security

posts about online data security. often includes discussion as to whether we should allow governments to store personal information about our online activity


telecoms fraud workshop VoIP Fraud: Money Lost PABX fraud telecom fraud telecoms fraud liability

VoIP Fraud — Technological Conventionality Achieved

VoIP has reached the mainstream. We know because the fraudsters are coming after us. Trefor.net welcomes VoIP Week guest contributor Colin Duffy, CEO of Voipfone and ITSPA Council member. VoIP merges two of the largest industries in the world: Telecommunications ($5.0 trillion) and the Internet ($4.2 trillion). It is big business. Estimates of VoIP market […]

trefor.net itspa voip security workshop

Announcing ITSPA trefor.net VoIP security workshop sponsored by Yealink

trefor.net is teaming up with ITSPA, the Internet Telephony Service Providers’ Association, to produce a twice yearly VoIP security workshop. The first one is during the Convergence Summit South show at Sandown Park on October 8th, Read on to find out more. Announcing the ITSPA/trefor.net VoIP security workshop Telecom Fraud – Part 1 – A Case […]

website blocking report

Website Blocking Report

See if your website is being blocked by ISPs using the Open Rights Group (ORG) website blocking Blocked resource. Had an interesting tweet this morning from @boggits pointing me at blocked.org.uk, specifically this link. It shows, as is seen in the header screenshot, that three mobile networks: 3, O2 and EE have blocked users access to […]

Lock screen strategy – show your home phone number

Showing your home phone number on your lock screen could avoid a lot of problems if the phone is lost. I’ve always had “Tref’s phone” as text on the lock screen on my phone. Once when the phone was accidentally left on the bar at the cricket club it was returned to me immediately. V […]

Wot? No Password?

UM Labs Ltd. Founder and CEO Peter Cox’s post is based on a presentation given at a recent ITSPA workshop on the risks of auto provisioning. Everyone understands the need for security on the Internet. We all know the importance of using strong passwords and — painful as it may be — regularly changing those […]

2

Voice Fraud – You Need to Act!

Trefor.net welcomes VoIP guest contributor Simon Woodhead, CEO of wholesale voice provider Simwood. In February, we published VoIP Fraud Analysis, a white paper that details Simwood’s three years of operating a Honeypot, coloured in by many years of real-world experience servicing wholesale voice clients of all sizes and seeing them compromised. Our research has been […]

1

Oops – was that the red button? Nuclear near uses

Following last week’s post in which we discussed the precautions taken by Nominet to withstand nuclear attack we beginning to realise how sensible this was. A Chatham House Report Too Close for Comfort: Cases of Near Nuclear Use and Options for Policy describes thirteen incidents of near nuclear use. It’s almost like reading the notes used […]

Selling your contact information – who does it?

One of the things I’ve been looking forward to in life post Timico is having a cleaner inbox. I don’t get spam using Gmail and the platform very kindly filters most commercial mails in to a tab called “Promotions”. This I love. I do look occasionally and note that the mails are typically from rewards […]

2

Lloyds Bank – 2 out of 7 servers “down”

Problems with Lloyds Bank & TSB cashpounts attributed to failiure of 2 out of 7 servers by BBC. Interesting article on BBC Radio 4 Today Prog this morning. Apparently last night some Lloyds & TSB customers were unable to use their debit cards for a couple of hours or so. Not me. I was at […]

3

Intro & Password Pain by @LindseyAnnison

I’m grateful to Tref for leaving the corporate treadmill and embarking on this new venture.  Although he never appeared to hate, or even dislike, his day job as some others in the industry seem to (in fact, having seen him in situ in the Timico offices several times, he seemed to positively revel in it!), […]

11

Gmail update – Google+ comment

Got an email yesterday from Google about a change to Gmail. Everyone probably got the same mail. Certainly the mainstream media made big news of it, in the tech sections. When you are sending an email from a gmail account you will now be offered Google+ account holders as recipients of the mail. One site, […]

Team Cymru – the correct pronounciation

On a completely different note whilst I was at the Euro-IX conference last week someone gave a talk that included something about Team Cymru. Team Cymru are a top bunch of guys in the cyber security space. However there is something that urgently needs addressing about the organisation and that is how you pronounce their […]

5

Is Huawei in your network a national security concern?

I am reminded that yesterday’s post on how would Huawei spy on your network has an additional dimension in the UK in that a significant chunk of BT’s 21CN infrastructure is based on the Chinese vendor’s kit. I hadn’t noticed that this hit the headlines a couple of months ago. The BT Huawei deal would […]

4

The Fortigate100D firewall & MPLS networks

I find it profitable to sit around the development teams. Someone always says “hey Tref come and see this”. On this occasion it was a couple of Fortigate100D firewalls. Now the cynics amongst you will say so what? A firewall? What’s so interesting about that? I realise that there can be few readers of this […]

How to make your VoIP secure #fraud

It’s a pretty simple process to set up your own VoIP phone system. Google “free VoIP server” and you will find links to 3CX or Asterisk. Download their free software and install it on a computer in your office. Sign up for a few SIP trunks from an Internet Telephony Service Provider (eg Timico) and […]

2

How to achieve a PCI Compliant network

A lot of effort goes into achieving PCI compliance for a network. Without going into huge detail I thought some of you would like to know the type of work we had to do to get the badge. Implementation of secure LDAP cluster This consists of a master server and three read-only slaves, the master […]

1

Great phishing season

All you anglers out there will appreciate this little phishing effort from “Lloyds Bank”. I picked it up from our spam filter – pleasing to see that it works. I do wonder what percentage of recipients of this kind of email actually fall for it. This one isn’t a bad attempt though as is the […]

2

Automated spam calls to mobile – what to do

The scam business continues. Just got what I think was another PPI mis-selling call via automated call to my mobile. The originating number was 07588034908. I was expecting a call and was just trying to figure out if this was it at the same time as answering the phone so I missed the first half […]

your password here? oh dear! #LinkedIn

I note from the Daily Telegraph that LinkedIn has had 6.5 million passwords stolen and published on a Russian website. When did you last sort out your passwords> Have you got a password policy? Worth getting one I’d say. This is a perfect example of why we shouldn’t let the government collect data about us. […]

« Previous PageNext Page »