Author Archives: robbie

Ransomeware shuts local authority

Lincolnshire Council’s information systems were held to ransom on Tuesday, 26 Feb – for £1m to reinstate access.  The breach was caused by a member of the council clicking on a link within a spam email. So what can you … Continue reading

Posted in Uncategorized | Comments Off on Ransomeware shuts local authority

CESG Offer Password Security Tips

Unlike previous guidance, this doesn’t focus on trying to get ever more entropy into passwords.  Instead CESG are encouraging system designers and security architects to think more about where they’re requiring passwords, and what they’re trying to achieve with them. … Continue reading

Posted in Uncategorized | Comments Off on CESG Offer Password Security Tips

Protecting personal data in online services: learning from the mistakes of others

Unfortunately, there are many serious data loss incidents which could have been avoided or reduced in severity if simple good practice had been implemented.   The Office of the Information Commissioner has published guidance on the most significant threats to data … Continue reading

Posted in Uncategorized | Comments Off on Protecting personal data in online services: learning from the mistakes of others

‘Order Number 86514719983′ = malicious email

A large-scale malware distribution campaign targeting University staff and users is being reported.   Users might receive an email with the distinctive subject line ‘Order Number 86514719983′; the number seems to be random and many users are reporting many different numbers: If you … Continue reading

Posted in Email | Comments Off on ‘Order Number 86514719983′ = malicious email

Crypto Wars…

This is most certainly worth a listen : http://www.bbc.co.uk/programmes/b03xzyy5  

Comments Off on Crypto Wars…

Phishing Scam tricks GoogleDocs users

There are many ways to dupe people out of their login credentials… In the examples below,  what looks like an authentic email contains a link to an ‘important’ GoogleDoc: http://www.symantec.com/connect/blogs/google-docs-users-targeted-sophisticated-phishing-scam http://nakedsecurity.sophos.com/2012/05/30/phishing-with-help-from-google-docs/   Remember – don’t click on links in email! … Continue reading

Comments Off on Phishing Scam tricks GoogleDocs users

Free wi-fi hotspots pose data risk

If you’ve ever wondered why we insist that users must log on to the University wireless network, then this article from the BBC Click news site should help to explain things……. Free wi-fi hotspots pose data risk, Europol warns By … Continue reading

Comments Off on Free wi-fi hotspots pose data risk

You cannot con an honest person…or can you?

Some advice from TrendLabs on avoiding Cryptolocker…. An infection with CryptoLocker starts as spam email which carries a Trojan (a downloader).    The spam might promise a ‘free way to unlock software’ its success depends on the social engineering lures used … Continue reading

Comments Off on You cannot con an honest person…or can you?

Why can’t I have a router in my room?

There are policy restrictions in place to stop people from connecting unapproved devices (e.g. switches, routers, bridges) to the University network.   The reasons are explained below: Wireless connectivity The University wireless network is being extended into Halls, and is … Continue reading

Comments Off on Why can’t I have a router in my room?

iOS Hotspot password insecurity

When you enable the Personal Hotspot feature on your iPhone, iOS will generate a password on your behalf. It’s convenient, but it’s not very secure – because the password uses a short English word with a couple of numbers added … Continue reading

Comments Off on iOS Hotspot password insecurity