Tuesday, March 19, 2019

Weekly Update 130

Presently sponsored by: Twilio: Passwords are no longer enough. Two-factor authentication improves security, implement fast with 'Twilio's Authy API.'Well that was a hell of a week of travel. Seriously, the Denver situation was just an absolute mess but when...

Weekly Update 129

Presently sponsored by: Twilio: If you only offer 2FA via SMS, your customers are at risk. Learn about our Authy API and how to better protect your user accounts.Heaps of stuff going on this week with all sorts of...

Weekly Update 128

Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackI'm not intentionally pushing these out later than usual, but events have just been such over the last few weeks that it's...

Weekly Update 127

Presently sponsored by: Twilio: Want to uplevel your authentication? Need to get off risky SMS 2FA? Learn about how you can with the Authy API...It was another travel week so another slightly delayed weekly update, but still plenty of...

Weekly Update 126

Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackAnother week, another conference. This time it was Microsoft Ignite in Sydney and as tends to happen at these events, many casual...

Weekly Update 125

Presently sponsored by: Twilio: Learn what regulations like PSD2 mean for your business, and how Twilio can help you achieve secure, compliant transactionsI'm back home! It was an amazing trip in many ways, not least of which was the...

Weekly Update 124

Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackI'm pumping this weekly update out a little bit later, pushing it just before I get on the plane back home to...

Weekly Update 123

Presently sponsored by: Twilio: Learn about why building your own 2FA solution is risky and expensive. Use our Authy API to add 2FA to your app in a matter of days.So it's been a bit of a crazy week....

Weekly Update 122

Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackAnd then there was the biggest data breach to go into HIBP ever! I wrote that sentence from home just after publishing...

Weekly Update 121

Presently sponsored by: Twilio: Need to add 2FA quickly to your application? Use the Authy API to easily add more than just SMS 2FA within a matter of days.Well, it's one more sunny weekly update then snow time again...

Weekly Update 120

Presently sponsored by: Quantum computing may spell the end of RSA and elliptic curve cryptography. Get ahead of quantum threats with tips from DigiCert's CTOAnd then it was 2019. Funny how quickly it gets away from you, someone just...

Weekly Update 119

Presently sponsored by: Build scalable, reliable and secure cloud native applications with Tech FabricI'm home! And it's a nice hot Christmas! And I've got a new car! And that's where the discussion kinda started heading south this week. As...

Weekly Update 118

Presently sponsored by: strongDM: Use your SSO to grant/revoke access to any database or server. Audit every query, ssh command, and RDP session. Watch a 45s demo.And that's it for Canada. I recorded this Saturday morning local before heading...

Weekly Update 117

Presently sponsored by: Netsparker - a scalable and dead accurate web application security solution. Scan thousands of web applications within just hours.I'm in Whistler! And as I say at the start of this video, I did seriously consider having...

Weekly Update 116

Presently sponsored by: Do you desire peace of mind? The hackers don't wait, secure your website and mobile apps with Gold Security today.I'm on countdown to take-off for the next 2 and a bit weeks so I'm going to...

Weekly Update 115

Presently sponsored by: DigiCert: Anyone with an internet connection can compromise unsecured IoT systems. See how PKI can help solve IoT security challengesI'm pushing this out a day late so firstly, apologies for the break in what's otherwise a...

Weekly Update 114

Presently sponsored by: Build scalable, reliable and secure cloud native applications with Tech FabricIt's a no-blog week, but that doesn't mean any less is happening! This week, I've finally wrapped up the Lego Bugatti, got myself into the new...

Weekly Update 113

Presently sponsored by: Netsparker - a scalable and dead accurate web application security solution. Scan thousands of web applications within just hours.Bit of a change of scenery this week; I've gone to the other end of the house whilst...

Weekly Update 112

Presently sponsored by: Do you desire peace of mind? The hackers don't wait, secure your website and mobile apps with Gold Security today.Wow, didn't the passwords discussions go nuts this week! Passwords suck and they must die, they're never...

Weekly Update 111

Presently sponsored by: DigiCert — RSA and ECC won't last forever. We're getting a head start on quantum-proof security now. See how.On my first attempt at recording this, I decided the framing was crooked after a couple of minutes...
SC Magazine

Norwegian aluminum producer Norsk Hydro hit by an unspecified cyberattack

Norwegian aluminum producer Norsk Hydro was hit by a cyber attack which began Monday evening and escalated into the night. The Norwegian National Security Authority (NSM) declined to comment on what type of attack it was but said the extent...
SC Magazine

Glitch exposes Sprint customer data to other users

A bug has allowed some Sprint customers to see the personal data of other customers from their online accounts. The information visible includes names, cell phone numbers as well as calls made by other users and, and a Tech Crunch report cited...

6 Ways Mature DevOps Teams Are Killing It in Security

New survey shows where "elite" DevOps organizations are better able to incorporate security into application security.
The Register

Ransomware drops the Lillehammer on Norsk Hydro: Aluminium giant forced into manual mode after systems scrambled

Norway the power and metals wrangler could have seen this one coming Norwegian power and metals giant Norsk Hydro is battling an extensive ransomware infection on its computers.…

Old Tech Spills Digital Dirt on Past Owners

Researcher buys old computers, flash drives, phones and hard drives and finds only two properly wiped devices out of 85 examined.