Lessons From Billions of Breached Records • Troy Hunt • GOTO 2022

This presentation was recorded at GOTO Copenhagen 2022. #GOTOcon #GOTOcph http://gotocph.com Troy Hunt - Information Security Author & Instructor at Pluralsight & Regional Director at Microsoft @troyhuntdotcom RESOURCES https://www.troyhunt.com https://twitter.com/troyhunt https://linkedin.com/in/troyhunt https://haveibeenpwned.com ABSTRACT Security flaws, hackers and data breaches are the new normal. It’s not just those of us in the industry facing these foes every single day; it’s everyone. Whether you’re online or offline, you simply cannot exist today without your personal information being digitized in systems which are often left vulnerable and exploited at the whim of attackers. But who are these people — the ones who seek to break through our defenses and exploit our data? And how are they continually so effective at doing so, despite our best efforts? In this talk, you’ll hear from the creator of “Have I Been Pwned” about the lessons he’s learned after processing more than 11B records of breached data. You’ll get a glimpse behind the scenes of what caused some of these devastating incidents and how they continue to wreak havoc today, despite how much more aware the industry is becoming. It’s a frightening, eye-opening and entertaining look at infosec and data breaches. [...] TIMECODES 00:00 Intro 01:30 https://haveibeenpwned.com 06:19 How do we think of hackers? 07:38 TalkTalk case 10:35 Australian Red Cross case 16:45 1960s 18:52 1980s 22:04 MySafeP@ssw0rd! 23:43 Hawaii Emergency Management Agency case 24:43 NIST & NCSC 25:44 Nissan Leaf case 33:41 TicToc Track case 45:57 Padlock case 47:19 Outro Read the full abstract here: https://gotocph.com/2022/sessions/2035/lessons-from-billions-of-breached-records RECOMMENDED BOOKS Liz Rice • Container Security • https://amzn.to/3oU4iJe Liz Rice • Kubernetes Security • https://www.oreilly.com/library/view/kubernetes-security/9781492039075 Aaron Parecki • OAuth 2.0 Simplified • https://amzn.to/2A3IMOf Aaron Parecki • OAuth 2.0 Servers • https://amzn.to/3ecHEsz Aaron Parecki • The Little Book of OAuth 2.0 RFCs • https://amzn.to/3i7qnlC Erdal Ozkaya • Cybersecurity: The Beginner's Guide • https://amzn.to/2T6OIj3 Richer & Sanso • OAuth 2 in Action • https://amzn.to/3hXiAH6 Wilson & Hingnikar • Demystifying OAuth 2.0, OpenID Connect, and SAML 2.0 • https://amzn.to/2U8iLY2 https://twitter.com/GOTOcon https://www.linkedin.com/company/goto- https://www.instagram.com/goto_con https://www.facebook.com/GOTOConferences #Security #CyberSecurity #CyberSecurityTutorial #InformationSecurity #Privacy #Programming #SoftwareEngineering #TroyHunt #HaveIBeenpwned #SecurityFlaws #Breaches #SecurityBreach #InfoSec #Hackers #Hacker #Hacking CHANNEL MEMBERSHIP BONUS Join this channel to get early access to videos & other perks: https://www.youtube.com/channel/UCs_tLP3AiwYKwdUHpltJPuA/join Looking for a unique learning experience? Attend the next GOTO conference near you! Get your ticket at https://gotopia.tech Sign up for updates and specials at https://gotopia.tech/newsletter SUBSCRIBE TO OUR CHANNEL - new videos posted almost daily. https://www.youtube.com/user/GotoConferences/?sub_confirmation=1