You are here
Home > Author: Peter Glock

Say hello to 802.11ax: Wi-Fi 6 device certification begins today

I have an ancient Wifi setup in my home/office using a mix of kit from Netgear, Apple, Sky, BT...some of it more than 10 years old. This might give me an incentive to upgrade, eventually... Today, the Wi-Fi Alliance launched its Wi-Fi Certified 6 program, which means that the standard has been completely finalized, and device manufacturers and OEMs can begin the process of having the organization certify their products to carry the Wi-Fi 6 branding. If you need a bit ...

Microsoft pushes back end of support for Exchange Server 2010 by nine months

If you're running workloads on (very) old versions of Windows platforms, there's a little bit of pressure relief in this announcement. Microsoft would very much like you to move to Azure...: [...] The October 13, 2020 date aligns with the end of support for Office 2010 and SharePoint Server 2010. A reminder: Users cannot upgrade directly from Exchange Server 2010 on-premises to Exchange Server 2019. They will first have to go to Exchange 2013 or 2016, as Microsoft notes i

Pen test goes pear-shaped: cybersecurity firm staff arrested over courthouse burglary

If you're conducting a penetration test (which you should do regularly), make sure you sort out the terms of engagement BEFORE the test starts...: When State court administration (SCA) asked a cybersecurity firm to conduct an assessment of the safety of electronic records kept in Dallas County, the discovery of men in the building in the middle of the night was not what court officials had in mind. Nevertheless, when law enforcement responded to an alarm on September 11 a

The Capital One Data Breach and Vendor Cybersecurity Risks

Interesting podcast on the Capital One breach. I've been attempting to interest my clients in tools that monitor for their data being spread around, via their supply chain and/or unsecured shares and the dark web. Maybe tales like this one will increase the interest level...: Capital One suffered a serious data breach as a result of the actions of one individual who downloaded nearly 30 GB of 100 million Capital One Financial Corporation credit applications from an Amazon cl

Hold the date…October 3rd, 15.00 BST (UK)/16.00 CEST (Europe)

We'll be announcing a special ThreatModeler webinar on building threat models for cloud services. This session will focus on AWS; we'll be looking at Azure and dedicated platforms in later sessions. Look out for registration links next week.

Privacy attacks on AI models

Reuben Binns, our Research Fellow in Artificial Intelligence (AI), and Andrew Paterson, Principal Technology Adviser, discuss new security risks associated with AI, whereby the personal data of the people who the system was trained on might be revealed by the system itself.

This Interactive Map Tracks Our Growing Surveillance State

Given that the U.K. is widely touted as the country with the most number of CCTV cameras per head of population (surely, we've been overtaken by China?) it's interesting to compare with other countries...: A new joint study by the Electronic Frontier Foundation (EFF) and the University of Nevada is attempting to create a transparent inventory of the United States’ growing surveillance apparatus. The project will first inventory surveillance technology being implemented acros

The DEA Didn’t Buy Malware From Israel’s Controversial NSO Group Because It Was Too Expensive

The lesson from this is don't assume that your mobile device is secure...: The U.S. Drug Enforcement Administration (DEA) did not buy hacking tools from malware company NSO Group because the product was too expensive, according to emails between the two organizations obtained by Motherboard. The emails show how NSO aggressively tried to work with the DEA several years ago after meeting with the agency and having several conversations. NSO is a highly controversial company