Graham Cluely Security Blog
Sellafield nuclear waste dump faces prosecution over cybersecurity failures
The UK's Office for Nuclear Regulation (ONR) has started legal action against the controversial Sellafield nuclear waste facility due to years of alleged cybersecurity breaches.
Read more in my article on the Hot for Security blog.
Categories: Graham Cluely
Smashing Security podcast #365: Hacking hotels, Google’s AI goof, and cyberflashing
Security researchers find a way to unlock millions of hotel rooms, the UK introduces cyberflashing laws, and Google's AI search pushes malware and scams.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by T-Minus's Maria Varmazis.
Categories: Graham Cluely
Ransomware hits The Big Issue. Qilin group leaks confidential data
The Qilin ransomware group has targeted The Big Issue, a street newspaper sold by the homeless and vulnerable.
Spost on Qilin's dark web leak site claimed the gang has stolen 550 GB of confidential data from the periodical's parent company.
Read more in my article on the Hot for Security blog.
Categories: Graham Cluely
Trezor’s Twitter account hijacked by cryptocurrency scammers via bogus Calendly invite
Hardware wallet manufacturer Trezor has explained how its Twitter account was compromised - despite it having sensible security precautions in place, such as strong passwords and multi-factor authentication.
Read more in my article on the Hot for Security blog.
Categories: Graham Cluely
Notorious Nemesis Market zapped by video game-loving German police
Nemesis Market, a notorious corner of the darknet beloved by cybercriminals and drug dealers, has been suddenly shut down after German police seized control of its systems.
Read more in my article on the Tripwire State of Security blog.
Categories: Graham Cluely
Ransomware: lessons all companies can learn from the British Library attack
In October 2023, the British Library suffered "one of the worst cyber incidents in British history," as described by Ciaran Martin, ex-CEO of the National Cyber Security Centre (NCSC).
What lessons can other organisations learn from the ransomware attack?
Read more in my article on the Exponential-e blog.
Categories: Graham Cluely
Smashing Security podcast #364: Bing pop-up wars, and the British Library ransomware scandal
There's a Bing ding dong, after Microsoft (over?) enthusiastically encourages Chrome users to stop using Google, and silence hits the British Library as it shares its story of a ransomware attack.
All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Plus: Don't miss our featured interview with Kolide founder Jason Meller about his firm's acquisition by 1Password.
Categories: Graham Cluely
Fraudsters are posing as the FTC to scam consumers
The United States Federal Trade Commission (FTC) has warned the public to be cautious if contacted by people claiming to be... FTC staff.
Read more in my article on the Tripwire State of Security blog.
Categories: Graham Cluely
Gotta Hack ‘Em All: Pokémon passwords reset after attack
Are you using the same passwords in multiple places online?
Well, stop. Stop right now. And make sure that you've told your friends and family to stop being reckless too.
Read more in my article on the Hot for Security blog.
Categories: Graham Cluely
How to interpret the MITRE Engenuity ATT&CK® Evaluations: Enterprise
Graham Cluley Security News is sponsored this week by the folks at Cynet. Thanks to the great team there for their support! Thorough, independent tests are a vital resource as cybersecurity leaders and their teams evaluate vendors’ abilities to guard against increasingly sophisticated threats to their organization. And perhaps no assessment is more widely trusted … Continue reading "How to interpret the MITRE Engenuity ATT&CK® Evaluations: Enterprise"
Categories: Graham Cluely
Fujitsu hack raises questions, after firm confirms customer data breach
Fujitsu has warned that cybercriminals may have stolen files with personal and customer data after it discovering malware on its computer systems.
Categories: Graham Cluely
Scareware scam: Restoro and Reimage fined $26 million by FTC
Two firms have been fined $26 million by the US Federal Trade Commission (FTC) for scaring consumers into believing their computers were infected by malware.
Read more in my article on the Hot for Security blog.
Categories: Graham Cluely
LockBit affiliate jailed for almost four years after guilty plea
An affiliate of the LockBit ransomware gang has been sentenced to almost four years in jail after earlier pleading guilty to charges of cyber extortion and weapons charges.
Read more in my article on the Tripwire State of Security blog.
Categories: Graham Cluely
Smashing Security podcast #363: Stuck streaming sticks, TikTok conspiracies, and spying cars
Roku users are revolting after their TVs are bricked by the company, we learn how to make money through conspiracy videos on TikTok, and just how much is your car snooping on your driving?
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Dave Bittner from "The Cyberwire" podcast.
Categories: Graham Cluely
Leak of Acer Philippines employee database appears on hacking forum
The Philippines division of Taiwanese tech firm Acer has confirmed that information related to its employees has been leaked after a third-party vendor suffered a security breach.
Read more in my article on the Hot for Security blog.
Categories: Graham Cluely
Hackers target Roku: 15,000 accounts compromised in data breach
Streaming company Roku has revealed that over 15,000 customers' accounts were hacked using stolen login credentials from unrelated data breaches.
Read more in my article on the Hot for Security blog.
Categories: Graham Cluely
Incognito Market: The not-so-secure dark web drug marketplace
Incognito Market, a darknet platform connecting sellers of narcotics to potential buyers, has turned out to be not entirely trustworthy.
Categories: Graham Cluely
$12.5 billion lost to cybercrime, amid tidal wave of crypto investment fraud
If you have been optimistically daydreaming that losses attributed to cybercrime might have reduced in the last year, it's time to wake up.
The FBI's latest annual Internet Crime Complaint Center (IC3) report has just been published, and makes for some grim reading.
Read more in my article on the Tripwire State of Security blog.
Categories: Graham Cluely
Emergency. Ransomware halts beer production at Belgium’s Duvel brewery
I'm afraid that the people of Belgium are dealing with a national emergency.
Categories: Graham Cluely
Smashing Security podcast #362: Ransomware fraud, pharmacy chaos, and suicide
Is there any truth behind the alleged data breach at Fortnite maker Epic Games? Who launched the ransomware attack that caused a fallout at pharmacies? And what’s the latest on the heart-breaking hack of Finnish therapy clinic Vastaamo? All this and much much more is discussed in the latest edition of the “Smashing Security” podcast … Continue reading "Smashing Security podcast #362: Ransomware fraud, pharmacy chaos, and suicide"
Categories: Graham Cluely