Author Archives: mike

Zoom Desktop Vulnerability for macOS

Update: Apple is now silently pushing out an update to remove the Zoom “hidden feature” so you will be please to know that the geeky removal is no longer necessary. Just make sure you have opted in to all recent … Continue reading

Posted in Active Attacks, Technical | Tagged | Leave a comment

DNS Firewalls: What They Are, and What They’re Not

This posting is really a description of so-called “DNS Firewalls” intended for those who have to deal with security vendors regularly. Having said that, there are DNS firewalls for home users (I cannot make any specific recommendations), so it may … Continue reading

Posted in Firewall, General | Tagged | Comments Off on DNS Firewalls: What They Are, and What They’re Not

The Future of Windows 7

As you may be aware, Microsoft have expectations that everyone running Windows 7 will upgrade to Windows 10 (and some refuseniks are so upset that they are ditching Windows for Linux!). As part of that, Microsoft will no longer be … Continue reading

Posted in Uncategorized | Comments Off on The Future of Windows 7

The Big RDP Vulnerability (CVE-2019-0708)

Microsoft have released a whole bunch of patches to fix security vulnerabilities this Tuesday (which is quite normal of course), but one unusual aspect was the release of a patch for older versions of Windows that do not normally get … Continue reading

Posted in Active Attacks, Technical | Tagged , , , | Comments Off on The Big RDP Vulnerability (CVE-2019-0708)

University Passes Cybersecurity Re-assessment

After a great deal of work from a number of people, the University has successfully renewed our CyberEssentials Plus certification. This means :- We are assured that we have met a level of IT security. Not that it means we … Continue reading

Posted in General, News | Tagged | Comments Off on University Passes Cybersecurity Re-assessment

Yes, We’re Now Encrypted

If you have been paying attention, you will have noticed that our “security blog” was up until now only available via plain text; we now have a TLS certificate so the traffic to this site is encrypted. With the exception … Continue reading

Posted in News | Tagged , | Comments Off on Yes, We’re Now Encrypted

Passwords: Long and Strong

Yes, this is another blog posting about password strength, which we do keep going on about. That is because :- The password audit still shows that people are not getting the message (although for active staff we’re doing a great … Continue reading

Posted in Passwords | Comments Off on Passwords: Long and Strong

Do You Like Justin Bieber?

On of the stories I was reading this morning mentioned that some of those with Nest security cameras have been subjected to hack attacks. One of the attacks they were subjected to were hackers asking Alexa to play Justin Bieber … Continue reading

Posted in Active Attacks, Passwords | Comments Off on Do You Like Justin Bieber?

There Is No Such Thing As A Secure Web Site

On the left-hand side of the location bar, your browser will show you something like :- Which is entirely correct and incorrect at the same time. To be precise, what that little label (and the alternative green one) means is … Continue reading

Posted in General | Tagged , | Comments Off on There Is No Such Thing As A Secure Web Site

The Latest Phishing Attack

I have just been alerted to yet another phishing attack that works by sending web links via email to a “secure message” (or in the example no words at all). The link of course takes you to a malicious site … Continue reading

Posted in Email, Passwords | Tagged | Comments Off on The Latest Phishing Attack