Book, InfoSec and Passwords - Cyber Security Informer

"Pwned", the Book, is Finally Here!

Troy Hunt

SEPTEMBER 8, 2022

which I've now included in this book 😊 These are the stories behind the stories and finally, the book about it all is here: I announced the book back in April last year after Rob, Charlotte and I had already invested a heap of effort before releasing a preview in October. This book has it all. Pat Phelan.

InfoSec

InfoSec Password Management Passwords IoT

Relax. Internet password books are OK

Malwarebytes

APRIL 1, 2021

Passwords are a hot topic on social media at the moment, due to the re-emergence of a discussion about good password management practices. There’s a wealth of password management options available, some more desirable than others. Others involve syncing passwords with services such as Dropbox. The big book of passwords.

Passwords

Passwords Internet Internet Password Management

The Hacker Mind: Shattering InfoSec's Glass Ceiling

ForAllSecure

MARCH 8, 2023

Booth babes and rampant sexism were more of a problem in infosec in the past. I wrote two books, one on IoT Security and another with Kevin Mitnick, then jumped around a couple of different jobs. WANG : In leadership roles, I don't know that I think the overall percentage of women in cyber InfoSec is like 22%. So I learned.

InfoSec

InfoSec Engineering CSO Technology

The bad old days

Javvad Malik

NOVEMBER 12, 2021

We only had Infosec Europe and the most we got out of there was some free USB sticks… If we were lucky they would be 500 megs. It’s so easy to manipulate anyone that works in infosec. Yeah, infosec is full of characters. Passwords. I mean take for example passwords – they were a funny thing even back then.

Passwords

Passwords InfoSec Encryption Accountability

OSINT in 60 seconds. Mind reading on TV

Pen Test Partners

JANUARY 29, 2024

Sometimes you don’t even need this level complexity as people often provide their full name and email (and other details) when booking tickets for example. That does not mean it is not right sometimes, if the targets have not changed a password in a while, they can still be valid. Did you read those terms and conditions carefully?

Scams

Scams Passwords Media Accountability

Analysis of the 2020 Verizon Data Breach Report

Daniel Miessler

MAY 19, 2020

Verizon’s Breach Report is one of the best infosec reports out there, and I’m always excited when I hear it’s been released. The top malware type is Password Dumper, because it really is about getting those creds. He looks at the key findings and talks about what they might mean to us going forward.

Data breaches

Data breaches Phishing Malware Hacking

Burnout: The Hidden Cost of Working in Cybersecurity & Other High Risk Fields

Jane Frankland

JUNE 20, 2023

In this blog, and ahead of my talk at Infosec this week , I’m delving into this, and giving you tips for recognising its signs and preventing it as a leader. This increases the likelihood of making mistakes, such as clicking on phishing links, sharing data in insecure ways, using weak passwords, or not spotting cyber threat patterns.

Cybersecurity

Cybersecurity Risk InfoSec CISO

The Hacker Mind Podcast: Hacking the Art of Invisibility

ForAllSecure

MARCH 1, 2022

In the book The Art of Invisibility , I challenged my co author Kevin Mitnick to document the steps needed to become invisible online. Vamosi: Within InfoSec there's an informal use of AppSec as well. In the book The Art of Invisibility, Kevin and I came up with some guiding principles such as: You need to remove your true IP address.

Hacking

Hacking Mobile Cryptocurrency VPN

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

His 1994 book detailing cryptographic algorithms ( Applied Cryptography ) was just the beginning of his contributions to technical perspectives on system design, cybersecurity, privacy, and more. Normally account take overs are due to insecure passwords or recovery options, this is definitely something different.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

The Hacker Mind Podcast: Fuzzing Crypto

ForAllSecure

FEBRUARY 2, 2022

So what if you accidentally forget the password? We’ve all been there-- locked out of some account because we can’t remember the clever password we used. Vamosi: For this episode I also want to weigh in on a very controversial topic within infosec today. That means it falls to you to protect your cryptocurrency.

Cryptocurrency

Cryptocurrency InfoSec Software Encryption

The Hacker Mind: Hackers Wanted: Filling the Cybersecurity Skills Gap

ForAllSecure

APRIL 12, 2022

Should infosec now be considered vocational training just like becoming an electrician or a plumber? How else should we address the skills gap in infosec? My boss at the time didn't know much about infosec. She died a few years ago, but I believe the book continues with other authors. I was a paid writer--whoo, whoo.

Cybersecurity

Cybersecurity InfoSec Technology Marketing

2018 Retrospective

Troy Hunt

JANUARY 3, 2019

It's been resoundingly well-received by both browsers to the site and the sponsors themselves and I've already booked 2019 out until August. SSW in Sydney: How safe is your #password ?! TECHpalooza on the Gold Coast: We’ve got a password problem. The sponsorship model continued strongly too. Speaking Geez, where to start.

Passwords

Passwords Technology Government InfoSec

The Hacker Mind: Shellshock

ForAllSecure

MARCH 24, 2021

Anyway I was testing this suite when I happened to randomly strike two keys -- I think it was control and B -- and up popped the password manager, displaying all my test passwords in the clear. Thing was, the manager required its own password, which I had not entered; remember, I had hit only two keys. This was a software flaw.

Software

Software Passwords Internet Internet

The Hacker Mind: Shellshock

ForAllSecure

MARCH 24, 2021

Anyway I was testing this suite when I happened to randomly strike two keys -- I think it was control and B -- and up popped the password manager, displaying all my test passwords in the clear. Thing was, the manager required its own password, which I had not entered; remember, I had hit only two keys. This was a software flaw.

Software

Software Passwords Internet Internet

The Hacker Mind Podcast: Surviving Stalkerware

ForAllSecure

SEPTEMBER 21, 2021

Fortunately, there are those in the InfoSec world, who are actively looking at the subject and speaking out at conferences, such as Black Hat. Vamosi: That talk focused on the fact that there are InfoSec hackers openly working to address this problem. Don't share your phone, don't share your password with your partner.

Technology

Technology Software Surveillance Media

The Hacker Mind Podcast: Gaining Persistence On Windows Boxes

ForAllSecure

FEBRUARY 8, 2023

So a hacker is able to do misconfiguration, able to escalate to a local system, and then maybe extract hashes and maybe someone is not using labs or maybe they are so they are randomizing administrators passwords or not. And that's just because it's not in the books VAMOSI: True. So there's a like, you can do this or that.

Software

Software Phishing Passwords Authentication

The Hacker Mind Podcast: Hacking Real World Criminals Online

ForAllSecure

MAY 2, 2023

I’m Robert Vamosi and in this episode I’m talking about online criminal investigations conducted by someone who is inside the infosec community, and how your social media posts -- no matter how good you think you are about hiding -- can reveal a lot about your true identity. Daniel, he keeps a low profile. CLEMENS: I do.

Hacking

Hacking Media InfoSec Internet

The Hacker Mind Podcast: Hacking Industrial Control Systems

ForAllSecure

APRIL 26, 2022

Kim Zetter’s book, Countdown to Zero Day, is perhaps the definitive book on the subject. We get the InfoSec people that were on enterprise systems, we get them that come because they want to learn more about security. Then from there we go to a we're brute forcing username passwords or credentials. It gets lost.

Hacking

Hacking Energy and Utilities Manufacturing Firmware

Sharenting, BYOD and Kids Online: 10 Digital Tips for Modern Day Parents

Troy Hunt

FEBRUARY 10, 2020

And importantly, teaching them how to use secure passwords with @1Password ?? Think of Cathy in an edutech context as you'd think of me in an infosec context; lots of content creation, travel, speaking and thought going into the topic. He won't be emotionally scarred, nor will he grow up feeling like his privacy has been violated.

Media

Media Internet Internet Education

Cyber Security Informer

"Pwned", the Book, is Finally Here!

Relax. Internet password books are OK

Trending Sources

The Hacker Mind: Shattering InfoSec's Glass Ceiling

The bad old days

OSINT in 60 seconds. Mind reading on TV

Analysis of the 2020 Verizon Data Breach Report

Burnout: The Hidden Cost of Working in Cybersecurity & Other High Risk Fields

The Hacker Mind Podcast: Hacking the Art of Invisibility

Top Cybersecurity Accounts to Follow on Twitter

The Hacker Mind Podcast: Fuzzing Crypto

The Hacker Mind: Hackers Wanted: Filling the Cybersecurity Skills Gap

2018 Retrospective

The Hacker Mind: Shellshock

The Hacker Mind: Shellshock

The Hacker Mind Podcast: Surviving Stalkerware

The Hacker Mind Podcast: Gaining Persistence On Windows Boxes

The Hacker Mind Podcast: Hacking Real World Criminals Online

The Hacker Mind Podcast: Hacking Industrial Control Systems

Sharenting, BYOD and Kids Online: 10 Digital Tips for Modern Day Parents

Stay Connected