Weekly update

If last week was the week where I felt like I was drowning in data that was still being processed, this week was the week where it came to light. Not all of it, mind you, I've still got ginormous volumes I'm disclosing but it certainly was a whole heap of it. There are some real zingers in there too in terms of how the breaches went down and were handled, have a listen to that and more in this week's update (oh - and hear how happy I am about the way HIBP handled this week's massive traffic spik...

On reflection, I feel this week's update was dominated by having a laugh at an IoT candle ? And that's fair, too, even though I then went and bought one because hey, this is gonna be great conference talk material! Delivery is going to be much later this year so don't hold your breath, but it could be really, uh, "interesting" once it lands. Stay tuned for that one but until then, here's this week's update: [https://itunes.apple.com/au/podcast/troy-hunts-weekly-update-podcast/id1176454699] [ht...

This week I'm at Microsoft Ignite "The Tour" in Sydney with Lars Klint. I've spent most of the last couple of days doing the "hallway track" (basically just wandering around and saying "hi" to people) and doing a bunch of meetings with folks here on cyber things. I didn't mention it in the video, but there was also the Azure User Group Wednesday night and a panel here at Ignite last night so definitely keeping busy. Not too busy, mind you, and I did manage to get a couple of blog posts out this...

Well that's the audio issues fixed - mostly. The Zoom H6 is an awesome recorder, I just can't quite work out the right adaptors for the mic. I've got a couple of Saramonic SR-XLM1 [SR-XLM1] lav mics and the guy at the DJ store I bought the Zoom from was convinced we'd be fine with just with 3.5mm to 6.35mm jack converters which appears to be incorrect. Someone else hen said we'd need a TRRS to TRS adaptor so we grabbed a couple of Rode SC3s [http://www.rode.com/accessories/sc3] which also didn'...

Alright, let me get this off my chest first - I've totally lost it with these bloody Instamics [https://instamic.io/]. I've had heaps of dramas in the past with recordings being lost and the first time I do a 3-person weekly update only 2 of them recorded (mine being the exception). I was left with a zero-byte file on my unit which we tried to recover to no avail. It's not just that; the mobile app is clunky AF (Scott was demonstrating how many times he had to mash a button on his just to get it...

We're in Norway! More specifically, Scott Helme and I are in Hafjell [https://www.hafjell.no/en] and recording this after a day on the snow before heading back to Oslo and the NDC Security conference [https://ndc-security.com/] next week. For now though, we're talking about some really screwy global roaming behaviour with telcos, the Danish gov coming onto HIBP, babies in data breaches and the takedown of We Leak Info. We'll do this again together next week from Oslo and then again the followin...

I really should have started the video about 3 minutes earlier. Had I done that, you'd have caught me toppling backwards into the frangipani tree whilst trying to position my chair and camera which frankly, would have made for entertaining viewing. Instead, this week's update is focused primarily on a completely different epic fail, namely Surebet247's handling of a breach impacting their customers. I chose those words carefully as it now seems almost certain the breach was actually of BtoBet an...

I couldn't get 2 days into the new decade without having to deal with ridiculous password criteria from Tik Tok followed by my phone automatically associating with what it thought was my washing machine whilst in a grocery store on the other side of the world (yep, you read that correctly). It somehow seems to just be reflective of how crazy online security is becoming in the modern era. On the plus side, Chrome is making some really positive changes to how it handles cookies so it's not all bad...

Sitting down to do this one today I thought it would be brief, turns out a bit more ended up on the agenda than I expected. The GoGetSSL bit in particular was unfolding as I recorded and to their credit, they later apologised for their "rude messages" [https://twitter.com/gogetssl/status/1210842825992085506] which is a good sign. I still intend to finish writing up the blog post because the issues they've raised need tackling, but as with the Sophos example I also talk about, it's good to see a...

Monday: 40C and lapping up the Gold Coast sunshine. Wednesday: -8C and lapping up... Juicy IPA [https://www.klokkco.no/en/beers/juicy-ipa/]! I'm back in Oslo and catching up with the locals including running a roundtable discussion for CSOs at Microsoft, visiting the Norwegian National Cyber Security Centre ( recently onboarded to HIBP [https://www.troyhunt.com/welcoming-the-norwegian-government-to-hibp/]) and chatting with Forbrukerrådet, the Norwegian Consumer Counsel. Plus, there's an all new...