Blog

Follow us on Twitter @CU_InfoSec 



Security holes in windows, Office, Internet Explorer and Adobe.   Last week Microsoft released patches to address 26 vulnerabilities in a wide range of products including Windows 10, Office, Silverlight, Internet Explorer and Internet Explorer’s successor Microsoft Edge. In total nine security bulletins were issued last week by Microsoft, of which, six are described as […]


US federal regulators have given the University of Washington Medicine (UWM) a $750,000 fine and a corrective action plan two years after a phishing-related breach hit the university and compromised 90,000 individuals’ records. This ‘resolution agreement’ is the first of its kind to stem from the investigation of a phishing incident and calls for the […]


An update on the release of the University cloud based storage service, Microsoft OneDrive for Business.               In April we advised that Microsoft were making some enhancements to OneDrive for Business and were due to release a new version of the application in May. Since then Microsoft has decided […]


This week Ruth Robertson the ISF Programme Manager has been at the Information and Records Management Society Annual Conference. Ruth gave a presentation ‘Managing Information Security Risk: Practical advice…’ about what we’ve achieved here at Cardiff and lessons learnt along the way. There was a lot of interest in the room and the free copies of […]


What is encryption? Encryption protects your information from being accessed by unauthorised people. Many of us carry around smartphones, tablets and laptops containing a mixture of personal and University information. By encrypting mobile devices and laptops information will be protected from falling into the wrongs hands. Please see our website to find out more about encryption and how it works.       […]


Security flaws continue to plague popular Apple products with security researchers and bloggers all a buzz over a trio of issues Issue 1 On Monday (20th April) Ars Technica reported that around 1,500 iPhone and iPad applications contain an HTTPS-crippling vulnerability that makes it easy for attackers to intercept encrypted passwords, bank-account numbers, and other highly sensitive information, according to research […]


More and more people are opting to use free consumer cloud data storage services like Dropbox, Box, Google Drive, Apple iCloud etc. and many of these services offer the facility to share files with others. Unfortunately, many users are putting their data at risk by not applying caution and controls when sharing private or sensitive data.   Graham Cluley […]


Many people have written password details somewhere that could be viewed by others. Perhaps they knew they shouldn’t and thought “how bad can it be” or maybe the consequences didn’t even cross their minds. Quite possibly it never occurred to the people highlighted in the article below of the embarrassing consequences of visible passwords at their offices being broadcast on live TV. Lewis Morgan […]