Although this article looks at the image cropping security issue from the position of a whistle-blower, it could just as easily apply to a document you send out to a client or supplier or use internally. For example and image of pay scales across a company where you crop out …
Google ads malvertising campaign evades anti-virus detection
Data stealing malware, pushed through compromised Google search ads, is attempting to evade detection by using virtualisation components: Google ads push ‘virtualized’ malware made for antivirus evasion (bleepingcomputer.com) Researchers think this new type of attack strategy and other emerging attack vectors are being prompted s as reaction to Microsoft tightening …
Continue reading “Google ads malvertising campaign evades anti-virus detection”
When planning for a cyber incident – remember about outages
Cyber incidents that impact your organisation are not always malicious. A cleaner could pull the plug on your server or a member of staff may inadvertently switch a vital bit of your network off (I have seen t done, too many times) or a service that you rely on may …
Continue reading “When planning for a cyber incident – remember about outages”
User’s not understanding what secure configurations are, is the first step towards a cyber security incident. UPDATED
This original post was made on 23 August 2022 Update 21 October 2022 There has been another “mis-configuration story this week – Microsoft exposed thousands of client records when they mis-configured a server. Following a report in the summer of patient information leaking from a health care company because of …
Microsoft encryption not up to the job
Research is showing that Microsoft’s Office 365 Message Encryption is good for privacy – as it makes accessing the message difficult, rather than security, putting the message out of reach of anyone but the recipient. Microsoft disputes report on Office 365 Message encryption issue after awarding bug bounty – The …
