Category Archives: Weekly update

Weekly Update 130

Presently sponsored by: Twilio: Passwords are no longer enough. Two-factor authentication improves security, implement fast with 'Twilio's Authy API.'

Weekly Update 130

Well that was a hell of a week of travel. Seriously, the Denver situation was just an absolute mess but when looking at the video from the day I was meant to fly in, maybe being stuck in LA wasn't such a bad thing after all:

But despite the dramas I did still (just) make it and got to do my talk so as close as it was, I'm still yet to miss one. This week I'm talking about a bunch of different travel things, upcoming events, data breaches and those ridiculous bloody cookie warnings everyone hates so much. Next week I'll be in Seattle and will probably also be pushing the update out a little late, but I will still be pushing it out. Until then, here's the week that was:

Weekly Update 130
Weekly Update 130
Weekly Update 130

References

  1. I'll be keynoting at the Akamai Security Summit World tour in Sydney (it's on Thursday 28 of this month)
  2. Then I'll be doing another NDC meetup in Sydney (like Brisbane and Melbourne, that event will be oversubscribed so get in early)
  3. ixigo denies a breach (but resets everyone's passwords anyway...)
  4. These cookie warnings are absolutely ridiculous (they always were, but GDPR just continues the insanity)
  5. Ad blockers are also part of this whole problem (killing all ads - even those run responsibly - just makes the whole thing even worse)
  6. Varonis is this week's blog sponsor (watch their DFIR team investigate a cyberattack using their data-centric security stack)

Weekly Update 129

Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stack

Weekly Update 129

Heaps of stuff going on this week with all sorts of different bits and pieces. I bought a massive new stash of HIBP stickers (1ok oughta last... a few weeks?), I'll be giving them out at a heap of upcoming events, I was on the Darknet Diaries podcast (which is epic!) plus there's more insights into the ShareThis data breach and the ginormous verifications.io incident. Oh - and Udemy is still pirating my content, here's the tweet if you'd like to let them know how you feel about that:

Next week I'll be coming from the US, either Denver or New York depending on how time goes. I'm sure not much will happen between now and then...

Weekly Update 129
Weekly Update 129
Weekly Update 129

References

  1. I was on the Darknet Diaries podcast about the RockYou data breach (add this one to your regular list, Jack does a fantastic job of it)
  2. The ShareThis breach had people in there who never expected to be in there (that's a link to last week's weekly update, check out the comments there for more info)
  3. There's now 763 million more records in HIBP (you didn't give your data to verifications.io and neither did I, but they left it all sitting there open to the world)
  4. Udemy has got a long history of pirating and selling other people's content (no, they're not like YouTube, not unless they want to drop the facade of being a platform with quality content)
  5. Twilio is sponsoring my blog again this week (check out their stuff on implementing 2FA, it can be dead easy)

Weekly Update 128

Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stack

Weekly Update 128

I'm not intentionally pushing these out later than usual, but events have just been such over the last few weeks that it's worked out that way. This one really is a short one though as there hasn't been a lot of newsworthy stuff going on this week, other than the new Instamics I picked up which are rather cool. The audio recording did work well (I mentioned in the video I wasn't sure if it was functioning correctly), and it's pretty damn good quality for what it is. Certainly better than my old Rhode lapel mic, but obviously not up to the standard of the Electro-Voice I use for professional recording.

Next week I expect I'll be a little more organised and have some more content but until then, here's a succinct 14 minutes worth of what's new on my side:

Weekly Update 128
Weekly Update 128
Weekly Update 128

References

  1. I bought some Instamics (these are very cool units, but the firmware update process is worrying)
  2. We've got a free NDC meetup in Melbourne soon (Brisbane sold out early and Melbourne looks like doing the same)
  3. We're bringing NDC to New York! (I'll be there doing a workshops and talks)
  4. I loaded the Dubsmash data breach into HIBP (also just pushed the button on ShareThis)
  5. Varonis is sponsoring my blog this week (more from them on their DFIR team investigating a cyberattack)

Weekly Update 127

Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stack

Weekly Update 127

It was another travel week so another slightly delayed weekly update, but still plenty of stuff going on all the same. Along with a private Sydney workshop earlier on, I'm talking about some free upcoming NDC meetup events in Brisbane and Melbourne and I'd love to get a great turnout for. I've just ordered 10k more HIBP stickers to last me through upcoming events so they'll be coming with me.

In other news, there was old news appearing as new news about how hosed you are if your machine is compromised with the level of hosing extending to your password manager. This will inevitably be another one of these times where something gets blown out of proportion (and context) in some of the news headlines then we'll all go back to more sane discussions about assessing relative risks, likelihoods and impacts. There's also a very stead feed of breaches making their way into HIBP after appearing for sale on dark web marketplaces so I give a bit of an update on those as well.

All that and more this week in a slightly shorter form than usual, enjoy!

Weekly Update 127
Weekly Update 127
Weekly Update 127

References

  1. Catch me in Brisbane next week at the NDC meetup (free, and very close to capacity already)
  2. Or catch me in Melbourne a couple of weeks later for the NDC meetup there (that event has just gone up so there's tickets left, but there's also strong interest)
  3. Order yourself some Have I Been Pwned stickers (and help me by using the referral code in that blog post so I can buy more to give away at events)
  4. Twilio is sponsoring my blog this week (they're talking about how easy it is to use Authy for 2FA instead of risky SMS)

Weekly Update 126

Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stack

Weekly Update 126

Another week, another conference. This time it was Microsoft Ignite in Sydney and as tends to happen at these events, many casual meetups, chats, beers, selfies, delivery of HIBP stickers and an all-round good time, albeit an exhausting one. That's why I'm a day late this week having finally arrived home late last night.

Moving on though, I've got a bunch of other events coming up particularly in conjunctions with the folks at NDC. Brisbane in a couple of weeks, Gold Coast in April then Minnesota in May. Oh - plus Oslo in June and stretching out beyond that, Sydney in October. The link in the references below about how conferences can help keep speakers happy (or piss them off, as it may be), explains why I keep doing these events. All that plus more data breach news and my thoughts on the subsequent lists of credential stuffing data.

Weekly Update 126
Weekly Update 126
Weekly Update 126

References

  1. I'm doing a free user group in Brisbane for NDC on Thursday 28 Feb (this will be a really casual presentation, Q&A and fun night out)
  2. Speaking of NDC, the show will be on in my home town of the Gold Coast in late April (that's a dedicated security event which Scott Helme will be down for too)
  3. Speaking of NDC, I'll also be at NDC Minnesota in May (Hack Yourself First workshop and a shiny keynote)
  4. The reason I keep doing NDC events is because they don't do any of these things! (that's the 10 things conferences do to upset their speakers)
  5. A heap of new data was leaked earlier on in the week (EyeEm has since been loaded into HIBP)
  6. And then even more data breaches were announced a couple of days ago (I'll obviously be keeping an eye out for those too)
  7. All these new data breaches are already starting to make the debate around credential stuffing collections a memory (but as I explain in that post, I think we're past hyping every single one of them up)

Weekly Update 125

Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stack

Weekly Update 125

I'm back home! It was an amazing trip in many ways, not least of which was the time it gave both Scott and myself to reflect on workload and managing lives which can be a bit of a never-ending series of commitments. To that effect, I've been backing off Twitter a bit and as I say in this update, I very quickly remembered why after a couple of short engagements yesterday. But moving forward, it's Microsoft Ignite in Sydney next week and that should be a great event, plus I'm talking about Google's Password Checkup extension and the other credential stuffing list "collections" I keep getting asked about. On that last point, I explain my hesitation with them in the video so for those curious about my opinion, hopefully this helps shed some light on things.

Weekly Update 125
Weekly Update 125
Weekly Update 125

References

  1. As much as people may disagree with me online, I've never had a physical or even verbal confrontation in person (that's a link to an incident that panned out very differently for the bloke involved)
  2. Microsoft Ignite is in Sydney next week (I'll be there doing a bunch of different things, come by and say hi if you're around)
  3. Google launched their Password Checkup tool (if this helps people improve their personal security, I'm all for it!)
  4. Twilio is sponsoring my blog this week (they're talking about the PSD2 reg in the EU)

Weekly Update 124

Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stack

Weekly Update 124

I'm pumping this weekly update out a little bit later, pushing it just before I get on the plane back home to Australia. I've just wrapped up a week in London with Scott doing all things NDC including a couple of days of workshops and a couple of talks each. We discuss that, and how the UK seems to have an odd infatuation with doing anything that could even remotely be deemed a health and safety risk.

On a more serious note, we talk about the emotional toll of the things we do, namely the never ending charging forward with projects like Report URI and HIBP, along with the training, conference talks and what seems like a never-ending pit of emails. I really want to talk more about this in future because whilst I don't personally feel like I'm suffering from burn-out, I can see how that would be the inevitable conclusion of doing too much of this for too long. As I say in the video, I (and Scott) welcome all comments on this.

Weekly Update 124
Weekly Update 124
Weekly Update 124

References

  1. The January NDC events are behind us, but the next one I'll be at is extra cool 😎 (home town on the Gold Coast, this was sensational last year, hoping to see a bunch of Aussie friends there)
  2. Varonis is sponsoring my blog this week (watch their DFIR team investigate a cyberattack using their data-centric security stack )

Weekly Update 123

Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stack

Weekly Update 123

So it's been a bit of a crazy week. I got onto the plane in Australia on Thursday evening just as Europe was waking up to the news of the 773M email address credential stuffing list I loaded into HIBP. And then the flood began; blog comments, emails, tweets - it was an absolute deluge. I spent the flight fielding the ones I could, landed in Oslo and dealt with more on the way up the mountain then frankly, got there and tuned out. Out of office on, blog comments closed and tweets ignored. This trip was planned downtime with my son and good friends and I really needed it.

In this week's update, I talk about the coverage of that event with Scott Helme while sitting in Oslo during a break in our workshops. We also talked about what frankly, became a bit of a spectacle: the VLC debate about serving updates over HTTP. I'll link to that in the references below and you can hear Scott's and my thoughts on it there. Next week, we'll both be in London at the NDC conference so Scott will join me again for another update then.

Weekly Update 123
Weekly Update 123
Weekly Update 123

References

  1. That 733M email address credential stuffing list (this post so clearly laid out all the facts, there was absolutely no room left for misinterpretation)
  2. The Hacker News piece on VLC serving updates over HTTP got way out of control (this escalated way too quickly and and became a pretty negative spectacle to watch)
  3. Twilio is sponsoring my blog this week (they're talking about using Authy to add 2FA to your app)

Weekly Update 122

Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stack

Weekly Update 122

And then there was the biggest data breach to go into HIBP ever! I wrote that sentence from home just after publishing all the data, then I got on a plane...

Holy cow that's a lot of emails! Hundreds upon hundreds of emails came in whilst on the way to Dubai, more than I'll ever be able to respond to. Plus, I'm actually trying to have some downtime with my son on this trip particularly over the next few days so a bunch of stuff is going to have to go unanswered or at best, delayed. Mind you, a heap of them were asking questions already addressed in the blog post, but that's just the nature of the internet.

What I will say is that if you're interested in more details on this incident, do read the comments. It'll give you a sense of the way this sort of thing impacts everyday people, and it'll also give you a sense of the sort of comments I have to deal with after these incidents...

Weekly Update 122
Weekly Update 122
Weekly Update 122

References

  1. I'm going to be in Oslo next week (Hack Yourself First workshop and NDC Security conference)
  2. Then in London the week after that (Hack Yourself First workshop and NDC conference)
  3. And I'll be in Denver for SnowFROC in March (cyber-something keynote 🙂)
  4. That 733M record breach (oh boy, this thing was a mammoth processing job!)
  5. Varonis is sponsoring my blog this week (they're talking about their DFIR team investigating cyberattacks)

Weekly Update 121

Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stack

Weekly Update 121

Well, it's one more sunny weekly update then snow time again so I've gone particularly beachy today. I'm also particularly breachy, talking about a massive combo list I'm presently pondering for inclusion in HIBP. These lists are frequently used for account takeover attacks against the likes of Spotify which is the subject of this week's blog post. Plus, I'm talking a bit about a bunch of Ubiquiti bits I'll be installing soon to fix the problem seen below:

Oh - and I did end up heading out on the water with Kevin Mitnick, albeit on the boat. I think it's alright. Maybe...

Weekly Update 121
Weekly Update 121
Weekly Update 121

References

  1. In case you missed it, here was my first foray into Ubiquiti (tl;dr - consumer grade gear sucks so I went totally overboard and couldn't be happier 🙂)
  2. Spotify hasn't been breached (people will argue who's responsible, but at the very least let's agree on the mechanics of what's happened)
  3. Twilio are sponsoring this week's blog post (remember, they own Authy and there's some pretty good content on that link about how to use it to set up 2FA on your site)

Weekly Update 120

Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stack

Weekly Update 120

And then it was 2019. Funny how quickly it gets away from you, someone just posted on my 2018 retrospective blog post this week and asked why I didn't include my congressional testimony and if I'm honest, it took me a bit to think about why as well (it was in 2017). But we're here now so it's back to business as usual blog wise.

This week is dominated by the personal finance lessons blog post. This has gotten massive traction this week and has been read by tens of thousands of people. But perhaps what surprises me most is that out of all the feedback I've had, there's only been one negative comment. O-n-e. Frankly, I'm not even sure he actually absorbed the content as the comment was very specifically addressed in the post, but that forms one little part of everything I cover in this week's update. I also touch on the aforementioned 2018 retrospective which I've been doing these last few years as a little reminder of what I've been up to.

This is (probably?) the longest weekly update I've done so far and I do hope it helps add a bit more personality and context to that finance blog post. Do please continue to share feedback and ask questions, I've really enjoyed seeing people get motivated by it.

Weekly Update 120
Weekly Update 120
Weekly Update 120

References

  1. If you're working in tech, you're in a better position than just about anyone to have a fantastic financial position (and even you're not in tech, I hope there's a lot of valuable content here)
  2. My 2018 was surprisingly similar to my 2017 in many ways (but hidden within the travel stats was a lot more time spent with my family)
  3. DigiCert is sponsoring my blog this week, and they're talking about the impact of quantum computing on crypto (this is a genuinely fascinating aspect of infosec)