Internet Security

Regin Malware / Spyware is Made in the West

This morning Symantec’s Sian John spoke on the Radio 4 Today Programme about a new piece of malware that is infecting computers. It is called Regin and it is so advanced that Symantec are still unsure what it can and can’t do. It is thought to have been developed by a Western government. “In the…

POODLE SSL 3.0 Fallback Exploit

Poodle

Just when we all thought that SSL / HTTPS was the solution to online security (OK, maybe a totally, overly simplistic view from somebody who admittedly does not really understand it well) we hear of a major security problem with SSL. What is it all about? I just learned about the SSLv3 Support vulnerability from CloudFlare,…

Who is logged in to your Facebook?

facebook security

If you are worried that your Facebook account may have been compromised you can check to see if anybody else is logged in – and log them out – and then you should change your password, just in case. Most of the time rogue log in details are actually your own logins that have for…

Beware the Adobe Echosign Phishing Scam

Echosign scam

I just received the following email with title “Review the document“: From: [email protected] Hi, You have received a document via Adobe Echosign. Sign in with your googlemail to review the document. Sign In Here. Thank you. Clicking the “Sign In Here” takes you to a page on anffaslonigo.it that I think is pretending to be a Google log…

O2 Customers, be Careful – New Scam / Virus email

Just had an email pretending to be from O2 informing me of a large monthly bill. The email: Hi Your O2 bill for 11/06/14 is now ready. You can look at your bill here. In total, your bill for this month comes to £356,87. We’ll request this amount from your chosen account on, or just…

WordPress Users – Block Access with IP Restriction

Just looked at an error log for a site that has IP restriction in place for the /wp-admin directory and wp-login.php pages. In one hour there were 28 attempts to access wp-login.php. Errors look like this: [Wed Apr 23 09:51:39 2014] [error] [client 1.11.11.11] client denied by server configuration: /home/acountX/public_html/wp-login.php Blocking is easy, you just…

A Week at IKEA – daily strange spam

I get a lot of spam, it comes with running websites I guess. Today was possibly the strangest. OK, no mention of spells to get an ex-girldfied back or a sure way to rocket my website to the top of all search engines, but strange all the same. The subject of the email was “A Week…

Is the BT Infinity / Broadband hub safe?

You may have seen in the news this week that some routers are failing security tests putting home computers at serious risk of being hacked. Over the past week owners of Linksys and Asus routers have experienced hacking attacks which are exploiting loopholes in the built-in firewalls. The Moon virus A virus, called The Moon, has been…

New Paypal Phishing Scam? “Your account has limitations – you can resolve this now”

Just had an email which appears to be from PayPal. Has the logo and comes from [email protected] The first line says “Your account has limitations – you can resolve this now” and then: You may have noticed that some limitations have been placed on your PayPal account. This is part of our security process and…

Windows Security and the W3C Validators Telephone Scam

Just had a telephone call from India telling me they were representing the Windows Security Centre and that my Windows Inique ID had been shared with up to 4 other people, that my computer had been hacked and that my operating system would soon be switched off! At first I thought that this was the…

Basic WordPress Security

I run several WordPress sites which have not been updated for ages. None have been hacked. I feel the need for a new blog post….  WordPress Security Keep it updated If you only update from a few select locations and have static IP, block all but your IP from access /wp-admin – see below for…

WordPress Password Hijkack? pwd = W1seb0x50

As I have mentioned before I run several WordPress sites, and on them I have a firewall that reports any odd goings ons. Today a bunch of sites had this warning: WordPress Firewall has detected and blocked a potential attack! Web Page:   www.***********.co.uk/wp-login.php Warning: URL may contain dangerous content! Offending IP:   178.137.94.88 [ Get IP location ] Offending Parameter:  …