Smashing Security podcast #411: The fall of Troy, and whisky barrel scammers - Renowned cybersecurity expert Troy Hunt falls victim to a phishing attack, resulting in t... https://grahamcluley.com/smashing-security-podcast-411/ #smashingsecurity #phishing #troyhunt #podcast #scam
#TroyHunt fell for a #phishing attack on his mailinglist members: https://www.troyhunt.com/a-sneaky-phish-just-grabbed-my-mailchimp-mailing-list/
Some of the ingredients: #Outlook and its habit of hiding important information from the user and missing #2FA which is phishing-resistant.
Use #FIDO2 with hardware tokens if possible (#Passkeys without FIDO2 HW tokens are NOT phishing-resistant due to the possibility of being able to trick users with credential transfers: https://arxiv.org/abs/2501.07380) and avoid Outlook (or #Microsoft) whenever possible.
Further learning: it could happen to the best of us! Don't be ashamed, try to minimize risks and be open about your mistakes.
Note: any 2FA is better than no 2FA at all.
Troy Hunt – A Sneaky Phish Just Grabbed My Mailchimp Mailing List
https://www.troyhunt.com/a-sneaky-phish-just-grabbed-my-mailchimp-mailing-list/
"Pwned", The Book, Is Now Available for Free
by @troyhunt
In PDF & EPUB formats.
https://www.troyhunt.com/pwned-the-book-is-now-available-for-free/
Internet Archive gehackt: 31 Millionen Benutzerkonten betroffen
#Datenschutz #ITSicherheit #BlackMeta #CyberAngriff #haveibeenpwned #InternetArchive #ScottHelme #TroyHunt https://sc.tarnkappe.info/8b4ed9
BreachForums: Daten-Leak enthüllt Infos von 200.000 Forum-Mitgliedern
#DarkCommerce #Datenschutz #BreachForums #ConorBrianFitzpatrick #DatenbankBackup #Emo #Pompompourin #TroyHunt https://sc.tarnkappe.info/04b564
It seems to be a huge #leak!
#HaveIBeenPwned
———
#TroyHunt: #Telegram Combolists and 361M Email Addresses
https://www.troyhunt.com/telegram-combolists-and-361m-email-addresses/
Zugangsdaten auf Telegram geleakt: 361 Millionen Accounts betroffen
#Datenschutz #ITSicherheit #Datenleck #Datenskandal #haveibeenpwned #LoginDaten #Telegram #TroyHunt https://sc.tarnkappe.info/3081fb
Mozilla Drops Onerep After CEO Admits to Running People-Search Networks - The nonprofit organization that supports the Firefox web browser said today it is ... https://krebsonsecurity.com/2024/03/mozilla-drops-onerep-after-ceo-admits-to-running-people-search-networks/ #haveibeenpwned.com #mozillafoundation #neer-do-wellnews #alittlesunshine #dimitirishelest #firefoxmonitor #haveibeenpwned #mozillamonitor #webfraud2.0 #troyhunt #firefox #nuwber #onerep #spamit
Avito - 2,721,835 breached accounts - https://www.redpacketsecurity.com/avito-2-721-835-breached-accounts/
Rightbiz - 65,376 breached accounts - https://www.redpacketsecurity.com/rightbiz-65-376-breached-accounts/
The Security Pros and Cons of Using Email Aliases - One way to tame your email inbox is to get in the habit of using unique email alia... https://krebsonsecurity.com/2022/08/the-security-pros-and-cons-of-using-email-aliases/ #haveibeenpwned.com #alittlesunshine #securitytools #databreaches #holdsecurity #alexholden #allekabels #emailalias #rtlnieuws #troyhunt
Coinhive noch immer auf über 41.000 Webseiten aktiv https://tarnkappe.info/coinhive-noch-immer-auf-ueber-41-000-webseiten-aktiv/ #CoinhiveMoneroJavaScriptMiner #haveibeenpwned #Datenschutz #Coinhive #TroyHunt #Krypto #Monero
Carding Mafia: Carding-Forum gehackt – 300.000 Hacker-Konten betroffen https://tarnkappe.info/carding-mafia-carding-forum-gehackt-300-000-hacker-konten-betroffen/ #haveibeenpwned #CardingMafia #Mailinator #Intel471 #TroyHunt #Hacking
Have I Been Pwned Set to Go Open-Source - Fully opening the door to allow people to contribute to – and notably, tinker with – the code for ... https://threatpost.com/have-i-been-pwned-open-source/158187/ #haveibeenpwned #databreach #opensource #troyhunt #privacy #breach
Minneapolis Police Department Hack Likely Fake, Says Researcher - Troy Hunt said that the supposed data breach perpetrated by Anonymous is most likely a hoax. more: https://threatpost.com/anonymous-hack-minneapolis-police-department-fake/156171/ #leakedcredentials #policedepartment #websecurity #georgefloyd #minneapolis #government #databreach #anonymous #troyhunt #breach #hacks #fake #hoax
Hackers Sell Data from 26 Million LiveJournal Users on Dark Web - Passwords and other credentials have been listed on Have I Been Pwned as attack rumors circulate. more: https://threatpost.com/hackers-sell-data-livejournal-dark-web/156063/ #haveibeenpwned #hackerforums #credentials #livejournal #databreach #dreamwidth #passwords #troyhunt #privacy #darkweb #hackers #breach #hacks
ɐıunp zsɐɯoʇ 
