I never used to do these "year in review" style things, but 2015 was a really foundational year for me in many ways so I wrote a 2015 retrospective [https://www.troyhunt.com/2015-retrospective/]. Thinking about it over the last few weeks as we approached the end of 2016, a bunch of stuff really stuck out in my mind and I think it's healthy to look back at what you've done and take a moment to reflect. Here are the things that were highlights for me: I launched a new blog One of the best things...

Last one of the year! And yes, it's summer, it's hot and I'm doing it by the pool. However, as I say in the intro, it's only a fortnight until I'll be back in London which is about as far away as you get in every sense. On a more serious note and harking back to my post on how much effort goes into an international speaking trip [https://www.troyhunt.com/heres-everything-that-goes-into-a-massive-international-speaking-trip/] , this is well and truly the calm before the storm and things are about...

I was preparing for an upcoming event the other day and very nonchalantly fired off a tweet whilst doing so: > As a conference speaker, about the most annoying thing you can ask me to do is to use your slide template... — Troy Hunt (@troyhunt) December 16, 2016 [https://twitter.com/troyhunt/status/809561811854848001] Within short order, it somehow received hundreds of likes and retweets with many chiming in about the things that frustrated them about speaking at events. There was a lot shared...

Almost done for the year and I've gone beach-style, if not in location then at least in attire. Xmas in Australia is all about the outdoors, the water and usually generous helpings of cold prawns so a little bit different to many places. But like everywhere else, the cyber things keep happening and there were a bunch of things on the agenda this week ranging from EV certs (largely a physiological discussion IMHO), to the Ethereum forum hack (or more specifically, how well they handled it) to how...

I was shopping around for a new exhaust system for the car the other day and I found exactly what I wanted [https://www.youtube.com/watch?v=9YvnsHsjPMY&index=1&list=FL48lBbLOUJzOkCg_4AV7N5w] via a seller on Facebook. I really wanted to get some more specs on it though so I did what any normal person would do and Googled for it, finding a result titled "Boost Logic Nissan R35 GT-R 4" Titanium Exhaust" and linking through to a page on the official Boost Logic website. However... Now this, clea...

The title says it all and the details are on their blog [https://blog.ethereum.org/2016/12/19/security-alert-12192016-ethereum-org-forums-database-compromised/] , but there's still a lot to talk about. Self-submission to HIBP is not a new thing (TruckersMP was the first back in April [https://www.troyhunt.com/100-data-breaches-later-have-i-been-pwned-gets-its-first-self-submission/] ), but it's extremely unusual as here you have an organisation saying "we got hacked, we'd now like you to make th...

Trust is a really difficult thing to define. Think about it in the web security context - how do you "trust" a site? Many people would argue that trust decisions are made on the familiarity you have with the brand, you know, brands like LinkedIn, Dropbox, Adobe... who've all had really serious data breaches. Others will look for the padlock in the address bar and imply by its presence that the site is trustworthy... without realising that it makes no guarantees about the security profile of the...

This week begins with the biggest of big breaches - the one that finally broke the big "B" - Yahoo (version 2). It's a massive story and I spent a lot of time yesterday answering media queries about hacker things related to data breaches. I talk about that at the start of this weekly update as well pursuing a career in security, providing an internet basics course for free via Varonis and how my blog on Ubiquiti network bits is still getting massive traction. iTunes podcast [https://itunes.appl...

Most readers here understand security fundamentals. They know what makes a strong password, what the padlock in the address bar above means, why software updates are important, the value of locking their mobile devices and some of dangers we face with the internet of things. But equally, most of our friends, relatives and significant others don't. We know this because we're continually doing tech support for them and we experience the horrors of their security profiles first hand! Recently, Var...

Many people will disagree with this post, not so much because it's flat out wrong but because there are so many different approaches one can take. It's a very subjective realm but I'm going to put forward some suggestions, make some considered arguments and leave it at that. The context is twofold as suggested by the title: Firstly, I get a lot of people asking me about how to get a start in the security industry. I've regularly reverted with "stay tuned, I'm writing something" and this blog po...