Nostr notes by Graham Cluley

There has been a huge backlash after Amazon Ring advertised its ...

2026-02-25T09:51:30Z

There has been a huge backlash after Amazon Ring advertised its dystopian surveillance feature "Search party" (dressed up as a way to find lost dogs).

Now a $10,000 award has been offered for anyone who can find a way to run Ring doorbell cameras locally, cutting off the flow of video data to Amazon's servers.

Read more in my article on the Bitdefender blog: https://www.bitdefender.com/en-us/blog/hotforsecurity/10-000-bounty-hack-ring-cameras

#cybersecurity #surveillance #ring #doorbell #privacy

Being referenced in the documents does not equate to involvement ...

2026-02-20T13:43:18Z

In reply to nevent1q…lenh
_________________________

Being referenced in the documents does not equate to involvement in Epstein’s crimes.

More details:

https://www.nextgov.com/people/2026/02/def-con-bans-hackers-technologists-named-epstein-documents/411502/

DEF CON has banned a number of people from attending its hacking ...

2026-02-20T13:42:54Z

DEF CON has banned a number of people from attending its hacking conference in Las Vegas, after they were named in the Epstein files.

Vincenzo Iozzo, Joichi Ito, and Pablos Holman have been added to the conference's public ban list. None of them have been charged by US authorities with offences, although documents released by the Department of Justice indicate they were in contact with Jeffrey Epstein.

The conference has not alleged criminal conduct, and the individuals have not been charged.

Meanwhile, the UK has signed contracts worth over £800 million ...

2026-02-13T13:53:59Z

In reply to nevent1q…2f7l
_________________________

Meanwhile, the UK has signed contracts worth over £800 million with Palantir for NHS and Ministry of Defence systems. British MPs are now asking awkward questions about why their due diligence has reached such a different conclusion.

Switzerland chose sovereignty over convenience. They chose not to risk using Palantir.

Other countries should be asking themselves: if Switzerland deemed these risks unacceptable, what are we missing?

What do you think?

2/2

The Swiss government has ended its contract with American ...

2026-02-13T13:53:36Z

The Swiss government has ended its contract with American analytics company Palantir, after federal agencies in the country rejected Palantir at least nine times over seven years. The reason? Security concerns that should make other countries think carefully:

- Risk of US intelligence gaining access to sensitive data
- Potential loss of national sovereignty
- Dependence upon foreign specialists in crisis situations

Swiss authorities won't touch their software with a bargepole.

1/2

"Although not the app I posted this on, obviously..." ...

2026-01-07T11:44:23Z

"Although not the app I posted this on, obviously..."

Grok is generating the sexualised imagery of children.

2026-01-07T10:54:49Z

In reply to nevent1q…uj7x
_________________________

Grok is generating the sexualised imagery of children.

I don't understand how the UK government (and indeed many ...

2026-01-07T10:46:28Z

I don't understand how the UK government (and indeed many firms) can continue to maintain a presence on Elon Musk's deepfake porn site (formerly known as Twitter), rather than jumping ship to the likes of Mastodon and Bluesky.

Their continued association with X/Twitter isn't just a bad look, it's an endorsement of a site that behaves in a disgusting, degrading way, and has been churning out sexualised images of real-life women and young girls.

Is it just to avoid the wrath of Elon Musk?

📚Think your Kindle is harmless? Think again! @npub1d4h…80d4 ...

2025-12-18T17:04:11Z

📚Think your Kindle is harmless? Think again! Danny Palmer (npub1d4h…80d4) and I unpack a Black Hat Europe talk revealing how a boobytrapped audiobook could exploit the Amazon eBook reader - potentially letting an attacker break into your account - in the latest episode of the "Smashing Security" podcast.

Plus a blast from 2021's "summer of ransomware" returns to haunt Ireland's Health Service Executive, as victims are offered €750 each.

https://open.spotify.com/episode/3JQ4Ul21LNU2W9kzxQN4xp?si=ae7d2c3bb6ff444c

Agentic AI browsers introduce serious new security risks and ...

2025-12-12T12:55:52Z

Agentic AI browsers introduce serious new security risks and should be blocked "for the foreseeable future." That's the opinion of a new report from analyst firm Gartner.

What do you think? Would you trust an AI browser inside your company?

Read more in my article on the Fortra blog: https://www.fortra.com/blog/gartner-tells-businesses-block-ai-browsers-now

Grok - Elon Musk's AI chatbot - has been caught handing out ...

2025-12-08T16:36:19Z

Grok - Elon Musk's AI chatbot - has been caught handing out home addresses of ordinary individuals... on demand.

When asked, Grok was willing to provide step-by-step instructions on how to stalk these people...

Read more in my article on the Bitdefender blog: https://www.bitdefender.com/en-us/blog/hotforsecurity/privacy-concerns-raised-as-grok-ai-found-to-be-a-stalkers-best-friend

How odd. I do. https://mastodon.green/@gcluley/115583123911171053

2025-11-20T18:52:27Z

In reply to nevent1q…qs4e
_________________________

How odd. I do.

https://mastodon.green/@gcluley/115583123911171053

You may have seen that post had a comment with the links, but ...

2025-11-20T18:37:53Z

In reply to nevent1q…k08w
_________________________

You may have seen that post had a comment with the links, but it's here: https://www.smashingsecurity.com/444 as well as in all good podcast apps. :)

Fab to have Tricia Howard as a special guest on the latest ...

2025-11-20T17:08:14Z

Fab to have Tricia Howard as a special guest on the latest "Smashing Security" podcast where we discussed the firm that has actually said "sorry" after a data breach, and how hotels are helping hackers phish their own guests.

We also chat about how legacy systems are a risk, and chat about autonomous pen testing, AI-turbocharged cybercrime, and what CISOs should really be asking on Monday morning with our other guest Snehal Antani of Horizon 3 AI.

Proof positive that companies are covering up the capabilities of ...

2025-11-12T10:50:09Z

Proof positive that companies are covering up the capabilities of their robots...

(Turn your sound on for the full err.. impact)

#AI #robotics #coverup

LinkedIn user in the UK, EU, Switzerland, Canada, or Hong Kong? ...

2025-10-30T08:57:20Z

LinkedIn user in the UK, EU, Switzerland, Canada, or Hong Kong? Heads-up. LinkedIn has given you until Monday to stop AI from training on your profile

https://www.bitdefender.com/en-us/blog/hotforsecurity/linkedin-gives-you-until-monday-to-stop-ai-from-training-on-your-profile

Folks, it's happened. AI has become so smart that it knows ...

2025-09-18T19:39:15Z

Folks, it's happened. AI has become *so* smart that it knows how to intentionally sabotage a live product demos by Mark Zuckerberg and leave him helplessly flailing...

#meta #metaai #AI #artificialintelligence

I think it's a great idea. Lets face it, your nan isn't ...

2025-07-18T11:15:11Z

In reply to nevent1q…cg3w
_________________________

I think it's a great idea. Lets face it, your nan isn't going to read a blog post about malicious QR codes, but she might read the side of a baguette bag while tucking into her lunch.

It's easy to forget that not everyone is immersed in the world of technology and cybercrime. Sometimes cybersecurity needs to go low-tech to reach high-risk users.

What ideas do YOU have for improving general awareness about cybersecurity? Go on, use your loaf and be imaginative. Let me know in the comments.

You’ve heard of ransomware, deepfake scams, and business email ...

2025-07-18T11:15:02Z

You’ve heard of ransomware, deepfake scams, and business email compromise. But what about bread bag cybercrime awareness? 🥖

In Belgium, police have taken to printing cybersecurity tips on bakery bags. Yes, really. Forget TikTok or Instagram ads, this is crime prevention via a crusty sourdough.

The initiative targets people who aren't scrolling social media 24/7. The idea is simple: warn people about online fraud and digital scams using something they actually see every day - at low cost.

So, you think hacking is just about stealing information, or ...

2025-06-29T20:12:50Z

So, you think hacking is just about stealing information, or wiping out company data? The truth is, sometimes it's about killing people too...

A criminal cartel hired a hacker to identify "people of interest" (including the FBI's Assistant Legal Attache), going in and and out of the US embassy in Mexico city, and then spy on calls made and received by their phones, and their location.

It gets worse..

Denmark’s Ministry of Digital Government is phasing out its use ...

2025-06-13T11:38:38Z

Denmark’s Ministry of Digital Government is phasing out its use of Microsoft Office.. to switch to open source alternatives like LibreOffice instead.

Why? Because relying too heavily on a US tech giant for your nation’s digital infrastructure is starting to feel a bit... well, risky.

Denmark's relationship with the US is under strain, following Donald Trump's clearly stated ambition to seize control of Greenland, and recent reports of increased spying by the States on Greenland and Denmark.

The EU wants to stop feeding your DNS queries to Silicon Valley. ...

2025-06-09T13:10:27Z

The EU wants to stop feeding your DNS queries to Silicon Valley.

DNS4EU is the European Commission’s attempt to build a sovereign DNS resolver infrastructure that doesn’t route all your web lookups through the likes of Google, or Cloudflare.

DNS4EU aims to bring DNS resolution under EU oversight and privacy rules.

So, if you want 🇪🇺-backed ad-blocking and child protection, you may want to give it a try.

Check out DNS4EU here: https://www.joindns4.eu/for-public

🚨The NHS is urgently appealing for O-type blood donors – in ...

2025-06-09T12:25:39Z

🚨The NHS is urgently appealing for O-type blood donors – in the wake of a cyberattack against a service provider. 🚨

To secure the nation's blood supply, the NHS says it needs one million people to donate blood, and 200,000 new donors to come forward.

Last year, supplies were described as being "in a very fragile position" following a ransomware attack on pathology services company Synnovis.

21 million employee screenshots leaked in bossware breach ...

2025-04-29T10:36:10Z

21 million employee screenshots leaked in bossware breach blunder.

https://www.bitdefender.com/en-us/blog/hotforsecurity/21-million-employee-screenshots-leaked-in-bossware-breach-blunder

CEO of AI ad-tech firm pledging “world free of fraud” ...

2025-03-24T08:59:13Z

CEO of AI ad-tech firm pledging “world free of fraud” sentenced for…. fraud

Enter the most successful social engineer in history... ...

2025-03-13T08:19:44Z

In reply to nevent1q…fanf
_________________________

Enter the most successful social engineer in history...

Such a great time delivering the keynote at the TCS BaNCS Annual ...

2025-03-13T08:11:14Z

Such a great time delivering the keynote at the TCS BaNCS Annual Customer Forum in Barcelona - describing how to make a billion dollars through cybercrime!

Thanks to all those who attended, and the interesting discussions which took place during the breaks! And to Champions Speakers for arranging the event for me.

If you're interested in having me speak at your event, do get in touch via my website: https://grahamcluley.com

(Bonus points if you recognise the guy on the slide behind me)

Researchers have found it's easier to generate harmful ...

2025-02-10T13:25:12Z

Researchers have found it's easier to generate harmful content with DeepSeek than just about any other #AI. That's only going to encourage yet more people to use DeepSeek...

https://www.wsj.com/tech/ai/china-deepseek-ai-dangerous-information-e8eb31a8

#ai #deepseek #artificialintelligence

I just upgraded my @npub1zq5…dlp2 subscription to a Duo plan so ...

2025-02-08T11:14:20Z

I just upgraded my Kagi HQ (npub1zq5…dlp2) subscription to a Duo plan so my wife could use it too.

It’s a terrific search engine with no ads or tracking. Never been a better time for you to check it out.

https://www.androidpolice.com/ethical-search-engine-kagi-return-subscription-money/

#DumpGoogle

DOGE staffer Edward "Big Balls" Coristine is a teenager ...

2025-02-06T08:05:22Z

DOGE staffer Edward "Big Balls" Coristine is a teenager who worked at startup that hired convicted hackers. Has access to sensitive US government systems.

Definitely nothing to be concerned about.

https://www.wired.com/story/edward-coristine-tesla-sexy-path-networks-doge/

You can always rely on the British press for serious in-depth ...

2025-01-28T10:48:14Z

You can always rely on the British press for serious in-depth reporting of topics like DeepSeek #AI.

The Turkish government is proposing a controversial new ...

2025-01-24T09:35:49Z

The Turkish government is proposing a controversial new cybersecurity law that could make it a criminal act to report on data breaches.

But might it stifle journalism and free speech?

https://www.tripwire.com/state-of-security/new-law-could-mean-prison-reporting-data-leaks

Breaking news! Krispy Kreme donuts have a security hole. No ...

2024-12-11T13:38:02Z

Breaking news! Krispy Kreme donuts have a security hole.

No really, this isn't a dad joke. They've been hit by ransomware.

https://www.ft.com/content/7732e6ed-c07e-4520-833e-b858ba9bd432

Wirral University Teaching Hospital (WUTH) in Merseyside, hit by ...

2024-12-04T14:39:45Z

Wirral University Teaching Hospital (WUTH) in Merseyside, hit by ransomware on 25 November, says it is continuing to struggle... with A&E patients told to expect longer waiting times.

There's a special space in hell for hackers who hit hospitals.

https://www.bbc.co.uk/news/articles/c3vrk2e0xvwo

Cybercriminals have adopted a novel trick for infecting devices ...

2024-11-19T10:34:28Z

Cybercriminals have adopted a novel trick for infecting devices with malware: sending out physical letters that contain malicious QR codes.

https://www.bitdefender.com/en-us/blog/hotforsecurity/malware-malicious-qr-codes-the-post

Switzerland warns that malicious QR codes are being sent out via ...

2024-11-16T12:33:06Z

Switzerland warns that malicious QR codes are being sent out via snail mail. 🐌

The letters claim to be promoting a new weather app from MeteoSwiss - but actually point to a malicious app that steals login credentials.

https://therecord.media/malware-delivered-by-mail-swiss-cyber-agency

Someone asked Grok, Twitter's built-in AI, who was the person ...

2024-11-14T14:39:42Z

Someone asked Grok, Twitter's built-in AI, who was the person most responsible for spreading misinformation on the platform...

Hey mastodon hive-mind, What's your recommendation for a ...

2024-10-23T16:28:33Z

Hey mastodon hive-mind,

What's your recommendation for a video doorbell, without a subscription, wired not battery, that can collect footage on your doorstep around the clock?

Not Amazon. Thanks!

#homeassistant