Bruce Schneier is recommending these articles, by Sean Gallagher, on securing your digital life. Securing your digital life, part one: The basics | Ars Technica Securing your digital life, part two: The bigger picture—and special circumstances | Ars Technica
Patch Tuesday – Microsoft
He is a round-up of the Microsoft updates from SANS Internet Strom. As always get these done! Microsoft November 2021 Patch Tuesday (sans.edu)
Hiding the threat in plain sight
Attackers are always looking for new way to get their illicit packages through defences and this research paper outlines how by exploiting Unicode, malicious code can be written into software so that human code reviewers cannot recognise that it is there. Trojan Source: Invisible Vulnerabilities “This work has been under …
Patches are essential – #BeCyberSmart
I had to write about patches today – yesterday was Microsoft Patch Tuesday and we got a range patches for their software. Some of these were for critical vulnerabilities with one of them actually being exploited in the wild. Microsoft October 2021 Patch Tuesday (sans.edu) Other software vendors also seem …
Designing a contact tracing app
This is an excellent academic article by Susan Landau on the privacy, efficacy, and equity of contract-tracing on smartphone apps. She raises some important points about the social and economic divide when it comes to technology, something that other developers and technologists should consider when creating their apps. Digital exposure …
The SolarWinds breach – a write up
SolarWinds and the Holiday Bear Campaign: A Case Study for the Classroom – Lawfare (lawfareblog.com) This is a considered and well researched article by Professor in Law Bobby Chesney, looking at the how and why of the much publicised and far reaching SolarWinds security breach and subsequent attacks on their …
You must do this if you use Microsoft 365
Do you want more security from ransomware? Michael, one of the support team over at Octagon Technology has written about one of the often overlooked steps by user of Microsoft 365. Microsoft 365 Security – Octagon Technology You should also look at their Pick-up and Go solution – 365R.