Open Redirects & Malware Installers

This week I noticed a report on how malware could be downloaded and installed using an Open Redirect from Cisco. Lets first define what an Open Redirect is. An open redirect is when a legitimate site allows unauthorized users to create URLs on that site to redirect visitors to other sites. For example, Google has... Continue Reading →

Myths of Cyber Security

I have found there is a general perception among people that they won't be hit by a cyber attack of some form and that cyber security is not something they need to worry about too much, after all you have installed an Internet Security product on your PC and you download apps from the official... Continue Reading →

Domain Typo Squatting

I would like you to take a look at the following web address: What do you see? Do you see microsoft.com? You would be very wrong if you did. Zoom in on the above picture. This address is actually RNICROSOFT.COM and not the address you first thought of. UNDER NO CIRCUMSTANCES GO TO ANY ON... Continue Reading →

Simple Overview of IoT

I came across a tweet recently from NIST Cyber Security (US National Institute of Standards and Technology Cyber Security Division) that gave a very good summary of what the Internet of Things (IoT) is, the threats and what is being done to help mitigate them. "NIST (@NIST) tweeted at 10:54 pm on Fri, Oct 04,... Continue Reading →

Using Cloud Services Safely

Whether or not you realise it, we all use the cloud for something in our daily lives. In this blog I want to explain in simple terms what 'The Cloud' is and how you can apply some simple safeguards to secure your use of it. What is the Cloud - a History Lesson? Lets go... Continue Reading →

Combating Social Engineering 101 – A Pocket Guide

Social Engineering is a form of cyber attack where the physiological manipulation of people to trick them into divulging confidential information that can be used to hack into websites and other computing resources. There are various forms of social engineering: Baiting Impersonating PharmingPhishingSmishingSpear FishingTailgatingVishing Water HolingWebsite CloningWhaling. Lets take a deeper look at these. Baiting... Continue Reading →

Cyber Attacks 101 – A Pocket Guide

A Cyber attack is any attempt to expose, alter, disable, destroy, steal or gain unauthorized access to, or make unauthorized use of, a computer system. This can be anything from big servers to your smartphone and anything in between. There are various forms of Cyber Attack. The following list are just examples: Brute Force Attack/Dictionary... Continue Reading →

Electronic Payments

When was the last time you paid for a transaction in cash? We all use electronic forms of payment these days, and in some cases people just don't carry cash anymore. So, what are the various forms of electronic payments we use? The following are the usual examples: Credit/Debit Cards (in person or online)Direct Debit... Continue Reading →

Securing your Internet of Things

There is a lot of press coverage on what is called 'The Internet of Things', or abbreviated to IoT. What is IoT? This is a collection of devices that are not typically identified as computers. They can be anything from: Light bulbs connected to a home automation systemDomestic appliancesSensors on industrial plantIndustrial RobotsSystems in autonomous... Continue Reading →

Create a website or blog at WordPress.com

Up ↑