Detecting a Phish

A lot of malware attacks start with a simple Phishing email, or some other social engineering attack. Sometimes they are very believable. All it takes is for you to be distracted, taken in by the plausibility of the message or pushed into clicking a link due to the urgency of the communication to be breached... Continue Reading →

UK Coronavirus Contact Tracing Update

This is an update to my blog Location Tracking, Your Privacy & COVID 19 Contact Tracing to bring this up to date with the recent developments in the UK. The UK were going to develop a COVID 19 Contact Tracing App using a hybdrid technology that was centralised and in which they owned the data... Continue Reading →

Deep Fakes

Deep fake is a term given to a persuasive-looking but false video and audio files. Made using cutting-edge and relatively accessible AI technology, they purport to show a real person doing or saying something they did not. This can manifest itself in Hollywood films where a greenscreen special effect is used to put the actor... Continue Reading →

Anatomy of a Phish

I expect a lot of you have received an email or text that claims you have won a prize and you need to click a link to claim it. This is often unexpected and you don't remember entering a competition to win the said prize. Maybe you have received an email from the Tax Authority... Continue Reading →

The Human Firewall

The first line of defence for any network to repel a cyber attack is often considered the security software on the perimeter of the network - namely the firewalls, and other monitoring software. While a properly configured security framework is essential for any company network, as well as home/small office network, the human element cannot... Continue Reading →

Fake Science!!

I have just listened to a podcast on the BBC Sounds service in which Fiona Hill discusses the issue of Fake Science and how this is being used to distort actual scientific fact to further political, social and religious extremist viewpoints. It appears that extremist organizations, as well as political/nation state actors are cherry picking... Continue Reading →

A Review of 2019

What a difference 365 days makes. 2019 has been an eventful year for cyber security professionals with a number of new threats emerging as well as an escalation in ransomware and level of data breaches as well as all the normal threat vectors. IoT has also featured heavily in the cyber security landscape. But first... Continue Reading →

Open Redirects & Malware Installers

This week I noticed a report on how malware could be downloaded and installed using an Open Redirect from Cisco. Lets first define what an Open Redirect is. An open redirect is when a legitimate site allows unauthorized users to create URLs on that site to redirect visitors to other sites. For example, Google has... Continue Reading →

Domain Typo Squatting

I would like you to take a look at the following web address: What do you see? Do you see microsoft.com? You would be very wrong if you did. Zoom in on the above picture. This address is actually RNICROSOFT.COM and not the address you first thought of. UNDER NO CIRCUMSTANCES GO TO ANY ON... Continue Reading →

Combating Social Engineering 101 – A Pocket Guide

Social Engineering is a form of cyber attack where the physiological manipulation of people to trick them into divulging confidential information that can be used to hack into websites and other computing resources. There are various forms of social engineering: Baiting Impersonating PharmingPhishingSmishingSpear FishingTailgatingVishing Water HolingWebsite CloningWhaling. Lets take a deeper look at these. Baiting... Continue Reading →

Create a website or blog at WordPress.com

Up ↑