Troy Hunt

DECEMBER 3, 2023

A decade ago to the day, I published a tweet launching what would surely become yet another pet project that scratched an itch, was kinda useful to a few people but other than that, would shortly fade away into the same obscurity as all the other ones I'd launched over the previous couple of decades: It's alive! "Have

Data breaches 363

Data breaches Passwords Internet Internet 363

Troy Hunt

MARCH 21, 2018

There's no way to sugar-coat this: Have I Been Pwned (HIBP) only exists due to a whole bunch of highly illegal activity that has harmed many individuals and organisations alike. This has changed most fundamentally in the last year and a bit so let me start there. The Industry Cleaned Up a Lot in 2017.

Data breaches 182

Data breaches Government Passwords Media 182

SecureList

FEBRUARY 25, 2021

Google TAG has recently published a post about a campaign by Lazarus targeting security researchers. We named Lazarus the most active group of 2020. We’ve observed numerous activities by this notorious APT group targeting various industries. The group has changed target depending on the primary objective.

Malware 133

Malware Phishing Passwords Encryption 133

Troy Hunt

JANUARY 10, 2018

Now, I don't want to enter the debate about whether Aadhaar should exist in the first place, that's a much more nuanced discussion. But claiming the service is "hack-proof", that's something I definitely have an issue with. Sooner or later, big repositories of data will be abused. They claim that they're hack-proof.

Hacking 279

Hacking Government Risk Encryption 279

Troy Hunt

FEBRUARY 11, 2018

I know, we're all shocked but bear with me because it's an important part of the narrative of this post. This tag was in the source code over at secure.donaldjtrump.com/donate-homepage yet it was pulling script directly off Igor Escobar's GitHub repository for the project. And the UK's National Health Service. Until now.

Government 245

Government Risk Software Technology 245