Collaborate Disseminate
Lesson one for aspiring dark web kingpins: don’t have your laundered gold bars shipped to your home address.
Read more in my article on the Hot for Security blog.
Continue reading Suspected Dream Market kingpin arrested after gold bars sent to his home address
Pay up, or we’ll pay someone to pay you a visit. Cybercrime gangs are increasingly turning to real-world threats – and even hiring local muscle to deliver the message.
Read more in my article on the Hot for Security blog. Continue reading When ransomware gets physical: cybercriminals turn to threats of violence
Welcome to the largest educational data breach in history – affecting nearly 9,000 institutions, every Ivy League university, and 30 million students mid-finals. When Canvas’s parent company refused to pay and announced they had deployed “security patc… Continue reading Smashing Security podcast #467: How ShinyHunters hacked the world’s biggest universities
One in eight UK workers admits to selling their company login credentials – or knowing someone who has – in the past 12 months.
The really alarming bit? Their bosses are even more relaxed about it.
Read more in my article on the Fortra blog. Continue reading One in eight UK workers has sold their company passwords, and bosses think it’s fine
Most universities have a careers fair. At Bauman Moscow State Technical University, however, an elite group of students appear to have something rather more unusual: a direct pipeline into some of the world’s most notorious state-sponsored hacking grou… Continue reading Inside Department 4: Russia’s secret school for hackers
You don’t need to live near a scam compound for it to wreck your life. Americans lost $5.8 billion to crypto investment scams last year alone – and a raid in Sri Lanka this month shows exactly how the operations behind them keep finding new places to h… Continue reading Sri Lanka makes 37 arrests as it raids another scam centre
Meta’s smart glasses promise privacy “designed for you” – but everything they record was being beamed off to workers in Nairobi to label by hand. When those workers blew the whistle, Meta sacked all 1,108 of them.
Meanwhile, the IT press is in a frenz… Continue reading Smashing Security podcast #466: Meta sees everything, Copy Fail, and a deepfake gets hired
Here’s a tip for you all. Unless you want to draw attention to yourself as a cybercriminal, don’t flaunt your diamond-encrusted “HACK THE PLANET” necklace on Snapchat, or pose as a Sopranos crime boss while the FBI is reportedly closing in.
Read more … Continue reading Teenager alleged to be Scattered Spider hacker arrested in Finland, faces US extradition
US Marines stationed around the Persian Gulf have been receiving WhatsApp messages from strangers suggesting they call home and make their final goodbyes.
Read more in my article on the Hot for Security blog. Continue reading Iran-linked Handala hackers leak US Marines data, send chilling WhatsApp threats
A developer at an AI startup wanted to cheat at Roblox. They downloaded a dodgy script on their work laptop. That one decision triggered a cascade of failures that ended with a $2 million data breach affecting hundreds of thousands of organisations. Al… Continue reading Smashing Security podcast #465: This developer wanted to cheat at Roblox. It cost millions