The first time I ever wrote publicly about a company's security vulnerabilities, my boss came to have a word with me after seeing my name in the news headlines. One of the worst days I've ever had was right in the middle of the Have I Been Pwned sale process, and it left me an absolute emotional wreck. When I wrote about how I deal with online abuse, it was off the back of some pretty nasty stuff... which I've now included in this book 😊 These are the stories behind the stories and finally,...

Well, after a crazy amount of work, a lot of edits, reflection, and feedback cycles, "Pwned" is almost here: > This better be a sizzling read @troyhunt [https://twitter.com/troyhunt?ref_src=twsrc%5Etfw] or I'll be crashing the wedding in ways never done before. Also, I thought they'd cancelled Neighbours? 😉❤️ pic.twitter.com/jrYIKtL0Uh [https://t.co/jrYIKtL0Uh] — Mike Thompson (@AppSecBloke) August 30, 2022 [https://twitter.com/AppSecBloke/status/1564740069193310212?ref_src=twsrc%5Etfw] The...

By all accounts, this was one of the best weekly updates ever courtesy of a spam caller giving me a buzz at the 38:40 mark and struggling with "pwn" versus "porn". It resulted in an entertaining little on-air call and subsequently caused me to go out and register both haveibeeninpwn.com [https://haveibeeninpwn.com/] and haveibeeninporn.com [https://haveibeeninporn.com/]. I figure these will result in much ongoing hilarity the next time I get a call of this nature about one of those domains 🤣 Oh...

Right off the back of a visit to our wedding venue (4 weeks and counting!) and a few hours before heading to the snow (yes, Australia has snow), I managed to slip in a weekly update earlier today. I've gotta say, the section on Shitexpress is my favourite because there's just so much to give with this one; a service that literally ships shit with a public promise of multiple kinds of animal shit whilst data that proves only horse shit was ever shipped, a promise of 100% anonymity whilst the data...

It was all a bit last minute today after travel, office works and then a quick rebuild of desk and PC before doing this livestream (didn't even have time to comb my hair!) So yes, I took a shortcut with the description of this video, but it all worked out well in the end IMHO with plenty of content that wasn't entirely data breach related, but yeah, that does seem to be a bit of a recurring theme in these vids. Enjoy 😊 [https://itunes.apple.com/au/podcast/troy-hunts-weekly-update-podcast/id11...

A very early weekly update this time after an especially hectic week. The process with the couple of data breaches in particular was a real time sap and it shouldn't be this hard. Seriously, the amount of effort that goes into trying to get organisations to own their breach (or if they feel strongly enough about it, help attribute it to another party) is just nuts. It's not getting any better either 🙁 Regardless, listen to how these couple went and as always, if you've got any bright ideas abou...

How best to punish spammers? I give this topic a lot of thought because I spend a lot of time sifting through the endless rubbish they send me. And that's when it dawned on me: the punishment should fit the crime - robbing me of my time - which means that I, in turn, need to rob them of their time. With the smallest possible overhead on my time, of course. So, earlier this year I created Password Purgatory [https://www.troyhunt.com/building-password-purgatory-with-cloudflare-pages-and-workers/]...

I didn't intend for a bunch of this week's vid to be COVID related, but between the breach of an anti-vaxxer website and the (unrelated) social comments directed at our state premier following some pretty simple advice, well, it just kinda turned out that way. But there's more on other breaches too, in particular the alleged Paytm one and the actual Customer.io one. I'm really looking forward to next week's update, here's a little teaser of what you can expect to hear about then [https://twitte...

I broke Yoda's stick! 3D printing woes, and somehow I managed to get through the explanation without reverting to a chorus of My Stick by a Bad Lip Reading [https://www.youtube.com/watch?v=3Xl0Qr0uXuY] (and now you'd got that song stuck in your head). Loads of data breaches this week and whilst "legacy", still managed to demonstrate how bad some practices remain today (hi Shadi.com 👋). Never a dull moment in data breach land, more from there next week 😊 [https://itunes.apple.com/au/podcast/tr...

How many times have you heard the old adage about how nothing in life is free: > If you're not paying for the product, you are the product Facebook. LinkedIn. TikTok. But this isn't an internet age thing, the origins go back way further, originally being used to describe TV viewers being served ads [https://www.quora.com/Who-originally-suggested-that-if-youre-not-paying-for-the-product-you-are-the-product] . Sure, TV was "free" in that you don't pay to watch it (screwy UK TV licenses aside), bu...