte

Lisa Forte interviews me about how someone once turned me into a computer virus, some of the ethical issues that come out of blogging about security, and what you say when hackers contact you asking for help in blackmailing their victims.

bitdefender.com

Despite resolution not to give in to hackers’ ransom demands, some cities are still paying up after attacks

The City of Florence in northern Alabama has agreed to pay a ransom of US $300,000 worth of Bitcoin to hackers who compromised its computer systems and deployed ransomware.

And they’re not the only US city finding themselves dealing with the aftermath of a ransomware outbreak this week…

Read more in my article on the Hot for Security blog.

Suspicious wife fails to get good password advice from The Guardian

The Guardian offers relationship advice over an unwise password choice, but fails to give any good password advice.

tripwire.com

Babylon Health app leaked patients’ video consultations

Babylon Health, makers of a smartphone app that allows Brits to have consultations with NHS doctors, has admitted that a “software error” resulted in some users being able to access other patients’ private video chats with GPs.

Read more in my article on the Tripwire State of Security blog.

Smashing Security podcast #182: Space Force, credit card fraud, and beep-ti-beep

Graham finds himself in hot water with a security firm after a data breach, Carole discusses credit card fraud, and we have a pleasant surprise for Thom Langford, who appears to have mostly agreed to be a guest to promote his own podcast.

All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown’s Thom Langford.