Using Wearable Technology Safely – A Pocket Guide

We all like our gadgets, whether they have some form of smart technology in them or not. Wearable technology is also very popular. What is wearable technology? Wearable technology is simply a technology, or device, that you can attach to your body. This can be: Smart Watches, including the non-smart kindFitness TrackersGPS TrackersEar buds/headphones particularly... Continue Reading →

A Review of 2019

What a difference 365 days makes. 2019 has been an eventful year for cyber security professionals with a number of new threats emerging as well as an escalation in ransomware and level of data breaches as well as all the normal threat vectors. IoT has also featured heavily in the cyber security landscape. But first... Continue Reading →

Windows 7 Support ends 14th January 2020

As I have blogged on two previous occasions, support for Windows 7 ends on 14th January 2020. This means: All patching of security flaws ends and you will not receive any further patches from 14th January 2020 being the last patch Tuesday that will include widely available Windows 7 patchesMicrosoft Security Essentials also retires on... Continue Reading →

Securing your Internet of Things

There is a lot of press coverage on what is called 'The Internet of Things', or abbreviated to IoT. What is IoT? This is a collection of devices that are not typically identified as computers. They can be anything from: Light bulbs connected to a home automation systemDomestic appliancesSensors on industrial plantIndustrial RobotsSystems in autonomous... Continue Reading →

RDP Bug on Windows – Patch Now

In the past few weeks a highly dangerous vulnerability has been made public in older (and largely unsupported or near end of support) versions of Windows, namely: Windows Server 2008Windows 7 ProWindows 2003Windows XP Pro. This is being named 'BlueKeep' and has been proven to be remotely exploitable without any authentication. There are currently estimated... Continue Reading →

Android 10 Security and Privacy Updates

Every year around May Google host their global developer conference. This is the venue where developers, and consumers alike, hear about new features provided by Google services and OS's. In the Keynote they normally make most of the main announcements for new features and products, and in this blog I want to focus in on... Continue Reading →

UPDATE – WinRAR ACE Format Vulnerability

UPDATE 23 March 2019 ... More than 100 exploits have been discovered that are exploiting the WinRAR vulnerability. Two such attacks involve: A bootlegged copy of Ariana Grande’s hit album “Thank U, Next” with a file name of “​Ariana_Grande-thank_u,_next(2019)_[320].rar ​” that is currently only being detected as malware by 11 security products, whereas 53 antivirus... Continue Reading →

Thunderbolt Vulnerability

This is a bit technical, so I will try to explain it in simple language that most people can understand, and if you want to read the technical detail I will post a link to the research at the end of this blog post. A lot of PC's and Laptops (Windows, Mac's and Linux based... Continue Reading →

WinRAR ACE Format Vulnerability

For anyone using the WinRAR unpacker/archive software, I suggest you do an update ASAP! A vulnerability was discovered in the ACE archive format that allowed for a very old (19 years) "Absolute Path Traversal" bug that could be leveraged to execute malware on the infected system. This was delivered using a specially crafted ACE archive... Continue Reading →

Microsoft Edge – Adobe Flash Whitelist Issue

Not sure how many people this will apply to (I am one of them), but in Microsoft's infinite wisdom, they decided to put a hidden whitelist of domains that could bypass asking for permission to run Flash videos using the Click-to-Run feature. In Microsoft Windows, there is a file C:\Windows\system32\edgehtmlpluginpolicy.bin that contains the default whitelist... Continue Reading →

Create a website or blog at WordPress.com

Up ↑