Graham Cluely

Voting machines are under the microscope, scammers are posing as rap stars, and American politician AOC isn't the only one who's been getting into the Among Us game. All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by James Thomson. Plus don't miss the first part of our featured interview with LastPass's Dalia Hamzeh.

Donald Trump's official presidential re-election campaign website was briefly defaced by hackers last night. Visitors to the website donaldjtrump.com were not greeted with the normal calls for campaign contributions or offers of Trump-related merchandise, but instead a message which parodied the look of those typically used when the FBI seizes control of servers operated by cybercriminals.

A Finnish psychotherapy clinic has dismissed its CEO in the wake of a disastrous data breach which has seen patients' personal details, as well as notes of what has been discussed in confidential therapy sessions, exposed... and clients blackmailed.

Multiple Amazon customers have turned to social media to describe how they have received a notification from the online retail giant that their email addresses have been leaked to an unnamed third party. Emails sent by Amazon to customers admit that a rogue employee unlawfully passed on users' personal email details to a third-party, violating the company's rules Read more in my article on the Hot for Security blog.

Sopra Steria confirms it has been hit by a new strain of the Ryuk ransomware, and that it will take weeks for its IT network to return to normal operation.

Facebook has filed federal lawsuits against four individuals who it claims have been selling fake Instagram followers. Read more in my article on the Hot for Security blog.

According to Dutch ethical hacker Victor Gevers, as recently as last week the US President's @realDonaldTrump account was protected by the incredibly-dumb password "maga2020!" and did not have two-factor authentication (2FA) enabled.

The Twitter account of the Fort Bragg US military base was deleted last night, after what it claimed was a hack. But whether it really was hacked or not is up for debate.

Loginizer, a popular plugin for protecting WordPress blogs from brute force attacks, has been found to contain its own severe vulnerabilities that could be exploited by hackers. The flaw opened up opportunities for cybercriminals to completely compromise WordPress sites. Read more in my article on the Tripwire State of Security blog.

European IT services group Sopra Steria has been hit by a cyber attack. Which would be unfortunate for any business at the best of times, but is possibly even more galling for a firm like Sopra Steria which has a specialist cybersecurity branch which claims to help customers “protect sensitive information, and prevent costly data breaches.”

The Darkside ransomware gang thinks it's a modern-day Robin Hood when it donates extorted Bitcoins to charity, the micro-targeted ad industry could pop like a bubble, and would you trust a burger-flipping robot? All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Tim Hwang.

Many thanks to the fab folks at Recorded Future, who are sponsoring my writing this week. Recorded Future empowers your organization, revealing unknown threats before they impact your business, and helping your teams respond to alerts 10 times faster. How does it do this? By automatically collecting and analyzing intelligence from technical, open web, and … Continue reading "The Recorded Future Express browser extension – elite security intelligence for zero cost"

Sandbox Interactive, the developers of the free medieval fantasy video game Albion Online, have warned players that a hacker managed to break into its systems and gain access to its user database. Read more in my article on the Hot for Security blog.

At the end of last week, Google slipped out a blog post that probably went under the radars of some folks. In it, they revealed that they had mitigated against the largest known distributed denial-of-service (DDoS) attack, when its infrastructure blocked a whopping 2.5 Tbps (Terabits per second) attack.

The trials and tribulations of London's Hackney Council continue after it suffered a "serious cyber attack" last week. The real-life victims of a cyber attack are the thousands of innocent residents, some of whom may desperately need money in their pocket to pay their rent, living in fear of eviction and homelessness.

Carole and I have been producing a light-hearted look at the world of cybersecurity and privacy just about every week since December 2016. And this week, after millions of downloads, we released our 200th episode! We wanted to celebrate reaching that milestone, and thank the many many people who listen each week, by doing something special... and so last night we met up on YouTube for a livestream party.

British Airways has been fined £20 million (US $26 million) following a data breach which saw its systems hacked and the personal and payment card information of 400,000 customers stolen. Read more in my article on the Hot for Security blog.

From the as-if-you-didn’t-have-enough-to-worry-about-in-2020 department, the FBI has warned that scammers are attempting to defraud the public by exploiting the COVID-19 pandemic. Read more in my article on the Hot for Security blog.

American bookselling giant Barnes & Noble is contacting customers via email, warning them that its network was breached by hackers, and that sensitive information about shoppers may have been accessed. Read more in my article on the Tripwire State of Security blog.

Many thanks to the great folks at Recorded Future, who are sponsoring my writing this week. Recorded Future empowers your organization, revealing unknown threats before they impact your business, and helping your teams respond to alerts 10 times faster. How does it do this? By automatically collecting and analyzing intelligence from technical, open web, and … Continue reading "Elite security intelligence for zero cost. Meet the Recorded Future Express browser extension"