Thoughts on Petya/NotPetya and two key questions. What should you do, and is...
Every major IT security incident generates a ton of me-too articles most of which lack meaningful content. Journalists receive a torrent of emails from companies or consultants hoping to be quoted,...
View ArticleLet’s Encrypt: a quiet revolution
Any website that supports SSL (an HTTPS connection) requires a digital certificate. Until relatively recently, obtaining a certificate meant one of two things. You could either generate your own,...
View ArticleWhy patching to protect against Spectre and Meltdown is challenging
The tech world has been buzzing with news of bugs (or design flaws, take your pick) in mainly Intel CPUs, going way back, which enables malware to access memory in the computer that should be...
View ArticleSpectre and Meltdown woes continue as Intel confesses to broken updates
Intel’s Navin Shenoy says the company has asked PC vendors to stop shipping its microcode updates that fix the speculative execution vulnerabilities identified by Google’s Project Zero team: We...
View ArticleManage your privacy online through cookie settings? You must be joking.
Since the deadline passed for the enforcement of the EU’s GDPR (General Data Protection Register) most major web sites have revamped their privacy settings with new privacy policies and more options...
View ArticleAccount options when setting up Windows 10, and Microsoft’s enforced...
How do you sign into Windows 10? There are now four options. I ran through a Windows 10 setup using build 1803 (which was released in April this year) and noted how this has evolved. Your first...
View ArticleMozilla Firefox and a DNS security dilemma
Mozilla is proposing to make DNS over HTTPS default in Firefox. The feature is called Trusted Recursive Resolver, and currently it is available but off by default: DNS is critical to security but not...
View ArticleMicrosoft Office 365 and Google G-Suite: why multi-factor authentication is...
Businesses using Office 365, Google G-Suite or other hosted environments (but especially Microsoft and Google) are vulnerable to phishing attacks that steal user credentials. Here is a recent example,...
View ArticleHow Windows 10 Ransomware protection can cause install failures, LibreOffice...
While researching a piece on Office applications I needed to install LibreOffice. The install failed with a message about an error creating a temporary file needed for installation. Fortunately I knew...
View ArticleTwo Factor Authentication is great–but what if you lose your phone or have...
Account hijack is a worry for anyone. What kind of chaos could someone cause simply by taking over your email or social media account? Or how about spending money on your behalf on Amazon, eBay or...
View Article
More Pages to Explore .....