End of life for Windows 8

Whilst it may come as somewhat of a surprise, Windows 8 will be unsupported as of next Wednesday (13th January).This comes about due to the fact that Microsoft classifies Windows 8.1 as a service pack and not a full new … Continue reading

Posted in Microsoft | Comments Off on End of life for Windows 8

Major Dridex Banking Malware Outbreak

Beginning Friday and continuing through the weekend, OxCERT’s network security monitoring has picked up an extreme number of PCs infected with the ‘Dridex’ family of banking malware. This malware is a specialised form of computer virus, tailored specifically to Windows-based … Continue reading

Posted in Current Threats, Email, General Security, Information Security, Microsoft | 2 Comments

‘CTB-Locker’ Ransomware Campaign

Over the last several days, Oxford users have reported a growing number of suspicious emails to the OxCERT team; this has coincided with the discovery of a number of personal and University machines afflicted by a new ‘ransomware’ variant known … Continue reading

Posted in Current Threats, Email, Microsoft | Comments Off on ‘CTB-Locker’ Ransomware Campaign

How To Train Your POODLE part II – Servers and Infrastructure

In our previous blog post, we gave a quick overview of the ‘POODLE’ SSLv3.0 vulnerability, followed by tips for mitigating the risks on client applications. In this post, we will focus our attention on server side strategies. For servers using … Continue reading

Posted in Current Threats, General Security, Microsoft, Web Security | Comments Off on How To Train Your POODLE part II – Servers and Infrastructure

How To Train Your POODLE part I – Clients

As you may be aware, a serious vulnerability dubbed ‘POODLE’ has been discovered in SSL version 3.0. A successful POODLE attack could allow a malicious person (with network access) to decrypt an SSLv3.0 connection. What does that actually mean? Well, … Continue reading

Posted in Apple, Current Threats, Google, Microsoft | Comments Off on How To Train Your POODLE part I – Clients

Sandworm 0-Day Exploit

Information has been circulating online regarding Sandworm, a vulnerability affecting Microsoft Windows versions from Vista SP2 onward, and Windows Server 2008 onward. Despite the name, the Sandworm bug is not known to be exploited by self-propagating malware. Instead, attack code … Continue reading

Posted in Current Threats, Microsoft | Comments Off on Sandworm 0-Day Exploit

Farewell to XP (part 2)

In the first part of this post, I looked at the background to the end of support for Windows XP in April 2014. In this (somewhat delayed, apologies) second part I will consider what those in the University will need … Continue reading

Posted in General Security, Microsoft | Comments Off on Farewell to XP (part 2)

Farewell to XP (part 1)

8 April 2014 marks the end of an era for many IT staff, and users too. After over 12 years, Microsoft will finally be terminating support for Windows XP, arguably its most successful operating system ever. A little history Windows … Continue reading

Posted in General Security, Microsoft | Comments Off on Farewell to XP (part 1)

The weekend worm that wasn’t … yet

As I write this, it seems that my fears on Friday have not come true over the weekend. To date, things have been quiet. Nevertheless, we still expect a storm. We just don’t know when. While we wait, let’s consider … Continue reading

Posted in General Security, Microsoft | 1 Comment

Oxmail versus Hotmail

As most people within the University will be aware, as well as those who have seen external press articles, over the past week or so we have been experiencing severe difficulties in delivering email to Hotmail. With these problems now … Continue reading

Posted in Email, Microsoft | 2 Comments