Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

Weekly Update 423

published on 2024-10-26 22:41:54 UTC by Troy Hunt
Content:

Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite

Weekly Update 423

Firstly, my apologies for the minute and a bit of echo at the start of this video, OBS had somehow magically decided to start recording both the primary mic and the one built into my camera. Easy fix, moving on...

During the livestream, I was perplexed as to why the HIBP DB was suddenly maxing out. Turns out that this aligned with dropping a constraint on the table of domains which appears to have caused the table to reindex and massively slow down the queries for breached email addresses. Further, we simultaneously started having problems related to MAXDOP (the maximum degree of parallelism for the stored procedure running the query), which was only resolved after we forced it to not run on multiple CPUs by setting it to 1 (weirdly, 2 is also fine but 3 or higher completely killed perf). Fun times, running a service like this.

Weekly Update 423
Weekly Update 423
Weekly Update 423
Weekly Update 423

References

  1. Sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device.
  2. The Internet Archive's Zendesk was accessed and replies sent to a bunch of tickets (it's just gone from bad to bad for them, and still no disclosure to individuals...)
  3. Basically everyone thinks unauthorised access should result in breach notifications being sent to impact individuals (I mean, it's a predictable outcome, but there were still some wacky arguments against it)
  4. I'm feeling pretty damn exasperated about the lack of breach disclosure lately (multiple incidents this year have included my own personal data, and I'm pissed)
Article: Weekly Update 423 - published 29 days ago.

https://www.troyhunt.com/weekly-update-423/   
Published: 2024 10 26 22:41:54
Received: 2024 11 03 12:19:07
Feed: Troy Hunt's Blog
Source: Troy Hunt's Blog
Category: Cyber Security
Topic: Cyber Security
Views: 0

Custom HTML Block

Click to Open Code Editor