With many of us making a hurried move to working from home due to the current Covid19 situation , social media has been flooded with people proudly posing on Zoom calls or showing off their new home office set — up. But what data risks do those pictures pose and what can you do to mitigate them?

As cyber security experts it’s unlikely you see a picture of our desks on LinkedIn, but as the trend for showing off how well you are working at home shows no signs of abating, here’s what we recommend you look out for in…

The current Coronavirus pandemic means the majority of the UK, and the world, could be entering a prolonged period of social distancing. For those able to do so that means working from home. But what about the cyber security impact of working from home? Is it intrinsically less safe?

The world is highly connected, and thankfully technology makes it much easier to transition to the “home office”. However, our homes are often a much more relaxed place. We feel safe in our homes which can lead to complacency and a drop in cyber security standards.

As experts in cyber security

“brown steel window frame with text overlay” by Mathew Schwartz on Unsplash

Among the more common scams used by cyber criminals is the fake technical support service. Phone calls from Microsoft technicians and pop-ups warning of viruses are just a couple of the hallmarks of this con.

Tech support scams prey on the victim’s lack of IT knowledge to fool them into thinking there is something wrong with their computer. The victims are then conned into paying for an expensive service or downloading software in order to “fix” their problems. These services often entail giving the scammers remote access to their computer. …

Photo by Ilya Pavlov on Unsplash

If you use .dev when you development your web applications you may have problems with Chrome.

Mattias Geniar has noted that Chrome has added .dev wildcard to Chrome HSTS preload.

What this means is that any URL using .dev domain extension will automatically redirect to HTTPS. The .dev extension is actually owned by Google. Becuase the site is using HSTS preload chrome will also not allow you to “proceed” past any HTTPS errors.

If you use .dev for your development I recommend you look at changing this now. There is a proposal to reserve .localhost to always point to 127.0.0.1…

Photo by Taduuda on Unsplash

From Chrome 63 (December 2017) Chrome will mark FTP URLs in browser as Not Secure.

The usage of FTP within browser is minimal. 0.0026% according to Chrome stats.

Photo by Linh Pham on Unsplash

The sector has for some time been moving towards skills based boards and bringing in people from outside the housing sector. A lot of focus has been on commercial knowledge. Directors from large firms are actively sought for their understanding of business and commercial skills.

These skills are definitely needed on a board. But depending on their background these professionals may only have experience of “big business”.

This could create a problem for the future. Associations are becoming big business and losing that ability to think small.

Within the sector I often hear the phrase “try to imagine if this…

You even get a certificate!

I recently took part in the HDN (Housing Diversity Network) board member mentoring program. As a complete newbie to the housing sector I wasn’t sure what to expect. I had been on business mentoring programs previously in other roles (non-housing related) and I had found these extremely lacking. Often just showing you how things should be done in theory and not discussing real world examples.

In short the HDN mentoring program was excellent and provided exactly what I needed to improve both my own personal skills and housing knowledge.

The course organiser was Yvonne who worked really hard to ensure…

At some times of the year you can barely drive down a country road around my town without taking out a few pheasants who just decide to run into the road. Over the years you would have thought these animals would have evolved to recognise dangers and be a little less stupid.

Pheasants are mostly bred in captivity. Kept in pens and catered for by humans. They experience very little danger in captivity. Then during the hunting season thousands of them are released into the wild. These birds have never experienced fast moving vehicles or predators. …

browser auto-fill phishing

As demonstrated by anttiviljami on Github browser-autofill-phishing allows for Chrome to leak additional information that the user may not be aware they are submitting to the website.

Other browsers are also affected although Safari appears to be the most immune by explicitly stating what will be filled out on the page. Hopefully highlighting to the user that they are leaking more information than they expected.

The exploit works by generating the additional fields outside of the browser viewport.

Be careful out there!

Brigitte Tohm

As we welcome in 2017 I have been taking a look at the content published by Servertastic.

You might describe our efforts here on Medium as that buzzword thing “content marketing” and you would be sort of correct. Articles are published to help create awareness of Servertastic and where applicable link to our products and services.

But the web is now awash with “content marketing” and “7 things to improve x”. I do not see it being worth our time creating articles such as these. Nor do I see it as being worth our customers time reading them. …

Andy Gambles

Tech, Web Security, Business, Marketing, Housing Board Director.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store