Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

Weekly Update 397

published on 2024-04-28 09:15:06 UTC by Troy Hunt
Content:

Presently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device.

Weekly Update 397

Banks. They screw us on interest rates, they screw us on fees and they screw us on passwords. Remember the old "bank grade security" adage? I took this saying to task almost a decade ago now but it seems that at least as far as password advice goes, they really haven't learned. This week, Commbank is telling people to use a password manager but just not for their bank password, and ANZ bank is forcing people to rotate their passwords once a year because, uh, hackers? Ah well, as I always end up lamenting, it's a great time to be in this industry! 🤣

Weekly Update 397
Weekly Update 397
Weekly Update 397
Weekly Update 397

References

  1. Sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite
  2. T2 tea got themselves scaled by a data breach (don't hate me, that's not my analogy!)
  3. Piping Rock became the 4th victim of shopifyGUY (I wonder where he's finding those API keys?)
  4. Lufthansa provided some advice on how not to get p(ra)wned (cool piece, but "Keepass is already installed on most devices" misses the mark by a long way)
  5. Bank security is important, so why is Commbank telling people to keep their most important passwords in the least secure place?! (it just defines logic)
  6. And while we're talking banks, why is ANZ mandating password rotation in the absence of suspicion of compromise?! (it's been many years since this thinking was flushed down the toilet)
Article: Weekly Update 397 - published 7 months ago.

https://www.troyhunt.com/weekly-update-397/   
Published: 2024 04 28 09:15:06
Received: 2024 06 02 12:43:51
Feed: Troy Hunt's Blog
Source: Troy Hunt's Blog
Category: Cyber Security
Topic: Cyber Security
Views: 0

Custom HTML Block

Click to Open Code Editor