Category Archives: Uncategorized

Why foiling phishing attacks means much more than just punishing users for falling for them.

Advice from the NCSC: Some organisations put a lot of effort into training their staff to detect and evade phishing attacks. Some even punish them if they slip up. It’s easy to see why the user has been identified as … Continue reading

Posted in Uncategorized | Comments Off on Why foiling phishing attacks means much more than just punishing users for falling for them.

Cyber Essentials is changing – we have 10 months to adapt

The Government approved Cyber Essentials scheme includes five technical controls that help protect organisations from the majority of cyber attacks. A team of experts review the scheme at regular intervals to ensure it stays effective in the ever-evolving threat landscape. … Continue reading

Posted in Uncategorized | Comments Off on Cyber Essentials is changing – we have 10 months to adapt

On Receiving USB Memory Sticks In The Post

A warning has been made about US businesses receiving “bad” USB memory sticks in the post. Although not a new form of attack, what is new is that the USB sticks may contain mass ransomware malware. If you receive items … Continue reading

Posted in Uncategorized | Comments Off on On Receiving USB Memory Sticks In The Post

Cyber Essentials v3.0

In the January 2022, the NCSC will introduce an updated set of requirements for the Cyber Essentials scheme (v3.0). This update is the biggest overhaul of the scheme’s technical controls since it was launched in 2014 and is in response to the … Continue reading

Posted in Uncategorized | Comments Off on Cyber Essentials v3.0

The Future of Windows 7

As you may be aware, Microsoft have expectations that everyone running Windows 7 will upgrade to Windows 10 (and some refuseniks are so upset that they are ditching Windows for Linux!). As part of that, Microsoft will no longer be … Continue reading

Posted in Uncategorized | Comments Off on The Future of Windows 7

Ransomeware shuts local authority

Lincolnshire Council’s information systems were held to ransom on Tuesday, 26 Feb – for £1m to reinstate access.  The breach was caused by a member of the council clicking on a link within a spam email. So what can you … Continue reading

Posted in Uncategorized | Comments Off on Ransomeware shuts local authority

CESG Offer Password Security Tips

Unlike previous guidance, this doesn’t focus on trying to get ever more entropy into passwords.  Instead CESG are encouraging system designers and security architects to think more about where they’re requiring passwords, and what they’re trying to achieve with them. … Continue reading

Posted in Uncategorized | Comments Off on CESG Offer Password Security Tips

Protecting personal data in online services: learning from the mistakes of others

Unfortunately, there are many serious data loss incidents which could have been avoided or reduced in severity if simple good practice had been implemented.   The Office of the Information Commissioner has published guidance on the most significant threats to data … Continue reading

Posted in Uncategorized | Comments Off on Protecting personal data in online services: learning from the mistakes of others