A new report into the state of ransomware at the tail end of 2019 has revealed that things aren’t getting any better.
Read more in my article on the Tripwire State of Security blog.
Your trip into work today might be delayed by slippery roads, dense fog, and a Citrix vulnerability.
Citrix has announced that it has teamed up with security researchers at FireEye to produce a free forensic tool which can help your business hunt for potential Indicators of Compromise related to the CVE-2019-19781 vulnerability.
A hospital gets hacked because of an ex-employee’s grudge, robocalls are on the rise, and we share a scary story about the future of facial recognition.
All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Michael Hucks.
Past and current customers of a cosmetic surgery clinic are contacted by hackers making ransom demands, after they broke into its network and stole personal information.
Samy Bensaci, an 18-year-old living in Montreal, Canada, has been charged in connection with the theft of over $50 million worth of cryptocurrency in a SIM-swapping scam.
Find out what a SIM swap scam is, and read more in my article on the Hot for Security blog.
Red faces at Microsoft after a security researcher discovered an internal customer support database had been left exposed for anyone on the internet to access – no password required.
An investigation has concluded that Jeff Bezos’s smartphone was hacked after receiving a WhatsApp message from Mohammed bin Salman.
Read more about the background behind the story, and what we know so far.
Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! At Recorded Future, we believe every security team can benefit from threat intelligence. That’s why we’ve published “The Threat Intelligence Handbook.” It’s aimed at helping security professionals realize the advantages of threat […]
Exams cancelled? University closing due to Brexit? A mischievous email from Southampton’s Vice-Chancellor
Clues sprinkled through the poorly-written email, however, reveal that its author has not done his homework.
Watch out car drivers. If you have have installed a BlackVue dash cam into your vehicle you might have unwittingly made available your real-time GPS location.
Sextortion scam leverages Nest video footage to fool victims into believing they are being spied upon everywhere
A bizarre sextortion scam is attempting to trick victims that not only has their smartphone been hacked to spy upon their private lives, but also every other device they have encountered which contains a built-in camera.
Read more in my article on the Hot for Security blog.
Over the weekend Citrix announced that its plans to release patches for critical vulnerabilities in its technology, used by tens of thousands of businesses worldwide, have significantly sped up.
Video game maker Ubisoft gas filed a lawsuit against the alleged operators of a DDoS-for-hire website, claiming they are “well aware of the harm” the service has caused for the company, after its Rainbow Six: Siege servers were disrupted.
UFC champ Kamaru Usman says his Twitter account was hacked, after series of explicit tweets against Conor McGregor
UFC’s Kamaru Usman claims his Twitter account was hacked, after it posted explicit messages about rival fighter Conor McGregor and his partner Dee Devlin.
The hackers cleaning up Shitrix-vulnerable Citrix equipment are no modern day Robin Hoods.
They’re inoculating vulnerable devices from further Shitrix attacks, but at the same time opening a secret backdoor to allow future cybercriminal campaigns.
Microsoft has warned Windows users that there is an unpatched zero-day vulnerability in Internet Explorer that is being exploited in targeted attacks.
Travelex, the foreign currency exchange service whose services have been knocked offline since New Year’s eve by a cyber attack, is declining to say if it has paid a ransom to the criminals responsible.
An Egyptian scammer has a unique style when it comes to chatting up his victims.
WeLeakInfo, the site which sold access to passwords stolen in data breaches, is brought down by the FBI
Law enforcement agencies have seized control of the domain of WeLeakInfo, a website offering cheap access to billions of personal credentials stolen from approximately 10,000 data breaches.