Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite Firstly, my apologies for the minute and a bit of echo at the start of this video, OBS had somehow magically decided to start recording both the primary mic and the one built into my…

Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite Apparently, Stefan and I trying to work stuff out in real time about how to build more efficient features in HIBP is entertaining watching! If I was to guess, I think it’s just seeing people…

I’ve been getting a lot of those “your parcel couldn’t be delivered” phishing attacks lately and if you’re a human with a phone, you probably have been too. Just as a brief reminder, they look like this: These get through all the technical controls that exist at my telco and they land smack bang in…

Hey, did you hear that Facebook are going to start using your personal photos in whatever way they see fit? For real, it’s going to start tomorrow unless you act quickly! All you have to do is copy and paste this message onto your own Facebook page and wammo – they’re not allowed to touch…

Here’s the tl;dr – someone named “Md. Shofiur R” found troyhunt.com on a “free online malware scanner” and tried to scare me into believing my site had security vulnerabilities then shake me down for a penetration test. It didn’t work out so well for him, here’s the blow-by-blow account of things then I’ll add some…

You know how banks really, really want to avoid their customers falling victim to phishing scams? And how they put a heap of effort into education to warn folks about the hallmarks of phishing scams? And how banks are the shining beacons of light when it comes to demonstrating security best practices? Ok, that final…

I actually thought that once I didn’t bother connecting a landline after moving house recently, it would be the end of scam calls. I used to get them all the time – the ones where they’d call up and say you had viruses on your PC – and my recordings of those turned out to…

So someone sent me this on the weekend: They asked me to censor the Bitcoin address because as you can see above, it’s unique to them and quite understandably, they don’t want anything that can tie this blackmail attempt back to them going public. Except that the address is a perfect match with this one:…

Update: Literally an hour after posting this, I had another call running the same scam. As suggested earlier, I broadcast this one via Periscope and you can can go back and watch it via the app. I’ll be more organised next time and have a special machine ready for them 🙂 These things just don’t…

I thought I’d seen it all when it comes to cold call virus scammers, you know, the guys who call you up from “Windows” because they’ve had reports of viruses from your machine? I’ve recorded their audio, recorded their video, antagonised them, interviewed one of the blokes behind it, tried to tell them I was…