Not one of our Top X lists, this time, but one featured in an article on the SANS site. SANS have been banging the drum for safer coding for quite a while – in fact, they do quite a few courses on safe coding in various development contexts. Admittedly, that gives them a financial incentive to fly

Many people in the US associate HIPAA with the rules required to protect medical data. It actually is a lot more than that, but the HIPAA laws do require some minimal standards for medical providers. I recently came across an example of where HIPAA is ineffective. The medical providers are required to protect your data,

I know, the Twitter hack is old news, but poor passwords are still common. It is a pity because it really is so easy to make a password much better and still be easy to remember. According to the press, an admin used the password “happiness” and that is how a hacker gained access to

I recently received an email stating “It is a privilege to inform you that you are being considered for inclusion into the 2009/2010 Princeton Premier Honors Edition Registry. This recognition is an honor shared by only the most accomplished professionals who have demonstrated excellence within their careers and communities.” I had always assumed these were

Nigel Morris, of the UK’s "Independent" newspaper reported recently on new powers given to police in the UK and proposals to extend similar powers across the European Union. Understandably, civil rights groups like Liberty have apparently expressed the belief that such expansion of "police hacking operations" should be regulated by Act of Parliament and that there

And finally… Don’t use cracked/pirated software! These are easy avenues for introducing malware into, or exploiting weaknesses in, a system. This also includes the illegal P2P (peer-to-peer) distribution of copyrighted audio and video files: some of these are counterfeited or modified so that they can be used directly in the malware distribution process. Even if

Over the past few months I received a lot of spam about a site called Fanbox.com. I finally set up a disposable email account and joined. I was not at all surprised to find that I suddenly had many fans. Even a skinny geek is a “hunk” to a chatbot!!! Yes, all, but one of

It occurs to me that I should make it clear that this "top ten" isn’t in any particular order. Like the other "top ten" suggestions by the research team that are likely to find their way here in the near future, they’re all significant issues that need thinking about. Point 9 (a short one!) is, don’t

Update: Graham Cluley’s issued a blog post  a couple of days ago suggesting that so far, at least some of the phishes described in our earlier blog about Twitter phishing have been used for old style defacement purposes rather than out-and-out fraud. (I suspect, though, that now this latest phishing genie is out of the bottle, there

Don’t expect antivirus alone to protect you from everything. Use additional measures such as a personal firewall, antispam and anti-phishing toolbars, but be aware that there is a lot of fake security software out there. This means that you need to take care to invest in reputable security solutions, not malware which claims to fix