Cyber News & Articles
Crypto scammers who hacked McDonald’s Instagram account say they stole $700,000
Hackers who seized control of the official Instagram account of McDonald’s claim that they managed to steal US $700,000 from unsuspecting investors by promoting a fake cryptocurrency.
Read more in my article on the Hot for Security blog.
When Get-Out-The-Vote Efforts Look Like Phishing
Multiple media reports this week warned Americans to be on guard against a new phishing scam that arrives in a text message informing recipients they are not yet registered to vote. A bit of digging reveals the missives were sent by a California political consulting firm as part of a well-meaning but potentially counterproductive get-out-the-vote effort that had all the hallmarks of a phishing campaign.
University criticised for using Ebola outbreak lure in phishing test
A phishing exercise conducted by the IT department of the University of California Santa Cruz (UCSC) has backfired, after causing unnecessary panic amongst students and staff.
Read more in my article on the Hot for Security blog.
The AI Fix #13: ChatGPT runs for mayor, and should we stop killer robots?
In episode 13 of “The AI Fix””, meat avatar Cluley learns that AI doesn’t pose an existential threat to humanity and tells meat avatar Stockley how cybersex is about to get very, very weird. Our hosts also learn that men lie on their dating profiles, hear ChatGPT steal somebody’s voice, and discover an AI that rick rolls its users.
Graham tells Mark about AI’s political ambitions and discovers what ChatGPT has in common with the reluctant ruler of the universe, while Mark introduces Graham to the Campaign to Stop Killer Robots.
All this and much more is discussed in the latest edition of “The AI Fix” podcast by Graham Cluley and Mark Stockley.
New 0-Day Attacks Linked to China’s ‘Volt Typhoon’
Malicious hackers are exploiting a zero-day vulnerability in Versa Director, a software product used by many Internet and IT service providers. Researchers believe the activity is linked to Volt Typhoon, a Chinese cyber espionage group focused on infiltrating critical U.S. networks and laying the groundwork for the ability to disrupt communications between the United States and Asia during any future armed conflict with China.
Pro-Russia hackers attack European air traffic control website, but don’t panic! Flights continue as normal
Eurocontrol, the European air traffic control agency, has revealed that it has been under cyber attack for the last week, and says that pro-Russian hackers have claimed responsibility for the disruption.
When you first see the headline in the likes of the Wall Street Journal, it’s a scary thing to read.
But dig a little deeper, and you realise that the err.. sky is not falling.
Read more in my article on the Hot for Security blog.
US Facebook users can now claim their share of $725 million Cambridge Analytica settlement
Were you a US-based Facebook user between May 24 2007 and December 22 2022?
If so, I’ve got some good news for you.
Read more in my article on the Hot for Security blog.
3CX Breach Was a Double Supply Chain Compromise
We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX, a complex, lengthy intrusion that has the makings of a cyberpunk spy novel: North Korean hackers using legions of fake executive accounts on LinkedIn to lure people into opening malware disguised as a job offer; malware targeting Mac and Linux users working at defense and cryptocurrency firms; and software supply-chain attacks nested within earlier supply chain attacks.
US charges three men with six million dollar business email compromise plot
Three Nigerian nationals face charges in a US federal court related to a business email compromise (BEC) scam that is said to have stolen more than US $6 million from victims.
Read more in my article on the Tripwire State of Security blog.
Ex-CEO of hacked therapy clinic sentenced for failing to protect patients’ session notes
A Finnish court has given the former CEO of a chain of psychotherapy clinics a suspended jail sentence after failing to adequately protect highly sensitive notes of patients’ therapy sessions from falling into the hands of blackmailing hackers.
Read more in my article on the Hot for Security blog.