GRAHAM CLULEY • COMPUTER SECURITY NEWS, ADVICE, AND OPINIONNEWSNEWSLETTERPODCASTSPEAKINGSPONSOR Graham Cluley. May 30, 2021. Receive the latest trending threat insights delivered to your inbox with Recorded Future’s free Cyber Daily newsletter. Sign up now! CYBER INSURANCE GIANT CNA PAID OUT $40 MILLION TO ITS Back in March, insurance firm CNA Hardy had much of its IT system knocked out by a ransomware attack, and sensitive data stolen.. That’s not a good look for a firm that sells cyber insurance.. And what’s also pretty ugly is that Bloomberg reports that CNA chose to pay an eye-watering $40 million to the cybercrime gang that launched the ransomware attack. THE DARKSIDE RANSOMWARE GANG MUST BE SHITTING ITSELF RIGHT The DarkSide ransomware gang must be shitting itself right now. The disruption caused to the Colonial Pipeline on the east coast of the United States following a ransomware attack is understandably huge news, with President Joe Biden himself saying publicly that he is taking an active interest and is being briefed on a regular basis

about the

WAS THE EMAIL ACCOUNT OF MERSEYRAIL’S MD HACKED TO SPREAD The supposition is that the MD of Merseyrail’s Office 365 email account had been compromised the hackers in an attempt to spread word of the security breach, and apply pressure on the organisation to pay up. If true, it’s certainly quite an audacious move to hack the email account of the boss of a corporate victim, and use that as a FAKE FACEBOOK EMAIL INVITES YOU TO TELL 39 STRANGERS YOU Fake Facebook email invites you to tell 39 strangers you were duped. Graham Cluley • @gcluley. 9:45 pm, September 9, 2020. A reader got in touch with me regarding a suspicious email they had received claiming to come from Facebook, with the subject line: “Someone tried to Iog in To Your Account, User lD : ”. FATFACE PAYS OUT $2 MILLION TO CONTI RANSOMWARE GANG UK fashion retailer FatFace, which made headlines this week by appearing to ask its customers to keep its cyber attack “strictly private and confidential”, has reportedly paid a $2 million ransom to the criminals responsible.. According to Computer Weekly, FatFace entered negotiations with the Conti ransomware gang soon after it became aware its systems had been breached and customer NHS TEST & TRACE SENDS TEXT TO WRONG PERSON, TELLING THEM Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote

the first ever

SHITRIX: HACKERS TARGET UNPATCHED CITRIX SYSTEMS OVER Shitrix: Hackers target unpatched Citrix systems over weekend. Graham Cluley • @gcluley. 12:14 pm, January 13, 2020. Over the last few days hackers have made multiple attempts to exploit a critical vulnerability found in Citrix technology, used by tens of thousands of businesses worldwide. Citrix Application Delivery Controller and

Citrix

THE INSIDE STORY OF THE MAERSK NOTPETYA RANSOMWARE ATTACK The shipping conglomerate Maersk, hit by the NotPetya ransomware in June 2017, estimated that it cost them as much as $300 million in lost revenue.. Gavin Ashton was an IT security guy working at Maersk at the

time of the attack.

HACKER PLAYS CAT-AND-MOUSE WITH THE EBRD’S TWITTER ACCOUNT Hacker plays cat-and-mouse with the EBRD’s Twitter account. The European Bank for Reconstruction and Development (EBRD) is not having the best of mornings, as itself admitted. Earlier today the bank’s @EBRD Twitter account, and that of its sister account @EBRDgreen, were hijacked by a hacker who began to post the kind of messages you don GRAHAM CLULEY • COMPUTER SECURITY NEWS, ADVICE, AND OPINIONNEWSNEWSLETTERPODCASTSPEAKINGSPONSOR Graham Cluley. May 30, 2021. Receive the latest trending threat insights delivered to your inbox with Recorded Future’s free Cyber Daily newsletter. Sign up now! CYBER INSURANCE GIANT CNA PAID OUT $40 MILLION TO ITS Back in March, insurance firm CNA Hardy had much of its IT system knocked out by a ransomware attack, and sensitive data stolen.. That’s not a good look for a firm that sells cyber insurance.. And what’s also pretty ugly is that Bloomberg reports that CNA chose to pay an eye-watering $40 million to the cybercrime gang that launched the ransomware attack. THE DARKSIDE RANSOMWARE GANG MUST BE SHITTING ITSELF RIGHT The DarkSide ransomware gang must be shitting itself right now. The disruption caused to the Colonial Pipeline on the east coast of the United States following a ransomware attack is understandably huge news, with President Joe Biden himself saying publicly that he is taking an active interest and is being briefed on a regular basis

about the

WAS THE EMAIL ACCOUNT OF MERSEYRAIL’S MD HACKED TO SPREAD The supposition is that the MD of Merseyrail’s Office 365 email account had been compromised the hackers in an attempt to spread word of the security breach, and apply pressure on the organisation to pay up. If true, it’s certainly quite an audacious move to hack the email account of the boss of a corporate victim, and use that as a FAKE FACEBOOK EMAIL INVITES YOU TO TELL 39 STRANGERS YOU Fake Facebook email invites you to tell 39 strangers you were duped. Graham Cluley • @gcluley. 9:45 pm, September 9, 2020. A reader got in touch with me regarding a suspicious email they had received claiming to come from Facebook, with the subject line: “Someone tried to Iog in To Your Account, User lD : ”. FATFACE PAYS OUT $2 MILLION TO CONTI RANSOMWARE GANG UK fashion retailer FatFace, which made headlines this week by appearing to ask its customers to keep its cyber attack “strictly private and confidential”, has reportedly paid a $2 million ransom to the criminals responsible.. According to Computer Weekly, FatFace entered negotiations with the Conti ransomware gang soon after it became aware its systems had been breached and customer NHS TEST & TRACE SENDS TEXT TO WRONG PERSON, TELLING THEM Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote

the first ever

SHITRIX: HACKERS TARGET UNPATCHED CITRIX SYSTEMS OVER Shitrix: Hackers target unpatched Citrix systems over weekend. Graham Cluley • @gcluley. 12:14 pm, January 13, 2020. Over the last few days hackers have made multiple attempts to exploit a critical vulnerability found in Citrix technology, used by tens of thousands of businesses worldwide. Citrix Application Delivery Controller and

Citrix

THE INSIDE STORY OF THE MAERSK NOTPETYA RANSOMWARE ATTACK The shipping conglomerate Maersk, hit by the NotPetya ransomware in June 2017, estimated that it cost them as much as $300 million in lost revenue.. Gavin Ashton was an IT security guy working at Maersk at the

time of the attack.

HACKER PLAYS CAT-AND-MOUSE WITH THE EBRD’S TWITTER ACCOUNT Hacker plays cat-and-mouse with the EBRD’s Twitter account. The European Bank for Reconstruction and Development (EBRD) is not having the best of mornings, as itself admitted. Earlier today the bank’s @EBRD Twitter account, and that of its sister account @EBRDgreen, were hijacked by a hacker who began to post the kind of messages you don GRAHAM CLULEY • COMPUTER SECURITY NEWS, ADVICE, AND OPINION Graham Cluley. May 30, 2021. Receive the latest trending threat insights delivered to your inbox with Recorded Future’s free Cyber Daily newsletter. Sign up now! SMASHING SECURITY PODCAST #231: SEXY SNAPS AND ENCRYPTED 16 hours ago · Criminals are caught in a encrypted chat trap, should you trust Apple’s repair team with your sexy snaps, and do you think the FBI should be able to tell who has been reading the USA Today website? All this and much more is discussed in the latest SMASHING SECURITY PODCAST #230: FLASH CARD F-UP AND ENERGY Smashing Security podcast #230: Flash card f-up and energy pipe pilfering. Industry veterans, chatting about computer security and online privacy. Graham Cluley • @gcluley. 10:33 am, June 3, 2021. The US military has been caught exposing its nuclear weapons secrets, and we explore the world of nerdy miners. All this and more is

discussed in

NHS TEST & TRACE SENDS TEXT TO WRONG PERSON, TELLING THEM Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote

the first ever

REPORT: COLONIAL PIPELINE PAID RANSOMWARE ATTACKERS $5 If Bloomberg is to believed 1, Colonial Pipeline paid out a ransom of almost $5 million last week in an attempt to help it restore the operation of its massive East Coast fuel pipeline.. According to the news outlet, anonymous sources confirmed that the DarkSide ransomware gang were paid a ransom of approximately 75 Bitcoin within hours of the company shutting down its pipeline in response to FATFACE PAYS OUT $2 MILLION TO CONTI RANSOMWARE GANG UK fashion retailer FatFace, which made headlines this week by appearing to ask its customers to keep its cyber attack “strictly private and confidential”, has reportedly paid a $2 million ransom to the criminals responsible.. According to Computer Weekly, FatFace entered negotiations with the Conti ransomware gang soon after it became aware its systems had been breached and customer MAJOR US OIL PIPELINE SHUT DOWN AFTER RANSOMWARE ATTACK A ransomware attack has caused the shutdown of one of the largest oil pipelines in the United States. The 5,500 miles of Colonial Pipeline, which carry over 100 million gallons of fuel every day, from Houston, Texas to the New York Harbor, has been offline since May 7 according to the company which manages it:. On May 7, Colonial Pipeline Company learned it was the victim of a cybersecurity THE INSIDE STORY OF THE MAERSK NOTPETYA RANSOMWARE ATTACK The shipping conglomerate Maersk, hit by the NotPetya ransomware in June 2017, estimated that it cost them as much as $300 million in lost revenue.. Gavin Ashton was an IT security guy working at Maersk at the

time of the attack.

DUTCH UNIVERSITY PAID $220,000 RANSOM TO HACKERS AFTER Graham Cluley • @gcluley. 3:36 pm, February 7, 2020. A Dutch university has held a press conference where it admitted paying a 30 bitcoin ransom (approximately 200,000 Euro or US $220,000) to hackers who compromised its network in the immediate run-up to Christmas 2019. At the press conference, which was live streamed to the internet in

Dutch

RUNNING QUICKTIME FOR WINDOWS? YOU SHOULD UNINSTALL IT The only mitigation available is to uninstall QuickTime for Windows.”. Those running QuickTime on their Windows machines should click on the “Start” icon, go to “Control Panel” > “Programs” > “Programs and Features,” select “QuickTime Player,” and hit “Uninstall.”. At this time, those running QuickTime on Apple devices GRAHAM CLULEY • COMPUTER SECURITY NEWS, ADVICE, AND OPINIONNEWSNEWSLETTERPODCASTSPEAKINGSPONSOR Graham Cluley. May 30, 2021. Receive the latest trending threat insights delivered to your inbox with Recorded Future’s free Cyber Daily newsletter. Sign up now! CYBER INSURANCE GIANT CNA PAID OUT $40 MILLION TO ITS Back in March, insurance firm CNA Hardy had much of its IT system knocked out by a ransomware attack, and sensitive data stolen.. That’s not a good look for a firm that sells cyber insurance.. And what’s also pretty ugly is that Bloomberg reports that CNA chose to pay an eye-watering $40 million to the cybercrime gang that launched the ransomware attack. MAJOR US OIL PIPELINE SHUT DOWN AFTER RANSOMWARE ATTACK A ransomware attack has caused the shutdown of one of the largest oil pipelines in the United States. The 5,500 miles of Colonial Pipeline, which carry over 100 million gallons of fuel every day, from Houston, Texas to the New York Harbor, has been offline since May 7 according to the company which manages it:. On May 7, Colonial Pipeline Company learned it was the victim of a cybersecurity THE DARKSIDE RANSOMWARE GANG MUST BE SHITTING ITSELF RIGHT The DarkSide ransomware gang must be shitting itself right now. The disruption caused to the Colonial Pipeline on the east coast of the United States following a ransomware attack is understandably huge news, with President Joe Biden himself saying publicly that he is taking an active interest and is being briefed on a regular basis

about the

WAS THE EMAIL ACCOUNT OF MERSEYRAIL’S MD HACKED TO SPREAD The supposition is that the MD of Merseyrail’s Office 365 email account had been compromised the hackers in an attempt to spread word of the security breach, and apply pressure on the organisation to pay up. If true, it’s certainly quite an audacious move to hack the email account of the boss of a corporate victim, and use that as a FAKE FACEBOOK EMAIL INVITES YOU TO TELL 39 STRANGERS YOU Fake Facebook email invites you to tell 39 strangers you were duped. Graham Cluley • @gcluley. 9:45 pm, September 9, 2020. A reader got in touch with me regarding a suspicious email they had received claiming to come from Facebook, with the subject line: “Someone tried to Iog in To Your Account, User lD : ”. FATFACE PAYS OUT $2 MILLION TO CONTI RANSOMWARE GANG UK fashion retailer FatFace, which made headlines this week by appearing to ask its customers to keep its cyber attack “strictly private and confidential”, has reportedly paid a $2 million ransom to the criminals responsible.. According to Computer Weekly, FatFace entered negotiations with the Conti ransomware gang soon after it became aware its systems had been breached and customer NHS TEST & TRACE SENDS TEXT TO WRONG PERSON, TELLING THEM Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote

the first ever

HOW TO MAKE YOUR WHATSAPP EVEN MORE PRIVATE AND SECURE The hugely popular messaging platform WhatsApp made big news in the security community when they announced earlier this month that they were now providing end-to-end encryption for all of their one billion plus members.. This is an incredibly positive development for privacy advocates. The best part about this new feature is that WhatsApp users did not have to do anything in order to WHY IT’S A GOOD IDEA TO CLEAR BROWSER HISTORY AND COOKIES Cookies are a tool that, along with browsing history, help web browsers like Mozilla Firefox speed up users’ browsing sessions. But as the Yahoo incident illustrates, cookies also pose a threat. Attackers could steal them to gain access to our accounts GRAHAM CLULEY • COMPUTER SECURITY NEWS, ADVICE, AND OPINIONNEWSNEWSLETTERPODCASTSPEAKINGSPONSOR Graham Cluley. May 30, 2021. Receive the latest trending threat insights delivered to your inbox with Recorded Future’s free Cyber Daily newsletter. Sign up now! CYBER INSURANCE GIANT CNA PAID OUT $40 MILLION TO ITS Back in March, insurance firm CNA Hardy had much of its IT system knocked out by a ransomware attack, and sensitive data stolen.. That’s not a good look for a firm that sells cyber insurance.. And what’s also pretty ugly is that Bloomberg reports that CNA chose to pay an eye-watering $40 million to the cybercrime gang that launched the ransomware attack. MAJOR US OIL PIPELINE SHUT DOWN AFTER RANSOMWARE ATTACK A ransomware attack has caused the shutdown of one of the largest oil pipelines in the United States. The 5,500 miles of Colonial Pipeline, which carry over 100 million gallons of fuel every day, from Houston, Texas to the New York Harbor, has been offline since May 7 according to the company which manages it:. On May 7, Colonial Pipeline Company learned it was the victim of a cybersecurity THE DARKSIDE RANSOMWARE GANG MUST BE SHITTING ITSELF RIGHT The DarkSide ransomware gang must be shitting itself right now. The disruption caused to the Colonial Pipeline on the east coast of the United States following a ransomware attack is understandably huge news, with President Joe Biden himself saying publicly that he is taking an active interest and is being briefed on a regular basis

about the

WAS THE EMAIL ACCOUNT OF MERSEYRAIL’S MD HACKED TO SPREAD The supposition is that the MD of Merseyrail’s Office 365 email account had been compromised the hackers in an attempt to spread word of the security breach, and apply pressure on the organisation to pay up. If true, it’s certainly quite an audacious move to hack the email account of the boss of a corporate victim, and use that as a FAKE FACEBOOK EMAIL INVITES YOU TO TELL 39 STRANGERS YOU Fake Facebook email invites you to tell 39 strangers you were duped. Graham Cluley • @gcluley. 9:45 pm, September 9, 2020. A reader got in touch with me regarding a suspicious email they had received claiming to come from Facebook, with the subject line: “Someone tried to Iog in To Your Account, User lD : ”. FATFACE PAYS OUT $2 MILLION TO CONTI RANSOMWARE GANG UK fashion retailer FatFace, which made headlines this week by appearing to ask its customers to keep its cyber attack “strictly private and confidential”, has reportedly paid a $2 million ransom to the criminals responsible.. According to Computer Weekly, FatFace entered negotiations with the Conti ransomware gang soon after it became aware its systems had been breached and customer NHS TEST & TRACE SENDS TEXT TO WRONG PERSON, TELLING THEM Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote

the first ever

HOW TO MAKE YOUR WHATSAPP EVEN MORE PRIVATE AND SECURE The hugely popular messaging platform WhatsApp made big news in the security community when they announced earlier this month that they were now providing end-to-end encryption for all of their one billion plus members.. This is an incredibly positive development for privacy advocates. The best part about this new feature is that WhatsApp users did not have to do anything in order to WHY IT’S A GOOD IDEA TO CLEAR BROWSER HISTORY AND COOKIES Cookies are a tool that, along with browsing history, help web browsers like Mozilla Firefox speed up users’ browsing sessions. But as the Yahoo incident illustrates, cookies also pose a threat. Attackers could steal them to gain access to our accounts IT’S TIME TO GET SERIOUS ABOUT ENTERPRISE PASSWORD Many thanks to the great folks at 1Password, who have sponsored my writing for the past week.. The majority of enterprise data breaches are still tied to weak password and secrets management habits among employees. 1Password’s new white paper highlights these and other findings to illustrate how password management software is a top-level consideration for IT departments to close security CYBER INSURANCE GIANT CNA PAID OUT $40 MILLION TO ITS Back in March, insurance firm CNA Hardy had much of its IT system knocked out by a ransomware attack, and sensitive data stolen.. That’s not a good look for a firm that sells cyber insurance.. And what’s also pretty ugly is that Bloomberg reports that CNA chose to pay an eye-watering $40 million to the cybercrime gang that launched the ransomware attack. NHS TEST & TRACE SENDS TEXT TO WRONG PERSON, TELLING THEM Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote

the first ever

FATFACE PAYS OUT $2 MILLION TO CONTI RANSOMWARE GANG UK fashion retailer FatFace, which made headlines this week by appearing to ask its customers to keep its cyber attack “strictly private and confidential”, has reportedly paid a $2 million ransom to the criminals responsible.. According to Computer Weekly, FatFace entered negotiations with the Conti ransomware gang soon after it became aware its systems had been breached and customer REPORT: COLONIAL PIPELINE PAID RANSOMWARE ATTACKERS $5 If Bloomberg is to believed 1, Colonial Pipeline paid out a ransom of almost $5 million last week in an attempt to help it restore the operation of its massive East Coast fuel pipeline.. According to the news outlet, anonymous sources confirmed that the DarkSide ransomware gang were paid a ransom of approximately 75 Bitcoin within hours of the company shutting down its pipeline in response to HOW TO MAKE YOUR WHATSAPP EVEN MORE PRIVATE AND SECURE The hugely popular messaging platform WhatsApp made big news in the security community when they announced earlier this month that they were now providing end-to-end encryption for all of their one billion plus members.. This is an incredibly positive development for privacy advocates. The best part about this new feature is that WhatsApp users did not have to do anything in order to THANKS FOR FINDING A CRITICAL BUG. HAVE A $1.5 MILLION Congratulations to Alexander Schlindwein. He’s the chap who discovered what has been described as a “critical bug” that reportedly could have “drained the entirety of underwriting funds” for ArmorFi, a “smart insurance aggregator for decentralized finance (DeFi)”. (I just write these words, don’t expect me to understand what ArmorFi actually does.) POLICE RAID TECH SUPPORT SCAM CENTRE WHO HAD THEIR CCTV An indepth investigation by online vigilantes has exposed the activities of an Indian tech support scam centre. Extraordinarily, fraudsters had the tables turned on them as YouTuber Jim Browning was able to hack into the call centre and access recordings of scam phone calls and even watch live CCTV footage exposing the criminals at work. HOW TO TELL IF YOUR SNAPCHAT HAS BEEN HACKED, AND HOW TO Change your passwords. In some situations, hackers obtain a user’s login credentials, gain access to their profile, and don’t do anything with the account settings once they’re there. If that’s the case, a user can recover their account by logging in and BRITISH GAS SAYS PASSWORD MANAGERS AREN’T GOOD FOR British Gas reveals it doesn’t think password managers are good for security. Graham Cluley • @gcluley. 12:01 pm, July 15, 2015. Well, this is bizarre. British Gas customer Ben Woodward understands the benefits of having a complicated, hard-to-remember password rather than a dumb, easy-to-guess one. But, unfortunately, he says British

Gas

GRAHAM CLULEY • COMPUTER SECURITY NEWS, ADVICE, AND OPINIONNEWSNEWSLETTERPODCASTSPEAKINGSPONSOR Graham Cluley. May 30, 2021. Receive the latest trending threat insights delivered to your inbox with Recorded Future’s free Cyber Daily newsletter. Sign up now! CYBER INSURANCE GIANT CNA PAID OUT $40 MILLION TO ITS Back in March, insurance firm CNA Hardy had much of its IT system knocked out by a ransomware attack, and sensitive data stolen.. That’s not a good look for a firm that sells cyber insurance.. And what’s also pretty ugly is that Bloomberg reports that CNA chose to pay an eye-watering $40 million to the cybercrime gang that launched the ransomware attack. THE DARKSIDE RANSOMWARE GANG MUST BE SHITTING ITSELF RIGHT The disruption caused to the Colonial Pipeline on the east coast of the United States following a ransomware attack is understandably huge news, with President Joe Biden himself saying publicly that he is taking an active interest and is being briefed on a regular basis about the situation.. Meanwhile, in a terse statement, the FBI says it has confirmed that the DarkSide ransomware gang WAS THE EMAIL ACCOUNT OF MERSEYRAIL’S MD HACKED TO SPREAD The supposition is that the MD of Merseyrail’s Office 365 email account had been compromised the hackers in an attempt to spread word of the security breach, and apply pressure on the organisation to pay up. If true, it’s certainly quite an audacious move to hack the email account of the boss of a corporate victim, and use that as a SHITRIX: HACKERS TARGET UNPATCHED CITRIX SYSTEMS OVER Shitrix: Hackers target unpatched Citrix systems over weekend. Graham Cluley • @gcluley. 12:14 pm, January 13, 2020. Over the last few days hackers have made multiple attempts to exploit a critical vulnerability found in Citrix technology, used by tens of thousands of businesses worldwide. Citrix Application Delivery Controller and

Citrix

FAKE FACEBOOK EMAIL INVITES YOU TO TELL 39 STRANGERS YOU Fake Facebook email invites you to tell 39 strangers you were duped. Graham Cluley • @gcluley. 9:45 pm, September 9, 2020. A reader got in touch with me regarding a suspicious email they had received claiming to come from Facebook, with the subject line: “Someone tried to Iog in To Your Account, User lD : ”. POLICE RAID TECH SUPPORT SCAM CENTRE WHO HAD THEIR CCTV An indepth investigation by online vigilantes has exposed the activities of an Indian tech support scam centre. Extraordinarily, fraudsters had the tables turned on them as YouTuber Jim Browning was able to hack into the call centre and access recordings of scam phone calls and even watch live CCTV footage exposing the criminals at work. HACKER BUSTED AFTER LAUNDERING MONEY USING HIS OWN EMAIL Hacker busted after laundering money using his own email and IP address. Never underestimate the stupidity of idiots. David Bisson • @DMBisson. 9:52 pm, October 31, 2016. We’ve seen a lot of cunning hackers exploit weak or dumb security measures to compromise users’ information. One unidentified hacker did just that in June, for

instance

ASHLEY MADISON’S LEAKED DATABASE AVAILABLE FOR DOWNLOAD What’s happened? As I’m sure you’ll remember, popular adultery website Ashley Madison got hacked in July. The hackers – who went by the name of the Impact Team – demanded that its owners, Avid Life Media, shut the site down and sister sites including Cougar Life and

Established Men.

BRITISH GAS SAYS PASSWORD MANAGERS AREN’T GOOD FOR British Gas reveals it doesn’t think password managers are good for security. Graham Cluley • @gcluley. 12:01 pm, July 15, 2015. Well, this is bizarre. British Gas customer Ben Woodward understands the benefits of having a complicated, hard-to-remember password rather than a dumb, easy-to-guess one. But, unfortunately, he says British

Gas

GRAHAM CLULEY • COMPUTER SECURITY NEWS, ADVICE, AND OPINIONNEWSNEWSLETTERPODCASTSPEAKINGSPONSOR Graham Cluley. May 30, 2021. Receive the latest trending threat insights delivered to your inbox with Recorded Future’s free Cyber Daily newsletter. Sign up now! CYBER INSURANCE GIANT CNA PAID OUT $40 MILLION TO ITS Back in March, insurance firm CNA Hardy had much of its IT system knocked out by a ransomware attack, and sensitive data stolen.. That’s not a good look for a firm that sells cyber insurance.. And what’s also pretty ugly is that Bloomberg reports that CNA chose to pay an eye-watering $40 million to the cybercrime gang that launched the ransomware attack. THE DARKSIDE RANSOMWARE GANG MUST BE SHITTING ITSELF RIGHT The disruption caused to the Colonial Pipeline on the east coast of the United States following a ransomware attack is understandably huge news, with President Joe Biden himself saying publicly that he is taking an active interest and is being briefed on a regular basis about the situation.. Meanwhile, in a terse statement, the FBI says it has confirmed that the DarkSide ransomware gang WAS THE EMAIL ACCOUNT OF MERSEYRAIL’S MD HACKED TO SPREAD The supposition is that the MD of Merseyrail’s Office 365 email account had been compromised the hackers in an attempt to spread word of the security breach, and apply pressure on the organisation to pay up. If true, it’s certainly quite an audacious move to hack the email account of the boss of a corporate victim, and use that as a SHITRIX: HACKERS TARGET UNPATCHED CITRIX SYSTEMS OVER Shitrix: Hackers target unpatched Citrix systems over weekend. Graham Cluley • @gcluley. 12:14 pm, January 13, 2020. Over the last few days hackers have made multiple attempts to exploit a critical vulnerability found in Citrix technology, used by tens of thousands of businesses worldwide. Citrix Application Delivery Controller and

Citrix

FAKE FACEBOOK EMAIL INVITES YOU TO TELL 39 STRANGERS YOU Fake Facebook email invites you to tell 39 strangers you were duped. Graham Cluley • @gcluley. 9:45 pm, September 9, 2020. A reader got in touch with me regarding a suspicious email they had received claiming to come from Facebook, with the subject line: “Someone tried to Iog in To Your Account, User lD : ”. POLICE RAID TECH SUPPORT SCAM CENTRE WHO HAD THEIR CCTV An indepth investigation by online vigilantes has exposed the activities of an Indian tech support scam centre. Extraordinarily, fraudsters had the tables turned on them as YouTuber Jim Browning was able to hack into the call centre and access recordings of scam phone calls and even watch live CCTV footage exposing the criminals at work. HACKER BUSTED AFTER LAUNDERING MONEY USING HIS OWN EMAIL Hacker busted after laundering money using his own email and IP address. Never underestimate the stupidity of idiots. David Bisson • @DMBisson. 9:52 pm, October 31, 2016. We’ve seen a lot of cunning hackers exploit weak or dumb security measures to compromise users’ information. One unidentified hacker did just that in June, for

instance

ASHLEY MADISON’S LEAKED DATABASE AVAILABLE FOR DOWNLOAD What’s happened? As I’m sure you’ll remember, popular adultery website Ashley Madison got hacked in July. The hackers – who went by the name of the Impact Team – demanded that its owners, Avid Life Media, shut the site down and sister sites including Cougar Life and

Established Men.

BRITISH GAS SAYS PASSWORD MANAGERS AREN’T GOOD FOR British Gas reveals it doesn’t think password managers are good for security. Graham Cluley • @gcluley. 12:01 pm, July 15, 2015. Well, this is bizarre. British Gas customer Ben Woodward understands the benefits of having a complicated, hard-to-remember password rather than a dumb, easy-to-guess one. But, unfortunately, he says British

Gas

SMASHING SECURITY PODCAST #230: FLASH CARD F-UP AND ENERGY Smashing Security podcast #230: Flash card f-up and energy pipe pilfering. Industry veterans, chatting about computer security and online privacy. Graham Cluley • @gcluley. 10:33 am, June 3, 2021. The US military has been caught exposing its nuclear weapons secrets, and we explore the world of nerdy miners. All this and more is

discussed in

IT’S TIME TO GET SERIOUS ABOUT ENTERPRISE PASSWORD 1 day ago · Many thanks to the great folks at 1Password, who have sponsored my writing for the past week.. The majority of enterprise data breaches are still tied to weak password and secrets management habits among employees. 1Password’s new white paper highlights these and other findings to illustrate how password management software is a top-level consideration for IT departments to close security BACKUP APPLIANCE FIRM PAYS OUT $2.6 MILLION RANSOM TO The Conti ransomware gang has successfully managed to extort millions of dollars out of an organisation once again. What’s notable on this occasion is that the Conti group’s corporate victim is ExaGrid, a backup company. And according to reports, last month it shelled out $2.6 million worth of THE DARKSIDE RANSOMWARE GANG MUST BE SHITTING ITSELF RIGHT The disruption caused to the Colonial Pipeline on the east coast of the United States following a ransomware attack is understandably huge news, with President Joe Biden himself saying publicly that he is taking an active interest and is being briefed on a regular basis about the situation.. Meanwhile, in a terse statement, the FBI says it has confirmed that the DarkSide ransomware gang FAKE FACEBOOK EMAIL INVITES YOU TO TELL 39 STRANGERS YOU Fake Facebook email invites you to tell 39 strangers you were duped. Graham Cluley • @gcluley. 9:45 pm, September 9, 2020. A reader got in touch with me regarding a suspicious email they had received claiming to come from Facebook, with the subject line: “Someone tried to Iog in To Your Account, User lD : ”. HOW TO MAKE YOUR WHATSAPP EVEN MORE PRIVATE AND SECURE The hugely popular messaging platform WhatsApp made big news in the security community when they announced earlier this month that they were now providing end-to-end encryption for all of their one billion plus members.. This is an incredibly positive development for privacy advocates. The best part about this new feature is that WhatsApp users did not have to do anything in order to NHS TEST & TRACE SENDS TEXT TO WRONG PERSON, TELLING THEM Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote

the first ever

POLICE RAID TECH SUPPORT SCAM CENTRE WHO HAD THEIR CCTV An indepth investigation by online vigilantes has exposed the activities of an Indian tech support scam centre. Extraordinarily, fraudsters had the tables turned on them as YouTuber Jim Browning was able to hack into the call centre and access recordings of scam phone calls and even watch live CCTV footage exposing the criminals at work. DUTCH UNIVERSITY PAID $220,000 RANSOM TO HACKERS AFTER Graham Cluley • @gcluley. 3:36 pm, February 7, 2020. A Dutch university has held a press conference where it admitted paying a 30 bitcoin ransom (approximately 200,000 Euro or US $220,000) to hackers who compromised its network in the immediate run-up to Christmas 2019. At the press conference, which was live streamed to the internet in

Dutch

GRAHAMCLULEY.COM

grahamcluley.com

Skip to content

GRAHAM CLULEY

Computer security news, advice, and opinion

Menu

* News

* Newsletter

* Podcast

* Speaking

* Sponsor

* About expand child menu * About this website

* Awards

* Testimonials

* Recent media appearances

* Contact

* Games expand child menu * Jacaranda Jim expand

child menu

* Reviews of Jacaranda Jim

* Blox

* Humbug expand child menu

* Reviews of Humbug

* Wibbling Wilf expand

child menu

* Reviews of Wibbling Wilf

Search for: Search

This week's sponsor: Get a FREE copy of "The Security Intelligence Handbook" from Recorded Future!

ⓘ

BITDEFENDER.COM

November 27, 2020

FERTILITY PATIENTS’ SENSITIVE PERSONAL INFORMATION STOLEN DURING

RANSOMWARE ATTACK

TRIPWIRE.COM

November 26, 2020

SUSPECTED BEC SCAMMERS ARRESTED IN NIGERIA FOLLOWING YEAR-LONG INTERPOL INVESTIGATION

November 26, 2020

SMASHING SECURITY PODCAST #206: ROBO DOGS, DEEPFAKES AND DIRTY DECEPTIONS WITH TIM HARFORD

November 26, 2020

SOPHOS SECURITY BREACH EXPOSES CUSTOMER SUPPORT RECORDS

November 24, 2020

FAKE MINECRAFT MODS INSTALLED ON OVER ONE MILLION ANDROID DEVICES

November 23, 2020

MANCHESTER UNITED VERSUS A “SOPHISTICATED” CYBER ATTACK

November 23, 2020

FBI WARNS OF CRIMINALS SPOOFING ITS WEBSITE DOMAIN NAMES

November 22, 2020

YOU CAN BE A SECURITY INTELLIGENCE EXPERT, WITH THESE FREE TOOLS FROM

RECORDED FUTURE

BITDEFENDER.COM

November 20, 2020

ROBOT VACUUM CLEANERS CAN EAVESDROP ON YOUR CONVERSATIONS, RESEARCHERS

REVEAL

TRIPWIRE.COM

November 19, 2020

EGREGOR RANSOMWARE ATTACK HIJACKS PRINTERS TO SPIT OUT RANSOM NOTES

November 19, 2020

SMASHING SECURITY PODCAST #205: ZOOM PASSWORD PINCHING AND PARLER

PROBLEMS

November 18, 2020

REELING FROM RANSOMWARE ATTACK, MANAGED.COM TAKES DOWN ITS ENTIRE WEB HOSTING INFRASTRUCTURE

12 3

…10

20

…→

⇥

Send a tip or story idea | Hire Graham Cluley to speak at your event | Sponsorship | Contact | About Complaints/Corrections | Privacy | Terms & Conditions Copyright © 2001-2020 Cluley Associates Limited. All Rights Reserved.