Category: grahamcluley
-
Smashing Security podcast #398: Fake CAPTCHAs, Harmageddon, and Krispy Kreme
Smashing Security podcast #398: Fake CAPTCHAs, Harmageddon, and Krispy Kreme This week, we delve into the dark world of fake CAPTCHAs designed to hijack your computer. Plus, the AI safety clock is ticking down – is doomsday closer than we think? And to top it off, we uncover the sticky situation of Krispy Kreme facing…
-
It’s time to stop calling it “pig butchering”
It’s time to stop calling it “pig butchering” Online romance and investment scams are painful enough without its victims being described as “pigs.” Read more in my article on the Hot for Security blog. Graham Cluley Go to grahamcluley
-
The AI Fix #29: AI on OnlyFans, and the bot that wants to be a billionaire
The AI Fix #29: AI on OnlyFans, and the bot that wants to be a billionaire In episode 29 of The AI Fix, an AI company makes the bold step of urging us to “stop hiring humans”, Graham is wrong about GB AI, parents prepare their kids for the imminent Moxie-mageddon, Google releases Gemini 2.0,…
-
Rydox cybercrime marketplace seized by law enforcement, suspected admins arrested
Rydox cybercrime marketplace seized by law enforcement, suspected admins arrested Rydox, an online marketplace used by cybercriminals to sell hacked personal information and tools to commit fraud, has been seized in an international law enforcement operation and its suspected administrators arrested. Read more in my article on the Hot for Security blog. Graham Cluley Go…
-
Smashing Security podcast #397: Snowflake hackers, and under the influence
Smashing Security podcast #397: Snowflake hackers, and under the influence A Canadian man is arrested in relation to the Snowflake hacks from earlier this year – after a cybersecurity researcher managed to track his identity, and a cryptocurrency-trading Instagram influencer is in trouble with the law. All this and more is discussed in the latest…
-
27 DDoS-for-hire services disrupted in run-up to holiday season
27 DDoS-for-hire services disrupted in run-up to holiday season Operation PowerOFF has disrupted what was anticipated to be a surge of distributed denial-of-service (DDoS) attacks over the Christmas period by taking over two dozen “booter” or “stresser” websites offline. Read more in my article on the Tripwire State of Security blog. Graham Cluley Go to…
-
Doughnut orders disrupted! Krispy Kreme suffers hack attack
Doughnut orders disrupted! Krispy Kreme suffers hack attack Krispy Kreme, the dispenser of delectable doughnuts, says that it suffered a cyber attack at the end of last month which saw its IT systems compromised and has disrupted online orders in parts of the United States. Read more in my article on the Hot for Security…
-
“CP3O” pleads guilty to multi-million dollar cryptomining scheme
“CP3O” pleads guilty to multi-million dollar cryptomining scheme A man faces up to 20 years in prison after pleading guilty to charges related to an illegal cryptomining operation that stole millions of dollars worth of cloud computing resources. Read more in my article on the Hot for Security blog. Graham Cluley Go to grahamcluley
-
The AI Fix #28: Robot dogs with bombs, and who is David Mayer?
The AI Fix #28: Robot dogs with bombs, and who is David Mayer? In episode 28 of The AI Fix, the new version of ChatGPT does a surprisingly good job of telling Mark how to defend himself from a flame thrower-wielding robot dog in his living room, Graham loses 30,000 robots on the head of…
-
3AM ransomware: what you need to know
3AM ransomware: what you need to know The 3AM ransomware first emerged in late 2023. Like other ransomware, 3AM exfiltrates victims’ data (demanding a ransom is paid) and encrypts the copies left behind. Here’s what you need to know. Read more in my article on the Tripwire State of Security blog. Graham Cluley Go to…
-
Smashing Security podcast #396: Dishy DDoS dramas, and mining our minds for data
Smashing Security podcast #396: Dishy DDoS dramas, and mining our minds for data A CEO is arrested for turning satellite receivers into DDoS attack weapons! Then, we’ll journey into the world of bossware and “affective computing” and explore how AI is learning to read our emotions – is this the future of work, or a…
-
Russian money-laundering network linked to drugs and ransomware disrupted, 84 arrests
Russian money-laundering network linked to drugs and ransomware disrupted, 84 arrests The UK’s National Crime Agency (NCA) has revealed details of Operation Destabilise, a years-long international law enforcement investigation into a giant Russian money laundering enterprise that handled billions of dollars for drug traffickers and ransomware gangs worldwide. Read more in my article on the…
-
Ransomware-hit vodka maker Stoli files for bankruptcy in the United States
Ransomware-hit vodka maker Stoli files for bankruptcy in the United States Stoli Group USA, the US subsidiary of vodka maker Stoli, has filed for bankruptcy – and a ransomware attack is at least partly to blame. The American branch of Stoli, which imports and distributes Stoli brands in the United States, as well as the…
-
Tech support scams leverage Google ads again and again, fleecing unsuspecting internet users
Tech support scams leverage Google ads again and again, fleecing unsuspecting internet users It’s not a new technique, but that doesn’t mean that cybercriminals cannot make rich rewards from SEO poisoning. Read more in my article on the Tripwire State of Security blog. Graham Cluley Go to grahamcluley
-
The AI Fix #27: Why is AI full of real-life Bond villains?
The AI Fix #27: Why is AI full of real-life Bond villains? In episode 27 of The AI Fix, robots catch a ball, lead a revolt, and enjoy a juicy steak. Or do they? Graham struggles with a Micro USB cable, a student struggles with a school’s anti-AI rules, and OpenAI’s Sora video generation AI…
-
North Korean hackers masquerade as remote IT workers and venture capitalists to steal crypto and secrets
North Korean hackers masquerade as remote IT workers and venture capitalists to steal crypto and secrets In itslust for stealing cryptocurrency and sensitive information, North Korean hackers are disguising themselves as remote IT workers, recruiters, and even venture capitalists. Read more in my article on the Hot for Security blog. Graham Cluley Go to grahamcluley
-
No guarantees of payday for ransomware gang that claims to have hacked children’s hospital
No guarantees of payday for ransomware gang that claims to have hacked children’s hospital What is the point of INC Ransom’s attack on Alder Hey? They are not likely to be paid, and the attack on a children’s hospital only increases the chances that they will one day find their collars felt by law enforcement.…
-
UK hospital, hit by cyberattack, resorts to paper and postpones procedures
UK hospital, hit by cyberattack, resorts to paper and postpones procedures A British hospital is grappling with a major cyberattack that has crippled its IT systems and disrupted patient care. Read more in my article on the Hot for Security blog. Graham Cluley Go to grahamcluley
-
Mimic ransomware: what you need to know
Mimic ransomware: what you need to know What makes Mimic particularly unusual is that it exploits the API of a legitimate Windows file search tool (“Everything” by Voidtools) to quickly locate files for encryption. Find out more about the threat in my article on the Tripwire State of Security blog. Graham Cluley Go to grahamcluley
-
FlipaClip animation app data breach exposes details of almost 900,000 users
FlipaClip animation app data breach exposes details of almost 900,000 users Flipaclip, an animation creation app that is particularly popular with youngsters, has exposed the details of over 890,000 users. Read more in my article on the Hot for Security blog. Graham Cluley Go to grahamcluley
-
750,000 patients’ medical records exposed after data breach at French hospital
750,000 patients’ medical records exposed after data breach at French hospital A hacker calling themselves “nears” claims to have compromised the systems of multiple healthcare facilities across France, claiming to have gained access to the records of over 1.5 million people. Read more in my article on the Tripwire State of Security blog. Graham Cluley…