Author Archives: mike

KRACKing Wireless

The latest big security exploit is a mechanism by which WPA2 secured wireless networks can be compromised to disclose previously encrypted traffic in the clear, and to insert malicious traffic. The original web site announcing the vulnerability can be found … Continue reading

Posted in Technical | Tagged , , , | Comments Off on KRACKing Wireless

Patching Your Mouse? Yes, Really!

Strange as it may seem, if you have a certain type of wireless mouse you may be vulnerable to an attacker being able to inject keyboard keystrokes into your computer; with this they are able to do just about anything … Continue reading

Posted in Technical | Tagged | Comments Off on Patching Your Mouse? Yes, Really!

Think Work, Think VPN

We are encouraging everyone who works remotely to immediately start up a VPN connection (to our VPN of course!) whenever they start working remotely. This is for a variety of reasons, but includes :- Any on site services that you might … Continue reading

Posted in General | Tagged , | Comments Off on Think Work, Think VPN

Updating Windows Servers

You might think it is easy to update Windows servers, but apparently that is not always the case. It is easy to simply “check for updates” when you first install a server, and then forget about it. Which is the wrong … Continue reading

Posted in Technical | Tagged , , | Comments Off on Updating Windows Servers

The Ukranian Ransomware (Petya, NotPetya, WannaCry2)

Those keeping aware of the security scene may well have become aware of the latest ransomware worm hitting around the world. Various names have been associated with this outbreak, and the most readily identifiable name (Petya) is technically incorrect. This … Continue reading

Posted in Active Attacks, Malware | Tagged , | Comments Off on The Ukranian Ransomware (Petya, NotPetya, WannaCry2)

WannaCrypt or the NHS Worm

As many of you will be aware, the NHS suffered from a mass outbreak of a ransomware worm last Friday which has since spread to many other organisations around the world. For more general information please see The Register’s article … Continue reading

Posted in Active Attacks | Comments Off on WannaCrypt or the NHS Worm

Keeping Your Account Safe

We are seeing an increase in the number of compromised accounts due to various forms of attack, and decided to highlight some core protections for your account. If your account is compromised, you may find yourself locked out of the … Continue reading

Posted in Active Attacks, Passwords | Comments Off on Keeping Your Account Safe

‘Phishing’ Emails With Your Home Address

This article is currently being drafted, and will be added to over time. In the meantime, Sophos have an article that goes into some detail about what is going on here. Some key points :- Don’t click on the encrypted … Continue reading

Posted in Active Attacks, Email | Tagged | Comments Off on ‘Phishing’ Emails With Your Home Address

Is IS Aware Of What Password You Have?

One of the more interesting questions that arose from the recent password audit is whether IS is aware of account passwords – i.e. do we know your password. The short answer to that is: No, but with a caveat. First … Continue reading

Posted in Passwords | Comments Off on Is IS Aware Of What Password You Have?

How SHA-1 Is Broken

(This gets very esoteric very quickly) Those of you paying attention may have realised that very recently (January this year), browsers started complaining about security when connecting to sites whose SSL certificates used the SHA-1 hashing algorithm within the certificate. … Continue reading

Posted in Technical | Tagged , , | Comments Off on How SHA-1 Is Broken