Troy Hunt

MARCH 6, 2024

Back in 2018, we started making Have I Been Pwned domain searches freely available to national government cybersecurity agencies responsible for protecting their nations' online infrastructure. This access now provides them with complete access to the exposure of their government domains in data breaches.

Government 295

Government Data breaches Cybersecurity 295

The Hacker News

APRIL 5, 2022

Between a series of recent high-profile cybersecurity incidents and the heightened geopolitical tensions, there's rarely been a more dangerous cybersecurity environment. It's a danger that affects every organization – automated attack campaigns don't discriminate between targets.

Cybersecurity 77

Cybersecurity Risk 77

The Hacker News

DECEMBER 16, 2022

Reality has a way of asserting itself, irrespective of any personal or commercial choices we make, good or bad. For example, just recently, the city services of Antwerp in Belgium were the victim of a highly disruptive cyberattack. As usual, everyone cried "foul play" and suggested that proper cybersecurity measures should have been in place.

Cybersecurity 87

Cybersecurity 87

NopSec

FEBRUARY 14, 2022

This post is the start of a blog series intended to help readers do just that. Whether you’re just starting to put a vulnerability management program in place or you’ve already taken several steps in doing so, we think you’ll find these articles helpful in securing your organization now and in the years to come.

Penetration Testing 52

Penetration Testing Phishing Technology Firewall 52

Naked Security

JUNE 21, 2023

Get the full 360-degree view of ransomware

Ransomware 107

Ransomware 107

Bleeping Computer

APRIL 11, 2024

Restaurant reservation platform OpenTable says that all reviews on the platform will no longer be fully anonymous starting May 22nd and will now show members' profile pictures and first names. [.]

Technology 109

Technology 109

WIRED Threat Level

MAY 24, 2020

Time has no meaning, and we're all stuck in front of screens. You may as well secure your life while you're always online.

Password Management 99

Password Management Passwords 99

Troy Hunt

SEPTEMBER 6, 2023

I'm super late pushing out this week's video, I mean to the point where I now have a couple of days before doing the next one. until it went into HIBP and customers started asking questions) PlayCyberGames was also breached and the data went into HIBP. (.and Try it now! Check out Masked Email, built with 1Password.

Phishing 252

Phishing Passwords 252

Schneier on Security

DECEMBER 12, 2023

Image parsers in UEFIs from all three major IBVs are riddled with roughly a dozen critical vulnerabilities that have gone unnoticed until now. “From this stage, we have full control over the memory and the disk of the target device, thus including the operating system that will be started.”

Firmware 285

Firmware Manufacturing Internet Internet 285

Bleeping Computer

APRIL 21, 2024

Ransomware actors have had a rough start this year, as stats from cybersecurity firm Coveware show that the trend of victims declining to pay the cybercriminals continues and has now reached a new record low of 28%. [.]

Ransomware 93

Ransomware Cybersecurity 93

Troy Hunt

JUNE 5, 2022

Four years ago now, I started making domains belonging to various governments around the world freely searchable via a set of APIs in Have I Been Pwned. As of now, the Indonesian National CERT managed under the National Cyber and Crypto Agency has full access to this service to help protect government departments within the country.

Government 256

Government 256

Troy Hunt

SEPTEMBER 29, 2023

And now I'm doing it with the glorious spring weather just outside my window, which I really must make more time to start enjoying. I feel like this whole story has a long way to go yet, hopefully now having a few months at home will give us an opportunity to lay the foundation for the next phase. Stay tuned!

Passwords 230

Passwords Hacking 230

Troy Hunt

AUGUST 30, 2023

The advice to impacted individuals is as follows: Get a digital password manager to help you make all passwords strong and unique If you've been reusing passwords, change them to strong and unique versions now, starting with the most important services you use Turn on multi-factor authentication wherever it's available, especially for important (..)

Phishing 339

Phishing Password Management Passwords Banking 339

Dark Reading

DECEMBER 28, 2018

Quantum computing will break most of the encryption schemes on which we rely today. These five tips will help you get ready.

Encryption 88

Encryption 88

Schneier on Security

MARCH 1, 2024

The CSF’s governance component emphasizes that cybersecurity is a major source of enterprise risk that senior leaders should consider alongside others such as finance and reputation. […] The framework’s core is now organized around six key functions: Identify, Protect, Detect, Respond and Recover, along with CSF 2.0’s

Cybersecurity 251

Cybersecurity Small Business Government Risk 251

NSTIC

APRIL 6, 2022

As part of NIST’s 50th anniversary of cybersecurity, this month’s blog post is centered on privacy at NIST.

Data privacy 72

Data privacy Engineering Risk Cybersecurity 72

Troy Hunt

DECEMBER 15, 2023

Get started. It's still a bunch of personal info exposed publicly and that suchs regardless of the nature of the site, but let's be honest, the subject matter did make for some humorous comments 🤣 References Sponsored by: Identity theft isn’t cheap.

Identity Theft 235

Identity Theft IoT 235

Troy Hunt

NOVEMBER 17, 2023

Now watch the video, listen to Scott and ask yourself how different the technical capacity he discusses is from the Kazakhstan situation. Get started. I posted that more than 4 years ago now after the EV indicator was removed from browser omnibars, effectively making them invisible to all but the most tech-savvy people)

Identity Theft 224

Identity Theft Government Accountability 224

Troy Hunt

MAY 28, 2021

This week is the culmination of planning that began all the way back in August last year when I announced the intention to start open sourcing the HIBP code base. Today, it's finally happened with Pwned Passwords now completely open to all.

Passwords 315

Passwords IoT Government 315

Security Boulevard

APRIL 24, 2024

When I started preaching about it as part of the marketing launch for Real-time Network Awareness (RNA) it seemed pretty obvious that we needed more visibility in order to protect our environments more effectively. Why Observability Now. Why Observability Now. Remember the old saying: “You can’t protect what you can’t see”?

Marketing 60

Marketing 60

Troy Hunt

AUGUST 12, 2022

everywhere) Here's that UniFi Protect Theta cam (they're pumping out so much cool stuff lately 😎) The stage at NEXTGEN's Cyber Republic event was pretty awesome (the delayed flight home, late night and early start the next day was.

Data breaches 225

Data breaches Passwords 225

Schneier on Security

DECEMBER 16, 2021

“Since we started to implement our protection we prevented over 1,272,000 attempts to allocate the vulnerability, over 46% of those attempts were made by known malicious groups,” said cybersecurity company Check Point. And according to Check Point, attackers have now attempted to exploit the flaw on over 40% of global networks.

Internet 285

Internet Internet Cybersecurity 285

Daniel Miessler

MARCH 10, 2022

People are starting to get the fact that texts (SMS) are a weak form of multi-factor authentication (MFA). In that post we talked about 8 levels of password security, starting from using shared and weak passwords and going all the way up to passwordless. Get started with WebAuthn >>.

Authentication 364

Authentication Phishing Passwords Accountability 364

Troy Hunt

NOVEMBER 2, 2023

My primary mobile machine is now a Lenovo P16 Gen 2 ThinkPad (super happy with this machine, it's an absolute beast!) compare that to where we started in the first tweet 😲) We got you! Discover the CrowdSec Console today.

Threat Detection 267

Threat Detection Mobile 267

Troy Hunt

MARCH 22, 2020

As Ari now spends his days learning from home, I wanted to really start focusing more on his coding not just for his own benefit, but for all the other kids out there who are in the same home-bound predicament he now finds himself in. So, this week we're going to do an hour of coding each morning and live stream it via YouTube.

302

302

We Live Security

DECEMBER 11, 2023

AI has been around for a while now, but governments are only starting to issue legislation to regulate it. Is it too late? Have we learned nothing from late IoT regulations that left the market swamped with old insecure devices?

IoT 110

IoT Marketing Government Cybercrime 110

Kali Linux

MARCH 31, 2024

Following the recent disclosure of a backdoor in upstream xz/liblzma , we are writing this “get started” kind of blog post. When the image is downloaded, let’s start it. Now our VM is up and running, so we’re going to download and install a version of liblzma that contains the backdoor. liblzma5_5.6.1-1_amd64.deb

Internet 145

Internet Internet Authentication Passwords 145

Malwarebytes

MARCH 29, 2024

Starting in Windows 10, the operating system (OS) now comes with a built-in tool to back up your files, themes, some settings, many of your installed apps, and your Wi-Fi information. First, you’ll need to sign in with your Microsoft account Go to Start > Settings > Accounts > Your info.

Backups 96

Backups Accountability Risk Cybersecurity 96

Tech Republic Security

NOVEMBER 28, 2021

You'll never get a better deal on self-paced courses that can teach you the skills necessary to become a cybersecurity analyst, so start training now and switch to a new career in 2022.

Cybersecurity 197

Cybersecurity 197

Schneier on Security

MARCH 6, 2024

But we all know how the story goes: “This is how any new surveillance method starts out: The government says we’re only going to use this in the most extreme cases, to stop terrorists and child predators, and everyone can get behind that,” said Cooper Quintin, a technologist at the advocacy group Electronic Frontier Foundation.

Surveillance 277

Surveillance Government Accountability 277

Schneier on Security

SEPTEMBER 21, 2022

This is a fascinating glimpse of the future of automatic cheating detection in sports: Maybe you heard about the truly insane false-start controversy in track and field? Here’s the problem: You can’t see the false start. Nobody can see the false start. By sight, Allen most definitely does not leave before the gun.

227

227

The Last Watchdog

APRIL 8, 2024

“So when a CISO or anybody comes into a board room and says, ‘if we don’t do this, this is going to happen,’ it makes them all feel anxious and they start to close down their thought processes around it.” When that action does not materialize as they think it should, they start to use worst case scenarios to drive action.

CISO 166

CISO Risk Cybersecurity Insurance 166

Troy Hunt

AUGUST 3, 2022

Until now because finally, it's live, working and devilishly beautiful 😈 Step 1: Receive Spam This is the easy bit - I didn't have to do anything for this step! Cloudflare Workers started to change that and suddenly we had code on the edge running in hundreds of nodes around the world, nice and close to our visitors.

Passwords 363

Passwords Accountability 363

Troy Hunt

DECEMBER 17, 2021

As I start out by saying this week's video, it's very summer here and not a day goes by without multiple pool visits. Next week's video is going to be from somewhere epically amazing out of this world that I've wanted to go to for a long time now so stay tuned for that one as I go mobile again. Does it even matter?

Mobile 293

Mobile 293

Anton on Security

JUNE 17, 2022

Now, why was it missing? But first, let’s go through a few assumptions: The maturity climb starts with having a SOAR. The starting point for SOAR may still differ dramatically (as the tweet below references), so this is at best an illustration rather than universal guidance. Guess which one is missing? The one for SOAR!

Architecture 246

Architecture Technology Phishing 246

Troy Hunt

MAY 13, 2023

This is the story I mentioned about the bloke in Melbourne copping it from the public for craning his McLaren into his apartment (its' "guitar lessons" all over again!)

Data breaches 212

Data breaches Government Accountability 212

Schneier on Security

MAY 3, 2022

It’s not a lot of information, but it’s a start. (It’ll It’ll be a while before we can reproduce these results from Blade Runner.).

221

221