Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite Apparently, before a child reaches the age of 13, advertisers will have gathered more 72 million data points on them. I knew I’d seen a metric about this sometime recently, so I went looking for…

Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite I have really clear memories of listening to the Stack Overflow podcast in the late 2000’s and hearing Jeff and Joel talk about the various challenges they were facing and the things they did to…

Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite This was a much longer than usual update, largely due to the amount of time spent discussing the Earth 2 incident. As I said in the video (many times!), the amount of attention this has…

Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite Firstly, my apologies for the minute and a bit of echo at the start of this video, OBS had somehow magically decided to start recording both the primary mic and the one built into my…

Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite Apparently, Stefan and I trying to work stuff out in real time about how to build more efficient features in HIBP is entertaining watching! If I was to guess, I think it’s just seeing people…

I’ve been getting a lot of those “your parcel couldn’t be delivered” phishing attacks lately and if you’re a human with a phone, you probably have been too. Just as a brief reminder, they look like this: These get through all the technical controls that exist at my telco and they land smack bang in…

Hey, did you hear that Facebook are going to start using your personal photos in whatever way they see fit? For real, it’s going to start tomorrow unless you act quickly! All you have to do is copy and paste this message onto your own Facebook page and wammo – they’re not allowed to touch…

Here’s the tl;dr – someone named “Md. Shofiur R” found troyhunt.com on a “free online malware scanner” and tried to scare me into believing my site had security vulnerabilities then shake me down for a penetration test. It didn’t work out so well for him, here’s the blow-by-blow account of things then I’ll add some…

You know how banks really, really want to avoid their customers falling victim to phishing scams? And how they put a heap of effort into education to warn folks about the hallmarks of phishing scams? And how banks are the shining beacons of light when it comes to demonstrating security best practices? Ok, that final…

I actually thought that once I didn’t bother connecting a landline after moving house recently, it would be the end of scam calls. I used to get them all the time – the ones where they’d call up and say you had viruses on your PC – and my recordings of those turned out to…