Troy Hunt

OCTOBER 2, 2020

The account takeover all began with the Grindr password reset page: I entered Scott's address, solved a Captcha and then received the following response: I've popped open the dev tools because the reset token in the response is key. And as for the website I couldn't log into without being deferred back to the mobile app?

Accountability 364

Accountability Hacking Passwords InfoSec 364

Troy Hunt

SEPTEMBER 8, 2022

Captivating stuff, apart from infosec, you really feel as though you’ve been taken on a journey with Troy through the years of living in paradise a.k.a. Troy Hunt takes us on his life journey, ups and downs, explaining how haveIbeenpwned came to be, raising awareness of the world’s poor password and online security habits.

InfoSec 363

InfoSec Password Management Passwords IoT 363

Troy Hunt

JUNE 27, 2019

I spent the week in Tel Aviv at Cyber Week , a massive infosec conference where I shared the keynote stage with an amazing array of speakers including many from three letter acronym departments and even PM Benjamin Netanyahu. Something totally new this week - Israel!

InfoSec 203

InfoSec Data breaches Passwords 203

Digital Guardian

JULY 9, 2021

Ransomware negotiators, cyber risks to the financial system, and why traditional passwords are here to stay - catch up on all of the week's infosec news with the Friday Five!

InfoSec 113

InfoSec Cyber Risk Passwords Ransomware 113

Security Boulevard

NOVEMBER 10, 2024

The episode also covers a notable Okta vulnerability that allowed someone to login without […] The post Advanced Persistent Teenagers, Okta Bug Allowed Logins Without a Correct Password appeared first on Shared Security Podcast.

Passwords 104

Passwords Cybersecurity Data privacy Data breaches 104

Security Boulevard

JANUARY 2, 2022

LastPass users received emails about their master passwords being compromised, details about the privacy policies of new cars, and a story about an Amazon Echo that proposed a lethal challenge to a ten-year-old girl. ** Links mentioned on the show ** Log4j 2.17.1 out now, fixes new remote code execution bug [link] If any person […].

Passwords 105

Passwords IoT InfoSec Technology 105

Security Boulevard

JULY 11, 2021

The post Kaseya Ransomware Attack, PrintNightmare Zero-day, Kaspersky Password Manager Vulnerability appeared first on The Shared Security Show. The post Kaseya Ransomware Attack, PrintNightmare Zero-day, Kaspersky Password Manager Vulnerability appeared first on The Shared Security Show.

Password Management 98

Password Management Passwords Ransomware InfoSec 98

CSO Magazine

APRIL 20, 2021

As an infosec professional, you may be already familiar with decades-old network monitoring and security tools like Nmap, Wireshark or Snort, and password crackers like Ophcrack. Having these applications at your disposal has been an indispensable part of the gig. To read this article in full, please click here (Insider Story)

InfoSec 115

InfoSec Passwords 115

Security Boulevard

SEPTEMBER 26, 2021

The post No Password Microsoft Accounts, Facebook Smart Glasses, Security.txt Internet Standard appeared first on The Shared Security Show. The post No Password Microsoft Accounts, Facebook Smart Glasses, Security.txt Internet Standard appeared first on The Shared Security Show.

Internet 100

Internet Internet Passwords Accountability 100

Troy Hunt

JUNE 10, 2019

Increasingly, I was writing about what I thought was a pretty fascinating segment of the infosec industry; password reuse across Gawker and Twitter resulting in a breach of the former sending Acai berry spam via the latter. And while I'm on Sony, the prevalence with which their users applied the same password to their Yahoo!

Data breaches 279

Data breaches Passwords InfoSec Accountability 279

Security Boulevard

JUNE 13, 2021

The post ANOM FBI Global Crime Sting, Colonial Pipeline Updates, Password Leak Research appeared first on The Shared Security Show. The post ANOM FBI Global Crime Sting, Colonial Pipeline Updates, Password Leak Research appeared first on Security Boulevard.

Passwords 98

Passwords Mobile Encryption Ransomware 98

Security Boulevard

FEBRUARY 5, 2023

The attacks on password managers and their users continue as Bitwarden and 1Password users have reported seeing paid ads for phishing sites in Google search results for the official login page of the password management vendors.

Password Management 98

Password Management Passwords Accountability Phishing 98

Digital Guardian

MARCH 18, 2022

How HIPAA can help mitigate cyberattacks, killing the password, and more - catch up on the infosec news of the week with the Friday Five!

InfoSec 98

InfoSec Passwords 98

Security Boulevard

MARCH 17, 2021

Many thanks to BSides Huntsville 2021 for publishing their tremendous conference videos on the organization's YouTube channel; a great BSides, don't miss this 10-video infosec event. The post BSides Huntsville 2021 – Steven Kirby’s ‘Requiem For The Password’ appeared first on Security Boulevard.

Passwords 64

Passwords InfoSec Education Information Security 64

The Last Watchdog

JANUARY 28, 2019

Through the course of this year, Gartner forecasts that the infosec market will climb 9 percent to $124 billion. Use a password manager. It’s clear that we will continue to be reliant on usernames and passwords to access online services for some time to come. percent, according to tech consultancy Gartner. Secure your phone.

Passwords 196

Passwords Password Management Internet Internet 196

Troy Hunt

JANUARY 27, 2018

Plus, of course, the actual infosec stuff from the week namely my new Pluralsight course on creating a security-centric culture. LastPass is sponsoring my blog this week (if you don't already have a password manager, you're doing it wrong!). This week's update is a little late as my Friday was absolutely non-stop in Denmark.

InfoSec 135

InfoSec Password Management Passwords 135

Troy Hunt

FEBRUARY 11, 2019

rows of email addresses and passwords in total, but only 1.6B Incidentally, Lorenzo who wrote that Motherboard piece is a top-notch infosec journo I've worked with many times before and he reported accurately in that piece.) The exposed data included email addresses and passwords stored as salted MD5 hashes. There were 2.7B

Passwords 231

Passwords Data breaches Media InfoSec 231

SecureWorld News

OCTOBER 6, 2021

Strong passwords make all the difference in a hacker's ability to breach your device or network.unless the sticky note with your super-strength password is taped to your computer. We all need a strong password to prevent being hacked! Linux #infosec pic.twitter.com/lzUlaxOVNJ — Security_Nerd (@itssecuritynerd).

InfoSec 98

InfoSec Passwords Cybersecurity Media 98

Security Boulevard

AUGUST 26, 2021

enroll in credit monitoring, credit freeze, use 2FA, change passwords), infosec people typically have different questions. I was one of millions of people recently informed that my personal information was stolen from telecom giant T-Mobile. The post If You Don’t Need Data, Don’t Keep It appeared first on Security Boulevard.

InfoSec 98

InfoSec Mobile Passwords Data breaches 98

Security Boulevard

JULY 14, 2024

We also explore a massive password list leak titled ‘Rock You 2024’ that has surfaced online. Find out why this file may not be as significant as it seems and the importance of avoiding password reuse. […] The post Authy Breach: What It Means for You, RockYou 2024 Password Leak appeared first on Shared Security Podcast.

Passwords 72

Passwords Authentication Social Engineering Data privacy 72

Security Affairs

JANUARY 25, 2021

Leaked data includes names, e-mails, mobile numbers, encrypted passwords, user wallet details, order details, bank details, KYC details (PAN number, passport numbers) and deposit history. Story – [link] #InfoSec pic.twitter.com/1xFOtLcd8F — Rajshekhar Rajaharia (@rajaharia) January 21, 2021. You leaked my own data too.

Cryptocurrency 144

Cryptocurrency Hacking InfoSec Data breaches 144

Security Boulevard

JULY 22, 2021

The post BSides Vancouver 2021 – Chris Timmons’s ‘So You Cracked A Bunch Of Passwords. Our thanks to BSides Vancouver for publishing their outstanding BSides Vancouver 2021 Conference videos on the groups' YouTube channel. ’ appeared first on Security Boulevard.

Passwords 98

Passwords Education InfoSec Information Security 98

Security Affairs

FEBRUARY 27, 2021

An alleged member of the @HotarusCorp leaked on a hacking forum a link to a file containing 6500 records (Email, Identity Card numbers, and passwords) that claims to Ministry of Finance. breach #infosec #deepwebnews @FinanzasEc @EcuCERT_EC pic.twitter.com/WTbXz8EYLx — Security Chronicle (@SecurChronicle) February 23, 2021. .

Hacking 144

Hacking Banking Ransomware Passwords 144

Security Boulevard

OCTOBER 6, 2024

Also covered are NIST’s updated password guidelines, eliminating complexity rules and […] The post Kia Security Flaw Exposed, NIST’s New Password Guidelines appeared first on Shared Security Podcast. The post Kia Security Flaw Exposed, NIST’s New Password Guidelines appeared first on Security Boulevard.

Passwords 64

Passwords Authentication Data privacy Cyber threats 64

Security Affairs

JULY 13, 2020

Records of 45 Million+ travelers to Thailand and Malaysia Leaked on #Darkweb (Blog Link) [link] #infosec #leaks #CyberSecurity pic.twitter.com/zHOujQ8CMm — Cyble (@AuCyble) July 12, 2020. The huge trove of data was discovered by the researchers during their regular Deepweb and Darkweb monitoring activity.

Mobile 145

Mobile InfoSec Data breaches Advertising 145

CyberSecurity Insiders

MAY 22, 2021

NEW YORK–( BUSINESS WIRE )– Veridium , a leading developer of frictionless, passwordless authentication solutions, is proud to announce that it’s won the 2021 Global InfoSec Award in the category of Next-Gen in Passwordless Authentication. “We Veridium is thrilled to be a member of this coveted group of winners.

InfoSec 52

InfoSec B2C B2B Authentication 52

Troy Hunt

JANUARY 3, 2019

Of the ones I can talk about, they included: Microsoft in Copenhagen: Thanks @troyhunt , fun and interesting talk in copenhagen today #happyaussieday #infosec #haveibeenpwned pic.twitter.com/vrNQNb6Po5 — Finn Strand (@finnstrand) January 26, 2018. SSW in Sydney: How safe is your #password ?! troyhunt is here to help.

Passwords 225

Passwords Technology Government InfoSec 225

Troy Hunt

NOVEMBER 21, 2017

Obviously, the work I've been doing with Have I Been Pwned (HIBP) has given me a heap of insight into this specific area of infosec over the last 4 years and the folks from DC felt my views on things might be helpful. That was all great and I was happy to share my thoughts from the other side of the world.

Data breaches 236

Data breaches InfoSec Backups IoT 236

Krebs on Security

DECEMBER 29, 2022

I seem to be doing most of that activity now on Mastodon , which appears to have absorbed most of the infosec refugees from Twitter, and in any case is proving to be a far more useful, civil and constructive place to post such things. For a variety of reasons, I will no longer be sharing these updates on Twitter. ” SEPTEMBER.

Cryptocurrency 286

Cryptocurrency Cybercrime Computers and Electronics Scams 286

Security Affairs

JANUARY 19, 2020

This is the biggest leak of Telnet passwords even reported. The list includes the IP address, username and password for the Telnet service for each device. The list appears to be the result of an Internet scan for devices using default credentials or easy-to-guess passwords. ” reported ZDNet. ” reported ZDNet.

IoT 120

IoT DDOS InfoSec Internet 120

Security Affairs

OCTOBER 4, 2020

The vulnerabilities have been reported to HP by the infosec researchers Nick Bloor, an attacker could chain the three issues to achieve SYSTEM privileges on targeted devices and potentially take over them. The IT giant revealed that an attacker could exploit the vulnerabilities to take over Windows systems.

Hacking 144

Hacking Accountability Passwords Advertising 144

Troy Hunt

JUNE 30, 2024

An email address, handle or password used somewhere else that links to their identity. Increasingly, we're seeing formal government entities issue much broader infosec advice, for example, as our Australian Signals Directorate regularly does. A dropped VPN connection. An incorrect assumption about the anonymity of cryptocurrency.

Data breaches 296

Data breaches Government InfoSec Passwords 296

Security Affairs

OCTOBER 17, 2021

An alleged member of the @HotarusCorp leaked on a hacking forum a link to a file containing 6500 records (Email, Identity Card numbers, and passwords) that claims to Ministry of Finance. breach #infosec #deepwebnews @FinanzasEc @EcuCERT_EC pic.twitter.com/WTbXz8EYLx — Security Chronicle (@SecurChronicle) February 23, 2021.

Banking 124

Banking InfoSec Cyber Attacks Cybercrime 124

SiteLock

AUGUST 27, 2021

One year ago in February, the major eBay hack was in progress, eventually resulting in over 233 million passwords being stolen. 10 Million Passwords Leaked Online. Security consultant Mark Burnett leaked 10 million usernames and passwords online through his personal blog last week, in a very risky move. Worst Passwords of 2014.

Passwords 95

Passwords Cybersecurity Internet Internet 95

Security Boulevard

JUNE 23, 2024

Scott discusses whether passwords should be stored in web browsers, potentially sparking strong opinions. The hosts also provide an update on Microsoft’s delayed release of CoPilot Plus PCs […] The post Social Media Warning Labels, Should You Store Passwords in Your Web Browser? appeared first on Shared Security Podcast.

Media 59

Media Passwords Data privacy InfoSec 59

SC Magazine

APRIL 12, 2021

Make the training engaging [and] interactive and provide users with an emphasis on protecting their passwords, watching out for phishing links and what it takes to protect the organization as much as the IT and infosec departments,” McQuiggan said.

Cybersecurity 137

Cybersecurity InfoSec Phishing Security Awareness 137

Security Boulevard

OCTOBER 18, 2021

Clickbait news about the rise of “killware”, Details on 1Password’s new feature to securely share passwords with others, and a new study by university researchers in the UK shows how Android phones snoop on their users. ** Links mentioned on the show ** The next big cyberthreat isn’t ransomware. It’s killware. And it’s just as […].

Passwords 59

Passwords Ransomware InfoSec Technology 59