You may have noticed that I’ve been making a lot of references to this over the past few weeks. You can now...
Today is inauguration day in the USA. As I traveled to many countries late last year I was amazed at how joyous...
The top ten (twenty, twenty-five…) season doesn’t seem to have finished yet: the latest to cross my radar was something like seven...
You might have noticed that Conficker (Downadup) is actually standing up rather well to all the attention it’s receiving at the moment....
CNN reported that there a new sleeper virus out there. http://www.cnn.com/2009/TECH/ptech/01/16/virus.downadup/index.html There is nothing sleepy about the Conficker worm, it is wide...
One of the security best practices is to back up your data regularly. This is sound advice as it helps mitigate the...
There are different techniques that can be used by a program to identify in which country it has been installed. It can...
This is bizarre, if slightly nostalgic. I spent a lot of time in the first half of this decade writing and presenting...
Many people in the US associate HIPAA with the rules required to protect medical data. It actually is a lot more than...
I know, the Twitter hack is old news, but poor passwords are still common. It is a pity because it really is...
Nigel Morris, of the UK’s “Independent” newspaper reported recently on new powers given to police in the UK and proposals to extend...
And finally… Don’t use cracked/pirated software! These are easy avenues for introducing malware into, or exploiting weaknesses in, a system. This also...
It occurs to me that I should make it clear that this “top ten” isn’t in any particular order. Like the other...
Don’t expect antivirus alone to protect you from everything. Use additional measures such as a personal firewall, antispam and anti-phishing toolbars, but...
If sensitive information is stored on your hard drive (and if you don’t have -something- worth protecting on your system, you’re probably...
[Update info moved to new blog post on 6th January] In deference to all those old enough to get a panic attack...
Speaking of SANS, the Internet Storm Center has more than once talked about problems with digital photo frames, and at Xmas did...
Don’t disclose sensitive information on public websites like FaceBook or LinkedIn. Even information that in itself is innocuous can be combined with...
Don’t trust unsolicited files or embedded links, even from friends. It’s easy to spoof email addresses, for instance, so that email appears...
Log on to your computer with an account that doesn’t have “Administrator” privileges, to reduce the likelihood and severity of damage from...
Millions of Malicious ‘Imageless’ Containers Planted on Docker Hub Over 5 Years
New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024
Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023
Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover
Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks
Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw
Bogus npm Packages Used to Trick Software Developers into Installing Malware
New ‘Brokewell’ Android Malware Spread Through Fake Browser Updates
Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites
North Korea’s Lazarus Group Deploys New Kaolin RAT via Fake Job Lures
Network Threats: A Step-by-Step Attack Demonstration
State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage
U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks
Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike
eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners
CoralRaider Malware Campaign Exploits CDN Cache to Spread Info-Stealers
Apache Cordova App Harness Targeted in Dependency Confusion Attack
Unmasking the True Cost of Cyberattacks: Beyond Ransom and Recovery
Russia’s APT28 Exploited Windows Print Spooler Flaw to Deploy ‘GooseEgg’ Malware
ToddyCat Hacker Group Uses Advanced Tools for Industrial-Scale Data Theft