Clik here to view.
The Red Cross Blood Service: Australia's largest ever leak of personal data
Sponsored by: Barkly - Make security something your users actually care about. Download the IT Pro's Guide to Raising Security Awareness.I don't give blood as much as I should. My wife has a much...
View ArticleClik here to view.
Weekly update 6
Sponsored by: Barkly - Make security something your users actually care about. Download the IT Pro's Guide to Raising Security Awareness.I'm home! Ideally, I'd be home recovering from travel but it...
View ArticleClik here to view.
Apple's desensitisation of the human race to fundamental security practices
Sponsored by: Sucuri: Incident Response, Monitoring, DDoS mitigation and WAF for websitesMy son turned 7 earlier this month. I've been getting him into coding and teaching him the fundamentals of using...
View ArticleClik here to view.
The public Have I been pwned API now has a Creative Commons Attribution license
Sponsored by: Sucuri: Incident Response, Monitoring, DDoS mitigation and WAF for websitesWe're now going on almost 3 years since I introduced the Have I been pwned (HIBP) API. In fact it was one of the...
View ArticleClik here to view.
New Pluralsight Course: Modernizing Your Deployment Strategy with Octopus Deploy
Sponsored by: Sucuri: Incident Response, Monitoring, DDoS mitigation and WAF for websitesHere's a little-known fact for folks that have only tuned in more recently: I had a life before doing security...
View ArticleClik here to view.
Ubiquiti all the things: how I finally fixed my dodgy wifi
Sponsored by: Sucuri: Incident Response, Monitoring, DDoS mitigation and WAF for websitesI'm increasingly of the view that both my time and my sanity are worth more and more as the years progress....
View ArticleClik here to view.
Weekly update 7 (the island edition)
Sponsored by: Sucuri: Incident Response, Monitoring, DDoS mitigation and WAF for websitesApparently, after doing several weekly updates from different locations across the globe, last week's one from...
View ArticleClik here to view.
Offshoring roulette: lessons from outsourcing to India, China and the...
Sponsored by: Sucuri: Incident Response, Monitoring, DDoS mitigation and WAF for websitesI've had this blog post in one form or another of draft for several years now. I hesitated to complete it, in...
View ArticleClik here to view.
The Capgemini leak of Michael Page data via publicly facing database backup
Sponsored by: Sucuri: Incident Response, Monitoring, DDoS mitigation and WAF for websitesA couple of weeks ago I wrote about the leak of data from the Red Cross' Blood Service down here in Australia....
View ArticleClik here to view.
Weekly update 8 (the backyard edition)
Sponsored by: Sucuri: Incident Response, Monitoring, DDoS mitigation and WAF for websitesLet's get this out of the way early - I did not shoot this video on a green screen! When I first watched it, I...
View ArticleClik here to view.
New Pluralsight course: Exploring the Internet of Vulnerabilities
Sponsored by: Sucuri: Incident Response, Monitoring, DDoS mitigation and WAF for websitesI've done a number of "Play by Play" courses for Pluralsight this year on a range of topics including Social...
View ArticleClik here to view.
Disqus' mixed content problem and fixing it with a CSP
Sponsored by: Sucuri: Incident Response, Monitoring, DDoS mitigation and WAF for websitesI write a blog with a lot of security things on it so understandably, it upsets me somewhat when my site throws...
View ArticleClik here to view.
My weekly updates are now available as an audio podcast
Sponsored by: Sucuri: Incident Response, Monitoring, DDoS mitigation and WAF for websitesI've been doing the weekly updates for a couple of months now and by all accounts, they've been very...
View ArticleClik here to view.
Data breach claims are often poorly researched, unsubstantiated and...
Sponsored by: Sucuri: Incident Response, Monitoring, DDoS mitigation and WAF for websitesI have multiple Yahoo data breaches. I have a Twitter data breach. I have Facebook data breaches. I know they...
View ArticleClik here to view.
8 million GitHub profiles were leaked from GeekedIn's MongoDB - here's how to...
Sponsored by: Sucuri: Incident Response, Monitoring, DDoS mitigation and WAF for websitesLet me make it crystal clear in the opening paragraph: this incident is not about any sort of security...
View ArticleClik here to view.
Weekly update 9
Sponsored by: Sucuri: Incident Response, Monitoring, DDoS mitigation and WAF for websitesLots on this week and I'm very happy to have finally got myself organised and set up an audio podcast feed. It's...
View ArticleClik here to view.
Ad blockers are part of the problem
Sponsored by: Sucuri: Incident Response, Monitoring, DDoS mitigation and WAF for websitesEarlier this year, I wrote about bad user experiences on websites and foremost among these were the shitty...
View ArticleClik here to view.
Handling people's personal data is sensitive business
Sponsored by: Sucuri: Incident Response, Monitoring, DDoS mitigation and WAF for websitesLast week I wrote about how 8 million GitHub profiles were leaked from GeekedIn's MongoDB which is always a risk...
View ArticleClik here to view.
Have I been pwned and spam lists of personal information
Sponsored by: Sucuri: Incident Response, Monitoring, DDoS mitigation and WAF for websitesOne of the things I'm finding with running Have I been pwned (HIBP) is that over time, my approach is changing....
View ArticleClik here to view.
Get "The Information Security Big Picture" on Pluralsight now!
Sponsored by: Sucuri: Incident Response, Monitoring, DDoS mitigation and WAF for websitesIf you're here reading this then it probably won't come as a big surprise but brace yourself anyway - we have a...
View Article