Graham Cluely

Ransomware: The average ransom payment has doubled in just three months

Graham Cluely Security Blog - Thu, 01/23/2020 - 11:19am

A new report into the state of ransomware at the tail end of 2019 has revealed that things aren’t getting any better.

Read more in my article on the Tripwire State of Security blog.

Categories: Graham Cluely

Traffic jams could be worse than normal, because of the Shitrix vulnerability

Graham Cluely Security Blog - Thu, 01/23/2020 - 10:56am

Your trip into work today might be delayed by slippery roads, dense fog, and a Citrix vulnerability.

Categories: Graham Cluely

A free tool for detecting Shitrix-related compromises on your business network

Graham Cluely Security Blog - Thu, 01/23/2020 - 6:40am

Citrix has announced that it has teamed up with security researchers at FireEye to produce a free forensic tool which can help your business hunt for potential Indicators of Compromise related to the CVE-2019-19781 vulnerability.

Categories: Graham Cluely

Smashing Security #162: Robocalls, health hacks, and facial recognition fears

Graham Cluely Security Blog - Thu, 01/23/2020 - 3:53am

A hospital gets hacked because of an ex-employee’s grudge, robocalls are on the rise, and we share a scary story about the future of facial recognition.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Michael Hucks.

Categories: Graham Cluely

Plastic surgery patients at risk after ransomware attack

Graham Cluely Security Blog - Wed, 01/22/2020 - 10:31am

Past and current customers of a cosmetic surgery clinic are contacted by hackers making ransom demands, after they broke into its network and stole personal information.

Categories: Graham Cluely

Teenager charged over $50 million SIM-swap cryptocurrency theft

Graham Cluely Security Blog - Wed, 01/22/2020 - 8:57am

Samy Bensaci, an 18-year-old living in Montreal, Canada, has been charged in connection with the theft of over $50 million worth of cryptocurrency in a SIM-swapping scam.

Find out what a SIM swap scam is, and read more in my article on the Hot for Security blog.

Categories: Graham Cluely

Microsoft data breach exposes 250 million customer service and support records

Graham Cluely Security Blog - Wed, 01/22/2020 - 8:55am

Red faces at Microsoft after a security researcher discovered an internal customer support database had been left exposed for anyone on the internet to access – no password required.

Categories: Graham Cluely

Jeff Bezos, WhatsApp, and Mohammed bin Salman – what you need to know

Graham Cluely Security Blog - Wed, 01/22/2020 - 5:39am

An investigation has concluded that Jeff Bezos’s smartphone was hacked after receiving a WhatsApp message from Mohammed bin Salman.

Read more about the background behind the story, and what we know so far.

Categories: Graham Cluely

Unlock the power of threat intelligence with this practical guide. Get your free copy now

Graham Cluely Security Blog - Tue, 01/21/2020 - 9:00am

Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! At Recorded Future, we believe every security team can benefit from threat intelligence. That’s why we’ve published “The Threat Intelligence Handbook.” It’s aimed at helping security professionals realize the advantages of threat […]

Categories: Graham Cluely

Exams cancelled? University closing due to Brexit? A mischievous email from Southampton’s Vice-Chancellor

Graham Cluely Security Blog - Tue, 01/21/2020 - 6:38am

Clues sprinkled through the poorly-written email, however, reveal that its author has not done his homework.

Categories: Graham Cluely

Internet-enabled dash cams that allow anyone to track your GPS location in real-time

Graham Cluely Security Blog - Tue, 01/21/2020 - 5:27am

Watch out car drivers. If you have have installed a BlackVue dash cam into your vehicle you might have unwittingly made available your real-time GPS location.

Categories: Graham Cluely

Sextortion scam leverages Nest video footage to fool victims into believing they are being spied upon everywhere

Graham Cluely Security Blog - Mon, 01/20/2020 - 10:21am

A bizarre sextortion scam is attempting to trick victims that not only has their smartphone been hacked to spy upon their private lives, but also every other device they have encountered which contains a built-in camera.

Read more in my article on the Hot for Security blog.

Categories: Graham Cluely

Good news. Citrix delivers first patches to mop up Shitrix flaw that is being actively exploited

Graham Cluely Security Blog - Mon, 01/20/2020 - 7:10am

Over the weekend Citrix announced that its plans to release patches for critical vulnerabilities in its technology, used by tens of thousands of businesses worldwide, have significantly sped up.

Categories: Graham Cluely

Ubisoft takes DDoS-for-hire website to court over attacks on video game servers

Graham Cluely Security Blog - Mon, 01/20/2020 - 6:47am

Video game maker Ubisoft gas filed a lawsuit against the alleged operators of a DDoS-for-hire website, claiming they are “well aware of the harm” the service has caused for the company, after its Rainbow Six: Siege servers were disrupted.

Categories: Graham Cluely

UFC champ Kamaru Usman says his Twitter account was hacked, after series of explicit tweets against Conor McGregor

Graham Cluely Security Blog - Sun, 01/19/2020 - 10:55am

UFC’s Kamaru Usman claims his Twitter account was hacked, after it posted explicit messages about rival fighter Conor McGregor and his partner Dee Devlin.

Categories: Graham Cluely

Hackers are closing the Shitrix security hole to keep everyone out apart from themselves

Graham Cluely Security Blog - Sun, 01/19/2020 - 6:30am

The hackers cleaning up Shitrix-vulnerable Citrix equipment are no modern day Robin Hoods.

They’re inoculating vulnerable devices from further Shitrix attacks, but at the same time opening a secret backdoor to allow future cybercriminal campaigns.

Categories: Graham Cluely

Microsoft issues Internet Explorer zero-day warning, but there’s no patch yet

Graham Cluely Security Blog - Sun, 01/19/2020 - 4:39am

Microsoft has warned Windows users that there is an unpatched zero-day vulnerability in Internet Explorer that is being exploited in targeted attacks.

Categories: Graham Cluely

Travelex won’t say if it has paid a ransom to its attackers

Graham Cluely Security Blog - Fri, 01/17/2020 - 10:58am

Travelex, the foreign currency exchange service whose services have been knocked offline since New Year’s eve by a cyber attack, is declining to say if it has paid a ransom to the criminals responsible.

Categories: Graham Cluely

“Hello dear slave”

Graham Cluely Security Blog - Fri, 01/17/2020 - 9:15am

An Egyptian scammer has a unique style when it comes to chatting up his victims.

Categories: Graham Cluely

WeLeakInfo, the site which sold access to passwords stolen in data breaches, is brought down by the FBI

Graham Cluely Security Blog - Fri, 01/17/2020 - 8:56am

Law enforcement agencies have seized control of the domain of WeLeakInfo, a website offering cheap access to billions of personal credentials stolen from approximately 10,000 data breaches.

Categories: Graham Cluely

Pages