What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-08-07 07:55:41 | I\'m Open Sourcing the Have I Been Pwned Code Base (lien direct) | Presently sponsored by: Tines. 22% of breaches begin with phishing (DBIR 2020). Submit suspicious emails and attachments to Phish.ly for free immediate analysis!Let me just cut straight to it: I'm going to open source the Have I Been Pwned code base. The decision has been a while coming and it took a failed M&A process to get here, but the code will be turned over to the public for the | |||
|
2020-08-06 21:30:28 | I\'m Partnering with NordVPN as a Strategic Advisor (lien direct) | Presently sponsored by: Tines. 22% of breaches begin with phishing (DBIR 2020). Submit suspicious emails and attachments to Phish.ly for free immediate analysis!I love security. I love privacy. Consequently, it will come as no surprise that I love tools that help people achieve those objectives. Equally, I have no patience for false promises, and I've been very vocal about my feelings there:kg-card-begin: html-->But one of them is literally called “Secure VPN”, how | |||
|
2020-07-31 08:07:44 | Weekly Update 202 (lien direct) | Presently sponsored by: Tines. 22% of breaches begin with phishing (DBIR 2020). Submit suspicious emails and attachments to Phish.ly for free immediate analysis!Unfortunately, our run of good luck here down in Aus has taken a bit of a turn COVID wise. Not so much in my home state, but the southern states have been copping it so this week, I pulled the pin on snowboarding. For folks overseas, that might sound like | |||
|
2020-07-25 01:42:29 | Weekly Update 201 (lien direct) | Presently sponsored by: Tines. 22% of breaches begin with phishing (DBIR 2020). Submit suspicious emails and attachments to Phish.ly for free immediate analysis!I love this setup! A huge amount of research went into this but the PC, screens, cameras lights and all the other bits are working really well together. I did my first interview with this setup today and I think I'm actually going to be sticking with the mood lighting | |||
|
2020-07-24 08:11:26 | Building the Ultimate Home Office (Again) (lien direct) | Presently sponsored by: Tines. 22% of breaches begin with phishing (DBIR 2020). Submit suspicious emails and attachments to Phish.ly for free immediate analysis!I was searching around for a quote along the lines of you only being as good as the tools you use and somehow, I ended up down this rabbit hole of painters quotes and carpenters quotes and stuff about artists and their brushes. Then I started thinking it sounds a | |||
|
2020-02-28 08:23:27 | Weekly Update 180 (lien direct) | Presently sponsored by: 1Password is a secure password manager and digital wallet that keeps you safe onlineIf last week was the week where I felt like I was drowning in data that was still being processed, this week was the week where it came to light. Not all of it, mind you, I've still got ginormous volumes I'm disclosing but it certainly was a whole heap | |||
|
2020-02-25 08:19:32 | Handling Huge Traffic Spikes with Azure Functions and Cloudflare (lien direct) | Presently sponsored by: 1Password is a secure password manager and digital wallet that keeps you safe onlineBack in 2016, I wrote a blog post about the Martin Lewis Money Show featuring HIBP and how it drove an unprecedented spike of traffic to the service, ultimately knocking it offline for a brief period of time. They'd given me a heads up as apparently, that's what the program | |||
|
2020-02-21 08:04:14 | Weekly Update 179 (lien direct) | Presently sponsored by: 1Password is a secure password manager and digital wallet that keeps you safe onlineOn reflection, I feel this week's update was dominated by having a laugh at an IoT candle 😂 And that's fair, too, even though I then went and bought one because hey, this is gonna be great conference talk material! Delivery is going to be much later this year so don't | |||
|
2020-02-14 02:52:44 | Weekly Update 178 (lien direct) | Presently sponsored by: 1Password is a secure password manager and digital wallet that keeps you safe onlineThis week I'm at Microsoft Ignite "The Tour" in Sydney with Lars Klint. I've spent most of the last couple of days doing the "hallway track" (basically just wandering around and saying "hi" to people) and doing a bunch of meetings with folks here on cyber things. I didn't mention | |||
|
2020-02-12 05:32:57 | Donating BAT to Have I Been Pwned with Brave Browser (lien direct) | Presently sponsored by: 1Password is a secure password manager and digital wallet that keeps you safe onlineI don't know exactly why the recent uptick, but lately I've had a bunch of people ask me if I've tried the Brave web browser. Why they'd ask me that is much more obvious: Brave is a privacy-focused browser that nukes ads and trackers. It also has some cool built-in | |||
|
2020-02-11 06:43:51 | Sharenting, BYOD and Kids Online: 10 Digital Tips for Modern Day Parents (lien direct) | Presently sponsored by: 1Password is a secure password manager and digital wallet that keeps you safe onlineToday is Safer Internet Day which marks the annual occurrence of parents thinking about their kids' online presence (before we go back to thinking very little about it tomorrow!) It's also the day the Courier-Mail here in my home state of Queensland published a piece on sharenting or as Wikipedia | |||
|
2020-02-07 06:26:33 | Weekly Update 177 (lien direct) | Presently sponsored by: 1Password is a secure password manager and digital wallet that keeps you safe onlineI've got audio! Ok, so I cheated a bit in terms of recording back in the home office, but the plugs I need to make the Zoom H6 work the way it should (and yeah, I know I said "Rode" H6 in the vid, sorry!) are on the way and | |||
|
2020-01-31 10:51:46 | Weekly Update 176 (lien direct) | Presently sponsored by: 1Password is a secure password manager and digital wallet that keeps you safe onlineWell that's the audio issues fixed - mostly. The Zoom H6 is an awesome recorder, I just can't quite work out the right adaptors for the mic. I've got a couple of Saramonic SR-XLM1 lav mics and the guy at the DJ store I bought the Zoom from was convinced | |||
|
2020-01-25 07:40:09 | Weekly Update 175 (lien direct) | Presently sponsored by: 1Password is a secure password manager and digital wallet that keeps you safe onlineAlright, let me get this off my chest first - I've totally lost it with these bloody Instamics. I've had heaps of dramas in the past with recordings being lost and the first time I do a 3-person weekly update only 2 of them recorded (mine being the exception). I | |||
|
2020-01-21 16:31:48 | Kids and Code: Object Oriented Programming with Code Combat (lien direct) | Presently sponsored by: 1Password is a secure password manager and digital wallet that keeps you safe onlineGeez time flies. It's just a tad under 4 years ago that I wrote about teaching kids to code with code.org which is an amazing resource for young ones to start learning programming basics. In that post I shared a photo of my then 6-year-old son Ari holding a | |||
|
2020-01-18 19:01:00 | Weekly Update 174 (lien direct) | Presently sponsored by: 1Password is a secure password manager and digital wallet that keeps you safe onlineWe're in Norway! More specifically, Scott Helme and I are in Hafjell and recording this after a day on the snow before heading back to Oslo and the NDC Security conference next week. For now though, we're talking about some really screwy global roaming behaviour with telcos, the Danish gov | |||
|
2020-01-13 09:35:49 | Welcoming the Danish Government to Have I Been Pwned (lien direct) | Presently sponsored by: 1Password is a secure password manager and digital wallet that keeps you safe onlineIn a continued bid to make breach data available to the government departments around the world tasked with protecting their citizens, I'm very happy to welcome the first country onto Have I Been Pwned for 2020 - Denmark! The Danish Centre for Cyber Security (CFCS) joins the existing 7 governments | |||
|
2020-01-10 09:40:37 | Weekly Update 173 (lien direct) | Presently sponsored by: 1Password is a secure password manager and digital wallet that keeps you safe onlineI really should have started the video about 3 minutes earlier. Had I done that, you'd have caught me toppling backwards into the frangipani tree whilst trying to position my chair and camera which frankly, would have made for entertaining viewing. Instead, this week's update is focused primarily on a | |||
|
2020-01-08 08:05:52 | The Difficulty of Disclosure, Surebet247 and the Streisand Effect (lien direct) | Presently sponsored by: 1Password is a secure password manager and digital wallet that keeps you safe onlineThis is a blog post about disclosure, specifically the difficulty with doing it in a responsible fashion as the reporter whilst also ensuring the impacted organisation behaves responsibly themselves. It's not a discussion we should be having in 2020, a time of unprecedented regulatory provisions designed to prevent precisely the | |||
|
2020-01-03 11:58:22 | Weekly Update 172 (lien direct) | Presently sponsored by: 1Password is a secure password manager and digital wallet that keeps you safe onlineI couldn't get 2 days into the new decade without having to deal with ridiculous password criteria from Tik Tok followed by my phone automatically associating with what it thought was my washing machine whilst in a grocery store on the other side of the world (yep, you read that | |||
|
2019-01-18 01:31:04 | Weekly Update 122 (lien direct) | Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackAnd then there was the biggest data breach to go into HIBP ever! I wrote that sentence from home just after publishing all the data, then I got on a plane...Holy cow that's a lot of emails! Hundreds upon hundreds of emails came in whilst on the way to | Data Breach | ||
|
2019-01-16 21:54:01 | The 773 Million Record "Collection #1" Data Breach (lien direct) | Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackMany people will land on this page after learning that their email address has appeared in a data breach I've called "Collection #1". Most of them won't have a tech background or be familiar with the concept of credential stuffing so I'm going to write this post for the masses | Data Breach | ||
|
2019-01-11 08:04:05 | Weekly Update 121 (lien direct) | Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackWell, it's one more sunny weekly update then snow time again so I've gone particularly beachy today. I'm also particularly breachy, talking about a massive combo list I'm presently pondering for inclusion in HIBP. These lists are frequently used for account takeover attacks against the likes of Spotify which is | |||
|
2019-01-08 09:52:01 | No, Spotify Wasn\'t Hacked (lien direct) | Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackTime and time again, I get emails and DMs from people that effectively boil down to this:Hey, that paste that just appeared in Have I Been Pwned is from Spotify, looks like they've had a data breachMany years ago, I introduced the concept of pastes to HIBP and | |||
|
2019-01-04 08:22:00 | Weekly Update 120 (lien direct) | Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackAnd then it was 2019. Funny how quickly it gets away from you, someone just posted on my 2018 retrospective blog post this week and asked why I didn't include my congressional testimony and if I'm honest, it took me a bit to think about why as well (it was | |||
|
2019-01-03 08:22:04 | 2018 Retrospective (lien direct) | Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackI started doing these retrospectives 3 years ago in my first year of independence. I reckon they're a good thing for everyone to do if not in written form then at least mentally to look back on your achievements of the year. They're a great way of reflecting on success | |||
|
2018-12-31 05:58:02 | 10 Personal Finance Lessons for Technology Professionals (lien direct) | Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackPatience. Frugality. Sacrifice. When you boil it down, what do those three things have in common? Those are choices. Money is not peace of mind. Money's not happiness. Money is, at its essence, that measure of a man's choices.This is part of the opening monologue of the | |||
|
2018-12-28 09:57:04 | Weekly Update 119 (lien direct) | Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackI'm home! And it's a nice hot Christmas! And I've got a new car! And that's where the discussion kinda started heading south this week. As I say in the video, the reaction to my tweet about it was actually overwhelmingly positive, but there was this unhealthy undercurrent of negativity | |||
|
2018-12-23 02:40:05 | Weekly Update 118 (lien direct) | Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackAnd that's it for Canada. I recorded this Saturday morning local before heading out for last runs with the family. It's been fun but as I just tweeted sitting here in the airport:That's it for Canada! It's been fun, but it's time for sunshine again 🇨🇦 ✈️ 🇦🇺 pic. | |||
|
2018-12-15 16:36:03 | Weekly Update 117 (lien direct) | Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackI'm in Whistler! And as I say at the start of this video, I did seriously consider having a week off these videos, but I found a comfy spot by the fire and a cold beer and all was good in the world again. This week has some updates on | |||
|
2018-12-07 08:21:02 | Weekly Update 116 (lien direct) | Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackI'm on countdown to take-off for the next 2 and a bit weeks so I'm going to keep this intro really short because it's sitting between me and a relaxing cold one (as soon as the bags are ready). Heaps of services got pwned, Australia has a screwy set of | |||
|
2018-12-04 07:51:04 | Have I Been Pwned - The Sticker (lien direct) | Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackSo today is Have I Been Pwned's (HIBP's) 5th birthday. I started this project out of equal parts community service and curiosity and then somehow, over the last 5 years it's grown into something massive; hundreds of thousands of unique sessions a day, millions of subscribers, working with governments around | |||
|
2018-12-01 08:15:01 | Weekly Update 115 (lien direct) | Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackI'm pushing this out a day late so firstly, apologies for the break in what's otherwise a pretty steady cadence. But having said that, as I say at the start of this video I've really been struggling with work / life balance lately. As such, I recorded this Thursday evening then | |||
|
2018-11-23 06:28:03 | Weekly Update 114 (lien direct) | Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackIt's a no-blog week, but that doesn't mean any less is happening! This week, I've finally wrapped up the Lego Bugatti, got myself into the new iPad, connected my washing machine (I know, I know, I didn't plan it this way!) and then isolated it on a separate IoT network. | |||
|
2018-11-16 01:18:01 | Weekly Update 113 (lien direct) | Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackBit of a change of scenery this week; I've gone to the other end of the house whilst invasive palm tree roots are water blasted out from beneath my office window as part of our garden renos. But hey, that's a nice place to be on a day like this | |||
|
2018-03-27 21:44:05 | Aussie Telcos are Failing at Some Fundamental Security Basics (lien direct) | Presently sponsored by: Do you desire peace of mind? The hackers don't wait, secure your website and mobile apps with Gold Security today.Recently, I've witnessed a couple of incidents which have caused me to question some pretty fundamental security basics with our local Aussie telcos, specifically Telstra and Optus. It began with a visit to the local Telstra store earlier this month to upgrade a couple of phone plans which resulted in... | |||
|
2018-03-26 09:32:00 | A Scammer Tried to Scare Me into Buying Their Security Services - Here\'s How It Went Down (lien direct) | Presently sponsored by: Do you desire peace of mind? The hackers don't wait, secure your website and mobile apps with Gold Security today.Here's the tl;dr - someone named "Md. Shofiur R" found troyhunt.com on a "free online malware scanner" and tried to scare me into believing my site had security vulnerabilities then shake me down for a penetration test. It didn't work out so well for... | |||
|
2018-03-23 04:45:04 | Weekly Update 79 (lien direct) | Presently sponsored by: Build scalable, reliable and secure cloud native applications with Tech FabricHome again which means more time to blog and per the intro to this week's update, time to catch up on how HIBP is tracking. Here's the 2 tweets with some stats I mention at the start of this week's update: It's been almost a month since I | |||
|
2018-03-21 08:26:03 | The Legitimisation of Have I Been Pwned (lien direct) | Presently sponsored by: Build scalable, reliable and secure cloud native applications with Tech FabricThere's no way to sugar-coat this: Have I Been Pwned (HIBP) only exists due to a whole bunch of highly illegal activity that has harmed many individuals and organisations alike. That harm extends all the way from those in data breaches feeling a sense of personal violation (that's certainly how... | |||
|
2018-03-17 18:43:03 | Weekly Update 78 (San Fran Edition) (lien direct) | Presently sponsored by: Netsparker - dead accurate web application security scanning solution - Scan websites for SQL Injection, XSS & other vulnerabilitiesLast day of travel! The weekly update is out late due to a packed week which I endured whilst battling a cold as well which has made it pretty rough. But other than that, it was a fantastic week recording Pluralsight courses and meeting with some really cool tech companies... | |||
|
2018-03-10 01:15:01 | Weekly Update 77 (Seattle Edition) (lien direct) | Presently sponsored by: Do you desire peace of mind? The hackers don't wait, secure your website and mobile apps with Gold Security today.I'm in Seattle! This has been a mega week at the Microsoft MVP and Regional Director summits and as I say in the video, I'm actually a little run down now that it's all done. But I've had a wonderful week of meeting a heap of people and seeing some... | |||
|
2018-03-02 09:04:04 | Weekly Update 76 (lien direct) | Presently sponsored by: DigiCert: IoT security can be filled with overwhelming identity challenges. One simple change can help you address nearly every one of them.Massive, massive week! I'm not trying to make these videos longer (and the next two while I'm overseas will definitely be shorter), but yeah, this week was a biggie. Pwned Passwords dominated throughout, interrupted only by a few thousand new data breaches going into HIBP. But the big one -... | |||
|
2018-03-01 19:39:01 | The UK and Australian Governments Are Now Monitoring Their Gov Domains on Have I Been Pwned (lien direct) | Presently sponsored by: DigiCert: IoT security can be filled with overwhelming identity challenges. One simple change can help you address nearly every one of them.If I'm honest, I'm constantly surprised by the extent of how far Have I Been Pwned (HIBP) is reaching these days. This is a little project I started whilst killing time in a hotel room in late 2013 after thinking "I wonder if people actually know where their data... | |||
|
2018-02-27 08:47:03 | I Wanna Go Fast: Why Searching Through 500M Pwned Passwords Is So Quick (lien direct) | Presently sponsored by: DigiCert: IoT security can be filled with overwhelming identity challenges. One simple change can help you address nearly every one of them.In the immortal words of Ricky Bobby, I wanna go fast. When I launched Pwned Passwords V2 last week, I made it fast - real fast - and I want to talk briefly here about why that was important, how I did it and then how I've since shaved another... | |||
|
2018-02-26 10:19:02 | I\'ve Just Added 2,844 New Data Breaches With 80M Records To Have I Been Pwned (lien direct) | Presently sponsored by: DigiCert: IoT security can be filled with overwhelming identity challenges. One simple change can help you address nearly every one of them.tl;dr - a collection of nearly 3k alleged data breaches has appeared with a bunch of data already proven legitimate from previous incidents, but also tens of millions of addresses that haven't been seen in HIBP before. Those 80M records are now searchable, read on for the full story:... | |||
|
2018-02-23 08:39:04 | Weekly Update 75 (lien direct) | Presently sponsored by: DigiCert: IoT security can be filled with overwhelming identity challenges. One simple change can help you address nearly every one of them.Every now and then, I look at one of the videos I've just recorded and only realise then how tired I look. This was one of those weeks and it was absolutely jam-packed! There was some awesome stuff and there was some very frustrating stuff. Let me add briefly to... | |||
|
2018-02-21 19:00:00 | I\'ve Just Launched "Pwned Passwords" V2 With Half a Billion Passwords for Download (lien direct) | Presently sponsored by: Build scalable, reliable and secure cloud native applications with Tech FabricLast August, I launched a little feature within Have I Been Pwned (HIBP) I called Pwned Passwords. This was a list of 320 million passwords from a range of different data breaches which organisations could use to better protect their own systems. How? NIST explains: When processing requests to establish | |||
|
2018-02-16 08:12:03 | Weekly Update 74 (lien direct) | Presently sponsored by: Netsparker - dead accurate web application security scanning solution - Scan websites for SQL Injection, XSS & other vulnerabilitiesI had plans this week. Monday was going to be full of coding work around Pwned Passwords V2 (and a few other HIBP things) then Texthelp went and got themselves pwned and there went my day writing about the ramifications of that. This is a genuinely important issue and the... | |||
|
2018-02-14 08:06:04 | Making Light of the "Dark Web" (and Debunking the FUD) (lien direct) | Presently sponsored by: Netsparker - dead accurate web application security scanning solution - Scan websites for SQL Injection, XSS & other vulnerabilitiesI'll start this post where I start many of my talks - what does a hacker look like? Or perhaps more specifically, what do people think a hacker looks like? It's probably a scary image, one that's a bit mysterious, a shady character lurking in the hidden depths of the... | |||
|
2018-02-12 07:59:57 | The JavaScript Supply Chain Paradox: SRI, CSP and Trust in Third Party Libraries (lien direct) | Presently sponsored by: Netsparker - dead accurate web application security scanning solution - Scan websites for SQL Injection, XSS & other vulnerabilitiesA couple of years back as the US presidential campaign was ramping up, the Trump camp did something stupid. I know, we're all shocked but bear with me because it's an important part of the narrative of this post. One of their developers embedded this code in the campaign's donation... |
To see everything:
Our RSS (filtrered)
