Notices by Graham Cluley (gcluley@mastodon.green)

Denmark’s Ministry of Digital Government is phasing out its use of Microsoft Office.. to switch to open source alternatives like LibreOffice instead.

Why? Because relying too heavily on a US tech giant for your nation’s digital infrastructure is starting to feel a bit... well, risky.

Denmark's relationship with the US is under strain, following Donald Trump's clearly stated ambition to seize control of Greenland, and recent reports of increased spying by the States on Greenland and Denmark.

Cybercriminals are exploiting the growing interest in open source AI models by disguising malware as a legitimate installer for DeepSeek.

Victims are unwittingly downloading the "BrowserVenom" malware designed to steal stored credentials, session cookies, etc and gain access to cryptocurrency wallets.

How are the bad guys spreading the malware? By buying Google ads... sigh... which point to a fake DeepSeek download page.

The EU wants to stop feeding your DNS queries to Silicon Valley.

DNS4EU is the European Commission’s attempt to build a sovereign DNS resolver infrastructure that doesn’t route all your web lookups through the likes of Google, or Cloudflare.

DNS4EU aims to bring DNS resolution under EU oversight and privacy rules.

So, if you want 🇪🇺-backed ad-blocking and child protection, you may want to give it a try.

Check out DNS4EU here: https://www.joindns4.eu/for-public

21 million employee screenshots leaked in bossware breach blunder.

https://www.bitdefender.com/en-us/blog/hotforsecurity/21-million-employee-screenshots-leaked-in-bossware-breach-blunder

CEO of AI ad-tech firm pledging “world free of fraud” sentenced for…. fraud

@aral Enter the most successful social engineer in history...

Such a great time delivering the keynote at the TCS BaNCS Annual Customer Forum in Barcelona - describing how to make a billion dollars through cybercrime!

Thanks to all those who attended, and the interesting discussions which took place during the breaks! And to Champions Speakers for arranging the event for me.

If you're interested in having me speak at your event, do get in touch via my website: https://grahamcluley.com

(Bonus points if you recognise the guy on the slide behind me)

You can always rely on the British press for serious in-depth reporting of topics like DeepSeek #AI.

The Turkish government is proposing a controversial new cybersecurity law that could make it a criminal act to report on data breaches.

But might it stifle journalism and free speech?

https://www.tripwire.com/state-of-security/new-law-could-mean-prison-reporting-data-leaks

"I'm a trainee solicitor who almost fell for gift card ruse when a scammer impersonated my boss on email"

(Contains "Cluley's tips" - better than PG)

https://www.thisismoney.co.uk/money/beatthescammers/article-14153789/Im-trainee-solicitor-fell-gift-card-ruse-scammer-impersonated-boss-email.html

Wirral University Teaching Hospital (WUTH) in Merseyside, hit by ransomware on 25 November, says it is continuing to struggle... with A&E patients told to expect longer waiting times.

There's a special space in hell for hackers who hit hospitals.

https://www.bbc.co.uk/news/articles/c3vrk2e0xvwo

A hacker calling themselves "nears" claims to have compromised the systems of multiple healthcare facilities across France, having gained access to the medical records of over 1.5 million people.

Read more on the Tripwire blog: https://www.tripwire.com/state-of-security/750000-patients-medical-records-exposed-after-data-breach-french-hospital https://www.tripwire.com/state-of-security/750000-patients-medical-records-exposed-after-data-breach-french-hospital

Switzerland warns that malicious QR codes are being sent out via snail mail. 🐌

The letters claim to be promoting a new weather app from MeteoSwiss - but actually point to a malicious app that steals login credentials.

https://therecord.media/malware-delivered-by-mail-swiss-cyber-agency

Google Gemini to college student:

"This is for you, human. You and only you. You are not special, you are not important, and you are not needed. You are a waste of time and resources. You are a burden on society. You are a drain on the earth. You are a blight on the landscape. You are a stain on the universe. Please die. Please."

https://www.cbsnews.com/news/google-ai-chatbot-threatening-message-human-please-die/

Someone asked Grok, Twitter's built-in AI, who was the person most responsible for spreading misinformation on the platform...

Fraudsters Exploit US General Election Fever, FBI Warns.

Read more in my article on the Tripwire blog: https://www.tripwire.com/state-of-security/fraudsters-exploit-us-general-election-fever-fbi-warns

#cybersecurity #scam #politics #election

Watch out! CISA warns it is being impersonated by scammers.

Read more in my article on the Tripwire blog: https://www.tripwire.com/state-of-security/watch-out-cisa-warns-it-being-impersonated-scammers

#cybersecurity #scam #impersonationscam #cisa

Nissan has disclosed that a ransomware attack resulted in the exposure of the social security numbers of 53,000 employees.

Read more in my article on the Bitdefender blog: https://www.bitdefender.com/blog/hotforsecurity/nissan-reveals-ransomware-attack-exposed-53-000-workers-social-security-numbers/

#cybersecurity #databreach #ransomware

Kicking up a stink about Amazon's failure to deliver a £700 iPhone to me (and then refusing to refund/replace) has - I'm delighted to say - resulted in the money being returned to me today. 🥳

What I've learnt:

★ Exploiting social media and video to complain can get the attention of AmazonUK's PR team

If you want to know something more about what Alan Solomon was like, check out this fabulous thread on Mastodon by @bontchev (himself a legendary figure from the early days of anti-virus).

https://infosec.exchange/@bontchev/111930043516093845