IT Security

Oct 16

What’s happened

A researcher has found a way to compromise the most common Wi-Fi security standard which allows an attacker to look at traffic on the network, and in some cases, manipulate the data.


What’s affected

Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks

The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available.

In general, any data or information that the victim transmits over Wi-Fi can be decrypted.


What are we going to do

Resolving the security problem is likely to involve applying security update to routers.

Feb 16

There’s an article on the BBC news website that popped up yesterday that took our interest. It states that a “hack” lets phones “eavesdrop and make premium calls”. This was obviously a great concern for us, as it named our primary vendor, snom, as the manufacturer whose phones were used in the research.

The article can be seen on the BBC website here:

What we can’t understand is why the BBC chose to publish such a non-story. What this “security hack” boils down to is not changing the administration page password from the default. Yes, you heard right. The only security flaw is not setting an admin password for managing the settings on the phone.

In fact, if you ignore the fact they used old firmware to carry out their tests and you perform that exact same test on firmware that isn’t old (and was only a beta release) the phone itself prompts you on the screen at every opportunity to set an Admin password.

Jan 06

We are currently aware of a lot of malicious spam emails currently doing the rounds. As of posting this, few anti-viruses pick up the virus attachments.

The fake email pretends to come from e-mail address, but is actually a simple forgery and does not in fact come from Les Caves.

The contents of the e-mail message are as follows:

From:    Avril Sparrowhawk []
Date:    22 December 2015 at 11:14

Good afternoon

Thanks very much for your payment we recently from you, however there was a missed invoice.  Can you just confirm this will be included in the next payment run, or whether there were any queries with this particular invoice?

I have attached the invoice for your reference.

Dec 21

Pressing the backspace key 28 times will let you circumvent a locked-down Linux machine researchers at Universitat Politechnica de Valencia recently discovered.

The GRUB bootloader used by most Linux distributions has the option to password protect boot entries. Not only will this prevent tampering but allows you to prevent peripherals such as CDs and USB ports from booting an OS. Without this protection an attacker could boot a system from a live USB key or CD, switching into their preferred operating system to download or access files stored on the machine’s hard drive.

This flaw with Grub2, of which versions 1.98 and 2.02 are affected, means a simple tap of the backspace key 28 times will bring up the prompt usually hidden behind the password screen.

Oct 23

TalkTalk have once again shown their inability to keep customer data safe. Police are now investigating what TalkTalk term a “significant and sustained cyber-attack” on their website.


Their website currently shows the page above highlighting the fact the website is unavailable right now.

An official statement was released by TalkTalk on 22/10/2015: View Statement in Full.

What the statement doesn’t highlight is what customers of TalkTalk need to do now.

The investigation is ongoing, but unfortunately there is a chance that some of the following data may have been accessed:

  • Names
  • Addresss
  • Dates of birth
  • Email addresses
  • Telephone numbers
  • TalkTalk account information
  • Credit card details and/or bank details

TalkTalk have also created a help page here for those who may have been affected:

Please be aware, TalkTalk will NEVER call customers and ask you to provide bank details unless we have already had specific permission from you to do so.

Jun 19

We have noticed a large number of calls yesterday and today in relation to users on Windows 7 where the computer sits stuck on a “Starting Windows” page. The common denominator between all of these incidents is that the computers had AVG Anti-Virus installed.

Whilst we wait on AVG getting back to us with news on this issue we have been resolving these incidents by booting the computers in to Safe Mode, un-installing AVG completely, then booting back into Windows in normal mode before reinstalling AVG.


This is not the first time Anti-Virus programs have caused catastrophic issues with Windows PCs. In April 2010 a McAfee pushed out an update that caused a false positive identification, and incorrect deletion, of the critical Windows system file svchost.exe.

Jun 09

On 14th July 2015 Microsoft will cease supporting Server 2003. This means that, going forward, there will be no more updates or patches for the Server Operating System, which will lead to a less stable and less secure server infrastructure for any businesses that choose to continue to use the system after this date.

Any organisation that is still currently using Microsoft Server 2003 needs to put in place a plan of action to migrate to a new server Operating System, or find an alternative IT infrastructure solution.

Edinburgh IT Support consultants, Consider IT, suggest getting in touch and we’ll provide options for moving forward to a secure and reliable solution.


Jun 04

SourceForge is a popular website that offers source-code repository, downloads mirrors, bug tracker and other features. It acts as a centralised location for software developers to control and manage free and open-source software development. What you might know it from is its usefulness in providing downloads of popular software, rather than having to go to the developer’s website to get it.

Since yesterday at least, SourceForge has now since started to distribute adware/malware in certain projects hosted on their site.

NMAP, an open-source network tool used extensively by IT Professionals has been hijacked by SourceForge and the developers have hit back on security notice boards:

Hi Folks! You may have already read the recent news about hijacking the GIMP project account to distribute adware/malware.

Jun 03

PayPal and eBay have fallen out and are splitting up with each other on 1st July 2015. PayPal have published a new set of Privacy Policies that will come into force on the same day.


PayPal is nice enough to give its customers only two options when it comes to the new terms: begrudgingly accept them or close your account entirely.

There’s a temporary page showing all the new Privacy Policy changes in full with the highlighted points at the top. The top paragraph states several scenarios where PayPal may choose to automatically call or text you:

  1. notify you regarding your account
  2. troubleshoot problems with your account
  3. resolve a dispute
  4. collect a debt
  5. poll your opinions through surveys or questionnaires
  6. contact you with offers and promotions
  7. as otherwise necessary to service your account or enforce this User Agreement, our policies, applicable law, or any other agreement we may have with you.
May 18

The ICO has issued South Wales Police with a £160,000 fine for losing a video recording which formed part of the evidence in a sexual abuse case.

Despite the DVDs containing a graphic and disturbing account, the discs were unencrypted and left in a desk drawer.

The recorded interview took place in August 2011 and the loss was discovered by staff after an office move in October 2011 but the security breach then went unreported for nearly two years due to lack of training. Although the DVDs were stored in a secure part of the police station, South Wales Police had no specific force-wide policy in place to deal with the safe storage of victim and witness interviews in its police stations.