Cyber News & Articles

For the past seven years, a malware-based proxy service known as “Faceless” has sold anonymity to countless cybercriminals. For less than a dollar per day, Faceless customers can route their malicious traffic through tens of thousands of compromised systems advertised on the service. In this post we’ll examine clues left behind over the past decade by the proprietor of Faceless, including some that may help put a face to the name.

The emergency ditching of an Australian military helicopter in the water just off a beach in New South Wales, has been blamed on the failure to apply a software patch.

Read more in my article on the Hot for Security blog.

KrebsOnSecurity received a nice bump in traffic this week thanks to tweets from the Federal Bureau of Investigation (FBI) and the Federal Communications Commission (FCC) about “juice jacking,” a term first coined here in 2011 to describe a potential threat of data theft when one plugs their mobile device into a public charging kiosk. It remains unclear what may have prompted the alerts, but the good news is that there are some fairly basic things you can do to avoid having to worry about juice jacking.

Accountants are being warned to be on their guard from hackers, as cybercriminals exploit the rush to prepare tax returns for clients before the deadline of US Tax Day.

Read more in my article on the Tripwire State of Security blog.

The US Department of Justice has arrested a member of the US Air Force National Guard in connection with a high profile leak of classified Pentagon documents.

Here are my thoughts…

Everyone’s talking juice-jacking – but has anyone ever been juice-jacked? Uber suffers yet another data breach, but it hasn’t been hacked. And Carole hosts the “AI-a-go-go or a no-no?” quiz for Dave and Graham.

All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire’s Dave Bittner.

Travellers are being told to be wary when plugging their smartphones and laptops into USB chargers.

But has anyone ever actually been juice-jacked in the real world?

Microsoft today released software updates to plug 100 security holes in its Windows operating systems and other software, including a zero-day vulnerability that is already being used in active attacks. Not to be outdone, Apple has released a set of important updates addressing two zero-day vulnerabilities that are being used to attack iPhones, iPads and Macs.

A pro-Russian blogger who raised $25,000 for drones to assist Russian troops fighting in Ukraine, has received a huge delivery of sex toys instead.

Read more in my article on the Hot for Security blog.

An Elon Musk-worshipping college principal gets schooled, and rapper Afroman turns the tables after armed police raid his house.

All this and much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault.