Category Archives: Security

Setup Tor For Anonymous Browsing

Deploy Tor in Linux for anonymous access to the internet I do a lot of research around the internet on a daily basis. From information on cybersecurity, electronics, specifics on software development languages and many other subjects of interest to me. So I’m not doing anything stupid on the internet but I’m also not interested in having the… Read More »

Your voice assistant can hear things you can’t – such as a hacker

Source: Sophos Naked Security by Taylor Armerding Word from Apple, ahead of the big rollout of iPhone 8 and iOS11 on September 12, is that its voice assistant Siri is going to sound more like a person and less like a robot. Great for the user experience. But based on a report published just last week by a team of researchers… Read More »

Adventures in C# – Secure Access To Your Middle Tier Code

Protect Your Code With System Accounts and Role Based Code Access Security In this article I wanted to provide a simple example of how you can meet some of the best practices for secure code implementation and also some best practices in implementing a scalable architecture. I tried to keep the prototype as simple as I could work… Read More »

Apache Struts “serialisation” vulnerability – what you need to know

Source: Sophos Naked Security by Paul Ducklin Update. The Struts 2.3 and 2.5 versions now both have official patches. We have updated our advice below accordingly. [2017-09-07T11:00Z] It seems only yesterday – in fact, it was six months ago – that we wrote about a nasty security hole in Apache Struts. Unfortunately, it’s time for déjà vu all over again, with a similar sort… Read More »

Is your email in the latest cache of 711 million pwnd addresses?

Source: Sophos Nacked Security by John E Dunn It’s never good news to receive an alert from the Have I Been Pwned? (HIBP) project but it’s better to know than not. Founded by Troy Hunt after the historically embarrassing Adobe breach of 2013, HIBP is a database of breached, scraped and otherwise stolen email accounts that lets anyone check whether theirs is known… Read More »