Halkyn Security Blog
Specialist Security & Risk Management Consultants

Posts tagged Hacking

AV is not dead – it just has limits

AV is not dead, just understand what it can and cant do.

Antivirus (AV) has been around for decades now and this is both a good and bad thing. On one hand, AV is so well known most people already understand that they need to have it. But on the other, all the attackers know about it. This means the first step in pretty much every attack […]

Read More

Passwords are not bad, just dont trust vendors

Passwords are not bad, just dont trust vendors

Passwords are in the news again, with yet another headline crying out for the death of the password and claiming that everyone should move to two factor authentication (2FA) for all their online activities. As with all these claims, it is worth looking at them in greater detail before we give up on of the […]

Read More

Security – Are passwords dead?

Passwords - an essential part of security, but often the target for attackers and the cause of a breach.

As most people will be aware, several high profile websites have suffered security breaches, resulting in millions of user account passwords being compromised. These sites have included business social networking site LinkedIn, online dating agency eHarmony and the music streaming site Last.fm. All three of these sites have been on the internet for at least […]

Read More

Happy New Year! Time to improve your security.

Happy New Year! Time to improve your security.

Halkyn Consulting would like to wish a Happy New year to all our readers, customers (past, present and future) and anyone else interested enough to visit this blog. We will look to resume normal blog service next week and as part of our plans for this year we are going to produce a series of […]

Read More

GCHQ chief reports ‘disturbing’ cyber-attacks on UK

GCHQ chief reports ‘disturbing’ cyber-attacks on UK

As reported on the BBC news today, the head of the UK signals intelligence organisation – GCHQ – is concerned over the rising number of attacks on UK businesses. From the BBC news article: Cyber attacks on the UK are at “disturbing” levels, according to the director of Britain’s biggest intelligence agency. and Writing in […]

Read More

Hacked out of business?

Hacked out of business?

Most businesses understand that security is important but, as we discussed in a previous post (How do you measure the value of Information Security?) there is a tendency for owners to downplay the risks. This is understandable, and sadly security is all too often seen as a “cost” which should be cut, but the reality […]

Read More

Public Key Encryption with GnuPG

Public Key Encryption with GnuPG

One of the most overlooked risks of using the internet is the fact that most of the time your data is as private as the writing on the back of a postcard. If someone wants to, and the data passes through their “hands” then they can read everything you have sent. A lot of the […]

Read More

Malicious Spam on the Rise

Malicious Spam on the Rise

Research carried out by two security companies has provided information that most people will have already recognised – in the last week there has been a significant increase in spam and specifically malicious messages such as emails carrying trojans (phishing messages). From SC Magazine: M86 Security noted a huge surge of malicious spam that it […]

Read More

Widespread Hacking in South Korea

Widespread Hacking in South Korea

It was recently reported that nearly ever member (approximately 35 Million people) of a South Korean social networking site had their personal data exposed as the result of a hack on Cyworld’s systems. From the Register: Names, phone numbers, email addresses, and other details may have been exposed through the Cyworld hack, which follows previous […]

Read More

Stegobot steals passwords from Facebook photos

Stegobot steals passwords from Facebook photos

A report in New Scientist magazine this week identifies a new threat to your information security, although it is unclear if this is in the wild yet. In the article, researchers created software (a “bot”) that extracted sensitive user data (such as banking passwords or credit card numbers) and then hid this inside a picture […]

Read More

The Sun Newspaper – Hacked?

The Sun Newspaper – Hacked?

According to a tweet by “AnonymouSabu” – apparently a hacker collective on twitter – the website of the Sun news paper has been hacked. The slightly more famous hacker collective called LulzSec have also tweeted the news and at the moment it isnt clear who is responsible. Currently, when you visit the the Sun’s website […]

Read More

Paypal Phishing Attacks

Paypal Phishing Attacks

Phishing is an on-going threat to most businesses and home users. It is safe to assume that there will be a constant stream of phishing emails sent to pretty much any email address imaginable. As a result of this, it is crucially important that you educate your staff and your family about what to look […]

Read More

Spear phishing attacks, prevalent & successful

Spear phishing attacks, prevalent & successful

Previously we mentioned a news item that claimed the International Monetary Fund had been the victim of a “spear phishing” security breach. It seems that this is far from an isolated incident and that malicious groups are moving away from the more “traditional” methods of blanket spam campaigns and towards the more targeted (and normally […]

Read More

Essential security audit tool – Backtrack 5 bootable USB

Essential security audit tool – Backtrack 5 bootable USB

For anyone interested in carrying out penetration testing, security audits or other forms of network security self assessment, Backtrack has long been the operating system of choice. Backtrack is a Linux distribution which has been slightly modified to fine tune how it runs various tools used for penetration testing. Booting into Backtrack gives you an […]

Read More

LulzSec security antics still in the news

LulzSec security antics still in the news

Another day and another round of news headlines about the hacker collective calling itself LulzSec. Today there were two main headlines relating to the UK. The first, and possibly most serious, was a reported claim that LulzSec had gained access to the UK 2011 Census and was preparing to make all the data (i.e. huge […]

Read More

Recent Tweets Recent Tweets