Image More information has emerged related to last week's attack which saw a number of high profile Twitter accounts hijacked for the purposes of spreading a cryptocurrency scam. Twitter has already said that 130 Twitter accounts were targeted by hackers, using tools that should only have been available to the site's internal support...

Image What the heck has happened on Twitter? Twitter accounts, owned by politicians, celebrities, and large organisations suddenly started tweeting messages to their many millions of followers, at the behest of hackers. What did the messages say? Here is a typical one which appeared on the account of rapper, songwriter, and optimistic...

Image Things just got serious. Business Email Compromise is no longer solely the province of chancers and opportunistic Nigerian actors such as the Yahoo Boys. Organised criminal gangs with a high level of professionalism have seen the opportunity and seized it. Security researchers at Agari have published a report detailing their...

Image Hackers are once again finding unsecured MongoDB databases carelessly left exposed on the internet, wiping their contents, and leaving a ransom note demanding a cryptocurrency payment for the data's safe return. As ZDNet reports, ransom notes have been left on almost 23,000 MongoDB databases that were let unprotected on the...

Image Do you think you have found a vulnerability in the Sony PlayStation 4 or the PlayStation Network? If so, you could be heading towards a sizeable sum of money. That's because Sony announced details of a new bug bounty program that it is running in co-ordination with vulnerability-reporting platform HackerOne. Sony is inviting...

Image Fraudsters stole more than $3.2 million from the banking division of South Africa's post office, after - in a catastrophic breach of security - employees printed out the bank's master key. According to South African media reports, the security breach occurred in December 2018 when a copy of Postbank's digital master key was...

Image Babylon Health, makers of a smartphone app that allows Brits to have consultations with NHS doctors, has admitted that a "software error" resulted in some users being able to access other patients' private video chats with GPs. The data breach came to light after one user, Rory Glover, tweeted that he was shocked to find the app...

Image A 64-year-old man has pleaded guilty in a Texan court to charges of money laundering after a series of attacks that defrauded companies out of hundreds of thousands of dollars. Kenenty Hwan Kim (who sometimes went by the name Myung Kim) took advantage of a simple trick that has proven highly effective to fraudsters in recent...

Image What is NetWalker? NetWalker (also known as Mailto) is the name given to a sophisticated family of Windows ransomware that has targeted corporate computer networks, encrypting the files it finds, and demanding that a cryptocurrency payment is made for the safe recovery of the encrypted data. Image ...

Image For just under 90 minutes last Thursday, hackers were able to compromise the systems of cryptocurrency lending platform BlockFi, and gain unauthorised access to users' names, email addresses, dates of birth, address and activity history. In an incident report published on its website, BlockFi was keen to stress that the hacker's...

Image Newly-discovered zero-day vulnerabilities may generate the biggest headlines in the security press, but that doesn't mean that they're necessarily the thing that will get your company hacked. This week, US-CERT has published its list of what it describes as the "Top 10 Routinely Exploited Vulnerabilities" for the last three...

Image Samsung has released a security update for its popular Android smartphones which includes a critical fix for a vulnerability that affects all devices sold by the manufacturer since 2014. On its Android security update page Samsung thanks researcher Mateusz Jurczyk of Google Project Zero for the discovery of the vulnerability...

Image Security researchers at Cybereason are warning of a new mobile banking trojan that steals details from financial apps and intercepts SMS messages to bypass two-factor authentication mechanisms. According to experts who have examined the code of the malware, known as EventBot, it differs substantially from previously known...

Image What's this Maze thing I keep hearing about? Maze is a particularly sophisticated strain of Windows ransomware that has hit companies and organizations around the world and demanded that a cryptocurrency payment be made in exchange for the safe recovery of encrypted data. There's been plenty of ransomware before. What makes...

Image Millions of people have moved onto the Zoom video-conferencing platform as the coronavirus pandemic has forced them to work from their homes. According to Zoom's own statistics, its daily usage has soared from approximately 10 million daily users in December to over 200 million today. And although Zoom must be pleased to see so...

Image What's happened? Well, Coronavirus 2019 (COVID-19) happened. Okay, smart alec. I know about that. What else is going on? Well, because so many people are (wisely) staying at home, they're using videoconferencing and chat technology like Zoom to keep in touch with friends, family and colleagues. In fact, Zoom says that daily...

Image Past and present employees of General Electric (GE) are learning that their sensitive information has been exposed by a data breach at a third-party service provider. Fortune 500 company GE says it was recently informed of a security breach at one of its partners, Canon Business Process Services. According to GE, between...

Image A couple of years ago it felt like you couldn't turn your head in any direction without seeing another headline about cryptomining and - its more evil sibling - cryptojacking. Countless websites were hijacked, and injected with cryptocurrency-mining code designed to exploit the resources of visiting computers. Victims included...

Image Attackers are increasingly exploiting the fact that email gateways turn a blind eye to links to popular sites such as YouTube, in order to phish passwords from unsuspecting computer users. Researcher Ashley Trans of Cofense highlighted the threat in a blog post describing a recent phishing campaign. In the attack, an...

Image Digital attackers are sending around love-themed malicious emails in an attempt to infect recipients with the Nemty ransomware. If you've been kicking around in the world of IT security for more years than you'd like to admit, then you'll surely remember the ILOVEYOU virus (also known as the "Love Bug" or "Loveletter"). When the...