Following LastPass security issues, BitWarden has seen some traction as an alternative – especially as you could run your own BitWarden server – I wrote about that here. Now BitWarden (among other password vault software) has come under threat via a malicious Google Ads phishing campaign, where the threat actors …
Do you know what an Excel XLL file is? The hackers do.
An Excel XLL file is a an add-in file that allows third parties to add extra functionality to Microsoft Excel – pretty useful. But of course the threat actors have extended that third party functionality to include malware. Now, just like with macros, Microsoft is blocking XLL files, originating from …
Continue reading “Do you know what an Excel XLL file is? The hackers do.”
National Cyber Security Centre warns of Iranian and Russian malicious activities
The attacks being warned about by the National Cyber Security Centre (NCSC) do not impact huge numbers of us, as they are mainly targeted at journalists and politicians. But the NCSC are taking the opportunity to remind everyone that they need to have effective cyber security plans and tools to …
Continue reading “National Cyber Security Centre warns of Iranian and Russian malicious activities”
Close one door and another opens
I had an article published yesterday discussing the risks still posed by the Microsoft Office macro, even though Microsoft has tightened the security when using them: Microsoft Office Macros Are Still an Issue – CyberAwake But the threat actors do not stop there. Closing the macro attack vector sent the …
Security advisory for Drupal – do you know if this applies to you?
Is your website produced using Drupal? Or WordPress? Do you know? Do you discuss this and the security of your website with your web developers? Drupal is a similar product to WordPress and is used to create website, so any security update to a product that sits there on the …
Continue reading “Security advisory for Drupal – do you know if this applies to you?”
