Graham Cluley

I was delighted to appear on the "ManageEngine Insights" podcast this week, hosted by enterprise analyst John Donegan.  Give it a listen.

Talking cyber on the ManageEngine Insights podcast

A notorious cybercrime gang, involved in a series of high profile ransomware attacks, has in recent months been sending out poisoned USB devices to US organisations.

Read more in my article on the Tripwire State of Security blog.

Hackers are posting out malicious USB drives to businesses

Who has been playing video games rather than hunting down criminals?  How is a man alleged to have stolen manuscripts of unpublished books from celebrity authors?  Which pot contains an elephant?  And why has Graham been listening to podcasts about pest control marketing?

All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

Smashing Security podcast #257: Pokemon-hunting cops and the Spine Collector scammer

Technology giant Panasonic has confirmed that one of its servers suffered a data breach which saw the personal information of job applicants accessed by an unauthorised party.

Read more in my article on the Hot for Security blog.

Hackers raided Panasonic server for months, stealing personal data of job seekers

Patchwork, an Indian hacking group also known by such bizarre names as  Hangover Group, Dropping Elephant, Chinastrats, and Monsoon, has proven the old adage that to err is human, but to really cock things up you need to be a cybercriminal.

Hacking group accidentally infects itself with Remote Access Trojan horse

Graham Cluley Security News is sponsored this week by the folks at HYPR. Thanks to the great team there for their support! A new guide by the analysts at The Cyber Hut looks at how Zero Trust increases business agility and provides practical guidance for eliminating passwords to accelerate your Zero Trust strategy. Passwordless MFA &#8230; <a href="https://grahamcluley.com/feed-sponsor-hypr-2/" class="more-link">Continue reading "Free guide: &#8220;A Journey to Zero Trust With Zero Passwords&#8221;"</a>

Graham Cluley Security News is sponsored this week by the folks at HYPR. Thanks to the great team there for their support! A new guide by the analysts at The Cyber Hut looks at how Zero Trust increases business agility and provides practical guidance for eliminating passwords to accelerate your Zero Trust strategy. Passwordless MFA … Continue reading "Free guide: “A Journey to Zero Trust With Zero Passwords”"

Free guide: “A Journey to Zero Trust With Zero Passwords”

For years, "The Spine Collector" has been haunting publishers around the world, attempting to steal manuscripts by famous authors.

Read more in my article on the Hot for Security blog.

The Spine Collector: Man arrested for using fake email addresses to steal hundreds of unpublished manuscripts

Security researchers say they have seen a "massive wave" of hackers exploiting the comment feature in Google Docs to spread malicious content into the inboxes of unsuspecting targeted users.

Read more in my article on the Tripwire State of Security blog.

Attack misuses Google Docs comments to spew out “massive wave” of malicious links

Think carefully before rushing to scan the payment QR code stuck on the side of a parking meter - it may well be an attempt by fraudsters to phish your financial information.

Read more in my article on the Hot for Security blog.

US police warn of parking meters with phishing QR codes

The Jerusalem Post says that its website was defaced on Monday, and pointed the blame at pro-Iranian hackers who they said posted an illustration depicting a ballistic missile being launched at an exploding nuclear facility in Dimona.

Israeli newspapers targeted by hackers on anniversary of Iranian general’s assassination

Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! Ransomware attacks dominate the cybersecurity news headlines, with businesses all over the world wondering if they will be the next victim. It’s a legitimate, and growing fear, as the attackers get more &#8230; <a href="https://grahamcluley.com/feed-sponsor-recorded-future-30/" class="more-link">Continue reading "Free eBook! Ransomware &#8211; how to stop it, and how to survive an attack"</a>

Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! Ransomware attacks dominate the cybersecurity news headlines, with businesses all over the world wondering if they will be the next victim. It’s a legitimate, and growing fear, as the attackers get more … Continue reading "Free eBook! Ransomware – how to stop it, and how to survive an attack"

Free eBook! Ransomware – how to stop it, and how to survive an attack

The United States Department of Homeland Security (DHS) is inviting security researchers to uncover vulnerabilities and hack into its systems, in an attempt to better protect itself from malicious attacks.

Read more in my article on the Tripwire State of Security blog.

The DHS is inviting hackers to break into its systems, but there are rules of engagement

After a brief discussion of the Log4Shell vulnerability panic, we chat about how Virgin Media has got itself into hot water, a fat-fingered fumble at the Bored Ape Yacht Club, and how to hack around your sleeping girlfriend's facial recognition.

All this and more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.

Smashing Security podcast #256: Virgin Media just won’t take no for an answer, NFT apes, and bad optics

Everyone is talking about Log4Shell, a zero-day remote code execution exploit in versions of log4j, the popular open source Java logging library. 

Log4Shell: The race is on to fix millions of systems and internet-connected devices

"Demonically" possessed devices print out antiwork propaganda, advice on how to secure your store, and is Twitter's new photo privacy policy practical?

All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Dinah Davis.

Smashing Security podcast #255: Revolting receipts, a Twitter fandango, and shopkeeper cyber tips

Once again video has leaked from inside the UK Government that has put it in hot water.

Leaked Downing Street video footage exposes staff laughing about party

Supermarket chain Spar has had more than 300 of its convenience stores in the UK affected by a ransomware attack, which has forced some to close their doors or only accept cash payments.

Ransomware hits Spar supermarkets and petrol stations

Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! Ransomware attacks dominate the cybersecurity news headlines, with businesses all over the world wondering if they will be the next victim. It’s a legitimate, and growing fear, as the attackers get more &#8230; <a href="https://grahamcluley.com/feed-sponsor-recorded-future-29/" class="more-link">Continue reading "Ransomware &#8211; how to stop it, and how to survive an attack. Free eBook by Recorded Future"</a>

Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! Ransomware attacks dominate the cybersecurity news headlines, with businesses all over the world wondering if they will be the next victim. It’s a legitimate, and growing fear, as the attackers get more … Continue reading "Ransomware – how to stop it, and how to survive an attack. Free eBook by Recorded Future"

Ransomware – how to stop it, and how to survive an attack. Free eBook by Recorded Future

The UK Government has been fined £500,000 after the addresses of over 1,000 New Years Honours recipients were mistakenly published online, potentially putting some of them at serious risk.

UK Government fined £500,000 after revealing home addresses in New Year honours data breach

A former employee of Ubiquiti Networks has been arrested and charged in connection with a hack that stole gigabytes of data and attempted to extort US $2 million from the firm.

Read more in my article on the Hot for Security blog.