Author Archives: mike

Firewall Blocking Essentials?

Posted on 2021-09-15 by mike

Due to a certain episode around Easter this year, a number of changes were made to the firewall security policy to make it more secure. Since then a great deal of work has gone into identifying web-based applications that are … Continue reading

Posted in Firewall | Comments Off on Firewall Blocking Essentials?

GlobalProtect Installation for MFA VPN

Posted on 2021-05-05 by mike

This is a technical guide to some methods of installing/fixing the GlobalProtect client in the short term whilst ongoing conversations with the relevant vendors is taking place. Make sure you are using an up to date version of the client; … Continue reading

Posted in Technical, VPN | Comments Off on GlobalProtect Installation for MFA VPN

Spam: Mail Quotas and Bitcoin

Posted on 2021-02-22 by mike

Recently we have become aware of an issue in relation to one of our cloud service providers which is weakening one of our email security measures – specifically the mechanism put in place to make it harder to impersonate UoP … Continue reading

Posted in Active Attacks, Email | Tagged , , , | Comments Off on Spam: Mail Quotas and Bitcoin

The security.txt Page for Web Servers

Posted on 2020-12-02 by mike

We have recently started using a new-to-us web server security scanner that amongst other things will highlight the absence of a file – security.txt – in the root of the web server. And thus this blog entry explaining what it … Continue reading

Posted in Technical | Tagged | Comments Off on The security.txt Page for Web Servers

Dodgy .ac.uk Web Sites

Posted on 2020-10-15 by mike

No, we not talking about real .ac.uk web sites but fake ones. We have recently been alerted to the activities of a certain well-known attacker (the “Silent Librarian”), and whilst processing it I noticed something it might be helpful to … Continue reading

Posted in Active Attacks | Tagged , | Comments Off on Dodgy .ac.uk Web Sites

What Are “Homoglyph” Attacks?

Posted on 2020-08-07 by mike

As the phrase has started becoming more widely used, it seems worthwhile to explain just what exactly “homoglyph attacks” are. It is perhaps a bit extreme to call them “attacks” as they are effectively used to deceive … especially in … Continue reading

Posted in General, Technical | Tagged , , | Comments Off on What Are “Homoglyph” Attacks?

Twitter: The Trustworthiness of The Blue Tick

Posted on 2020-07-17 by mike

If you have not heard, Twitter suffered some sort of incident recently (yesterday at the time of writing) where a number of high profile accounts were used to send out “tweets” suggesting that if you pay them some money (in … Continue reading

Posted in Active Attacks, General | Tagged , , , | Comments Off on Twitter: The Trustworthiness of The Blue Tick

The VPN, Facebook, and China

Posted on 2020-07-16 by mike

We have had at least two reports that some people logged in to our GlobalProtect VPN are also logging into Facebook, examining their current Facebook logins and finding that they’re unexpectedly logged in from China (or Qatar). This is not … Continue reading

Posted in Active Attacks, VPN | Tagged , | Comments Off on The VPN, Facebook, and China

VPN or GlobalProtect Performance Issues

Posted on 2020-06-15 by mike

On occasions over the last few months, IS has been contacted with regard to network performance issues in relation to the VPN (the GlobalProtect VPN). As a result we have built up some recommendations that may be helpful to others … Continue reading

Posted in General, VPN | Tagged , , | Comments Off on VPN or GlobalProtect Performance Issues

Dealing With Suspicious Emails

Posted on 2020-05-12 by mike

From time to time, we all receive emails at work that we regard as a little suspicious (if you do not, it is quite possible that your suspicion level needs to be increased). What should we do with those emails? … Continue reading

Posted in Email | Tagged , | Comments Off on Dealing With Suspicious Emails