Troy Hunt

NOVEMBER 14, 2017

I run a workshop titled Hack Yourself First in which people usually responsible for building web apps get to try their hand at breaking them. In that module, we cover reflected XSS which relies on the premise of untrusted data in the request being reflected back in the response. Also, no script blocks. push(arguments) }, i[r].l

Analytics 87

Analytics Libraries IT Risk 87

ForAllSecure

SEPTEMBER 21, 2021

The FTC claims that spy phones secretly harvested and shared data on people's physical movements phone news online activities through a hidden hack. Some of those who bought the spyware were allegedly able to see live locations of the devices, view the targets emails, photos, web browsing history, text messages, video calls, etc.

Passwords 52

Passwords Access IoT IT 52

Troy Hunt

JANUARY 10, 2018

billion locals' data. It's operating in an era of increasingly large repositories of personal data held by both private companies and governments alike. It's also an era where this sort of information is constantly leaked to unauthorised parties; last year Equifax lost control of 145.5

Security 111

Security Government Encryption Risk 111

Troy Hunt

JUNE 10, 2019

Back in 2013, I was beginning to get the sense that data breaches were becoming a big thing. Around this time the Adobe data breach happened and that got me really interested in this segment of the industry, not least because I was in there. accounts (59% of common email addresses had exactly the same password).

Data breaches 111

Data breaches Passwords IT Mining 111