Collaborate Disseminate
Dutch police have arrested a 35-year-old man suspected of hacking into the computer systems of Amsterdam football giant Ajax, after the personal data of hundreds of thousands of supporters was put at risk.
Read more in my article on the Hot for Securi… Continue reading Police arrest man following hack of Ajax football club
A notorious ransomware gang claims to have stolen MyPillow’s private data, but CEO Mike Lindell calls it a politically motivated “hit job.” With the countdown ticking toward a massive dark web leak, who is telling the truth?
Read more in my article on… Continue reading MyPillow listed on ransomware gang’s leak site, but denies it has been breached
CISA, the US government agency whose entire job is keeping America’s critical infrastructure safe from hackers, has had a contractor publish dozens of plain-text credentials to a public GitHub profile.
Meanwhile, your Oura ring is quietly transmitting… Continue reading Smashing Security podcast #469: What your Oura ring won’t tell you
So, you’ve enabled multi-factor authentication. You’ve taught your staff never to type their passwords into dodgy-looking login pages. Surely your Microsoft 365 accounts are safe now?
Well, think again.
Read more in my article on the Hot for Security… Continue reading FBI warns of Kali365 phishing kit that breaks into Microsoft 365 accounts – no password required
For almost 20 years, stolen credentials have been the most common route for attackers into organizations, according to the Verizon Data Breach Investigations Report (DBIR). But that’s no longer the case.
Read more in my article on the Fortra blog. Continue reading Defenders fall behind, as AI rewrites the rules of a data breach
A 23-year-old radio enthusiast spent £300 on a piece of kit from the internet, and used it to bring four packed high-speed trains to a screeching halt. His defence in court? Possibly the most creative excuse we’ve heard all year.
Meanwhile, owners of … Continue reading Smashing Security podcast #468: High-speed train hacks and homicidal lawnmowers
Having receive a ransom payment for its attack on Canvas, ShinyHunters and other extortion gangs are only likely to be further incentivised to launch similar attacks in future.
Read more in my article on the Hot for Security blog. Continue reading FBI warns students and staff that ShinyHunters may come knocking after Canvas breach
Lesson one for aspiring dark web kingpins: don’t have your laundered gold bars shipped to your home address.
Read more in my article on the Hot for Security blog.
Continue reading Suspected Dream Market kingpin arrested after gold bars sent to his home address
Pay up, or we’ll pay someone to pay you a visit. Cybercrime gangs are increasingly turning to real-world threats – and even hiring local muscle to deliver the message.
Read more in my article on the Hot for Security blog. Continue reading When ransomware gets physical: cybercriminals turn to threats of violence
Welcome to the largest educational data breach in history – affecting nearly 9,000 institutions, every Ivy League university, and 30 million students mid-finals. When Canvas’s parent company refused to pay and announced they had deployed “security patc… Continue reading Smashing Security podcast #467: How ShinyHunters hacked the world’s biggest universities