The Small Business Cyber Security Guy

Welcome to my personal blog — a space where I share my own views, opinions, and insights on technology, cyber security, and the realities of working in IT.

This blog is entirely personal. The thoughts and opinions expressed here are mine alone. They do not represent the views, policies, or positions of my employer, past or present, or any organisation I’m associated with professionally or personally.

Expect a mix of:

  • Straight-talking advice for small businesses

  • Honest takes on cyber security and IT trends

  • The occasional rant

  • A few war stories from the frontlines (names removed to protect the guilty)

With over 40 years in the industry, I’ve seen a lot — some of it brilliant, some of it baffling.

This blog is where I unpack all of it.

Man wearing glasses and a light gray sweater, smiling
Fake CAPTCHAs Are Now Malware Traps – Because Of Course They Are!
Cyber Security for Small Businesses, Threat Intelligence, Social Engineering Noel Bradford Cyber Security for Small Businesses, Threat Intelligence, Social Engineering Noel Bradford

Fake CAPTCHAs Are Now Malware Traps – Because Of Course They Are!

Think you’re safe clicking through a CAPTCHA? Think again. Cybercriminals are hijacking your trust with fake CAPTCHA pop-ups that trick you into downloading malware—by following simple keyboard instructions you’d never question. One click and boom—your passwords, wallets, and entire digital life are up for grabs. This isn’t just clever, it’s terrifyingly effective. If you’ve ever hit "I’m not a robot," you need to read this before you hand your system over to hackers.

Read More
DrayTek Disaster: Why Your Business Wi-Fi Just Became a Cybersecurity Liability
Cyber Security for Small Businesses, Vulnerability, Networking Noel Bradford Cyber Security for Small Businesses, Vulnerability, Networking Noel Bradford

DrayTek Disaster: Why Your Business Wi-Fi Just Became a Cybersecurity Liability

A critical flaw in DrayTek routers is wreaking havoc on UK broadband connections — and no, this isn’t just a “techie problem.” Businesses across the country are unknowingly running vulnerable, outdated routers that are now being blocked by ISPs for good reason.

DNS hijacks, remote code execution, and silent compromises are all in play. If you're still clinging to your 2018 networking gear like it’s a family heirloom, it’s time to wake up. This isn’t about cost — it’s about negligence. Here’s what’s going on, why it matters, and what to do before your internet (and reputation) vanishes.

Read More
2-Step Verification: The Absolute Bare Minimum for People Who Actually Give a Damn
Cyber Security for Small Businesses, MFA Noel Bradford Cyber Security for Small Businesses, MFA Noel Bradford

2-Step Verification: The Absolute Bare Minimum for People Who Actually Give a Damn

If you're still not using 2-Step Verification (2SV), you might as well leave your front door wide open, bake some cookies for the burglars, and leave a note that says, "Take what you like, I clearly don’t give a shit." Sounds ridiculous? So does ignoring the absolute bare minimum of online security. Passwords alone are about as effective as a chocolate teapot, and cybercriminals love people who think 2SV is “too much hassle.” If typing in a short code now and then feels like a chore, maybe the internet isn’t for you. Get 2SV enabled before you end up Googling, "What to do when my bank account is emptied?"

Read More
Lazarus Strikes Again: North Korean Hackers Crash the NPM Party
Cyber Security for Small Businesses, News, Alerts Noel Bradford Cyber Security for Small Businesses, News, Alerts Noel Bradford

Lazarus Strikes Again: North Korean Hackers Crash the NPM Party

North Korea's Lazarus hackers are back, gleefully slipping malicious code into popular NPM packages—think razor blades hidden in your Halloween sweets. Hundreds of developers unwittingly invited cybercriminals into their digital lives, losing sensitive data and perhaps some self-respect. This latest supply-chain fiasco underscores a crucial lesson: trust no package blindly.

Treat your code dependencies like milk—check regularly, or risk finding something unpleasantly chunky in your morning coffee. Vigilance isn't optional; it's essential.

Read More

⚠️ Full Disclaimer

This is my personal blog. The views, opinions, and content shared here are mine and mine alone. They do not reflect or represent the views, beliefs, or policies of:

  • My employer

  • Any current or past clients, suppliers, or partners

  • Any other organisation I’m affiliated with in any capacity

Nothing here should be taken as formal advice — legal, technical, financial, or otherwise. If you’re making decisions for your business, always seek professional advice tailored to your situation.

Where I mention products, services, or companies, that’s based purely on my own experience and opinions — I’m not being paid to promote anything. If that ever changes, I’ll make it clear.

In short: This is my personal space to share my personal views. No one else is responsible for what’s written here — so if you have a problem with something, take it up with me, not my employer.