Google says it recently fixed an authentication weakness that allowed crooks to circumvent email verification needed to create a Google Workspace account, and leverage that to impersonate a domain holder to third-party services that allow logins through Google’s “Sign in with Google” feature.
The US Department of Homeland Security has unveiled a dog-like robot that it says has been adapted to jam the connectivity of smart home devices.
Read more in my article on the Hot for Security blog.
A cybercrime group has gained notoriety for attacking VMware ESXi servers since February 2024.
Learn more about the SEXi / APT Inc ransomware in my article on the Tripwire State of Security blog.
Computers blue-screen-of-death around the world! The Paris Olympics is at risk of attack! And the FBI pull off the biggest sting operation in history by running a secret end-to-end encrypted messaging app! All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by industry veterans Graham Cluley and … Continue reading “Smashing Security podcast #382: CrowdStrike, Dark Wire, and the Paris Olympics”
The Chinese company in charge of handing out domain names ending in “.top” has been given until mid-August 2024 to show that it has put in place systems for managing phishing reports and suspending abusive domains, or else forfeit its license to sell domains. The warning comes amid the release of new findings that .top was the most common suffix in phishing websites over the past year, second only to domains ending in “.com.”
British police have arrested a 17-year-old boy believed to be linked to a cybercriminal gang that launched devastating ransomware attacks last year on MGM Resorts and other companies.
Read more in my article on the Hot for Security blog.
It has been revealed that earlier this month a website which offered a DDoS-for-hire service was taken offline by law enforcement, but only after they collected data about its criminal customers.
Read more in my article on the Hot for Security blog.
In episode eight of “The AI Fix”, our hosts tackle the latest news from the world of AI and learn about two important medical breakthroughs, Mark coughs, Graham ruins “Killing me softly”, and neither shows their junk to an AI. Graham explains humour to Mark and shares a donkey story he learned from a Bulgarian, … Continue reading “The AI Fix #8: Emergence, a rancid donkey, and the world’s funniest joke”
A faulty software update from cybersecurity vendor Crowdstrike crippled countless Microsoft Windows computers across the globe today, disrupting everything from airline travel and financial institutions to hospitals and businesses online. Crowdstrike said a fix has been deployed, but experts say the recovery from this outage could take some time, as Crowdstrike’s solution needs to be applied manually on a per-machine basis.
Social media fuels conspiracies galore after Donald Trump is shot at a rally, cryptocurrency websites are hijacked after a screw-up at Squarespace, and our guest takes a close look at bottoms on Instagram.
All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Zoë Rose.