Author Archives: mike

Who Is mikemeredith@hotmail.com?

Short answer: No idea! And yes that is my name. We have received a couple of reports of phishing attempts using look-alike names – in this example (which isn’t real), the email address mikemeredith@hotmail.com was used in an email purporting … Continue reading

Posted in Active Attacks, Email | Tagged , , | Comments Off on Who Is mikemeredith@hotmail.com?

Security At Home

As most of us are now working from home, it is time to consider security in the home; because you are working from home, security at home is important to the university (in addition to yourself). Indeed there are new … Continue reading

Posted in Active Attacks | Tagged , , , , | Comments Off on Security At Home

Scams In The Time of Coronavirus

(with apologies to Gabriel García Márquez) As expected, scammers are trying to take advantage of fears over Covid-19 (the Coronavirus) to push their victims into unwise actions – often for profit. I have already seen two scams announcing UK government … Continue reading

Posted in Active Attacks, News | Tagged , , | Comments Off on Scams In The Time of Coronavirus

Working From Home

For some reason there seems to be a bit of an increase in interest in working from home and so it seems rather timely to produce some advice. Not so much the technical side of things, but general advice from … Continue reading

Posted in General | Tagged , | Comments Off on Working From Home

Let’s Encrypt Certificates – Are They Broken?

Short answer: No. There is a news story going around about an issue with certificates issued by Let’s Encrypt. The certificates themselves are in fact perfectly fine, but they were issued when they should not have been. If the owners … Continue reading

Posted in General | Comments Off on Let’s Encrypt Certificates – Are They Broken?

‘;–have i been pwned?

There is a well known “white-hat” web site called “‘;–have i been pwned?” which :- Publicises large data breaches of personal information. Collects data breaches looking for compromised accounts. Allows people to check if their own account has been compromised. … Continue reading

Posted in Active Attacks, Passwords | Comments Off on ‘;–have i been pwned?

Email: Spam/Ham and Some Indigestible Acronyms

This posting has been a long time coming, and is probably longer than ideal, but for those who send bulk emails, there may well be some useful tips in here. And for convenience those who use cloud-based services that also … Continue reading

Posted in Email | Tagged , , | Comments Off on Email: Spam/Ham and Some Indigestible Acronyms

Diagnosing a Phishing Attack

I was clearing out some older emails today and encountered an attempt to phish Apple credentials; although this one was specific to Apple, the general lessons apply to all phishing attacks … and indeed more general malicious spam. The attack … Continue reading

Posted in Active Attacks, Email | Tagged , | Comments Off on Diagnosing a Phishing Attack

German University Forced To Reset All Passwords

According to this story in The Register (the source material is reasonably enough in German), one of our German competitors has recently been forced to reset every single account password causing significant queues for service. Plus a significant amount of … Continue reading

Posted in General | Tagged , , | Comments Off on German University Forced To Reset All Passwords

The Anti-Phishing “Gold Star”

Recently a query to a UK HE security list came with a link to https://www.phishingscorecard.com/ScoreCard/United-Kingdom/Education/MTEtMTE%3d which gives us a classification of “Security rockstar” for anti-phishing security measures :- (The “DKIM” green flag only shows up if you upload an appropriate … Continue reading

Posted in Email | Comments Off on The Anti-Phishing “Gold Star”