Surveillance Attack on WhatsApp

It has been reported that it was a surveillance attack on Facebook’s WhatsApp messaging app that caused the company to urge all of its 1.5bn users to update their apps as an extra precaution recently. What Kind of Attack? Technical commentators have identified the attack on WhatsApp as a ‘zero-day’ exploit that is used to […]

Proposed Legislation To Make IoT Devices More Secure

Digital Minister Margot James has proposed the introduction of legislation that could make internet-connected gadgets less vulnerable to attacks by hackers. What’s The Problem? Gartner predicts that there will be 14.2 billion ‘smart’, internet-connected devices in use worldwide by the end of 2019.  These devices include connected TVs, smart speakers and home appliances. In business […]

G7 Cyber Attack Simulation To Test Financial Sector

The G7 nations will be holding a simulated cyber-attack this month to test the possible effects of a serious malware infection on the financial sector. France The attack simulation was organised by the French central bank under France’s presidency of the Group of Seven nations (G7).  The three-day exercise will be aimed at demonstrating the […]

Data Breach Report A Sharp Reminder of GDPR

The findings of Verizon’s 2019 Data Breach Investigations Report have reminded companies that let customer information go astray that they could be facing big fines, and damaging publicity. The Report The annual Verizon Data Breach Investigations Report (DBIR) draws upon information gained from more than 2,000 confirmed breaches that hit organisations worldwide, and information about […]

Microsoft’s Move Away From Passwords Towards Biometrics

In a recent interview with CBNC, Microsoft’s Corporate Vice President and Chief Information Officer Bret Arsenault signalled the corporation’s move away from passwords on their own as a means of authentication towards (biometrics) and a “passwordless future”. Passwords – Not Enough On Their Own Many of us are now used to two-factor authentication e.g. receiving […]

Chrome For Android ‘Fake Address’ Phishing Risk Discovered

Developer James Fisher has reported that small changes could be made to Chrome for Android that could enable fake URLs to be displayed and users to be ‘jailed’ in a fake browser, thereby leaving them vulnerable to being duped into visiting fake, malicious pages. Fake URL Display Mr Fisher explains on his website about the […]

123456 Still A Popular Password

A study by the UK’s National Cyber Security Centre (NCSC) into breached passwords has revealed that 123456 featured 23 million times, making it the most widely-used password on breached accounts. Top Five Easy-To-Guess Passwords The study, which analysed public databases of breached accounts to discover which words, phrases and strings were most popularly used, also […]

Fake Finger Fools Fool Proof Phone

A Reddit user claims to have used a 3D printer to clone a fingerprint and then use the fake fingerprint to beat the in-display fingerprint reader on a Samsung Galaxy S10. Fingerprint Scanner The Galaxy S10 and S10+ phone models have an Ultrasonic Fingerprint Scanner embedded into the screen that uses soundwaves to create a […]

HTTPS Security Vulnerabilities Found

Research teams at Ca’ Foscari University of Venice and Tu Wien in Austria have discovered security vulnerabilities in the TLS browser encryption defence system of 5.5% of 10,000 HTTPS sites which could leave website visitors vulnerable to attack. What Is TLS? Transport Layer Security (TLS) is one of the two security protocols (the other is SSL) […]

Experts Recommend Security Update For Magento E-commerce Sites

Security experts are warning companies with a Magento e-commerce site to make sure that it has the latest security patch and updates in order to avoid the risk of card skimming attacks. Magento Magento, originally developed by Varien Inc (now owned by Adobe) is a leading open-source, enterprise-class e-commerce platform written in PHP.  Security concerns […]