Graham Cluely Security Blog

Subscribe to Graham Cluely Security Blog feed Graham Cluely Security Blog
Cybersecurity expert & keynote speaker
Updated: 39 min 13 sec ago

Smashing Security podcast #414: Zoom.. just one click and your data goes boom!

Wed, 04/23/2025 - 7:00pm
Graham explores how the Elusive Comet cybercrime gang are using a sneaky trick of stealing your cryptocurrency via an innocent-appearing Zoom call, and Carole goes under the covers to explore the extraordinary lengths bio-hacking millionaire Bryan Johnson is attempting to extend his life. All this and more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.
Categories: Graham Cluely

The AI Fix #47: An AI is the best computer programmer in the world

Tue, 04/22/2025 - 10:14am
In episode 47 of The AI Fix, o3 becomes the best competitive programmer in the world, hacked California crosswalks speak with the voice of Elon Musk and Mark Zuckerberg, Meta introduces a herd of Llamas, Graham explains what a "lollipop lady" is, and Google talks to some dolphins. Graham discovers an AI that's just a warehouse full of people, o3 becomes the best computer programmer in the world, and Mark wonders if software engineering will be the first job to fall to AI. All this and much more is discussed in the latest edition of "The AI Fix" podcast by Graham Cluley and Mark Stockley.
Categories: Graham Cluely

Crosswalks hacked to play fake audio of Musk, Zuck, and Jeff Bezos

Tue, 04/22/2025 - 4:09am
"Stop, look, and listen" is the standard advice we should allow follow when crossing the road - but pedestrians in some parts are finding that they cannot believe their ears - after a hacker compromised crosswalks to play deepfake audio mocking tech bosses Elon Musk, Mark Zuckerberg, and Jeff Bezos. Read more in my article on the Hot for Security blog.
Categories: Graham Cluely

Smashing Security podcast #413: Hacking the hackers… with a credit card?

Wed, 04/16/2025 - 7:00pm
A cybersecurity firm is buying access to underground crime forums to gather intelligence. Does that seem daft to you? And over in Nigeria, even if romance scammers would like to update their LinkedIn profiles, just how easy is it to turn a new leaf after a sweet-talking career in cybercrime? All this and more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.
Categories: Graham Cluely

Insurance firm Lemonade warns of breach of thousands of driving license numbers

Wed, 04/16/2025 - 5:42am
A data breach at insurance firm Lemonade left the details of thousands of drivers' licenses exposed for 17 months. According to the company, on March 14 2025 Lemonade learnt that a vulnerability in its online car insurance application process contained a vulnerability that was likely to have exposed "certain driver's license numbers for identifiable individuals." Read more in my article on the Hot for Security blog.
Categories: Graham Cluely

RansomHouse ransomware: what you need to know

Tue, 04/15/2025 - 12:20pm
RansomHouse is a cybercrime operation that follows a Ransomware-as-a-Service (RaaS) business model, where affiliates (who do not require technical skills of their own) use the ransomware operator's infrastructure to extort money from victims. Read more in my article on the Fortra blog.
Categories: Graham Cluely

The AI Fix #46: AI can read minds now, and is your co-host a clone?

Tue, 04/15/2025 - 10:58am
In episode 46 of The AI Fix, China trolls US tariffs, a microscopic pogoing flea-bot makes a tiny leap forward for robotics, Google unveils the Agent2Agent protocol, a robot dog is so cute it ruins Graham's entire day, and Europe commits €20 billion and all of its buzzwords to five moonshot AI gigafactories. Graham brings his clone to work for a game of “Cluley or Cloney”, and Mark introduces Graham to a mind-reading technology that could transform the lives of people with serious neurological disorders. All this and much more is discussed in the latest edition of "The AI Fix" podcast by Graham Cluley and Mark Stockley.
Categories: Graham Cluely

Medusa ransomware gang claims to have hacked NASCAR

Mon, 04/14/2025 - 3:13am
Read more in my article on the Hot for Security blog.
Categories: Graham Cluely

Ransomware reaches a record high, but payouts are dwindling

Fri, 04/11/2025 - 6:18am
Will you be shedding a tear for the cybercriminals? Read more in my article on the Tripwire blog.
Categories: Graham Cluely

Smashing Security podcast #412: Signalgate sucks, and the quandary of quishing

Wed, 04/09/2025 - 7:00pm
QR codes are being weaponised by scammers — so maybe think twice before scanning that parking meter. And in a blunder so dumb it makes autocorrect look smart, the White House explains how it leaked war plans on Signal because an iPhone mistook a journalist for a government insider. Plus! Don't miss our featured interview with Josh Donelson of Material, about detection and response in today's AI-driven world. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Categories: Graham Cluely

The AI Fix #45: The Turing test falls to GPT-4.5

Tue, 04/08/2025 - 6:50pm
In episode 45 of The AI Fix, our hosts discover that ChatGPT is running the world, Mark learns that mattress companies have scientists, Gen Z has nightmares about AI, OpenAI gets a bag, Graham eats too many cheese sandwiches, and too much training makes AIs over-sensitive. Mark reveals why he's got beef with cows, GPT-4.5 beats the Turing test, and Anthropic’s brain scanner reveals how AIs really think. All this and much more is discussed in the latest edition of "The AI Fix" podcast by Graham Cluley and Mark Stockley.
Categories: Graham Cluely

Russian bots hard at work spreading political unrest on Romania’s internet

Tue, 04/08/2025 - 2:51am
Internet users in Romania are finding their social media posts and online news articles bombarded with comments promoting blatant propaganda, inciting hatred towards the EU and NATO, and support for Vladimir Putin's Russia. Read more in my article on the Hot for Security blog.
Categories: Graham Cluely

King Bob pleads guilty to Scattered Spider-linked cryptocurrency thefts from investors

Mon, 04/07/2025 - 8:34am
A Florida man, linked to the notorious Scattered Spider hacking gang, has pleaded guilty to charges related to cryptocurrency thefts which have netted hundreds of thousands of dollars. Read more in my article on the Hot for Security blog.
Categories: Graham Cluely

HellCat ransomware: what you need to know

Thu, 04/03/2025 - 10:45am
HellCat - the ransomware gang that has been known to demand payment... in baguettes! Are they rolling in the dough? Bread it and weep in my article on the Tripwire State of Security blog.
Categories: Graham Cluely

Smashing Security podcast #411: The fall of Troy, and whisky barrel scammers

Wed, 04/02/2025 - 7:00pm
Renowned cybersecurity expert Troy Hunt falls victim to a phishing attack, resulting in the exposure of thousands of subscriber details, and don't lose your life savings in a whisky scam... All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Plus! Don't miss our featured interview with Alastair Paterson, CEO and co-founder of Harmonic Security, discussing how companies can adopt Generative AI without putting their sensitive data at risk.
Categories: Graham Cluely

The AI Fix #44: AI-generated malware, and a stunning AI breakthrough

Tue, 04/01/2025 - 11:10am
In episode 44 of The AI Fix, ChatGPT won’t build a crystal meth lab, GPT-4o improves the show’s podcast art, some students manage to screw in a lightbulb, Google releases Gemini 2.5 Pro Experimental and nobody notices, and Mark invents a clock for measuring AI time. Graham explains how ChatGPT’s love for Young Adult fiction can be used to turn it into an evil malware developer, and Mark looks at the ARC-AGI-2 benchmark and a staggering leap forward in AI intelligence. All this and much more is discussed in the latest edition of "The AI Fix" podcast by Graham Cluley and Mark Stockley.
Categories: Graham Cluely

Hackers exploit little-known WordPress MU-plugins feature to hide malware

Tue, 04/01/2025 - 5:29am
A new security issue is putting WordPress-powered websites at risk. Hackers are abusing the “Must-Use” plugins (MU-plugins) feature to hide malicious code and maintain long-term access on hacked websites. Read more in my article on the Hot for Security blog.
Categories: Graham Cluely

£3 million fine for healthcare MSP with sloppy security after it was hit by ransomware attack

Sat, 03/29/2025 - 7:27am
A UK firm has been hit by a £3.07 million fine after being hit by a ransomware attack that exposed sensitive data related to almost 80,000 people, and disrupted NHS services. Read more in my article on the Exponential-e blog.
Categories: Graham Cluely

VanHelsing ransomware: what you need to know

Fri, 03/28/2025 - 10:24am
First reported earlier in March 2025, VanHelsing is a new ransomware-as-a-service operation. Read more in my article on the Tripwire State of Security blog.
Categories: Graham Cluely