Author Archives: mike

Don’t Automatically Trust Email!

Email is a very easy to forge – so easy that if you try to impress a hacker by claiming to have forged email, they’ll fall about the floor laughing. So you should not automatically trust email – there are … Continue reading

Posted in Email | Comments Off on Don’t Automatically Trust Email!

Analysis Of A Phishing Attack

The following is the analysis of a real phishing attack that we have seen, together with some indications of how a phishing attack can be detected. For the impatient, some of those indicators are listed below :- Are you expecting … Continue reading

Posted in Active Attacks, Email | Tagged , | Comments Off on Analysis Of A Phishing Attack

How Often Should I Patch?

The short version: “It varies”. “Have you applies the latest security fixes from your operating system vendor to your machines?” I asked, trying to a learn a little more about Fred’s security posture. Fred replies with hesitation, “We apply security … Continue reading

Posted in General | Tagged , | Comments Off on How Often Should I Patch?

Friday’s DDoS Attack And The Mirai IoT Worm

It may have reached your attention that there was a significant denial of service attack against a widely used DNS provider – the service provider for organisations such as Twitter, Github, and Amazon. The effect was to make certain services … Continue reading

Posted in Active Attacks, Technical | Tagged , | Comments Off on Friday’s DDoS Attack And The Mirai IoT Worm

Free Converters May Come With Unwanted Gifts

I read this morning a post on another blog site about an experiment that someone tried. They converted a PDF file to a DOC file using five different free web-based converters and found that three of the results were malware-infected. … Continue reading

Posted in General, Malware | Comments Off on Free Converters May Come With Unwanted Gifts

Do Not Attach Network Equipment to the UoP Network

It can be very tempting for a quick solution (especially for a temporary bodge) to attach network equipment up the University network. Don’t do it. Please! In the past it was unusual for network equipment to be so widely available, … Continue reading

Posted in General | Comments Off on Do Not Attach Network Equipment to the UoP Network

Do You Know Email’s “BCC” Header?

There are a number of stories¬†going around at the moment relating to unintentional release of email addresses in terms of allowing third parties access to the email addresses. This is almost always a mistake made by someone who used conventional … Continue reading

Posted in Email | Tagged , , | Comments Off on Do You Know Email’s “BCC” Header?

TeamViewer: People Being Hacked

There are many¬†reports that those using the TeamViewer application are being subjected to hacks with their bank accounts being emptied and similar problems. The details of how the attackers are breaking in are not available, but it seems likely that … Continue reading

Posted in Active Attacks, Technical | Tagged | Comments Off on TeamViewer: People Being Hacked

Have You Changed Your Myspace Account Password Recently?

Don’t laugh. Some of us who have been around for more than a few years may well have used a myspace account at some point in the past. And you may well have set your account up with a password … Continue reading

Posted in Passwords | Tagged , , | Comments Off on Have You Changed Your Myspace Account Password Recently?

Sending SurveyMonkey Questionnaires Without Being “Spammed”

We recently encountered an issue where somebody attempted to send a questionnaire constructed in SurveyMonkey to a number of students and some deliveries were made to the students’ spam folders. Which is obviously sub-optimal. Unfortunately we do not fully control … Continue reading

Posted in Email | Comments Off on Sending SurveyMonkey Questionnaires Without Being “Spammed”