Tuesday, February 18, 2020

Weekly Update 178

At Microsoft Ignite “The Tour” with Lars Klint; Sharenting, BYOD and Kids Online; Brave Browser and Donating BAT https://www.troyhunt.com/weekly-update-178/

Weekly Update 177

Back Home in Australia; Sydney Events; Chrome 80 Has Landed; The (second) Adult FriendFinder Data Breach; The Week in Tweets; Sponsored by Duo https://www.troyhunt.com/weekly-update-177/

Weekly Update 176

I Bought a Zoom H6 Recorder; Scott’s Talk on the History of Encryption; DHS Chief Using Have I Been Pwned; Scott’s Implant https://www.troyhunt.com/weekly-update-176/

Weekly Update 175

Ari’s Coding for Kids; Scott’s NDC Sessions; My NDC Sessions; Have I Been Pwned Hits 3M Subscribers; Scott Misses His Pi-hole https://www.troyhunt.com/weekly-update-175/

Weekly Update 174

Global Roaming Data Routing; Danish Government on HIBP; Baby’s First Data Breach; We Leak Info Takedown; Shape Sponsoring https://www.troyhunt.com/weekly-update-174/

Weekly Update 173

The NDC Conference is Coming to Melbourne; Twitter Passwords Poll; The Surebet247 Breach Handling Debacle; Varonis Sponsoring https://www.troyhunt.com/weekly-update-173/

Weekly Update 172

Tik Tok Password Criteria Madness; My Washing Machine SSID is Following Me; Chrome’s Impending SameSite Cookie Change; Varonis Sponsoring https://www.troyhunt.com/weekly-update-172/

Weekly Update 171

Bad Sophos Messaging Made Good; Bad GoGetSSL Messaging... Still Bad; Turkish Crime Family Sentence; Factual Data in HIBP; Sponsored by Varonis https://www.troyhunt.com/weekly-update-171/

Weekly Update 170

Microsoft Cyber Security Roundtable; Norwegian National Cyber Security Centre & Consumer Council; Why No HTTPS? Has Been Updated; Sponsored by Varonis https://www.troyhunt.com/weekly-update-170/

Weekly Update 169

Why No HTTPS? is Being Updated; GoGetSSL’s Crazy Ad; Kid Tracking Watches Pwned (Again); Generated Password Security Absolutism; Sponsored by Whois XML API https://www.troyhunt.com/weekly-update-169/

Weekly Update 168

YOW! Sydney / Brisbane / Melbourne; Have I Been Pwned’s 6th Birthday; Sectigo’s Phishing Cert; Crazy System-Generated Password Tweet; Sponsored by Whois XML API https://www.troyhunt.com/weekly-update-168/

Weekly Update 167

DDD Brisbane; Arguing About Kangaroos; Ari & Teaching Kids to Code in Oslo & London; Swiss Gov on Have I Been Pwned; Sponsored by IVPN https://www.troyhunt.com/weekly-update-167/

Weekly Update 166

Kangaroos! Norwegian Goverment & HIBP; Banks Looking Like Phishers; “Data Enrichment” Services & Data Breaches; Sponsored by IVPN https://www.troyhunt.com/weekly-update-166/

Weekly Update 165

Scott Helme’s “Hack Yourself First” Workshop; Googling Your Password; Charging to Change Your Password; 1Password’s Cash Injection; IVPN Sponsoring https://www.troyhunt.com/weekly-update-165/

Weekly Update 164

Nord & Credential Stuffing; Veritas, DNA & Breach; Azure & Free SSL; Sectigo DV Craziness; LinkedIn & security.txt; HSTS or GTFO; Sponsored by Varonis https://www.troyhunt.com/weekly-update-164/

Weekly Update 163

Speaking Events; Got a Bit Sick; Scott’s HYF Workshop; Zoho & Pwned Passwords; Stuff I See Messing Me Up; Adobe Breached (Again); Varonis Sponsoring https://www.troyhunt.com/weekly-update-163/

Weekly Update 162

Chrome and Mixed Content; Firefox has Killed the EV Indicator; Firefox HAS NOT Removed Support for EV; Zooville & Hookers.nl Data Breaches https://www.troyhunt.com/weekly-update-162/

Weekly Update 161

NDC Sydney; Removing the Padlock Icon from Chrome; Hack to the Future; Project Svalbard is Still in Progress; Sponsored by Varonis https://www.troyhunt.com/weekly-update-161/

Weekly Update 160

Back in Australia; Recording on iPhone 11 Pro; The UX of EEA GDPR 451 Messages; Visual Indicators and Elephants; Sponsored by Resistance DEX https://www.troyhunt.com/weekly-update-160/

Weekly Update 159

Geneva, Bern, Bellagio; Experiences at CERN; 10 Years of Blogging; Have I Been Pwned and Fake FCC Comments; Sponsored by Kolide https://www.troyhunt.com/weekly-update-159/

Sensitive plastic surgery images exposed online

Researchers at VPN advisory company vpnMentor have found yet another online data exposure caused by a misconfigured cloud database.

Lenovo, HP, Dell Peripherals Face Unpatched Firmware Bugs

A lack of proper code-signing verification and authentication for firmware updates opens the door to information disclosure, remote code execution, denial of service and more.

12 hottest new cybersecurity startups at RSA 2020

Starting on February 24, the RSA Conference (RSAC) 2020 gives security vendors old and new a chance to demonstrate their capabilities. The event has become an attractive venue for startups to make their debut. This year’s crop will be...

Hundreds of Millions of PC Components Still Have Hackable Firmware

The lax security of supply chain firmware has been a known concern for years—with precious little progress being made.

Remote Wipe Plugin Bug Hits 200,000+ WordPress Sites

Remote Wipe Plugin Bug Hits 200,000+ WordPress SitesSecurity researchers are warning of a new plugin vulnerability which is exposing over 200,000 WordPress sites to the risk of being remotely wiped by an attacker. The problem lies with versions 1.3.4 and...