1. Accusation at the Heart of British Democracy Background on the Tory Parliamentary Expert A Tory parliamentary expert on China has been accused of spying for Beijing from a position at the ve...

Considering the known-known statistics, we seem to encounter a serious security breach at least once a week – and these are only the events which are notified or discovered. In fact, according to t...

Whilst the conceptual and academic discussions around dangerous forms of code have been on the agenda for many decades past, it was in 1983 when the young student Fred Cohen (who I think of as a dist...

Question – What separates a smart businessman from a common criminal? Answer, the breadth of a hair! Consider all those cases we have seen around insider dealing between execrative staff at say, t...

There is no doubt that in the right hands, Open-Source Intelligence (OSINT) can bring many positive benefits to the Cyber Security Professional, Forensics Investigator, or Government Agencies and Cor...

There is absolutely no doubt that the Investigative Journalist, Geoff Whites book, The Lazarus Heist (LH) is not only one of the best researched accounts of the dirty dealings of cyber-criminals, and...

In my personal experience, I am well aware that, if you (I) say anything on Facebook that goes a little against their policies, they are very quick to act – blocking, warning, or removing said comm...

Anyone with any involvement in the world of, what we call Cyber Security, will attest that the world may be moving backwards when we consider the number of successful, high-profile attacks which take...

In Part 1 published by Information Security Buzz 25th May 2022, the article considered aspects of historic threats posed by all forms of malevolence in the form logical, digital compromise, and looke...

Whilst the conceptual and academic discussions around dangerous forms of code have been on the agenda of decades past, it was in 1983 when the bright young student, Fred Cohen (who I think of as a di...

This is my one hundredth Article for those nice people at Information Security Buzz (hence the title), and whilst I was pondering on which topic to write on next, along came a subject falling directl...

For about a decade now, I have both practiced and taught, what has, up to 2022, seemingly been considered a Grey Art - that of Open-Source Intelligence (OSINT), and its related methodologies in the U...

As many readers of Information Security Buzz articles may already be aware, I have had published two articles about ‘Trust’ in relation to Russian applications, and as such I have set on a person...

The sad kinetic situation of the Russian war in Ukraine has created much instability on the world stage – observing the fallout of human tragedies and loss of life – facts we are all very much aw...

The National Cyber Security Centre (NCSC, a part of GCHQ) has warned UK organisations and consumers to consider the risk of using Russian technologies amid the ongoing war in Ukraine, and the change...

What has become so obvious during the sad events unfolding in Ukraine is the power of OSINT, discovering the facts through available multiple sources of verifiable intelligence – ranging from socia...

The year was 1993 when I attended the Third Virus Bulleting Conference in Amsterdam,  held at the Grand Hotel Krasnapolsky where I presented my first ever paper, on the subject of defeating Anti...

On the 23 of February 2022, I am presenting a webinar to an international audience titled, ‘Don’t look back in anger look forward and predict the unknown’ on the subject of, what for many today...

Prior to the Christmas festivities, I got may hands on a pair of the latest encrypted key solution to come out of the iStorage stable – enter the DATASHUR SD, supplied with a pair of iStorage brand...

Introduction This paper will consider the areas surrounding Data Security and look at the multiples of ways in which it may be breached, altered, or compromised, some of which may be obvious, othe...

Having spent over 36 years in an industry, now entitled Cyber, starting my cyber-career post completing formal IT Security Training at the Police, School at RAF Newton, I went on to work in the worl...

ABOUT This ‘Surviving Ransomware’ document is intended to raise the awareness of the threats posed by the digital dangers presented by Ransomware and seeks to expand on the methodologies emplo...

A couple of years ago I was contacted by a local SME Engineering business, after they had embarrassingly been impacted by a Ransomware attack, denying the business access to several their critical en...

Being certain that most readers will have noticed the levels of successful cyber-attacks carried out against public services such as Government, and in particular the scattered Local Authorities who...

For want of a better term, the ‘Cyber Security Industry’ has for many years now followed a terminology based, trending pattern attempting to achieve robust solutions to accommodate protection of...

Earlier in 2021, Andrew Jenkinson the CEO of CIP issued an alert and notified the CWE Team that they were running with some security exposures, leaving their domain open to a higher potential of comp...

Without doubt the BBC TV Drama Line of Duty kept us all on the edge of our seats as we tuned into every episode, seeking to unmask the corrupt officer known as ‘H’ - with the ultimate episode rev...

It was back in Q4/20 when the UK based Outsourcing company serco were warned they were running with digital insecurities – something which was leveraged by the Babuk Gang when they exploited some o...

Travelling back to the early days of the Computer Virus entering the world of low cost, COTS (Commercial Off the Shelf) available computing, we may reflect on a few home truths as we proceed down the...

For more years than I care to recall, I have been on, what has seemed like a crusade to spread the word about, what we now understand to be the Cyber Threat that our interconnected, IoT driven world...

Over the last two/three years, when chatting with clients, or delivering training, there has been occasions when the following question has come up: ‘How do I know FIPS/140-2 encrypted drives ar...

This month, as a prediction for the world of Cyber in 2021, I wrote the following: “In the period of 2021 more successful security attacks and compromise will be encountered, with many high prof...

There is currently a big push from some Cyber Security/Commercials, and Agencies such as the CIA, who are promoting the fight against, what we now call Fake News – but my thoughts here are ‘proce...

On the 29th October 2020, IsBuzzNews ran an article under their Expert Comments section on Experian and the UK’s Information Commissioner’s Office findings of the credit agency being found crimin...

As of October 2020, we would seem to be dug in even deeper into the pit of the global Pandemic with no end game in our forward vision. Thus, those Remote Working, Out of Office forced conditions would...

Introduction to the New Age of Warfare It was in Amsterdam 1993 when presenting a paper at the Virus Bulletin 93 Conference, subject - bypassing anti-virus scanners. It was there in the luxurious Gra...

In the current 2020 era of cyber insecurity and the associated everyday logical dangers impacting both global organisations and individuals alike, with the resulting effect on the economy being signif...

As many are now aware, the Chinese Leadership and its underpinning agents have not taken kindly to some of those who have been outspoken against their antics, such as human rights abuse, continued cyb...

Distanced, out of office (off campus) operational dictated by the 2020 pandemic has imposed a heavy burden on business operations, and forced the need for operational requirements to evolve to meet th...

Post the imposition of the coronavirus Lock-Down, myself and Shirley (my wife) decided to take some time out, and went over to Norfolk to spend some time on the edge of Her Majesty the Queens  Sandri...

The year was 2008, location British Library London, the event a IT Security Conference sponsored by the UK Governments Home Office where I was giving a presentation and sitting on a panel, when a QA w...

Like most during the coronavirus pandemic, and the resulting COVID-19 infections, I like the majority of responsible people have been applying the rules, and taking care to do my bit to mitigate the t...

It was in 1989 when Clifford Stoll first published The Cuckoos Egg, and in my opinion this is not only the best ever book written on the subject of Cyber (then IT) crime, but is also a must read for a...

We are living in a world in which we have either embraced technology, or we have been forced to use it (an example her is online banking) – and of course, we also may accept that, today in the major...

Originally written and published way back in 2014 – and no longer available because of its age. However, given the predictions of the then day, I thought it would be well worth republishing as a rem...

On the 8th of October the BBC ran the concluding episode of the drama ‘Capture’ staring  the impeccable Holliday Grainger (see Fig 1) – a drama which introduced the armchair viewer to the world...

If you are looking for a development that goes well beyond your wildest imagination in all aspect – then you need to take a look at Dubai with its elaborate and stylish building pushing up from the...

Having attended InfoSecurity 19, I must admit I was a tad disappointed with what was on offer – throw backs of the long, over deliberated ‘Insider Threat’, the usual focus on PCI, and of cours...

The year is 2019, and I doubt anyone attending Infosecurity Show 2019 would challenge the statement ‘We live in times of Insecurity’. With a backdrop covering a spectrum of Cyber Attacks, by examp...

Having submitted an Expert Comment to Information Security Buzz, I have taken some time to extend this into a blog. As I said, having had some enforced downtime in 2019, it was a great opportunity and...

I was watching the Babes-in-the Wood Murders last night on TV, involving Nicola Fellows and Karen Hadaway who were murdered by the, then 20-year-old Russell Bishop who was tried, and acquitted in 1987...

Through robust research, and commercial engagements covering a 10 year period, it may be attested that the element of Open Source Intelligence is not only a major source of exposure, and potential exp...

Like many people, from time-to-time, we (I) have had cause to call on the NHS to seek care, resolution and treatment for both minor, and serious aliments – in my case the latter. Here, from my own e...

The debate on the subject of self-half images hosted on Instagram seems to have got lost in translation by the Press, MP’, and the incumbent Agencies who are supposed to be empowered to look after t...

It is a known-known fact that one of the most valuable assets we may own and have access to is money. However, my opposition argument to this statement is that there is another asset, which has even m...

The world of Spying and Espionage are in the mainstream considered to be very much associated with deep Military Intelligence and Secretive Levels Government Agencies activities. However, what often g...

Living in the age of Cyber Adversity in which the risks from on-line hackers, criminals, cyber-miscreants, not to mention those foes who exist in the guise of service providers wishing to exploit our...

I don’t for one moment feel that any professional would argue that we are not facing a time of Digital instability in our interwoven words of Business, Social Media, or when we, and the great public...

When it comes to protecting Children and Young Persons online, there have been multiple initiatives, yet there have also been sadly a several historical failings by some incumbent UK based Agencies w...

About 10 years ago now, I recall discussing my concept of internal civil disobedience, and insurgency with another professional – question, ‘just how do you cause widespread chaos by none technic...

2018 was the year in which we encountered thenewishterm ‘Digital Transformation’ take a grip in computing vocabulary, which on occasions has even crossed the conversational lines onto the lips of...

During the evolution of the Internet, we have encountered the darker side of the infrastructure’s wider potential. For example, the realization of the power a circuit board can harness as a low-co...

As one who travels to the UAE on very regular occasions, and who has visited Dubai, Abu Dhabi, and worked in the Saudi Arabian MOD complex in Riyadh, as well as working on Special Projects at the Mala...

Having just returned from presenting at a very successful, well attended ISMG Security Summit held in London on 23 October 2018, I was left excited and enthused by some of the presentations I sat in o...

Having encountered several friends and associates who have suffered, what seemed to be sustained Phishing Campaigns I decided to invest some time and bated-responses to set up a little research experi...

I sat down today, relaxed and called my Cell-Phone Network provider Vodaphone to make my monthly payment – and again, as in previous months, after two attempts their Payment System was not working...

During the month of July 2018, I had the absolute pleasure to both attend and present at one of the very best, well organised events I have ever been involved with – the ISMG Cyber Security Summit,...

I was slightly bemused when I saw the ex TalkTalk CEO was standing up at Infosecurity 2018 to give a presentation of Cyber Security – a presentation, I presume she was rewarded for. The first thing...

As a Security industry, we, as, what may be referred to as Cyber Security Professionals tend to engage in multiple inter-industry conversations with those who have been anointed into the world of IT,...

As I am attending the Cyber Security Event (http://www.cybersecuritysummit.com.br/) running in Sao Paulo Brazil in July 2018 with a presentation entitled ‘Dark Matter’, given the number of recent...

I, like many other Cyber Security Professionals have worked at multiples of cross-sector companies, within both vertical and horizontal market sectors – from Oil & Gas and Utilities to Banking,...

There is no doubt that, to have a word included in any form of recognised Dictionary, the lexical representation must meet the rigour of being: Common to language in conversational terms Must cross...

A question I often get asked relating to Digital Forensic and Investigation Capabilities is ‘what tools are required?’ – a question which is both easy, and difficult to answer. Easy, because the...

On the 29th of November 2017 I attended an interview with BBC East Midlands Today covering the cruel event of a teenage girl who had been fed, what turned out to be an overdose of drugs, and who was t...

Europe woke up Tuesday to massive attacks on both governments and some of the world’s largest brands. While the story is sure to develop, here’s what we’ve learned so far, and what enterprises...

Forcepoint Security Labs will continue to refer to this as a Petya outbreak, although other vendors have chosen to apply additional or alternative names to it. In straightforward terms, the samples...

I like many others I have been saddened and outranged by the occurrences which took place in Manchester, and in London, with the loss of so many lives in the name of the Islamic faith. However, before...

At around 14:00 hrs on the 12th of May 2017 saw, what was yet again a cyber-situation of unprecedented magnitude when the NHS, at the outset, suffered a cyber-attack against 16 authorities, which...

Let’s start the article with a little general knowledge question from 2009 – which of the following statements from way then is the most accurate in respect to the state of the UK economy and what...

We live in the age of economic downturn, placing both the Private and Public Sectors in a very tight financial corner. This same economic downturn has been driving Commercial, and Government leaders t...

There is a shortage of skill in the disciplines of Cybersecurity – but at the same time, such skills are in high demand, driven by the high levels of Cyber-Attacks, Cyber Criminality, and regular br...

As an Expert Witness, Digital Forensics First Responder Investigator, and a provider of specialist training in the disciplines of in-depth Cyber Security Management, and Digital Forensics and Investig...

Multiples of past and present crime surveys have confirmed the ongoing impact of Cyber Crime against business was, and is high, and were measured to have increased by an average of up to 25% on previo...

The Global Economy is in the grip of a digital fraud epidemic running at a current estimated $400 billion per year, with expectation that it will hit $2 Trillion by the year 1919. To date this has not...

I have been listening to, and reading the debate relating to the safety of children when they are on-line, and the associated privacy/dangers which are ever-present when such young person’s engage w...

The Internet is a wonderful thing, and since its conception it has brought joy to millions of people in the form of extended communication networks, education, on-line shopping, employment and opportu...

The interesting thing about Incident Response, and the Discipline of Digital Forensics is the need to attempt to backtrack on 1) How a security breach occurred? 2) What Actors were in play? And 3) Whe...

For some time now I [and most Security Professionals] have been very much aware that the State of Cyber Security is parked in a very dangerous layby. With far too regular reports hitting the press of...

I must admit to suffering some confusion when it comes to the comments coming out of the top flight security industry providers. With a past statements made by McAfee, firmly confirming that the battl...

In a world of technological dependence, I like most other professionals suffer from increasing degrees of paranoia, and fear that my person, presence, and logical footprint may be subject to some form...

When it comes to taking the security biscuit for 2015, I believe the recent discovery of a security flaw in FireEYE deserves the award for bringing the matter of Security Complexity to our operation...

For month of November, question to our expert panel members is: Which research topic or project in cyber security do you think deserves more funding from Government or other sources and why? and resp...

Considering the opinion of Martha Lane Fox who has called upon the UK to lead the way by setting up neutral, independent body to ensure that ‘privacy’, ‘security’ and ‘trust’ are maintaine...

We are starting to arrive at the conclusion that it is the people who make our organisations insecure – right? It is the people who are those assets who are protected by the firewall, and perimeter...

It was about 16:00 on Friday, the 7th of November when I received a call from my University [Nottingham Trent] requesting an interview with a local BBC Station on the news that the Nottinghamshire Pol...

On Friday, December 5th, I had the distinct pleasure of presenting at the White Hat event held at the IoD in London. I decided to be a little controversial in my talk, so I ran up a presentation calle...

Cyber-attacks are rising on a year-by-year basis, with a growing focus on the application layer. There are numerous organisations that seem to have deployed duplicated software assets, which means the...

I hate to say it, but in my humble opinion, for the last decade or so the infosec and cyber security industry seems to have lacked vision, that is, the ability to look around the corner to visualise w...

What are the main benefits & risks associated with using cloud applications? One of the main risks in my opinion relating to our use of the cloud is ignorance of the implications for doing so. B...

In the wake of Rotherham, Leicester, and Derby and others, where there have been gross failings to protect the young and innocent from what has been, in the last case in particular, neglect and abuse...

In my last blog post on WiFi, I shared my traveling experiences of observing users' behavior with their mobile devices, particularly how they tend to indiscriminately access public, insecure Access Po...

Having just returned from the sunny dunes of a distant shore, I would like to share with you now a little insight about those insecurities that seem to follow us wherever we travel. OK, at the outset...

In your opinion, what are 3 key elements to succeed in a positive security culture, and what tips can you provide to implement change, successfully? To place this question into a quantifiable stack a...

From CISOs to security professionals, the current approach to applying and understanding security in some organisations still seems to be based on employing expanded terminology to talk-the-talk, gett...

In your opinion, which company or person has had the biggest impact on the information security industry within the last 10 years, and why? Over multiples of years now there have been pockets withi...

As hard as it may be to accept, in 2014 there is an estimated 17,000 global financial crimes being committed every second, and when you assess the related impact on individuals, companies, and economi...

It is looking like the new Bahrain CyberCrime law is going to set the demographic bar for those Hackers and Hacktivists who are found to be culpable of an act, and they could be looking forward to 10...

One upon a time electronic tracking person [target] was expensive, and difficult to achieve, but with the advancement of technology, it is now just a matter of a few pounds, and the leverage of availa...

As IT/Cyber Security Professionals, I guess it’s easy for us to get drawn toward the technological element when considering the aspects of security – but I am wondering, is this a trait which may...

Last week, one agency was kind enough to print my controversial opinions on Waking Shark II, which were based on knowledge of standing deficiencies with the security cultures and infrastructures withi...