Given the release of the KRACK vulnerability, it is becoming very clear you need to take additional steps to make your Wifi network more secure. You should take this as a wake up call to understanding the risks inherent with a Wifi network and just how easily it can be used to gain access into Read more about KRACK – Securing Your Wifi Network[…]
I must admit, one of my all time pet peeves is when engineers do not implement their user authentication service in the right way to be defendable against an attack. Take for the instance the recent hack against Zomato in which they had 6.6m hashed user passwords stolen. The real problem here is not that the Read more about User Authentication, you must do it right![…]
According to a recent report – security looks to be a top concern among Software Architects. In this article I go into detail on one of the core ways in which you can achieve dependable security in evolving online systems – namely defense by depth. What is defense by depth? Simply put this is where one Read more about Software Architect Security – what does defense by depth mean on the cloud?[…]
PII (Personally Identifiable Information) broadly speaking is information that relates directly to the individual (you) and allows you to be individually identified, plus it is often of a sensitive private nature. We explain in this article what it is and how to protect yourself against people trying to steal your identity through PII. Why is Read more about What is PII Really?[…]
Online systems need to be both secure and designed to last, so how can you achieve both and not blow the budget? This article covers a few simple principals you can adopt which are both good for your systems architecture and good for your security. #1 System Components should only do what they say on Read more about Systems Architecture & Security, winning at both[…]
According to this article Cisco just had a bit of a shock in the Vault 7 CIA leak – namely that a simple malformed telnet command to one of its effected switches can either reboot it or get it to execute commands with admin privileges (or the equivalent of admin). This is a Zero Day as Read more about Just turn off telnet everywhere now…[…]
PayPal have committed to a longer signing key length and part of this is in the need to upgrade your SSL and CURL stack to support TLS 1.2 and HTTP/1.1, this will hit most people via the IPN acknowledgement call back. Why the longer key length? Basically over time the ability of computers to ‘crack’ a Read more about PayPal SSL upgrade to TLS 1.2 and HTTP/1.1[…]
Websites or online services come under constant attack from hackers using automated scripts, if left unmanaged such attacks can consume sufficient resources to impact your quality of service, negatively impacting your brand. This article explains why this is a major problem and what the solution is. Online Security Matters, Dictionary Attacks are everywhere Every online Read more about Online Security and Hungry Caterpillars – they have a lot in common…[…]
Software or Systems architecture is often undertaken from a very technical point of view, the main concerns being around reducing technical complexity and dependencies to make it easier to deal with change in the long run. This is fine for ‘standalone systems’ but in today’s highly interconnected world – the boundary of a system is often Read more about Security and Architecture – always consider both together[…]
In response to attacks on WordPress sites worldwide that use 3 common plugins (which are often included in Commercial themes) we have been busy upgrading our website hosting to effectively guard against such attacks. We now provide as standard for all websites we host: Scanning every 30 minutes of web files looking for viruses, back-doors, Read more about Security Upgrades to Website Hosting[…]
This new flaw, called the Covert Redirect flaw, was first reported by a Singaporea PhD student in mathematics from Nanyang Technological University. The Covert Redirect flaw is not so easily patched as heartbleed… What is the Covert Redirect flaw? The flaw allows hackers to modify the process of logging into a site, silently redirecting people to dangerous websites Read more about New security flaw in OAuth and OpenID found[…]
According to this article in Time a truly massive security flaw has been discovered in Internet Explorer on XP. In fact it is so serious that a national security alert has been issued! The way the flaw works sounds similar to that with the HeartBleed bug – in that a hacker can access resources that Read more about Internet Explorer Security Flaw[…]
Cybercriminals and Internet fraudsters are singling out e-commerce sites and blogs of small businesses for their unscrupulous attacks. Nevertheless, as a business website owner, you can enact some simple precautions to thwart the evil designs of these unwanted intruders. The “Fort Disco” Botnet’s Brute-Force Tactic Both small business networks, as well as, their websites are Read more about Common Security Mistakes That Business Website Owners Make & How to Avoid Them[…]
The speed of your business website matters. Quick-loading websites perform better on every front: higher search ranking, superior user experience, and better user engagement. Most importantly, fast-loading websites deliver higher conversions and higher revenue. Slow Websites Hinder Mobile Traffic If you’re targeting mobile traffic and income (who isn’t), your website speed becomes even more critical. Read more about The Importance of Website Loading Speed & Top 3 Factors That Limit Website Speed[…]
According to the media one of Bitcoins exchanges got hacked so badly they had to go off air as a result. Which is quite shocking when you think about, one act of hacking took down a whole monetary exchange system… For those of you wondering what on Earth Bitcoin is – it’s a purely virtual Read more about Is Bitcoin finally busted??[…]
Unsure of your business security?Need to secure a website?Looking to build your cyber resilience?Need to comply with a security standard to win business? We can help. Aykira has the expertise to reduce business risks and improve your security posture. Our security services include: Aykira has a proven track record with over 15 years of direct Read more about Cybersecurity Services[…]
According to reports (see here & here), hackers are becoming a lot smarter in how they attack websites. Rather than trying to individually attack each website they have recognised that standard frameworks are being used to create and maintain websites and thereby making it somewhat easier to attack a whole class of websites ‘en mass’ Read more about Hackers want your business website data![…]