Data Security (Inc. Data Loss Prevention), Cyber Security, Privacy, Website Security, Email Security, Malware/Viruses, Open Source Intelligence, Cyber Security/Product Training

Service Offerings

  • Cyber security training
  • Product reviews
  • Blog or article writing
  • SME & UHNWI cyber security
View more details here or email me.

Chapter Author

Contact Graeme

Journalists, students or potential clients:
graeme@datasecurityexpert.co.uk

Something private to say?
PGP public key

No AI Used Here

The Tesco Bank hack: my own theories on how it may have happened

Details
Category: Cyber Security (Personal)
Whenever someone is hacked for weeks after there are articles, some with speculation to what happened. Often the theory is SQL injection but in cases like: Sony Pictures Entertainment, Sony, PlayStation Network, Target Corporation, United States Office of Personnel Management and likely Tesco Bank no one will ever know the full facts. Here are some of my own personal theories not in order and yes some are less likely....

Web platform
Many recent attacks have gone after layer seven (the application, i.e. port 443 or 80). SQL injection is common which could disclose records in a database or it could have been a loophole which lets someone get into another account without valid credentials.

Read more …

Mrs. Clinton’s private mail server scenario is not actually as rare as you may think

Details
Category: Cyber Security (Personal)
Firstly this is not a political article to explore or voice opinions around: who is a better candidate, who is more spiteful, who will win or if the media is biased to one side. Reports clearly state Mrs. Clinton run her own non-government sanctioned mail server. The mail server was run by non-IT security experts and various security holes have been reported.

Imagine you are the director-general of Mi6, secretary of state for defence or the CEO of a multinational pharmaceutical business, and you use your own Google Mail, Hotmail, Yahoo Mail or private mail domain server account to conduct work business. Wrong it seems but cases similar to Mrs. Clinton or the examples listed here do happen fairly frequently.

Read more …

TalkTalk hack: The ICO’s biggest fine so far - TalkTalk must be trembling in their shoes, erh, no

Details
Category: Cyber Security (Personal)
Time for secondary sch. maths, rare I know in the working world with calculators. £1,795,000,000 (revenue) divided by 10 (for 10%) = £179,500,000, divided by 100 (for 1%) = £17,950,000. How about 0.5% or even 0.1%? No. Many calculations later and the grand figure is about 0.0222% of revenue.

If you are a local council or charity a fine of tens or hundreds of thousands will be difficult but not for a firm with over a billion in revenue, an entire PR department and thousands of staff. The ICO has only been issuing fines for about five years and so far, it has not issued many.

TalkTalk was allegedly penetrated through a SQL injection attack, this attack type has been around for years and according to reports, Sony was hit around five years ago. Being well known you would think TalkTalk would have tried to mitigate it. Poor security maybe but others are likely the same.

Read more …

Page 27 of 61

© Copyright 2012-2026 DataSecurityExpert.co.uk

Sorry, this website uses features that your browser doesn't support. Upgrade to a newer version of Firefox, Chrome, Safari, or Edge and you'll be all set.