When visiting a website for the first time, you’ll likely be presented with a (somewhat intrusive) banner or pop-up about cookies. “Cookies” in this regard are sadly not the delicious chocolate-chip laden baked goods that we all love 🍪. (If only they were, I’d be more than happy to accept these when visiting a website!) […]
Two weeks ago I published an in-depth article into the current state of IT security in the UK P2P Lending Industry. At the time of my research last month (February 2017), the vast majority of P2P sites simply ignored my direct correspondence, however since publication, a number of companies are now responding. Their responses are […]
With interests rates at all time lows, and market uncertainly making it harder these days for individuals and businesses alike to obtain loans and credit from high street banks, or to achieve a decent return on their savings, more and more people are turning to Peer-To-Peer (P2P) lending. What is P2P lending? P2P is the […]
Earlier this week, a serious data breach at UK-based payment processing company GoCardless came to light… well, sort of! It’s common place now when a large business suffers a data breach, for them to post a public statement on their website and on social media, and also send out a notification to all their customers […]
Back in January, I discovered a serious flaw in the .as (American Samoa) domain registry (nic.as). The vulnerability allowed anyone to view the entire domain information for any .as domain – including the plain-text passwords of domain owners, administrative and technical contacts! Even more alarmingly, it was also possible to submit registry changes to details […]
A Content Security Policy (or CSP) is a set of rules which website owners can implement to approve origins of content that web browsers should or should not be allowed to load on their websites. For example, a CSP can be used to prevent a website from loading resources such as images, frames, or scripts […]
Virgin Media are one of the UK’s largest Internet Service Providers (ISP), with over 5 million broadband subscribers. Yesterday, a concerned Virgin Media customer forwarded me an email they’d received: The email – which was addressed to the customer by name, and included their name and IP address – had genuinely originated from Virgin Media. […]
Today marks what’s become widely know on the internet as “Data Privacy Day” (or if you’re in the EU, “Data Protection Day”). Data Privacy/Protection Day occurs annually on January 28th, and has taken place in some form or another for the past 9 years. Its purpose is to raise awareness and promote privacy and data […]