Author Archives: mike

German University Forced To Reset All Passwords

According to this story in The Register (the source material is reasonably enough in German), one of our German competitors has recently been forced to reset every single account password causing significant queues for service. Plus a significant amount of … Continue reading

Posted in General | Tagged , , | Comments Off on German University Forced To Reset All Passwords

The Anti-Phishing “Gold Star”

Recently a query to a UK HE security list came with a link to https://www.phishingscorecard.com/ScoreCard/United-Kingdom/Education/MTEtMTE%3d which gives us a classification of “Security rockstar” for anti-phishing security measures :- (The “DKIM” green flag only shows up if you upload an appropriate … Continue reading

Posted in Email | Comments Off on The Anti-Phishing “Gold Star”

Keeping Secret Google Meetings Secret

It is possible that some people are unaware (certainly I wasn’t; at least not this week) that it is possible that information about meetings can be seen not by looking at someone’s shared diary but looking at the room booked. … Continue reading

Posted in General | Tagged , , | Comments Off on Keeping Secret Google Meetings Secret

Careful With That Link Eugene

Over the last few weeks, I have noticed an increasing number of very suspicious looking links blocked by our “DNS firewall” – links like “xwhdg.read-this-hot-stuff.today”. The suspicion is that people are being sent emails with links within and they are … Continue reading

Posted in Email, Firewall | Comments Off on Careful With That Link Eugene

‘Shoulder Surfing’ or Is Your Screen Showing Others Information It Shouldn’t?

Every time I travel by train during working hours, I get reminded of the old “shoulder surfing” attack; a surprising number of people are working away on their laptops seeming unaware that anyone peaking over their shoulders has a good … Continue reading

Posted in General | Tagged | Comments Off on ‘Shoulder Surfing’ or Is Your Screen Showing Others Information It Shouldn’t?

Imaging PCs for Offline Analysis

This is going to be a technical post with requirements for access rights that most people do not have, so it can be ignored. The intention is to file this information in a place that can be widely seen for … Continue reading

Posted in Technical | Tagged | Comments Off on Imaging PCs for Offline Analysis

Zoom Desktop Vulnerability for macOS

Update: Apple is now silently pushing out an update to remove the Zoom “hidden feature” so you will be please to know that the geeky removal is no longer necessary. Just make sure you have opted in to all recent … Continue reading

Posted in Active Attacks, Technical | Tagged | Comments Off on Zoom Desktop Vulnerability for macOS

DNS Firewalls: What They Are, and What They’re Not

This posting is really a description of so-called “DNS Firewalls” intended for those who have to deal with security vendors regularly. Having said that, there are DNS firewalls for home users (I cannot make any specific recommendations), so it may … Continue reading

Posted in Firewall, General | Tagged | Comments Off on DNS Firewalls: What They Are, and What They’re Not

The Future of Windows 7

As you may be aware, Microsoft have expectations that everyone running Windows 7 will upgrade to Windows 10 (and some refuseniks are so upset that they are ditching Windows for Linux!). As part of that, Microsoft will no longer be … Continue reading

Posted in Uncategorized | Comments Off on The Future of Windows 7

The Big RDP Vulnerability (CVE-2019-0708)

Microsoft have released a whole bunch of patches to fix security vulnerabilities this Tuesday (which is quite normal of course), but one unusual aspect was the release of a patch for older versions of Windows that do not normally get … Continue reading

Posted in Active Attacks, Technical | Tagged , , , | Comments Off on The Big RDP Vulnerability (CVE-2019-0708)