website security

14 December 202120 December 2021

More about Log4j

This was always going to be an issue when we posted about it last week – here is more information. Log4j 2.15.0 and previously suggested mitigations may not be enough – SANS

14 December 202120 December 2021

This was always going to be an issue when we posted about it last week – here is more information. On the Log4j Vulnerability – Schneier on Security More Log4j News – Schneier on Security Log4j – Smart Thinking Solutions

12 December 202112 December 2021

Website security either some people just don’t get it or they cannot be bothered!

The Register discusses the findings of researcher, Scott Helme, who discovered that just under a third of websites did not have https enabled by default. HTTPS by default now accounts for 70% of websites • The Register Get a TLS/SSL certificate and enable https on any site you are responsible …

Continue reading “Website security either some people just don’t get it or they cannot be bothered!”

10 December 202120 December 2021

Minecraft vulnerable to a Zero-Day vulnerability and others are sure to follow – Log4j

A vulnerability has been discovered in a component of Minecraft, Log4j, an open-source logging tool that’s used in many online applications. Zeroday in ubiquitous Log4j tool poses a grave threat to the Internet | Ars Technica

10 December 202128 November 2022

Remember when you are shopping online there are malicious web pages out there – here is some advice

In the run up to Christmas many of us are shopping online – I know I am. It is tempting to keep following links looking for the best prices and the best price is what the internet promises us because we can shop everywhere. However the bad actors know this …

Continue reading “Remember when you are shopping online there are malicious web pages out there – here is some advice”

8 November 202111 November 2021

Fishing website hacked

Fishing gear seller caught in hacker’s net – BBC News Angling Direct, the UK’s biggest fishing shop has been hacked, with users being redirected to a pornography site. it was probably a phishing attack – I could not resist that.

28 September 202129 September 2021

A screenshot of the security on clivecatton.co.uk

It does not seem that long ago that Google forced a flurry of people needing SSL security certificates for their websites, when they announced they would favour secure websites in their search results – no one wanted to be left out. I even added one to my personal blog – …

Continue reading “Website security”

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.

Tag: website security

More about Log4j

Bruce Schneier on Log4j

Website security either some people just don’t get it or they cannot be bothered!

Minecraft vulnerable to a Zero-Day vulnerability and others are sure to follow – Log4j

Remember when you are shopping online there are malicious web pages out there – here is some advice

Fishing website hacked

Website security