I do get a lot of phishing emails, we all do, but as security professionals we tend to recognise them immediately, the syntax is wrong, it’s missing a name, of course when you get them from a bank you don’t …
Category Archives: Security
Test and Fix if your Browser can be exploited by Poodle
Most browsers are vulnerable, there were plans a remove SSL3 anyway. Here’s a simple test and supplied fixes for most browser types on most platforms.
General details on the Poodle SSL3 vulnerability here.
A fix for Poodle SSL3 Microsoft …
Poodle Vulnerability and Microsoft iis Servers and Shell Shock
People are still busy going through previous projects and installations the growing number of threats offered by the Shell Shock vulnerability, with the list of exploits are constantly growing here.
Well I didn’t quite drop everything, but within 24 …
inexcusable that there was only a password protecting this much sensitive data
JPMorgan Password Leads Hackers to 76 Million Households
Inexcusable that there was only a password protecting this much sensitive data.
2FA, Smart Card… we have so many tools available now, there really is no excuse for such …
Creating a simple SSL Private Key and Certificate for HTTPS use, using StartSSL’s free service
“The site’s security certificate is not trusted!” Do you get to see this scary warning often? In most cases you can ignore it, management pages, even your own webmail server, but often you can’t ignore it, it will scare clients …
Dealing with DDoS attacks against WordPress sites and blogs
Why is my email broken? Cpanel, CNAMES and MX records
I have set-up dozens of web applications firewalls (WAF), but often I’m asked to fix other peoples set-ups after they’ve had a go of setting them up themselves.
The most common issue I see always has the same cause, the …
Edward Snowden on 911, Boston and the NSA meta data collection program
Where privacy meets security, two of my favourite subjects, that often collide, both very emotive and contentious.
I think Snowden is wrong here, processing power increases exponentially, a proven fact (Moore’s law) and data mining methods are only …
ICANN Certified Appraisal Scam
There are just so many companies around claiming this designation, just do a google search for “ICANN Certified Appraisal“, but the problem is simply, ICANN don’t certify “appraisers”.
So here’s how they tried to work the scam on …
HeartBleed, its not a Virus or Hack, it’s worse it’s a vulnerability
one that’s extremely easy to exploit, and the potential harm, disclosing sensitive data that was expected to have been being transmitted securely makes it a great threat.
While there is no evidence that the HeartBleed vulnerability that was disclosed only …