A UK firm has been hit by a £3.07 million fine after being hit by a ransomware attack that exposed sensitive data related to almost 80,000 people, and disrupted NHS services. Read more in my article on the Exponential-e blog.
Category: Data loss
data breach, Data loss, Global Security News, Law & order, malware, Podcast, postal, Ransomware, Smashing Security, snail mail
Smashing Security podcast #408: A gag order backfires, and a snail mail ransom demand
What happens when a healthcare giant’s legal threats ignite a Streisand Effect wildfire… while a ransomware gang appears to ditch the dark web for postage stamps? Find out about this, and more, in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Black Basta, Data loss, Global Security News, Guest blog, malware, Ransomware
Cactus ransomware: what you need to know
Cactus is a ransomware-as-a-service (RaaS) group that encrypts victim’s data and demands a ransom for a decryption key. Read more about it in my article on the Tripwire State of Security blog.
data breach, Data loss, Global Security News, Guest blog, Law & order, malware, North America, phobos, Ransomware
US charges two Russian men in connection with Phobos ransomware operation
Roman Berezhnoy and Egor Nikolaevich Glebov are alleged to have extorted over US $16 million in ransom payments using the Phobos ransomware, impacting over 1000 organisations in the United States. Read more in my article on the Hot for Security blog.
data breach, Data loss, Global Security News, Guest blog, Laptop, Law & order, North Korea, remote working, Security threats
US woman faces years in federal prison for running laptop farm for N Korean IT workers
Christian Marie Chapman, of Litchfield Park, Arizona, helped generate over US $17 million for North Korea after over 300 US companies unwittingly hired staff believing them to be US citizens. Read more in my article on the Hot for Security blog.
AI, Artificial Intelligence, data breach, Data loss, Global Security News, Law & order, malware, Podcast, Ransomware, sim swap, Smashing Security, Twitter
Smashing Security podcast #404: Podcast not found
The story of how hackers managed to compromise the US Government’s official SEC Twitter account to boost the price of Bitcoins, AI isn’t helping reduce the rife conspiracy theories inside classrooms, and is the funeral bell tolling for ransomware? All this and more is discussed in the latest edition of the “Smashing Security” podcast by…
data breach, Data loss, Global Security News, Guest blog, Taliban
Secret Taliban records published online after hackers breach computer systems
The Taliban government of Afghanistan is reeling after unidentified hackers successfully carried out a massive cyber attack against its computer systems and published over 50GB of stolen documents and files online. Read more in my article on the Hot for Security blog.
data breach, Data loss, Global Security News, Guest blog, law, Ransomware
Data breaches at UK law firms are on the rise, research reveals
British legal professionals have seen a “significant surge” in data breaches, according to new research from NetDocuments, a firm that provides a cloud-based content management platform for the legal sector. Read more in my article on the Tripwire State of Security blog.
ad blocking, Coinbase, data breach, Data loss, Global Security News, malware, Podcast, powerschool, QR code, Ransomware, Smashing Security, VPN
Smashing Security podcast #403: Coinbase crypto heists, QR codes, and ransomware in the classroom
In episode 403 of “Smashing Security” we dive into the mystery of $65 million vanishing from Coinbase users faster than J-Lo slipped into Graham’s DMs, Geoff gives a poor grade for PowerSchool’s security, and Carole takes a curious look at QR codes. All this and more is discussed in the latest edition of the “Smashing…
BlackBerry, Botnet, British Museum, Data loss, Denial of Service, Global Security News, kidnap, Law & order, malware, Operating Systems, Podcast, privacy, Remote access trojan, Smashing Security, Social networks, Spyware
Smashing Security podcast #402: Hackers get hacked, the British Museum IT shutdown, and social media kidnaps
What happens when eager computer enthusiasts unknowingly download a trojanized hacking tool and find themselves on the wrong side of cybersecurity? A former employee’s actions led to chaos and raise urgent questions about the security of cultural treasures. And join us as we explore the alarming trend of social media influencers staging fake kidnappings. All…
data breach, Data loss, Global Security News, Guest blog, law, Law & order, Turkey
Be careful what you say about data leaks in Turkey, new law could mean prison for reporting hacks
The Turkish government is proposing a controversial new cybersecurity law that could make it a criminal act to report on data breaches. But might it stifle journalism and free speech? Read more in my article on the Tripwire State of Security blog.
data breach, Data loss, Global Security News, Guest blog, Hotel
Half a million hotel guests at risk after hackers accessed sensitive data
The personal information of almost half a million people is now in the hands of hackers after a security breach of a company used by some of the world’s best known hotel brands. Read more in my article on the Hot for Security blog.
AI, Apple Safari, data breach, Data loss, Elon Musk, Firefox, Global Security News, Google Chrome, Operating Systems, Podcast, privacy, Smashing Security, surveillance, video game
Smashing Security podcast #400: Hacker games, AI travel surveillance, and 25 years of IoT
The video game Path of Exile 2 suffers a security breach, we explore the issues of using predictive algorithms in travel surveillance systems, and the very worst IoT devices are put on show in Las Vegas. Oh, and has Elon Musk accidentally revealed he cheats at video games? All this and much more is discussed…
data breach, Data loss, Global Security News, Guest blog, malware, Ransomware
Space Bears ransomware: what you need to know
The Space Bears ransomware gang stands out from the crowd by presenting itself better than many legitimate companies, with corporate stock images and a professional-looking leak site. Read more in my article on the Tripwire State of Security blog.
data breach, Data loss, Global Security News, Guest blog, United Nations
United Nations aviation agency hacked, recruitment database plundered
The ICAO, the UN aviation agency tasked with keeping our skies safe, just got hacked… again. This time, a hacker is offering to sell the personal data of 42,000 job applicants. Read more in my article on the Hot for Security blog.
data breach, Data loss, Global Security News, Guest blog, Law & order, pii, rydox
Rydox cybercrime marketplace seixed by law enforcement, suspected admins arrested
Rydox, an online marketplace used by cybercriminals to sell hacked personal information and tools to commit fraud, has been seized in an international law enforcement operation and its suspected administrators arrested. Read more in my article on the Hot for Security blog.
data breach, Data loss, Global Security News, Guest blog, Krispy Kreme, malware, North America, Ransomware
Doughnut orders disrupted! Krispy Kreme suffers hack attack
Krispy Kreme, the dispenser of delectable doughnuts, says that it suffered a cyber attack at the end of last month which saw its IT systems compromised and has disrupted online orders in parts of the United States. Read more in my article on the Hot for Security blog.
2FA, data breach, Data loss, Global Security News, Instagram, Law & order, Podcast, Smashing Security, Snowflake
Smashing Security podcast #397: Snowflake hackers, and under the influence
A Canadian man is arrested in relation to the Snowflake hacks from earlier this year – after a cybersecurity researcher managed to track his identity, and a cryptocurrency-trading Instagram influencer is in trouble with the law. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham…
AI, data breach, Data loss, Global Security News, Guest blog, Operating Systems, privacy
AI chatbot startup WotNot leaks 346,000 files, including passports and medical records
Wotnot, An Indian AI startup that helps businesses build custom chatbots, has leaked almost 350,000 sensitive files after the data was left unsecured on the web. Read more in my article on the Hot for Security blog.
CryptoCurrency, data breach, Data loss, Global Security News, Guest blog, North Korea
North Korean hackers masquerade as remote IT workers and venture capitalists to steal crypto and secrets
In itslust for stealing cryptocurrency and sensitive information, North Korean hackers are disguising themselves as remote IT workers, recruiters, and even venture capitalists. Read more in my article on the Hot for Security blog.
data breach, Data loss, Global Security News, Guest blog, hospital, INC Ransom, malware, Ransomware
No guarantees of payday for ransomware gang that claims to have hacked children’s hospital
What is the point of INC Ransom’s attack on Alder Hey? They are not likely to be paid, and the attack on a children’s hospital only increases the chances that they will one day find their collars felt by law enforcement. Read more in my article on the Hot for Security blog.
Data loss, Global Security News, Guest blog, hospital, malware, NHS, Ransomware
UK hospital, hit by cyberattack, resorts to paper and postpones procedures
A British hospital is grappling with a major cyberattack that has crippled its IT systems and disrupted patient care. Read more in my article on the Hot for Security blog.
data breach, Data loss, Global Security News, Guest blog, Microsoft, NHS, Power Pages, privacy
Data leaks from websites built on Microsoft Power Pages, including 1.1 million NHS records
A security researcher has blamed misconfigured implementations of Microsoft Power Pages for a slew of data breaches from web portals – including the leak of 1.1 million NHS employee records. Read more in my article on the Hot for Security blog.
data breach, Data loss, Global Security News, Guest blog, privacy
FlipaClip animation app data breach exposes details of almost 900,000 users
Flipaclip, an animation creation app that is particularly popular with youngsters, has exposed the details of over 890,000 users. Read more in my article on the Hot for Security blog.