Do Not Track It’s quite amazing to think that DNT or Do Not Track was first proposed back in 2009 – 13 years ago. This was a first-stab method at the issue of website privacy and the horrendous marketing machine that is the internet. DNT was designed to allow users to opt-out of website tracking, […]
IT and Network Security is a tough arena. Keeping networks, systems and data secure from what can only be called a total onslaught of malware and other malicious attacks, is a difficult task. What makes the task even more difficult is the general indifference of (especially) SMEs to the potential harm that can be caused […]
Facebook’s recent update of the Terms of Service for Whatsapp has got a lot of people riled up. And quite rightly so. The core of this issue is not privacy of information as many believe, but rather pure business economics – let’s cover the basics first. There are 2 primary considerations for using cloud services […]
Browser technology and security events always make for interesting reading especially due to the fact that we do the majority of our online work these days through browsers, be it general web surfing, accessing enterprise apps or managing systems and devices. Browser features and security are therefore critical – this shouldn’t even need to be […]
It’s long been known (at least in security circles) that the RDP protocol, as well as client and server implementations, are horribly broken. While a BlueKeep (the most recent RDP vulnerability) worm has yet to surface, brute-force password attacks on RDP services are a dime a dozen and occurring at a rapid rate. PoC code […]
Another day, another dodgy web developer story. The premise: We would like to offer you a website design for X amount. But to do so, we need to transfer your domain to us. This tale is a pretty old one but it appears to be flourishing – the lure of a good once-off price for […]
Email is a fickle thing … There are a huge amount of dependencies involved in what seems like a small task – sending an email. What started out as a simple method of exchanging messages has morphed over the years into a cobbled-together monster as needs changed and especially businesses required a more robust and […]
The last 2 weeks have really been a bad time for security news and one has to hope things will change for the better; if not, the headline says it all! BlueKeep Microsoft released a security patch 2 weeks ago related to Windows Remote Desktop Protocol (RDP) which is used to remote access Windows systems. […]
Spectre and Meltdown a have been with us for just over a year now and even with all the predictions of dire consequences, we have yet to see any in-the-wild code snippets or attacks beyond theoretical POCs. So the question to ask is whether we should be losing a lot of hardware performance (most of […]
What happens when the websites we visit and the companies we depend on to provide us with information, are compromised? Supply chain attacks go to the root of information we depend on rather than attack us directly. A recent attack on the Asus infrastructure paints the exact scenario for supply chain attacks. Attackers compromised an […]
I’ve spoken in depth on consumer (and some enterprise) router security issues. In brief summary, these devices are pieces of scrap that are full of vulnerabilities and very seldom get updated to fix issues. It’s no coincidence that this year has seen an exponential growth in attacks on routers as well as botnets making use […]
Veronica Schmitt, a senior digital forensic scientist at DFIRLABS, recently featured on Paul’s Security Weekly, showcasing the Microsoft SRUM system tool (System Resource Utilization Monitor). SRUM was first introduced in Windows 8, and was a new feature designed to track system resource utilization such as CPU cycles, network activity, power consumption, etc. Analysts can use […]
