OxCERT's blog

Over the past couple of weeks, OxCERT have been somewhat overwhelmed by Mac malware. This isn’t quite the first time we’ve dealt with problems on Macs – we’ve seen several compromised over the years through weak or exposed ssh credentials, … Continue reading →

In a companion article I discuss Mac malware, and how this has recently become much more of a problem than has previously been the case. As well as Apple’s apparently slow response to a recent vulnerability, and general air of … Continue reading →

As I write this, it seems that my fears on Friday have not come true over the weekend. To date, things have been quiet. Nevertheless, we still expect a storm. We just don’t know when. While we wait, let’s consider … Continue reading →

Over the last two months OxCERT have been inundated with compromised University accounts being used to send spam.  So how are so many accounts being abused, what are the risks, and what is the cost to the University? Let’s deal … Continue reading →

OxCERT recently received a request for guidance on URL shortening with regards to using such services to re-direct users to sites that may ask for sensitive personal information.  The concern was that the third-party offering the service may be able … Continue reading →

Hi all and welcome to OxCERT’s new blog.  Here we will try to keep you up to date with any developments and projects we are involved in regarding security in the University of Oxford.  We’ll also take the chance to … Continue reading →

Welcome to OxCERT’s new blog. We’ll be using this to complement our existing series of bulletins and monthly reports, but unlike those will not be access-restricted. We are looking to discuss some of the work we’re doing, respond to queries, … Continue reading →