News
The inside story of the Maersk NotPetya ransomware attack, from someone who was there
Jun 25, 2020Gavin Ashton was an IT security guy working at Maersk at the time of it was hit hard by the NotPetya ransomware. Now he’s written an article about his experiences, and shares advice for others.
Smashing Security podcast #184: Vanity Bitcoin wallets, BlueLeaks, and a Coronavirus app conspiracy
Jun 25, 2020A conspiracy spreads on social media about Coronavirus tracing apps, US police find decades’ worth of sensitive data leaked online, and is there a Bitcoin bonanza to be had from watching Elon Musk YouTube videos? All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by Graham Cluley and Carole Theriault, joined this week by the BBC’s Zoe Kleinman.
DDoSecrets thrown off Twitter after distributing 269GB BlueLeaks data dump
Jun 24, 2020The activist group Distributed Denial of Secrets, perhaps better known by their shorter but clumsy moniker DDoSecrets, has been permanently banned from Twitter. Read more in my article on the Hot for Security blog.
HEY pulls feature which could expose email threads without participants’ knowledge
Jun 24, 2020HEY, a new service which aims to revolutionise users’ inboxes, admits it made a mistake which could have made it too easy for private messages to be exposed.
Pubs and restaurants left guessing after being told to collect customer data as lockdown eases
Jun 24, 2020In just ten days, the UK Government says English pubs, restaurants, and cafes can open again for business. However, they are told that they should collect contact information about every customer and visitor to their premises. But what they’re not told is how they should do this in a way that protects people’s security and privacy.
Stalker Online hacked! Over one million gamers’ passwords made available for download
Jun 22, 2020More than one million players of the video game Stalker Online have been put at risk after hackers offered them for sale on the darknet.
Woman who deliberately deleted firm’s Dropbox is sentenced
Jun 19, 202058-year-old Danielle Bulley may not look like your typical cybercriminal, but the act of revenge she committed against a company had just as much impact as a conventional hacker breaking into a business’s servers and causing havoc. Read more in my article on the Hot for Security blog.
Aussie surfer’s hacked Instagram sent sexually explicit images to her 40,000 followers
Jun 19, 202018-year-old Blaze Angel Roberts is a talented surfer with 40,000 Instagram followers. Unfortunately, her popularity also seems to have drawn the unwanted attention of hackers, who successfully tricked her into clicking on a phishing link, and handing over the password to her email account.
Copied master key forces South African bank to replace 12 million cards
Jun 18, 2020Fraudsters stole more than $3.2 million from the banking division of South Africa’s post office, after – in a catastrophic breach of security – employees printed out the bank’s master key. Read more in my article on the Tripwire State of Security blog.
Smashing Security podcast #183: MAMILs, gameshows, and a surprise from eBay
Jun 18, 2020A TV gameshow with cash prizes if you’re obeying Coronavirus lockdown rules, ex-Ebay staff charged in crazy cyberstalking case, and when the wrong cyclist was accused by the internet bearing pitchforks. All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.
New Mac malware spreads disguised as Flash Player installer via Google search results
Jun 17, 2020Apple Mac users are warned of a new in-the-wild malware threat which masquerades as an installer for Adobe Flash Player.
NHS Test & Trace sends text to wrong person, telling them they tested negative for Coronavirus
Jun 17, 2020A former MP warns that she received a message intended for someone else, with the results of their Coronavirus test.
Credit-card skimming malware hit websites as Coronavirus lockdown forced retailers to close high street stores
Jun 16, 2020On March 20th, the Claire’s accessories retail chain beloved by young girls around the world made the sensible decision to close all of its physical stores in response to the Coronavirus Covid-19 pandemic. A nuisance for shoppers, certainly. But also an opportunity if you were a malicious hacker. Read more in my article on the Bitdefender Business Insights blog.
“Rebooting” – a video chat with Lisa Forte
Jun 16, 2020Lisa Forte interviews me about how someone once turned me into a computer virus, some of the ethical issues that come out of blogging about security, and what you say when hackers contact you asking for help in blackmailing their victims.
Despite resolution not to give in to hackers’ ransom demands, some cities are still paying up after attacks
Jun 12, 2020The City of Florence in northern Alabama has agreed to pay a ransom of US $300,000 worth of Bitcoin to hackers who compromised its computer systems and deployed ransomware. And they’re not the only US city finding themselves dealing with the aftermath of a ransomware outbreak this week… Read more in my article on the Hot for Security blog.
Suspicious wife fails to get good password advice from The Guardian
Jun 12, 2020The Guardian offers relationship advice over an unwise password choice, but fails to give any good password advice.