Create courses for Pluralsight and am a Microsoft Regional Director and MVP who travels the world speaking at events and training technology professionals.
The RSS's url is : https://www.troyhunt.com/rss/
2024-05-12 13:22:22
The Post Millennial breach in this week's video is an interesting one, most notably because of the presence of the mailing lists. Now, as I've said in every piece of communication I've put out on this incident, the lists are what whoever defaced the
2024-05-03 08:57:10
How many different angles can you have on one data breach? Facial recognition (which probably isn't actual biometrics), gambling, offshore developers, unpaid bills, extortion, sloppy password practices and now, an arrest. On pondering it more after today's livestream, it's the unfathomable stupidity of publishing
2024-04-28 17:15:06
Banks. They screw us on interest rates, they screw us on fees and they screw us on passwords. Remember the old "bank grade security" adage? I took this saying to task almost a decade ago now but it seems that at least as far as password advice goes,
2024-04-23 12:02:51
"More Data Breaches Than You Can Shake a Stick At". That seems like a reasonable summary and I suggest there are two main reasons for this observation. Firstly, there are simply loads of breaches happening and you know this already because, well, you read my stuff! Secondly, There
2024-04-15 07:44:00
Data breach verification: that seems like a good place to start given the discussion in this week's video about Accor. Watch the vid for the whole thing but in summary, data allegedly taken from Accor was published to a popular hacking forum and the headlines inevitably followed. However,
2024-04-08 13:18:39
I suggest, based on my experiences with data breaches over the years, that AT&T is about to have a very bad time of it. Class actions following data breaches have become all too common and I've written before about how much I despise them. The trouble
2024-03-30 14:55:00
A serious but not sombre intro this week: I mentioned at the start of the vid that I had the classic visor hat on as I'd had a mole removed from my forehead during the week, along with another on the back of my hand. Here in Australia,
2024-03-25 10:08:07
Let's get straight to the controversial bit: email address validation. A penny-drop moment during this week's video was that the native browser address validator rejects many otherwise RFC compliant forms. As an example, I asked ChatGTP about the validity of the pipe symbol during the live
2024-03-19 14:39:27
I hate having to use that word - "alleged" - because it's so inconclusive and I know it will leave people with many unanswered questions. (Edit: 12 days after publishing this blog post, it looks like the "alleged" caveat can be dropped, see the
2024-03-18 15:40:08
I'm in Japan! Without tripod, without mic and having almost completely forgotten to do this vid, simply because I'm enjoying being on holidays too much 😊 It was literally just last night at dinner the penny dropped - "don't I normally do something
2024-03-12 15:17:37
Over the last 6 years, we've been very happy to welcome dozens of national governments to have unhindered access to their domains in Have I Been Pwned, free from cost and manual verification barriers. Today, we're happy to welcome Liechtenstein's National Cyber Security Unit
2024-03-10 12:38:23
Let me begin by quoting Stefan during the livestream: "Turns out having tons of data integrity is expensive". Yeah, and working with tons of data in a fashion that's both fast and cost effective is bloody painful. I'm reminded of the old
2024-03-07 15:51:01
Back in 2018, we started making Have I Been Pwned domain searches freely available to national government cybersecurity agencies responsible for protecting their nations' online infrastructure. Today, we're very happy to welcome Germany as the 35th country to use this service, courtesy of their CERTBund department. This
2024-03-03 14:12:19
How on earth are we still here? You know, that place where breached companies stand up and go all Iraqi information minister on the incident as if somehow, flatly denying the blatantly obvious will make it all go away. It's the ease of debunking the "no breach
2024-02-24 11:52:45
It's just been a joy to watch the material produced by the NCA and friends following the LockBit takedown this week. So much good stuff from the agencies themselves, not just content but high quality trolling too. Then there's the whole ecosystem of memes that have