You are here
Home > Author: Peter Glock

Great, Secure Experiences Come From Anticipating User Authentication Needs

Good feedback from organisations running online systems. Worth a read...: [...] Technology alone cannot solve the problems that security teams face today. Education and awareness are essential components. The presenters made a simple request: Don’t assume that user behavior – employees or end-user customers – about passwords will change. Security teams must reduce or entirely remove the roadblocks to adoption. Organizations must also provide those best practices for users wi

Mark Zuckerberg rejects call from US lawmaker to break up Facebook

Here in the UK Facebook seems to have been abandoned by the under 25s. I can see the anti-trust reasons for pushing for a breakup but I think Facebook itself is in decline...: Facebook co-founder and CEO Mark Zuckerberg met with US President Donald Trump and members of Congress Thursday, as Facebook faces a raft of regulatory and legal issues concerning competition, digital privacy, censorship and transparency. During one-on-one meetings with lawmakers, Zuckerberg reporte

BREAKING: City of Stratford paid over $75-thousand to have computer systems restored after cyber …

It's an interesting calculation; pay the ransom or attempt to restore by yourself (assuming you have viable backups). It looks like this city in the US fell back on its insurance and took the pay-up route...: The City of Stratford paid just over $75-thousand to have its systems restored following a cyber incident in April. That information is contained in a Question and Answer document the city released on Thursday afternoon detailing the attack. In a timeline also pro

State-sponsored espionage causing long-term damage to UK universities: NCSC

When I was at university (a long time ago) the Chinese had a different approach to gathering intellectual property. They would send students to study and research then those students would go back to China with their experience and knowledge, which seems fair. Somehow, the espionage-led approach to gaining intellectual property seems like cheating...: [...] In its latest advisory published this morning, the National Cyber Security Centre has warned UK universities that "stat

Broken security – SOHO routers found to have multiple flaws

Fallback Image

Working from home or in small office? Relying on your ISP's router or a consumer-level one you installed yourself? Sharing files via a NAS? Read this article...: [...] Jake Moore, cyber-security specialist at ESET, told SC Media UK that if your employees are working from home, the devices the company provides them with, such as laptops and smartphones, will most likely be the most secure. "But their home routers can’t be monitored, nor are they supplied by or even known

Saudi IT Providers Hit in Cyber Espionage Operation

I'm not sure if dwell times are over a year in these middle east attacks but this shows what a determined attacker can do and why you need a way of detecting lateral movement as these APT groups make their way around your network...: [...] Researchers at Symantec say the attackers have been operating since July 2018 and appear to be a previously unidentified threat group, which Symantec has christened Tortoiseshell. The group infiltrated at least 11 organizations, mostly in

How Cybercriminals Exploit Simple Human Mistakes

Worth a read, if only to confirm how fallible we all are...: "People make mistakes" is a common and relatable phrase, but it's also a malicious one in the hands of cybercriminals, more of whom are exploiting simple human errors to launch successful attacks. The Information Security Forum (ISF) explored the topic in "Human-Centered Security: Addressing Psychological Vulnerabilities," a new report published today. Human vulnerabilities, whether triggered by work pressure or...

WannaCry Detections At An All-Time High

Given that EternalBlue has been patched for two years, it's a reflection on organisations' patching and update practises that this is still flying around...: [...] "The vulnerability that caused WannaCry to spread rapidly remains an ongoing threat," says Andrew Brandt, principal researcher at Sophos. "The enterprise tendency to defer patching for some kinds of critical updates may, in some limited cases, do more harm than what it attempts to prevent." [...]

Margrethe Vestager’s second chance

Interesting profile of this powerful lady. She's been trying very hard to rein in Big Tech, but with little effect so far...: Call it the paradox of Margrethe Vestager. Europe’s top competition official has gained a global reputation as Silicon Valley’s tormentor-in-chief, doling out high-profile judgments and multibillion euro fines against some of the biggest brands in the tech industry. And yet, even as the Danish politician prepares to take on an even more powerful

Before He Spammed You, this Sly Prince Stalked Your Mailbox

A reader forwarded what he briefly imagined might be a bold, if potentially costly, innovation on the old Nigerian prince scam that asks for help squirreling away millions in unclaimed fortune: It was sent via the U.S. Postal Service, with a postmarked stamp and everything. In truth these old fashioned “advance fee” or “419” scams predate email and have circulated via postal mail in various forms and countries over the years. The recent one pictured below asks for help in la