security

New GPG key

I have updated my GPG key, revoking ID 0x35076cbaa663a704 and replacing it with 0x57974c5b48a00d9b (find it on keyservers).

Understanding ransomware

This whitepaper looks at ransomware and the impact, evolution and defensive strategies that can be employed by organisations. While the paper is primarily focused on Microsoft Windows due to the historic prevalence and devastating impact on …

Ticketweb followup

Ticketweb (a UK arm of Ticketmaster) have confirmed that someone was able to send emails to subscribers fraudulently. Their initial response was covered on the Naked Security blog. A second email was sent out this evening: One part which stands out says: We sincerely regret any concern that may have been caused by this incident and we can assure you we took immediate action to close the unauthorised access as soon as it was identified.

Ticketmaster / Ticketweb hacked?

This afternoon I received an email with the spammy subject “Action Required : Update Your PDF Application”. I almost ignored it until I noticed that the link inside pointed to a domain owned by Ticketmaster. As I have shopped with Ticketmaster before, perhaps this isn’t so surprising. My first thought was that Ticketmaster had a dodgy redirect on their site, until I looked at the email and saw that it was actually sent from Ticketmaster’s network.

Stupid password rules

Today I forgot the password for a site I use only occasionally. This is rare, as I have a number of password schemes that I use to create a password unique to each site. After clicking the reset password link, I am confronted with the “password strength checker” below: This list of rules doesn’t fit very well with my password scheme, primarily because what I computed in my head fails the test for uppercase characters.

Reporting a phishing site, is it worth it?

So I thought I was being a good internet citizen when I received the following email a week ago: Dear User; Please update to our new server click here to begin http://glacierdesign.ca/phpform/forms/form1.html Thanks and have a wonderful day. Webmaster The site looked like this: For a while I was confused, after all I run my own email. Did I really need to remind myself of my password? And what had happened to my unlimited quota?

Welcome to the IPv6 world

This blog can now be reached over IPv6 (or ipv6.edeca.net), which is surely the final nail in the coffin of IPv4 across the internet.

Blocking SSH brute forcing using denyhosts

Tired of seeing repeated attempts to login to a Linux server you run? There are a number of options, all with their own benefits and disadvantages. The easiest way is to move the port that the SSH server runs on, perhaps to 2222 instead of 22. However. this can be annoying behind some firewalls and means that you need to specify the port each time you SSH to a host. This post looks at denyhosts, a viable alternative.