CyberAwake | Smart Thinking Solutions

7 September 202219 September 2022

Another hotel leaks guest’s personal information

This is not the first time I have reported on a data theft from a hotel group or tourist company – and as they make such great targets, it probably will not be the last… Holiday Inn hotels hit by cyber-attack – BBC News Obviously if you have stayed in …

Continue reading “Another hotel leaks guest’s personal information”

7 September 20227 September 2022

Why authentication, authorisation and accountability are cornerstones of your cyber security

authentication authorisation accountability

I have written an article over on CyberAwake, (our online cyber security training site), looking at triple A. Why you should care about the TLA AAA! – CyberAwake

5 September 20225 September 2022

Windows 11 automation tools open to abuse

Automating tasks on a computer used to be hard, but today it is very easy with a range of drag and drop tools available. Obviously the Power Automate included into Microsoft’s Windows 11 will be among the most popular – I know I use it. Now researchers at Zenity have …

Continue reading “Windows 11 automation tools open to abuse”

2 September 20222 September 2022

Just when you thought I had forgotten about ransomware

It is not possible to forget ransomware, just this week our engineers have updated a client’s back-up to one that is ransomware compliant – meaning, among other things, that the threat actors cannot access and so encrypt or alter the back-up during their attacks. Up to this point the client …

Continue reading “Just when you thought I had forgotten about ransomware”

1 September 20221 September 2022

Advice on when you are working out of the office

This morning, I have released a new blog post on our training site CyberAwake about how to work securely from anywhere. The choice of hot beverage is yours.

30 August 202230 August 2022

And here is another phishing attack story – have you visited CyberAwake.co.uk yet?

I have just written about this supply chain cyber attack: Developer software repositories will always be a prime target for threat actors – Smart Thinking Solutions And here is another phishing attack hunting for the unwary who will reveal their credentials: DoorDash customer info exposed in Oktapus phishing attack • …

Continue reading “And here is another phishing attack story – have you visited CyberAwake.co.uk yet?”

30 August 202224 May 2023

Software repositories are a target for threat actors

If you, as a threat actor, could embed your malware into a software module, that is then used by many innocent and unaware software developers in their packages, they release to the general public, wouldn’t you? That looks like a lot of infected machines for a small amount of work. …

Continue reading “Software repositories are a target for threat actors”

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.