Troy Hunt

NOVEMBER 25, 2020

But there are also some quick wins, especially in the realm of "using your common sense". In part 1 of this series, I posited that the IoT landscape is an absolute mess but Home Assistant (HA) does an admirable job of tying it all together. Now for the big challenge - security. Let's dive into it.

IoT 358

IoT Firmware Risk Manufacturing 358

Duo's Security Blog

AUGUST 25, 2021

If the computer required a password, I needed to go around the classroom and enter the password on each computer, because teachers weren’t allowed to share the credentials with students. In my opinion, Duo checks those boxes with a clear focus on design and ease of use (just tap the big green button to log in).

Cybersecurity 59

Cybersecurity Passwords Technology Data breaches 59

Duo's Security Blog

OCTOBER 21, 2022

When it comes to MFA fatigue, it’s important to know what to expect and how to arm your organization with the tools to combat it. If an adversary has stolen a valid username and password, each time that adversary attempts to login, the owner of those credentials gets an MFA request (“is this you trying to sign-in?”).

Authentication 59

Authentication Risk Passwords Phishing 59

SiteLock

AUGUST 27, 2021

In our Beginner’s Guide to the SiteLock Plugin for WordPress, we showed you the benefits of proactively preventing malware and hacking attempts on your WordPress website. In this video, I’ll show you how to install, activate, and connect the Sitelock plugin to your Sitelock account. You can get this information from your host.

Accountability 98

Accountability Malware Passwords Hacking 98

SecureList

FEBRUARY 16, 2023

The bait included the most awaited and talked-about releases: the new season of Stranger Things, the new Batman movie, and the Oscar nominees. Short-lived phishing sites often offered to see the premieres before the eagerly awaited movie or television show was scheduled to hit the screen. Of course, no prize ensued after the fee was paid.

Phishing 91

Phishing Scams Accountability Energy and Utilities 91

Troy Hunt

MAY 7, 2018

Remember when web security was all about looking for padlocks? If it had a padlock, you could trust it and there's weren't a lot of exceptions to that. But as time has gone by and HTTPS has become increasingly ubiquitous and obtainable by all, the veracity of that advice has taken a serious hit. If there isn't one, the website could be fake.

Phishing 117

Phishing Encryption Education Risk 117

Troy Hunt

JANUARY 3, 2019

I reckon they're a good thing for everyone to do if not in written form then at least mentally to look back on your achievements of the year. In fact, I'm sure that's why the next 3 blog posts are up there too because they're all from similar incidents (number 6 in that list was also from 2017). I love this post.

Passwords 204

Passwords Technology Government InfoSec 204

eSecurity Planet

DECEMBER 3, 2021

Krebs wrote for The Washington Post between 1995 and 2009 before launching his current blog KrebsOnSecurity.com. Facebook Plans on Backdooring WhatsApp [link] — Schneier Blog (@schneierblog) August 1, 2019. Top Cybersecurity Experts to Follow on Twitter. Binni Shah | @binitamshah. Dave Kennedy | @hackingdave.

Accountability 129

Accountability Cybersecurity Penetration Testing InfoSec 129

Troy Hunt

JANUARY 10, 2018

India's Aadhaar implementation is the largest biometric system in the world, holding about 1.2 billion locals' data. It's operating in an era of increasingly large repositories of personal data held by both private companies and governments alike. They claim that they're hack-proof. Can you prove otherwise?

Hacking 279

Hacking Government Risk Encryption 279

Troy Hunt

FEBRUARY 27, 2018

When I launched Pwned Passwords V2 last week , I made it fast - real fast - and I want to talk briefly here about why that was important, how I did it and then how I've since shaved another 56% off the load time for requests that hit the origin. Why Speed Matters for Pwned Passwords. And a bunch of other cool perf stuff while I'm here.

Passwords 199

Passwords Internet Internet Architecture 199

Troy Hunt

DECEMBER 4, 2017

In this case, that secret is her password and, well, just read it: My staff log onto my computer on my desk with my login everyday. For the officer on @BBCNews just now to claim that the computer on Greens desk was accessed and therefore it was Green is utterly preposterous !! Passwords are regularly changed.

Passwords 204

Passwords Accountability Technology InfoSec 204

Security Affairs

JULY 7, 2020

Expert spotted a new release of the Lampion trojan banker that was launched with fresh improvements in the way the malware loader operated. A new release of the Lampion trojan banker was launched with fresh improvements in the way the malware loader – the initial VBS file – is operating. Figure 4: VBS file – Lampion downloader – obfuscation layer.

Malware 102

Malware Banking Phishing Internet 102

Cisco Security

MAY 26, 2022

In part one of this issue of our Black Hat Asia NOC blog, you will find: . To accomplish this undertaking in a few weeks’ time, after the conference had a green light with the new COVID protocols, Cisco Meraki and Cisco Secure leadership gave their full support to send the necessary hardware, software licenses and staff to Singapore.

Wireless 79

Wireless Mobile Engineering Firewall 79

Troy Hunt

JUNE 10, 2019

Increasingly, I was writing about what I thought was a pretty fascinating segment of the infosec industry; password reuse across Gawker and Twitter resulting in a breach of the former sending Acai berry spam via the latter. And while I'm on Sony, the prevalence with which their users applied the same password to their Yahoo!

Data breaches 279

Data breaches Passwords InfoSec Accountability 279

Troy Hunt

FEBRUARY 14, 2018

I mean we know he's a hacker because he has a hoodie and we know he's hacking because the text on the screen is green, but it doesn't totally add up. As it turns out, he's using hackertyper.net and if you head over there now and allow your cat to walk over the keyboard, you can achieve exactly the same effect. He's the guy!

Data breaches 206

Data breaches Passwords Marketing Hacking 206