FBI asks Apple for access to encrypted iPhone data

  Tim Cook, chief executive of Apple, has recently stated that the FBI’s recent US court order to enable them to access the mobile phone of San Bernardino killer Syed Farook is “dangerous”, “chilling” and “unprecedented”. Apple’s lack of co-operation is hindering the FBI investigation, or so they say! Strong words indeed, but where will this potentially lead to regarding whether personal data is sacrosanct or not? Apart from anything else, can we then trust the authorities to not turn a ‘one-off’ access request into the new ‘status quo’ regarding access to all of our private information? Before we delve further into all this, it is worth noting that Apple themselves made the decision, in 2014, to remove its own ability to access data on its own encrypted devices, such as iPhones, iPads and Macs. This was done mainly to avoid unfortunate positions such as this case. The FBI is not actually asking Apple to ‘break’ the encryption on this iPhone, which would be virtually impossible in any case due to the companies already stated objective. Basically Apple is saying that it could not gain access, even if it wanted to. But how does this really stand up to someClick Me For More Details… […]

Read More…

Website and Web Server Security Testing

If you had ever wondered how we go about some of our work relating to both Web Site and Web Server testing, here’s how: Security Audit would normally first of all examine your websites individual pages, your applications and your web servers to identify any security weaknesses and vulnerabilities which may provide hackers with an opportunity to cause problems. Analysing your web assets for free? For a free scan all we need to know from you is your domain name, this is all it takes for us to get started. With these details we can analyse your web assets, you then receive a report containing various recommendations showing where you need to implement changes to improve your security.  Website security issues are rapidly identified with recommended actions provided including suggested further routine tests which will keep your web infrastructure safe and secure. What type of things do our full security tests assess? Our full service provides a full website security check that will test the entire website using a variety of different attack methodologies, ranging from MySQL/database attacks to DNS poisoning attacks. We use real world ‘no previous knowledge’ attack techniques. Our security engineers conduct a ‘fingerprint’ style analysis ofClick Me For More Details… […]

Read More…

How to check a link is safe before clicking on it

With one click online you could either end up reading an amazing story or having someone try to steal your personal details! Online you are sometimes no more than one click away from danger; it really is a minefield out there. It is more important than ever nowadays to not click on malicious links, as the scammers have become ever more sophisticated, but how can you tell the good ones from bad ones? We think that one good tip online is: If it seems too good to be true then it probably is too good to be true! Sadly, the best security software will not necessarily protect you from the problems that you may encounter if you do click on an unsafe link. Such unsafe links will likely appear to be shortcuts to viral videos, disturbing news stories and amazing offers but they are simply there to either steal your personal information or even hijack your computer itself, with subsequent problems likely to ensue! Malicious and unsafe links can be passed on by unsuspecting friends and family in emails, Facebook posts, and even instant messages. You may encounter unsafe links in website adverts and Google, or other search engines searchClick Me For More Details… […]

Read More…

Tech Giant Apple calls on UK government to scale back snooper’s charter

The world’s biggest company, Apple, says changes to the UK government’s investigatory powers bill would weaken the security of the “personal data of millions of law-abiding citizens”. The Californian technology firm expressed major concerns on Monday in a submission to the bill committee, calling for wholesale changes prior to the bill being passed. Weakening security for all users An Apple spokesperson said “We believe it would be wrong to weaken security for hundreds of millions of law-abiding customers so that it will also be weaker for the very few who pose a threat,” they also went on to say “In this rapidly evolving cyber-threat environment, companies should remain free to implement strong encryption to protect customers” The UK’s investigatory powers bill was presented to the House of Commons by Theresa May, the home secretary, in November. It is currently at the committee stage prior to becoming law. Easier Snooping for the authorities Apple highlighted the main parts of the new bill that it wants changing. They explained to the committee that certain passages of the bill would give the government the power to demand organisations, such as Apple, alter the way their products work. For Apple in particular, this wouldClick Me For More Details… […]

Read More…

Is your personal data safe with Data Brokers?

A great many respected website and IT security experts expect to see enormous breaches of personal data in the near future. In fact, such breaches of data may be happening right now but we are simply not aware of them! The problem we all face nowadays is centralised around mysterious Data Brokers, including how they store and sell that data on to third parties. This may have all started with good intentions but personal data such as web browsing histories, shopping habits, preferences and demographic information are all now being used by those involved in marketing for targeting of particular audiences to increase sales. This all may seem fairly innocuous so far but think about it a little more. The data could provide your personal information to those with dubious intent to take advantage of in such ways as sophisticated targeted phishing attacks unlike any we have seen before. These types of attacks, commonly known as spear-phishing, are usually instigated in order to trick individuals into compromising the integrity of their personal details or computers. These will be more effective than in the past due to the potential to personalise the attack providing further legitimacy to the scammers! Recipients ofClick Me For More Details… […]

Read More…

Third party penetration testing

If you are considering a penetration test or pen test, often the best way to conduct such a test is to engage a third party penetration testing company who have no prior knowledge of your systems. This has several benefits, as listed below: No prior knowledge of your system, ensuring a fair and realistic penetration test is conducted. Compliance when dealing with PCI or other security standards. Having a third party assess your existing security arrangements can add insight and be of great benefit. Independent reports, issued from outside of your organisation can show you are prepared to engage independent professionals when dealing with security which in turn helps reassure clients. Security Audit Systems offers independent third party penetration tests, if you are interested in finding out more about how our service works, click here. Alternatively, if you are ready to put your website to the test, click here to contact us and book your penetration test today. […]

Read More…

How can companies protect themselves from cyber-attacks?

How can companies protect themselves from cyber-attacks? As the prevalence of hacking, phishing and various other online scams increases, it is important that you look after your IT security across the board. Data is a valuable commodity and, if stolen in significant volume, virtually priceless to both criminals and the agencies of nation states with dubious intentions. Fortunately, there are many steps that companies and organisation can take to protect themselves from hackers. These range from relatively obvious steps such as not writing down or sharing passwords to never clicking on links from potential phishing scam emails. Less obvious things such as internal data compartmentalisation should also be considered. With the profusion of the many different types of hacking attacks and online scams prevalent in today’s world, you need to keep your data safe and secure. Here are the recommended major steps that we believe should be taken to protect your valuable corporate data: Use complex passwords. Always incorporate a mixture of upper and lower case alphanumeric characters, spaces and symbols in passwords. Make the password as long as is practicable! Install effective Antivirus and Anti-Malware Software. This is a necessity today, they work by detecting and removing virus, malware,Click Me For More Details… […]

Read More…

A look at Hackers potential impact on businesses and organisations

It is a fact of modern life that a great many modern businesses and organisations will have already been hacked by unscrupulous criminal networks! What you may not know is that either individuals or government agencies acting for entire nation states have also recently been implicated in these criminal activities! These data breaches occur worldwide every day of the week 24/7 and show no signs of abating anytime soon. Security breaches are also not necessarily something that most companies would want to make public. This is because there is, of course, a major potential issue should your banking, credit card or other details come into the hands of a criminal enterprise or foreign government. The world’s biggest data breaches have been truly enormous in scale. In 2014 eBay lost as many as 233 million personal details including names, telephone numbers, post and email addresses, passwords and even dates of birth! It is thought that this particular eBay data breach was facilitated by a small number of its own employees passing details to hackers thereby allowing them to access an eBay database containing their user’s personal details. Once the hackers had gained access they simply copied the valuable data with theClick Me For More Details… […]

Read More…

The Black and White (Hat) of Ethical Hacking

When it comes to cyber security the online world is populated by people of different color, be it, white, black or those who lurk in the grey area. The perception is that there is a group of characters whose actions are benevolent, and so are described as White Hat hackers, white being benign in nature, while on the other hand, there are those whose actions range from questionable to downright malicious. Those individuals are described as Black Hat hackers. The Need for More White Hat Hackers In the world in which we life in today, the need for more White Hat or ethical hackers cannot be emphasized more. With the growing threat of hacker groups such as the Lizard Squad, both large organizations and individuals need to come up with creative ways to make sure that their security protocols are strong enough, which is something that one can only find out when an ethical hacker exposes the gaps in the system. That being said, it is interesting to point out that many of the White Hat hackers were at one point in time Black Hats who were involved in harming companies. So, if you want to hire one, stay frosty.Click Me For More Details… […]

Read More…

How to Really Surf the Internet Anonymously?

Most people who surf the internet have no idea how unprotected their personal details and data really are. By simply visiting different websites, a user exposes his/her information to them, and allows them to potentially track down their physical location. They can also identify details about the device you are using, and even install cookies that track your movement on the internet. Now, if you’re one of those people who really don’t care, then that’s fine. But most people wouldn’t want their information to be in the hands of every website they visit, and they wouldn’t want their information to be analyzed by third parties they probably don’t even know about. For these reasons, surfing the internet in relative anonymity is not only advisable, but in some ways it has become a requirement. Here are a few suggestions on how you can safely surf the internet, without fear that your information is being traced or analyzed: Web Proxies This is perhaps the most common method of surfing the internet anonymously. Popular web proxies include Anonymouse, Hide My Ass, Blewpass and many others. These proxies are fairly easy to use, and all you need to do is type the URL ofClick Me For More Details… […]

Read More…