Facebook Security Breach

A discovery on the 25th September revealed that 50 million accounts, including Mark Zuckerberg’s own account, had been compromised in an attack on Facebook. Attackers tricked the website into handing over digital keys to individual accounts. This attack affected accounts that were used to authorise logins on services like Instagram and Spotify. The exploit granted
-> Continue reading Facebook Security Breach

Businesses will pay Microsoft for Windows 7 Security Updates by 2020

Microsoft has announced that they will be ceasing to provide security updates for Windows 7 by 2020. This decision was made to encourage people to move away from the Operating System to the new Windows 10 platform. Businesses will have to pay Microsoft for Windows 7 Security Updates by 2020. For businesses that cannot feasibly transition
-> Continue reading Businesses will pay Microsoft for Windows 7 Security Updates by 2020

Third Intel Computer Chips Exploit

In August, researchers found the third significant security flaw from Intel computer chips exploit this year which is known as the Foreshadow. The US government’s body for cyber security has identified the Foreshadow exploit to have vulnerabilities that could have been exploited to gain access to sensitive information. This is a similar vulnerability to the
-> Continue reading Third Intel Computer Chips Exploit

Phishing Attack against Butlins

Up to 34,000 guests may have had their information stolen as a result of a phishing attack against Butlins. No financial details were compromised during the attack, but this information does consist of names, home addresses, holiday arrival dates, email addresses and telephone numbers. The cause of the data breach was solely down to a
-> Continue reading Phishing Attack against Butlins

iOS Trustjacking

iOS Trustjacking is a new vulnerability which allows attackers to exploit the iTunes Wi-Fi sync feature. Designed to allow users to manage their iOS devices without requiring a physical connection to a computer, this feature can be manipulated by attackers to acquire persistent control over the victim’s device. So how does Trustjacking work? Firstly, the
-> Continue reading iOS Trustjacking

Reddit’s Data Breach

Reddit suffered a data breach between the 14th and 18th of June this year and have subsequently lost all Reddit data from 2007 and before, containing account credentials (username and hashed + salted password), email addresses and both public and private messages. More recent data includes email digests sent during the period of June 2018
-> Continue reading Reddit’s Data Breach

The Networks & Information Systems Directive (NISD)

The Networks and Information Systems Directive, more commonly referred to as the NIS Directive, is a law that was introduced on 9th May this year. The purpose of this directive is to improve the security of businesses providing essential services such as energy, transport, banking and healthcare. NISD also applies to businesses providing critical digital
-> Continue reading The Networks & Information Systems Directive (NISD)

Google Play Store & Fake Applications

There are an enormous number of fake applications that linger within the Google Play app store, this week’s blog is designed to raise awareness of fake applications and how to best identify them. Recently, an attacker had uploaded three banking applications onto the Google Play app store to harvest banking information from unsuspecting users. The
-> Continue reading Google Play Store & Fake Applications

Google Chrome Pushes for More Encryption on the Web

Google’s push for more encryption on the web has started with Google Chrome 68, the latest version of Google’s web browser. It comes with a new feature that will list all non encrypted websites as “Not Secure”. This change to Google Chrome means that all HTTP sites will now show a “Not Secure” icon in
-> Continue reading Google Chrome Pushes for More Encryption on the Web

The Danger of Selling Used Storage Devices

A recent study into used storage devices such as memory cards, USB sticks and Hard Drives has been conducted by The University of Hertfordshire’s Cyber Security Centre to see how often used storage devices is bought and sold containing personal data from the previous owner. The study involved purchasing 100 used storage devices from online
-> Continue reading The Danger of Selling Used Storage Devices