data breach

Twitter says a “phone spear phishing” attack helped hackers – what’s that?

What’s a phone spear phishing attack? Twitter shares some more details related to its serious security breach earlier this month which saw celebrity accounts tweeting a cryptocurrency scam.

Smashing Security podcast #189: DNA cock-up, Garmin hack, and virtual kidnappings

Why are students faking their own kidnappings? What’s the story behind Garmin’s ransomware attack? And a genetic genealogy website suffers a hack or two.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Ray REDACTED.

Garmin staggers back online after ransomware attack

Garmin’s online services are beginning to come back to life after it was hit badly by ransomware last week.

But did it pay a ransom to its attackers or not?

Over 1000 Twitter staff and contractors had access to internal tools that helped hackers hijack accounts

As Twitter and law enforcement agencies investigate the high profile attack against Twitter accounts, there is a clear lesson for other businesses to learn.

Read more in my article on the Bitdefender Business Insights blog.

Smashing Security podcast #188: Dinner with Elon Musk and Kris Jenner

Who stopped Twitter’s hackers from stealing more money? Why are Covid-19 researchers being told to ramp up their cybersecurity? How can you find out if your smartphone is infected with stalkerware? And who does Graham think he is turning down a celebrity dinner invite?

Find out in the latest “Smashing Security” podcast, with special guest Lisa Forte.

Politician amongst those who had their direct messages accessed during Twitter hack

More information has emerged related to last week’s attack which saw a number of high profile Twitter accounts hijacked for the purposes of spreading a cryptocurrency scam, as it is revealed a far-right politician had his private messages accessed.

Read more in my article on the Tripwire State of Security blog.

Coinbase stopped scammers from stealing an extra $280,000 during Twitter hack

Maybe Coinbase should send Twitter an invoice, because it certainly sounds like their quick thinking helped prevent last week’s hack from leaving a lot more Twitter users with empty wallets.

Read more in my article on the Hot for Security blog.

Smashing Security podcast #187: Huawei ban, MGM hack, and a contact-tracing cock-up

Login chaos for England’s contact tracing service, our drill-down on the Britain’s Huawei 5G ban, MGM’s blockbuster breach, and how to pronounce “Gigabyte.”

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast with Graham Cluley and Carole Theriault, and special guest Maria Varmazis.

Man who lived luxury lifestyle after hacking LinkedIn and Dropbox is found guilty

Yevgeniy Nikulin lived the high life, funded by a life of cybercrime.

Now he faces a significant prison sentence after stealing millions of user records from the likes of LinkedIn and Dropbox.

Read more in my article on the Hot for Security blog.

Millions of LiveAuctioneers passwords offered for sale following data breach

Researchers claim to have found evidence that cybercriminals are offering for sale a database containing the personal details of 3.4 million users of an online art and antiques auction website, as well as three million cracked passwords.

LiveAuctioneers security breach puts users at risk

LiveAuctioneers, the online website which broadcasts live auctions selling antiques, art, and collectibles, has warned that user details have fallen into unauthorised hands following a security breach.

Ex-Yahoo employee avoids jail, despite hacking 6000 accounts, and stealing nude photos and videos

A former employee of Yahoo has been sentenced and ordered to pay a fine after exploiting his privileged access to hack into the personal accounts of thousands of Yahoo users, in his hunt for naked photographs and videos of young women.

Read more in my article on the Hot for Security blog.

Hackers hijack Twitter account of Russia’s Ministry of Foreign Affairs, offer to sell stolen data

A hacked Russian government Twitter account offers to sell a tourist database for 66 bitcoins (approximately US $499,000).

Websites of eight US cities poisoned by malware skimming the credit card details of residents

Beware if you’re paying your bills for local government services – the payment information you type into that web form may be heading straight to cybercriminals.

Voice recordings from domestic violence alerting app exposed on the internet

A smartphone app, disguised as a regular app delivering the top world, sports, and entertainment news, containing a secret feature that allows victims of domestic abuse to send a covert distress call for help at the touch of a button.

What could possibly go wrong?

Read more in my article on the Hot for Security blog.

Smashing Security podcast #184: Vanity Bitcoin wallets, BlueLeaks, and a Coronavirus app conspiracy

A conspiracy spreads on social media about Coronavirus tracing apps, US police find decades’ worth of sensitive data leaked online, and is there a Bitcoin bonanza to be had from watching Elon Musk YouTube videos?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by Graham Cluley and Carole Theriault, joined this week by the BBC’s Zoe Kleinman.