The University Information Security Framework programme is in the process of establishing the most cost effective means by which to deliver enterprise encryption in order to secure University laptops used to handle confidential information. The ultimate aim being to deliver a centralised service for those who need to encrypt a University laptop (whether the whole disk […]

As per the article linked here eBay have owned up to a breach of their systems which, if you use the service, may have resulted in your password being ‘liberated’ by the crooks. You can read eBays blog statement here and their FAQ on what has happened here The breach appears to have taken place several […]

End of Support We posted back in March that Windows XP was coming to the end of its support life and that anyone still using XP would be wise to upgrade their operating system in order to remain protected from vulnerabilities which could allow unscrupulous individuals or organisations to infect your machine with viruses or use […]

In this months SANS Securing The Human newsletter OUCH!, Jake Williams - Chief Scientist at CSRgroup Computer Security Consultants, provides some easy to follow advice on how to tell if your computer has been hacked, and what to do about it. The article is available here as a pdf. Alternatively you can visit the OUCH! archive to […]

Earlier this week Information Services became aware of a vulnerability with Open SSL software used by many web sites to securely transfer data.  This vulnerability has subsequently been widely reported in the media. All web sites managed by Information Services have been checked, and where appropriate to do so, patches applied to protect these systems. […]

Take a look at Microsoft’s Safer Online site which is based around encouraging users across the world to ‘Do One Thing’ to make their online experience a little bit safer. The site combines some interesting figures on how people have been impacted by online safety and provides user comments as to what they do to […]

Following on from yesterdays post it appears SellHack have responded to the Cease and Desist letter from LinkedIn by taking the service down. The main points are: As mentioned in yesterdays post this wasn’t really ‘hacking’ but just a tool for putting the information found on LinkedIn together with other publicly available data from the […]

If you use LinkedIn it’s worth being aware of the facts behind a browser plugin which claims to be able to ‘hack’ individual accounts to reveal the hidden email address of the user. LinkedIn are issuing a cease and desist notice to SellHack and are strongly recommending that if you have installed the plugin that […]

The below figures are taken from a post on which highlights just how important the issue of user account management and administrator rights is, particularly when considering an organisations ability to manage the risks posed by security vulnerabilities. The source article is available here The full study is available as a pdf here Of […]