Saturday, January 19, 2019

Weekly Update 122

Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackAnd then there was the biggest data breach to go into HIBP ever! I wrote that sentence from home just after publishing...

Weekly Update 121

Presently sponsored by: Twilio: Need to add 2FA quickly to your application? Use the Authy API to easily add more than just SMS 2FA within a matter of days.Well, it's one more sunny weekly update then snow time again...

Weekly Update 120

Presently sponsored by: Quantum computing may spell the end of RSA and elliptic curve cryptography. Get ahead of quantum threats with tips from DigiCert's CTOAnd then it was 2019. Funny how quickly it gets away from you, someone just...

Weekly Update 119

Presently sponsored by: Build scalable, reliable and secure cloud native applications with Tech FabricI'm home! And it's a nice hot Christmas! And I've got a new car! And that's where the discussion kinda started heading south this week. As...

Weekly Update 118

Presently sponsored by: strongDM: Use your SSO to grant/revoke access to any database or server. Audit every query, ssh command, and RDP session. Watch a 45s demo.And that's it for Canada. I recorded this Saturday morning local before heading...

Weekly Update 117

Presently sponsored by: Netsparker - a scalable and dead accurate web application security solution. Scan thousands of web applications within just hours.I'm in Whistler! And as I say at the start of this video, I did seriously consider having...

Weekly Update 116

Presently sponsored by: Do you desire peace of mind? The hackers don't wait, secure your website and mobile apps with Gold Security today.I'm on countdown to take-off for the next 2 and a bit weeks so I'm going to...

Weekly Update 115

Presently sponsored by: DigiCert: Anyone with an internet connection can compromise unsecured IoT systems. See how PKI can help solve IoT security challengesI'm pushing this out a day late so firstly, apologies for the break in what's otherwise a...

Weekly Update 114

Presently sponsored by: Build scalable, reliable and secure cloud native applications with Tech FabricIt's a no-blog week, but that doesn't mean any less is happening! This week, I've finally wrapped up the Lego Bugatti, got myself into the new...

Weekly Update 113

Presently sponsored by: Netsparker - a scalable and dead accurate web application security solution. Scan thousands of web applications within just hours.Bit of a change of scenery this week; I've gone to the other end of the house whilst...

Weekly Update 112

Presently sponsored by: Do you desire peace of mind? The hackers don't wait, secure your website and mobile apps with Gold Security today.Wow, didn't the passwords discussions go nuts this week! Passwords suck and they must die, they're never...

Weekly Update 111

Presently sponsored by: DigiCert — RSA and ECC won't last forever. We're getting a head start on quantum-proof security now. See how.On my first attempt at recording this, I decided the framing was crooked after a couple of minutes...

Weekly Update 110

Presently sponsored by: Build scalable, reliable and secure cloud native applications with Tech FabricI'm home! And home for another 6 weeks at that which is rather exciting if I'm honest. Travel really takes its toll in so many ways...

Weekly Update 109

Presently sponsored by: Netsparker - dead accurate web application security scanning solution - Scan websites for SQL Injection, XSS & other vulnerabilitiesLast one before home time! But it has been an epic trip and as I say in the...

Weekly Update 108

Presently sponsored by: Do you desire peace of mind? The hackers don't wait, secure your website and mobile apps with Gold Security today.I'm in Texas! And I've had enough BBQ to last me a very long time. I'm here...

Weekly Update 107

Presently sponsored by: Quantum computing may spell the end of RSA and elliptic curve cryptography. Get ahead of quantum threats with tips from DigiCert's CTOIt's another "business as usual" week; past events, upcoming events, major security news, someone forgetting...

Weekly Update 106

Presently sponsored by: DigiCert Pro Tips: From locks to thermostats, IoT devices are everywhere in hospitality. Keep them secure with these 6 guidelines.Home again! Another NDC is down and I talk a little about how the talks were rated...

Weekly Update 105

Presently sponsored by: Build scalable, reliable and secure cloud native applications with Tech FabricIt's another day-late weekly update courtesy of another hectic week. Scott and I were at NDC Sydney doing a bunch of talks and other events and...

Weekly Update 104

Presently sponsored by: Netsparker - dead accurate web application security scanning solution - Scan websites for SQL Injection, XSS & other vulnerabilitiesWe're on a boat! This week, Scott Helme is back in town so I'm treating him to a...

Weekly Update 103

Presently sponsored by: Do you desire peace of mind? The hackers don't wait, secure your website and mobile apps with Gold Security today.It's been a week of travel for me with API Days in Melbourne on Tuesday, Fortinet Fast...
ZDNet

Websites can steal browser data via extensions APIs

Researcher finds nearly 200 Chrome, Firefox, and Opera extensions vulnerable to attacks from malicious sites.
Security Affairs

6 Reasons We Need to Boost Cybersecurity Focus in 2019

Paying attention to cybersecurity is more important than ever in 2019. But, some companies are still unwilling to devote the necessary resources to securing their infrastructures against cyberattacks, and naive individuals think they’re immune to the tactics of cybercriminals,...
isBuzz

Fortnite Vulnerabilities Allow Hackers To Take Over Gamers’ Accounts, Data And In-Game Currency

Cybersecurity researchers today shared details of vulnerabilities that could have affected any player of the hugely popular online battle game, Fortnite. If exploited, the vulnerability would have given an attacker full access to a user’s account and their personal information  as well...

DNC Accuses Russia, ACLU Sues ICE, and More Security News This Week

Trump dominated security headlines this week, but there's plenty of other news to catch up on.
SecurityWeek

Bulgaria Extradites Russian Hacker to US: Embassy

Bulgaria has extradited a Russian indicted by a US court for mounting a complex hacking scheme to the United States, the Russian embassy in Washington said Saturday. read more