Skip to main content

Passwords are not bad, just dont trust vendors

Passwords are not bad, just dont trust vendors

Passwords are in the news again, with yet another headline crying out for the death of the password and claiming that everyone should move to two factor authentication (2FA) for all their online activities. As with all these claims, it is worth looking at them in greater detail before we give up on of the […]

Read More

Security – Are passwords dead?

Passwords - an essential part of security, but often the target for attackers and the cause of a breach.

As most people will be aware, several high profile websites have suffered security breaches, resulting in millions of user account passwords being compromised. These sites have included business social networking site LinkedIn, online dating agency eHarmony and the music streaming site Last.fm. All three of these sites have been on the internet for at least […]

Read More

Happy New Year! Time to improve your security.

Happy New Year! Time to improve your security.

Halkyn Consulting would like to wish a Happy New year to all our readers, customers (past, present and future) and anyone else interested enough to visit this blog. We will look to resume normal blog service next week and as part of our plans for this year we are going to produce a series of […]

Read More

GCHQ chief reports ‘disturbing’ cyber-attacks on UK

GCHQ chief reports ‘disturbing’ cyber-attacks on UK

As reported on the BBC news today, the head of the UK signals intelligence organisation – GCHQ – is concerned over the rising number of attacks on UK businesses. From the BBC news article: Cyber attacks on the UK are at “disturbing” levels, according to the director of Britain’s biggest intelligence agency. and Writing in […]

Read More

Public Key Encryption with GnuPG

Public Key Encryption with GnuPG

One of the most overlooked risks of using the internet is the fact that most of the time your data is as private as the writing on the back of a postcard. If someone wants to, and the data passes through their “hands” then they can read everything you have sent. A lot of the […]

Read More

Widespread Hacking in South Korea

Widespread Hacking in South Korea

It was recently reported that nearly ever member (approximately 35 Million people) of a South Korean social networking site had their personal data exposed as the result of a hack on Cyworld’s systems. From the Register: Names, phone numbers, email addresses, and other details may have been exposed through the Cyworld hack, which follows previous […]

Read More

Stegobot steals passwords from Facebook photos

Stegobot steals passwords from Facebook photos

A report in New Scientist magazine this week identifies a new threat to your information security, although it is unclear if this is in the wild yet. In the article, researchers created software (a “bot”) that extracted sensitive user data (such as banking passwords or credit card numbers) and then hid this inside a picture […]

Read More

The Sun Newspaper – Hacked?

The Sun Newspaper – Hacked?

According to a tweet by “AnonymouSabu” – apparently a hacker collective on twitter – the website of the Sun news paper has been hacked. The slightly more famous hacker collective called LulzSec have also tweeted the news and at the moment it isnt clear who is responsible. Currently, when you visit the the Sun’s website […]

Read More

Spear phishing attacks, prevalent & successful

Spear phishing attacks, prevalent & successful

Previously we mentioned a news item that claimed the International Monetary Fund had been the victim of a “spear phishing” security breach. It seems that this is far from an isolated incident and that malicious groups are moving away from the more “traditional” methods of blanket spam campaigns and towards the more targeted (and normally […]

Read More

Essential security audit tool – Backtrack 5 bootable USB

Essential security audit tool – Backtrack 5 bootable USB

For anyone interested in carrying out penetration testing, security audits or other forms of network security self assessment, Backtrack has long been the operating system of choice. Backtrack is a Linux distribution which has been slightly modified to fine tune how it runs various tools used for penetration testing. Booting into Backtrack gives you an […]

Read More