Weekly Update 130
Presently sponsored by: Twilio: Passwords are no longer enough. Two-factor authentication improves security, implement fast with 'Twilio's Authy API.'Well that was a hell of a week of travel. Seriously, the Denver situation was just an absolute mess but when...
These Cookie Warning Shenanigans Have Got to Stop
Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackThis will be short, ranty and to the point: these warnings are getting ridiculous:
I know, tell you something you don't...
Weekly Update 129
Presently sponsored by: Twilio: If you only offer 2FA via SMS, your customers are at risk. Learn about our Authy API and how to better protect your user accounts.Heaps of stuff going on this week with all sorts of...
Weekly Update 128
Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackI'm not intentionally pushing these out later than usual, but events have just been such over the last few weeks that it's...
Weekly Update 127
Presently sponsored by: Twilio: Want to uplevel your authentication? Need to get off risky SMS 2FA? Learn about how you can with the Authy API...It was another travel week so another slightly delayed weekly update, but still plenty of...
Weekly Update 126
Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackAnother week, another conference. This time it was Microsoft Ignite in Sydney and as tends to happen at these events, many casual...
The Race to the Bottom of Credential Stuffing Lists; Collections #2 Through #5 (and More)
Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackA race to the bottom is a market condition in which there is a surplus of a commodity relative to the demand...
Weekly Update 125
Presently sponsored by: Twilio: Learn what regulations like PSD2 mean for your business, and how Twilio can help you achieve secure, compliant transactionsI'm back home! It was an amazing trip in many ways, not least of which was the...
Weekly Update 124
Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackI'm pumping this weekly update out a little bit later, pushing it just before I get on the plane back home to...
Weekly Update 123
Presently sponsored by: Twilio: Learn about why building your own 2FA solution is risky and expensive. Use our Authy API to add 2FA to your app in a matter of days.So it's been a bit of a crazy week....
Weekly Update 122
Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackAnd then there was the biggest data breach to go into HIBP ever! I wrote that sentence from home just after publishing...
The 773 Million Record “Collection #1” Data Breach
Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackMany people will land on this page after learning that their email address has appeared in a data breach I've called "Collection...
Weekly Update 121
Presently sponsored by: Twilio: Need to add 2FA quickly to your application? Use the Authy API to easily add more than just SMS 2FA within a matter of days.Well, it's one more sunny weekly update then snow time again...
No, Spotify Wasn’t Hacked
Presently sponsored by: Twilio: Learn how developers can now create and issue physical and virtual credit cards with just a few lines of code.Time and time again, I get emails and DMs from people that effectively boil down to...
Weekly Update 120
Presently sponsored by: Quantum computing may spell the end of RSA and elliptic curve cryptography. Get ahead of quantum threats with tips from DigiCert's CTOAnd then it was 2019. Funny how quickly it gets away from you, someone just...
2018 Retrospective
Presently sponsored by: Quantum computing may spell the end of RSA and elliptic curve cryptography. Get ahead of quantum threats with tips from DigiCert's CTOI started doing these retrospectives 3 years ago in my first year of independence. I...
10 Personal Finance Lessons for Technology Professionals
Presently sponsored by: Quantum computing may spell the end of RSA and elliptic curve cryptography. Get ahead of quantum threats with tips from DigiCert's CTOPatience.Frugality.Sacrifice.When you boil it down, what do those three things have in common? Those are...
Weekly Update 119
Presently sponsored by: Build scalable, reliable and secure cloud native applications with Tech FabricI'm home! And it's a nice hot Christmas! And I've got a new car! And that's where the discussion kinda started heading south this week. As...
Weekly Update 118
Presently sponsored by: strongDM: Use your SSO to grant/revoke access to any database or server. Audit every query, ssh command, and RDP session. Watch a 45s demo.And that's it for Canada. I recorded this Saturday morning local before heading...
Weekly Update 117
Presently sponsored by: Netsparker - a scalable and dead accurate web application security solution. Scan thousands of web applications within just hours.I'm in Whistler! And as I say at the start of this video, I did seriously consider having...
Norwegian aluminum producer Norsk Hydro hit by an unspecified cyberattack
Norwegian aluminum producer Norsk Hydro was hit by a cyber attack which began Monday evening and escalated into the night.
The Norwegian National Security Authority (NSM) declined to comment on what type of attack it was but said the extent...
Glitch exposes Sprint customer data to other users
A bug
has allowed some Sprint customers to see the personal data of other customers from
their online accounts.
The information visible includes names, cell phone numbers as well as calls made by other users and, and a Tech Crunch report cited...
6 Ways Mature DevOps Teams Are Killing It in Security
New survey shows where "elite" DevOps organizations are better able to incorporate security into application security.
Ransomware drops the Lillehammer on Norsk Hydro: Aluminium giant forced into manual mode after systems scrambled
Norway the power and metals wrangler could have seen this one coming Norwegian power and metals giant Norsk Hydro is battling an extensive ransomware infection on its computers.…
Old Tech Spills Digital Dirt on Past Owners
Researcher buys old computers, flash drives, phones and hard drives and finds only two properly wiped devices out of 85 examined.
