Author Archives: mike

Scams In The Time of Coronavirus

(with apologies to Gabriel García Márquez) As expected, scammers are trying to take advantage of fears over Covid-19 (the Coronavirus) to push their victims into unwise actions – often for profit. I have already seen two scams announcing UK government … Continue reading

Posted in Active Attacks, News | Tagged , , | Leave a comment

Working From Home

For some reason there seems to be a bit of an increase in interest in working from home and so it seems rather timely to produce some advice. Not so much the technical side of things, but general advice from … Continue reading

Posted in General | Tagged , | Comments Off on Working From Home

Let’s Encrypt Certificates – Are They Broken?

Short answer: No. There is a news story going around about an issue with certificates issued by Let’s Encrypt. The certificates themselves are in fact perfectly fine, but they were issued when they should not have been. If the owners … Continue reading

Posted in General | Comments Off on Let’s Encrypt Certificates – Are They Broken?

‘;–have i been pwned?

There is a well known “white-hat” web site called “‘;–have i been pwned?” which :- Publicises large data breaches of personal information. Collects data breaches looking for compromised accounts. Allows people to check if their own account has been compromised. … Continue reading

Posted in Active Attacks, Passwords | Comments Off on ‘;–have i been pwned?

Email: Spam/Ham and Some Indigestible Acronyms

This posting has been a long time coming, and is probably longer than ideal, but for those who send bulk emails, there may well be some useful tips in here. And for convenience those who use cloud-based services that also … Continue reading

Posted in Email | Tagged , , | Comments Off on Email: Spam/Ham and Some Indigestible Acronyms

Diagnosing a Phishing Attack

I was clearing out some older emails today and encountered an attempt to phish Apple credentials; although this one was specific to Apple, the general lessons apply to all phishing attacks … and indeed more general malicious spam. The attack … Continue reading

Posted in Active Attacks, Email | Tagged , | Comments Off on Diagnosing a Phishing Attack

German University Forced To Reset All Passwords

According to this story in The Register (the source material is reasonably enough in German), one of our German competitors has recently been forced to reset every single account password causing significant queues for service. Plus a significant amount of … Continue reading

Posted in General | Tagged , , | Comments Off on German University Forced To Reset All Passwords

The Anti-Phishing “Gold Star”

Recently a query to a UK HE security list came with a link to https://www.phishingscorecard.com/ScoreCard/United-Kingdom/Education/MTEtMTE%3d which gives us a classification of “Security rockstar” for anti-phishing security measures :- (The “DKIM” green flag only shows up if you upload an appropriate … Continue reading

Posted in Email | Comments Off on The Anti-Phishing “Gold Star”

Keeping Secret Google Meetings Secret

It is possible that some people are unaware (certainly I wasn’t; at least not this week) that it is possible that information about meetings can be seen not by looking at someone’s shared diary but looking at the room booked. … Continue reading

Posted in General | Tagged , , | Comments Off on Keeping Secret Google Meetings Secret

Careful With That Link Eugene

Over the last few weeks, I have noticed an increasing number of very suspicious looking links blocked by our “DNS firewall” – links like “xwhdg.read-this-hot-stuff.today”. The suspicion is that people are being sent emails with links within and they are … Continue reading

Posted in Email, Firewall | Comments Off on Careful With That Link Eugene