Here’s the theory with responsible disclosure: you find a security vulnerability in someone’s software or service so you contact them privately to let them know. They then fix it and save themselves a...
Australia, like many parts of the world, has been throwing around the idea of mandatory data breach disclosure laws for a while now. The premise is simple: if a company loses their customers’ data, they should...
I’m presently at the tail end of another long international journey during which I did a talk for a security company titled “Shift Left: The Incredible Impact Early Security Testing Makes”. It&rsquo...
I bought some Tiles the other day. Not the kind you’ll find in your bathroom, rather the Bluetooth-enabled kind you attach to your keys and put in your luggage so that you can find them again should they go...
I was chatting to some folks during the week about the huge number of data breaches floating around out there and this classic line from Donald Rumsfeld popped into my mind...
At the end of every year, people like to get all retrospective about the previous 12 months. They want to summarise what the biggest incidents were, talk about the most impactful things then wrap it all up in BuzzFeed...
One of the inevitabilities of a data breach is that when usernames and passwords are leaked, nefarious individuals will take those credentials and see where else they work. This is possible because of the simple...
The other day, I wrote about how a treasure trove of Michael Page data had found itself exposed on the web. Unfortunately for the recruitment site, all this was courtesy of database backups sitting on a publicly...
I know – you may not actually be responsible for security at a bank – but that doesn’t matter because if you ever handle credentials on any site whatsoever, you’re holding banking credentials...
I’ve been increasingly of this mind over recent years, especially as we’ve tried to do more and more with what is ultimately the same underlying WWW implementation as we’ve had for the last couple of...
