Your voice assistant can hear things you can’t – such as a hacker

Source: Sophos Naked Security by Taylor Armerding Word from Apple, ahead of the big rollout of iPhone 8 and iOS11 on September 12, is that its voice assistant Siri is going to sound more like a person and less like a robot. Great for the user experience. But based on a report published just last week by a team of researchers… Read More »

Adventures in C# – Secure Access To Your Middle Tier Code

Protect Your Code With System Accounts and Role Based Code Access Security In this article I wanted to provide a simple example of how you can meet some of the best practices for secure code implementation and also some best practices in implementing a scalable architecture. I tried to keep the prototype as simple as I could work… Read More »

Apache Struts “serialisation” vulnerability – what you need to know

Source: Sophos Naked Security by Paul Ducklin Update. The Struts 2.3 and 2.5 versions now both have official patches. We have updated our advice below accordingly. [2017-09-07T11:00Z] It seems only yesterday – in fact, it was six months ago – that we wrote about a nasty security hole in Apache Struts. Unfortunately, it’s time for déjà vu all over again, with a similar sort… Read More »

Adventures in Java – Sort an Object Array With a Collection Stream

Stream and lambda expressions to sort an object array in just a few lines This article is a follow up to the article Adventures in C# – Sort An Object Array With Linq and shows how to accomplish in Java the same type of object manipulation we can accomplish in C# using Linq. In Java the collections library implement a… Read More »

Is your email in the latest cache of 711 million pwnd addresses?

Source: Sophos Nacked Security by John E Dunn It’s never good news to receive an alert from the Have I Been Pwned? (HIBP) project but it’s better to know than not. Founded by Troy Hunt after the historically embarrassing Adobe breach of 2013, HIBP is a database of breached, scraped and otherwise stolen email accounts that lets anyone check whether theirs is known… Read More »