Cybersecurity is now a primary focus for companies and organisations of all types and sizes. Continuous change in technologies deployed to gain competitive advantage inevitably means a corresponding shift in cybersecurity trends. Phishing and ransomware attacks are increasingly with us and news reports of high-profile data breaches are becoming ever more the norm. As well …
What is Phishing? Phishing is a very common type of cyber-attack that everyone should learn about in order to protect themselves. Phishing attacks are where attackers send fraudulent communications that appear to come from a reputable source. It is typically done via email although other forms of messaging and social media are used, and can …
What is Cryptojacking? Cryptojacking is a type of cyber-attack where malware is covertly installed onto unsuspecting hosts so it can make use of the host’s processing power to mine cryptocurrency for the attacker. Cryptojacking isn’t attempting to cause damage to host systems or steal their data, but it is far from benign. It is a …
As with any programming language, JavaScript has fair its share of potential security exposures. Exploiting a JavaScript vulnerability can allow you to manipulate and steal data, redirect sessions and lots more. Whilst JavaScript is normally thought of as a client-side application, JavaScript security issues can also create problems on the server-side. Vulnerabilities in JavaScript Source …
A CDN is a type of overlay network that moves a website’s content closer to the end user in order to improve performance. Typical services offered by Internet overlay networks include edge caching, SSL offloading and edge routing. Internet overlay networks allow websites to benefit from third party infrastructure to improve performance and security. Instead …
The global COVID-19 pandemic dominated all aspects of life in 2020 and pushed the workers of the world to switch to remote working. This resulted in a major shake-up of IT and security practices to which businesses have had to quickly adapt. Security experts have reviewed some key aspects that shaped cybersecurity through the pandemic …
Received wisdom regarding email security says – don’t trust email. Email is an unauthenticated, unreliable messaging service. The general advice was, and still is, use strong passwords, block spammers, don’t trust unrecognised sources and verify requests even from trusted entities. Email hasn’t gone away and the stakes are ever higher as email has become an …
Fraudsters and criminals are exploiting genuine fears about COVID-19 in order to prey on members of the public. Older and vulnerable people who are isolated from their family and friends are especially at risk. The UK Government has urged people to remain on their guard following a rise in COVID-19 scams that seek to benefit …
Remote working and home working have been increasing gradually throughout the 21st century and, since the Covid-19 pandemic, remote working has become a fundamental requirement for many businesses. Some companies, especially ones which already practiced some degree of remote working, have moved relatively seamlessly to large scale remote working. Others, that did not embrace the …
Are you a Gmail user? When was the last time you took a look through the settings to make sure you are making the most of the security features? Beyond enabling 2FA (which you should now be doing on all online accounts), what can you do to make Gmail more secure? Well, Gmail has a …
Web application security is, or should be, high on the agenda for any web-based business. The very nature of the Internet exposes web sites to attack from any location on the planet potentially leading to a data breach. A data breach is a general term referring to unauthorised access of sensitive or confidential information and …
The proportion of smartphone use, and time spent online using a phone or tablet compared to a laptop or desktop PC continues to increase. That being the case you would think that the kind of security-aware practices adopted by laptop and desktop users more than a decade ago would also now be standard practice for …
1. Don’t underestimate the risks The cybersecurity landscape is continually changing.What was low risk today could be high risk tomorrow. New malware may appear or a service that you use may get hacked or your password can be stolen. Update your risk security assessments frequently and stay abreast of emerging threats. 2. Don’t click on …
A bug bounty program is a managed administrative mechanism for reporting bugs to organisations involved in software development.Whilst any software bugs could be reported, in practice, bug bounty programs are normally focused on the discovery of security vulnerabilities and exploits. Many programs provide recognition and, sometimes significant, monetary compensation for security researchers who discover previously …
If you are an executive, manager or business owner, you will have heard of firewalls and you probably think you need one, but if you’re not particularly technical, do you actually know what a firewall does and how it protects your organisation’s computer systems? Firewalls have been our primary defence in computer security for more …