National Security Agency | Smart Thinking Solutions

12 October 202311 October 2023

Top Ten Misconfigurations

In several of my most recent IT and Cyber Security Audits I have encountered problems similar to those in this report from the US National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) – misconfigurations. NSA and CISA Release Advisory on Top Ten Cybersecurity Misconfigurations | CISA …

Continue reading “Top Ten Misconfigurations”

8 August 20239 August 2023

The National Cyber Security Centre releases the “most exploited” of 2022

The NCSC in collaboration with allies from around the world have released a list of those cyber vulnerabilities that were the most exploited by threat actors last year. NCSC and allies reveal most common cyber vulnerabilities exploited in 2022 – NCSC There are two main trends in the report: Defend …

Continue reading “The National Cyber Security Centre releases the “most exploited” of 2022”

20 April 202320 April 2023

CISA security advisories

The UK’s National Cyber Security Centre has joined with the US government Cybersecurity and Infrastructure Security Agency (CISA), FBI and US National Security Agency (NSA) to issue a security advisory about vulnerabilities in Cisco devices: APT28 Exploits Known Vulnerability To Carry Out Reconnaissance and Deploy Malware on Cisco Routers | …

Continue reading “CISA security advisories”

8 June 202210 June 2022

Three US Agencies issue an advisory about Chinese threat actors

The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) have issued a joint advisory about Chinese state sponsored threats. People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices | CISA Chinese threat actors have been detected actively …

Continue reading “Three US Agencies issue an advisory about Chinese threat actors”

2 March 20223 March 2022

Chinese security company “Equation Group” report – a hacking group widely believed to be the NSA

National Security Agency – Wikipedia Here is a report from Pangu Lab, a Chinese cyber security company, about possible state sponsored hacking by the US, through the NSA. Details of an NSA Hacking Operation – Schneier on Security Chinese Cybersecurity Company Doxes Apparent NSA Hacking Operation (vice.com)

4 February 20224 February 2022

Breaking encryption

Encryption is essential for privacy when using the internet – hence the opposition to the UK Government’s Draft Online Safety Bill, that wants to put controls on the way you and I use encryption to protect the privacy of our private communications and transactions over the web. It is interesting …

Continue reading “Breaking encryption”

1 October 20211 March 2022

VPN advice

Bruce Schneier’s blog today is pointing at a useful reference document about VPNs. It is produced the The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) both United States agencies and it is targeted at a US audience but it still contains a useful set of …

Continue reading “VPN advice”

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.