Graham Cluely Security Blog

Boeing has confirmed that it received a demand for a massive $200 million after a ransomware attack by the notorious LockBit hacking group in October 2023. The company confirmed its link to the indictment of Dmitry Yuryevich Khoroshev, who was identified this week by the US Department of Justice as the true identity of LockBitSupp, the kingpin of the LockBit gang. Read more in my article on the Hot for Security blog.

Do you know Dmitry Yuryevich Khoroshev? If you do, there's a chance that you might well on the way to receiving a reward of up to $10 million. Read more in my article on the Exponential-e blog.

The FBI has issued a warning to US retailers about a financially-motivated malicious hacking ring that has been targeting employees with phishing attacks in an attempt to create fraudulent gift cards. Read more in my article on the Tripwire State of Security blog.

A medical lab that specialises in cancer screenings has admitted to an alarming data breach that left sensitive patient information exposed for years - and accessible by unauthorised parties. California-based Guardant Health is notifying affected individuals that information related to samples collected in late 2019 and 2020 was "inadvertently" left exposed online to the general public after an employee mistakenly uploaded it. Read more in my article on the Hot for Security blog.

The kingpin of the LockBit ransomware is named and sanctioned, a cybersecurity consultant is charged with a $1.5 million extortion, and a romance fraudster defrauded women he met on Tinder of £80,000. All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by “Ransomware Sommelier” Allan Liska.

The UK Government takes aim at IoT devices shipping with weak or default passwords, an identity thief spends two years in jail after being mistaken for the person who stole his name, and are you au fait with the latest scams? All this and much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.

A wave of cheap, crude, amateurish ransomware has been spotted on the dark web - and although it may not make as many headlines as LockBit, Rhysida, and BlackSuit, it still presents a serious threat to organizations. Read more in my article on the Tripwire State of Security blog.

Czech news agency ČTK announced on Tuesday that a hacker had managed to break into its systems and published fake news reports of a plot to murder the president of a neighbouring country. Read more in my article on the Hot for Security blog.

Leicester City Council suffers a crippling ransomware attack, and a massive data breach, but is it out of the dark yet? And as election fever hits India we take a close eye at deepfakery. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

The UK's Leicester City Council was thrown into chaos last month when a crippling cyber attack forced it to shut down its IT systems and phone lines. But the ransomware attack also had a more unusual impact... Read more in my article on the Hot for Security blog.

February's crippling ransomware attack against Change Healthcare, which saw prescription orders delayed across the United States, continues to have serious consequences. Read more in my article on the Hot for Security blog.

The international hotel chain Omni Hotels & Resorts has confirmed that a cyber attack last month saw it shut down its systems, with hackers stealing personal information about its customers. Read more in my article on the Exponential-E blog.

Police have successfully infiltrated and disrupted the fraud platform "LabHost", used by more than 2,000 criminals to defraud victims worldwide. Read more in my article on the Tripwire State of Security blog.

Take That's Gary Barlow chats up a pizza-slinging granny from Essex via Facebook, or does he? And a scam takes a sinister turn - for both the person being scammed and an innocent participant - in Ohio. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Law enforcement officers in Zambia have arrested 77 people at a call centre company they allege had employed local school-leavers to engage in scam internet users around the world. Read more in my article on the Hot for Security blog.