G-Spam

This week, the brilliant/devious (delete as applicable) folks at Kaspersky called out the mighty Google for allowing its own applications to be facilitators of spam, often containing malicious payloads – drive-by malicious sites and other nasty malware vectors. The story is that content generated and shared by one G-App (Calendar etc.) is treated much more […]

HackFest

This week has seen a large number of hacking announcements; it is going to be tricky to squeeze even the interesting ones into a single blog, but here goes. To our mind, the announcement by digital wallet provider Komodo that it had hacked its own customers and without any authorisation or approval, transferred their funds […]

Mine Host

A couple of weeks ago we talked about a serious vulnerability (wormable, apparently) now called BlueKeep in the Microsoft RDP server, for which emergency patches were released. As usual, our advice along with that of most sane security people, sysadmins and everyone in between was (and still is) to patch ASAP. It comes as no […]

Patient Zero

Have you heard of the mystery hacker SandboxEscaper? To refresh your memories, SandboxEscaper is an avid Windows enthusiast, as in breaking Windows. SbE (that is what we will refer to the hacking entity going forwards to save ink, trees etc.) has a notorious history of releasing zero-day exploits for Windows which we have reported on […]

Wasssssup?

The Greeks knew it, the Carthaginians knew it and you knew it. This week’s missive would at least start with a discussion around the shrieking headlines regarding a vulnerability in the ever so popular, free to use (ahem) communications tool, WhatsApp. Hopefully we can take this discussion in a sensible(ish) direction without serving up lashings […]

Sadly Bradley

Once upon a time there was a man called Bradley who made a number of mistakes. Amongst them was deciding to leak a huge amount of United States secrets to The World via one Mr Julian Assange and his Wikileaks emporium. In a story that you really could not make up, after being captured, prosecuted […]

Huawei to judge?

We couldn’t start this week’s May Day Bank Holiday weekend missive without having a little chat about the Huawei debacle. As you will no doubt have read, the United States Government has been urging the UK to avoid using Huawei technology in the forthcoming 5G rollout (oh no, we are all going to die from […]

Push meet Shove

If you were paying attention last week and used up some of your valuable time on so called ‘Good Friday’, you may recall that we talked about the SNAFU that is Facebook, stumbling from one privacy disaster to another, via facilitating election influence and fraud. In fact we were so bold as to suggest that […]

Hopping Madness

It looks like using third-party supplier connectivity to breach customers is very much back in the picture with the announcement that the technique is being actively used to attack a number of organisations, specifically those which themselves also have access to lots of third-party data, and more interestingly providers of eGift cards and schemes, i.e. […]

Out of the Ecuador

Cometh the hour, leaveth the man. As you will all have seen, it appears that Julian Assange’s time has come. As the Ecuadorian Ambassador to the United Kingdom decided to call time on his asylum, the long arm of the law was waiting and promptly felt his collar, and cuffs for that matter, dragging him […]