Blog

For some time now, and for some strange reason, there has been an opinion that the biggest threat organisations face was from within their own walls, originating from the very people who have been provisioned with authorised access to corporate systems and information assets. Whilst I agree that the ...

It has been said that 2011 is the year of insecurity, and I guess this is down to the number of successful unauthorised incursions that were ‘reported’ by the press, and in the media. However, in my opinion, 2011 was ‘not’ the year of insecurity, but the period in which we sa ...

In 2008 I had the honour to deliver a Keynote at the E-COPP Security event, hosted by Loughborough University. This presentation discussed the aspect of Cyber Crime, and the associated threats that were impacting the interconnected world, users, and global organisations. The theme of this prese ...

I have been involved with virtual environments for about a decade now, supporting client consultations, and implementations. Over this period, I have observed growth, from what was once considered a novelty technology, through to today’s technological solutions supporting leading edge operatio ...

Another week, another monumental hack. This time it was Italy’s cybercrime unit, the Centro Nazionale Anticrimine Informatico per la Protezione delle Infrastrutture Critiche (CNAIPIC), that fell foul of Anonymous. The hackers have already published around 100Mb of data from the raid and claim ...

For some reason, not all security vendors acknowledge the reality, of possible existence of the Advanced Evasion Technique (AET). The question is, have AET’s actually been amongst us for some time now, delivering their adverse payloads to circumvent our trusted levels of perceived security? T ...

There would seem to be a suggested lack of understanding as to how the sources are for Cyber Crime flourish. This is linked to a suggested lack of appreciation of what should be considered as 'adequate' levels of Corporate Responsibility for securing the operational enterprise, and other a ...

The discoveries of widespread hacking, and concerns about Cell, and SmartPhone security have set a notable mood of paranoia in motion, with concerns around the security aspects of telephony.  However, this exposure is absolutely nothing new, and the associated threats posed today, have in fact ...

I'm posting this blog on behalf of John Walker, whose account is temporarily having some 'down time'... Recent reports have stated that the Anonymous Hacktivists group is to set up its own social networking site and service, after they were understandably rejected from the fledgling Google+ si ...

About 12 hours before some prankster shoved a pie in Rupert Murdoch’s face, some other pranksters (namely LulzSec, back in operation after their brief ‘retirement’) shoved a virtual pie in the face of his organisation. In the early hours of Tuesday morning, the group managed to suc ...

If someone is assuming that hacking/breaking into a WiFi router for piggybacking on the router’s internet connection is illegal, then he/she needs to double check the same with the applicable CyberLaw. This was highlighted in view of a recent WiFi hacking incident where a student broke into a ...

There's a well-known saying in information security that the weakest part of any computer system is the person using it. One area where this becomes abundantly clear is in the use of passwords. Allowing users to choose their own passwords can be fatal, with most people not having the first clue abou ...

The Merriam-Webster dictionary gives two different definitions of “hacker” related to computer security. A hacker is either “an expert at programming and solving problems with a computer” or “a person who illegally gains access to and sometimes tampers with information ...

Early in 2009, Twitter suffered two major security lapses. Once when a wave of highly successful phishing campaigns were successful in obtaining a lot of Twitter passwords, and then again when an 18 year old hacker and student of computer games development brute-force'd an administrator account. In ...