As with any programming language, JavaScript has fair its share of potential security exposures. Exploiting a JavaScript vulnerability can allow you to manipulate and steal data, redirect sessions and lots more. Whilst JavaScript is normally thought of as a client-side application, JavaScript security issues can also create problems on the server-side. Vulnerabilities in JavaScript Source …
A CDN is a type of overlay network that moves a website’s content closer to the end user in order to improve performance. Typical services offered by Internet overlay networks include edge caching, SSL offloading and edge routing. Internet overlay networks allow websites to benefit from third party infrastructure to improve performance and security. Instead …
The global COVID-19 pandemic dominated all aspects of life in 2020 and pushed the workers of the world to switch to remote working. This resulted in a major shake-up of IT and security practices to which businesses have had to quickly adapt. Security experts have reviewed some key aspects that shaped cybersecurity through the pandemic …
Received wisdom regarding email security says – don’t trust email. Email is an unauthenticated, unreliable messaging service. The general advice was, and still is, use strong passwords, block spammers, don’t trust unrecognised sources and verify requests even from trusted entities. Email hasn’t gone away and the stakes are ever higher as email has become an …
Fraudsters and criminals are exploiting genuine fears about COVID-19 in order to prey on members of the public. Older and vulnerable people who are isolated from their family and friends are especially at risk. The UK Government has urged people to remain on their guard following a rise in COVID-19 scams that seek to benefit …
Remote working and home working have been increasing gradually throughout the 21st century and, since the Covid-19 pandemic, remote working has become a fundamental requirement for many businesses. Some companies, especially ones which already practiced some degree of remote working, have moved relatively seamlessly to large scale remote working. Others, that did not embrace the …
Are you a Gmail user? When was the last time you took a look through the settings to make sure you are making the most of the security features? Beyond enabling 2FA (which you should now be doing on all online accounts), what can you do to make Gmail more secure? Well, Gmail has a …
Web application security is, or should be, high on the agenda for any web-based business. The very nature of the Internet exposes web sites to attack from any location on the planet potentially leading to a data breach. A data breach is a general term referring to unauthorised access of sensitive or confidential information and …
The proportion of smartphone use, and time spent online using a phone or tablet compared to a laptop or desktop PC continues to increase. That being the case you would think that the kind of security-aware practices adopted by laptop and desktop users more than a decade ago would also now be standard practice for …
1. Don’t underestimate the risks The cybersecurity landscape is continually changing.What was low risk today could be high risk tomorrow. New malware may appear or a service that you use may get hacked or your password can be stolen. Update your risk security assessments frequently and stay abreast of emerging threats. 2. Don’t click on …
A bug bounty program is a managed administrative mechanism for reporting bugs to organisations involved in software development.Whilst any software bugs could be reported, in practice, bug bounty programs are normally focused on the discovery of security vulnerabilities and exploits. Many programs provide recognition and, sometimes significant, monetary compensation for security researchers who discover previously …
If you are an executive, manager or business owner, you will have heard of firewalls and you probably think you need one, but if you’re not particularly technical, do you actually know what a firewall does and how it protects your organisation’s computer systems? Firewalls have been our primary defence in computer security for more …
Recent announcements by both Mozilla Firefox and Google Chrome, have put DNS privacy into the spotlight.Changes in how DNS privacy is handled is a major change to the way the internet works but is little understood by the average user. So, what is DNS privacy and DNS over HTTPS and what effect will it have …
Ransomware is a rapidly increasing risk to businesses and organisations around the world.Although there are arguably now fewer ransomware attacks against consumers, attacks against organisations are clearly increasing. A report by Malwarebytes indicates that there has been a +300% increase in ransomware attacks on businesses in the first half 2019. There has also been a …
If you followed our previous article about whether ISO 27001 will benefit your organisation, you may, by now, have evaluated your strategic security goals and hopefully have a better idea of whether ISO 27001 might help you. For a little extra help with your decision about whether or not to get certified, let’s look at …