Troy Hunt

Hi, I'm Troy Hunt, I write this blog, create courses for Pluralsight and am a Microsoft Regional Director and MVP who travels the world speaking at events and training technology professionals

869 posts

Weekly Update 185

I actually lost track of what week it was at the start of this video. Did I do the Aussie workshops last week? Or the week before? I know I was at home so... it's just all becoming a blur. But be that as it may, life marches on and this week like every other one before it was full of interesting cyber-things. I find the situation with Zoom in particular quite fascinating, particularly the willingness - even eagerness - that so many seem to have to throw the very tool that's bringing so many people together in a time of need under the security and privacy bus. More on that and a bunch of other things in this week's...

Reassuring Words and Good Intentions Don't Mean Good Security

How much can you trust the assertions made by an organisation regarding their security posture? I don't mean to question whether the statements are truthful or not, but rather whether they provide any actual assurance whatsoever. For example, nearly 5 years ago now I wrote about how "we take security seriously" was a ridiculous statement to make immediately after a data breach. It seems that not much has changed since then: “At Comodo we take security very seriously and it is our highest priority.” A classic opening to an all too familiar announcement. Not a good day for any #CyberSecurity company.@comododesktop @troyhunt #InfoSec #DataBreach pic.twitter.com/JxGzS9evtT — Nigel Cox (@Harlekwin_UK) October 2, 2019 “We take security...

Weekly Update 184

This has been an absolutely flat-out week between running almost 3 hours of our free Cyber-Broken talk with Scott Helme, doing an hour of code with Ari each day (and helping get up to speed with remote schooling) then running our Hack Yourself First workshop on Aussie time zones the last couple of days. But, especially given the current circumstances, I'm pretty happy with the result 😊 This week's update covers those events plus the onboarding of the USA government onto HIBP, an announcement I was very happy to make this week! Oh - and about the green screen - I don't know whether I'll stick with this for future weekly updates or not, I'm just enjoying the novelty factor for...

Welcoming the USA Government to Have I Been Pwned

Over the last 2 years I've been gradually welcoming various governments from around the world onto Have I Been Pwned (HIBP) so that they can have full and unfettered access to the list of email addresses on their domains impacted by data breaches. Today, I'm very happy to announce the expansion of this initiative to include the USA government by way of their US Cybersecurity and Infrastructure Security Agency (CISA). CISA now has the ability to query US government domains via API and receive notifications when they're impacted in subsequent data breaches. Over the coming months I expect to continue expanding the scope of government support in HIBP. For now, it's a big welcome to the USA and I'm enormously...

Coding With Ari, for Kids at Home

Strange times, these. But equally, a time to focus on new things and indeed a time to pursue experiences we might not have done otherwise. As Ari now spends his days learning from home, I wanted to really start focusing more on his coding not just for his own benefit, but for all the other kids out there who are in the same home-bound predicament he now finds himself in. So, this week we're going to do an hour of coding each morning and live stream it via YouTube. We'll take questions during the sessions and if you have anything you'd really like to see us cover, leave a comment below and we'll do our best to roll it into...

Weekly Update 183

Geez, where do I even begin? I honestly wasn't sure, then I could hear the kids playing in the background whilst I was setting up and per the video thought "yeah, stuff it, I'll leave that in" because as messed up as a bunch of stuff is, life goes on. And that's where I really wanted to start this week - what life looks like today. As I say in the video, it's paradoxical because it's all (mostly) very normal here, but it's painful to watch what's happening to friends around the world. It's also painful to watch what's happening to many friends here because although we're not (yet) in the same position as many other countries, businesses are suffering...

There is a Serious Lack of Corporate Responsibility During Breach Disclosures

Subject: Data Breach of [your service] Hi, my name is Troy Hunt and I run the ethical data breach notification service known as Have I Been Pwned: https://haveibeenpwned.com People regularly send me data from compromised systems which are being traded amongst individuals who collect breaches. Recently, a collection of data allegedly taken from the [your service] was sent to me and I believe there’s a high likelihood your site was indeed hacked. The data consists of an extensive number of records containing personal information. I wanted to send you what’s been sent to me and give you the opportunity to respond before I notify my subscribers impacted in the incident. Could someone responsible for information security...

Everything is Cyber-Broken, The Online Edition!

We're live! Video embedded below: Under normal circumstances, we'd be sitting on a stage, beers in hands and doing our (I think we can use this term now) "world famous" Cyber-broken talk. It's like Top gear for nerds. @troyhunt #NDCLondon pic.twitter.com/wxzhM6uOCG — HarryMiller (@HarryMillerr) January 31, 2019 Scott and I have been doing these for a couple of years now, initially as a bit of a space-filler at NDC Security on the Gold Coast. We did it again at NDC Oslo a few months later, turned it into the party talk in London earlier last year (tweet above) and have continued to do it at every NDC event we've done since. Normally, it'd look something...

Hack Yourself First Workshops in Australia, Denmark and Portugal (Virtually, of Course)

Of course it's virtual because let's face it, nobody is going anywhere at the moment. Plenty of you aren't even going into an office any more let alone fronting up to a conference with hundreds or even thousands of people. That sucks for you because you end up both missing out on events and sooner or later, suffering from cabin fever (I've always found that difficult across many years of remote work). It also sucks for companies like NDC Conferences whose entire livelihood is running the very events that people are now avoiding at all costs. It's a crisis, no doubt, yet... Crisitunity! The opportunity in all this is that we take the events online, massively expand their reach and...

Weekly Update 182

Geez, where do you even begin given how the world has turned just in the last week? I spend a good quarter hour at the start of this video talking about what I'll be doing, namely getting on with business and running a bunch of public workshops remotely in conjunction with Scott Helme. I felt genuinely excited talking about this; they'll be less than half the price of in-person events, no travel, no accommodation costs and we've both run a heap of these remotely in the past too so this is a pretty well-known process for us. We're also working on a bunch of ideas to make sure we don't lose "the hallway track" and the human interaction that makes...