Firewalls Don't Stop Dragons Podcast artwork

How to Choose a PIN

Firewalls Don't Stop Dragons Podcast

English - May 20, 2024 11:55 - 1 hour - 81.3 MB - ★★★★★ - 50 ratings
Technology Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: Inside Ukraine’s IT Army
Next Episode: Why Privacy Matters

Security experts talk at length about how to choose a good password - but we don't often talk about how to choose a good PIN code. A recent analysis by a researcher shows popular patterns humans use when choosing PIN codes, and therefore what you should avoid doing.

In the news: MediSecure e-Rx firm hit by data breach; CISA warns of active D-Link router exploit; a couple cases of insecure APIs being abused; 53k Nissan employees' SSN's leaked; new macOS malware called Cuckoo; Ascension Healthcare suffers cyberattack; Proton user's poor OpSec gives him away; TunnelVision VPN attack exploits DHCP feature; Maryland & Vermont pass data privacy laws; tracker detection feature debuts on iPhone & Android.

Article Links

[BleepingComputer] MediSecure e-script firm hit by ‘large-scale’ data breach https://www.bleepingcomputer.com/news/security/medisecure-e-script-firm-hit-by-large-scale-ransomware-data-breach/

[The Hacker News] CISA Warns of Actively Exploited D-Link Router Vulnerabilities https://thehackernews.com/2024/05/cisa-warns-of-actively-exploited-d-link.html

[Ars Technica] How I upgraded my water heater and discovered how bad smart home security can be https://arstechnica.com/gadgets/2024/05/how-i-upgraded-my-water-heater-and-discovered-how-bad-smart-home-security-can-be/

[BleepingComputer] Dell API abused to steal 49 million customer records in data breach https://www.bleepingcomputer.com/news/security/dell-api-abused-to-steal-49-million-customer-records-in-data-breach/

[infosecurity-magazine.com] 53,000 Nissan Employees' Social Security Numbers Exposed https://www.infosecurity-magazine.com/news/employees-social-security-nissan/

[Tom's Guide] New Cuckoo macOS malware can take over all Macs and steal your passwords https://www.tomsguide.com/computing/malware-adware/new-cuckoo-macos-malware-can-take-over-all-macs-and-steals-your-passwords-too-dont-fall-for-this

[Dark Reading] Ascension Healthcare Suffers Major Cyberattack https://www.darkreading.com/cyberattacks-data-breaches/ascension-healthcare-hit-by-cyberattack

[restoreprivacy.com] Proton Mail Discloses User Data Leading to Arrest in Spain https://restoreprivacy.com/protonmail-discloses-user-data-leading-to-arrest-in-spain/

[Ars Technica] Novel attack against virtually all VPN apps neuters their entire purpose https://arstechnica.com/security/2024/05/novel-attack-against-virtually-all-vpn-apps-neuters-their-entire-purpose/

[mullvad.net] Evaluating the impact of TunnelVision https://mullvad.net/en/blog/evaluating-the-impact-of-tunnelvision

[epic.org] Vermont Passes Landmark Data Privacy Bill https://epic.org/vermont-passes-landmark-data-privacy-bill/

[epic.org] Governor Moore Signs Maryland Online Data Privacy Act https://epic.org/governor-moore-signs-maryland-online-data-privacy-act/

[9to5Mac] Here’s how the new Cross-Platform Tracking Detection works https://9to5mac.com/2024/05/13/cross-platform-tracking-detection-ios-17-5/

Tip of the Week: How to Choose a PIN https://firewallsdontstopdragons.com/how-to-choose-a-pin/ 

Further Info

Send me your questions! https://fdsd.me/qna 

Check out my book, Firewalls Don’t Stop Dragons: https://fdsd.me/book 

Subscribe to the newsletter: https://fdsd.me/newsletter 

Become a patron! https://www.patreon.com/FirewallsDontStopDragons 

Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch 

Give the gift of privacy and security: https://fdsd.me/coupons 

Support our mission! https://fdsd.me/support 

Generate secure passphrases! https://d20key.com/#/ 

Table of Contents

Use these timestamps to jump to a particular section of the show.

0:00:34: Update Apple devices, Chrome

0:01:16: A note on supporting Firefox

0:03:48: News preview

0:07:00: MediSecure hit by large-scale data breach

0:09:01: CISA Warns of Actively Exploited D-Link Router Vulnerabilities

0:13:14: How I upgraded my water heater and discovered how bad smart home securi...

Security experts talk at length about how to choose a good password – but we don’t often talk about how to choose a good PIN code. A recent analysis by a researcher shows popular patterns humans use when choosing PIN codes, and therefore what you should avoid doing.


In the news: MediSecure e-Rx firm hit by data breach; CISA warns of active D-Link router exploit; a couple cases of insecure APIs being abused; 53k Nissan employees’ SSN’s leaked; new macOS malware called Cuckoo; Ascension Healthcare suffers cyberattack; Proton user’s poor OpSec gives him away; TunnelVision VPN attack exploits DHCP feature; Maryland & Vermont pass data privacy laws; tracker detection feature debuts on iPhone & Android.


Article Links

[BleepingComputer] MediSecure e-script firm hit by ‘large-scale’ data breach https://www.bleepingcomputer.com/news/security/medisecure-e-script-firm-hit-by-large-scale-ransomware-data-breach/
[The Hacker News] CISA Warns of Actively Exploited D-Link Router Vulnerabilities https://thehackernews.com/2024/05/cisa-warns-of-actively-exploited-d-link.html
[Ars Technica] How I upgraded my water heater and discovered how bad smart home security can be https://arstechnica.com/gadgets/2024/05/how-i-upgraded-my-water-heater-and-discovered-how-bad-smart-home-security-can-be/
[BleepingComputer] Dell API abused to steal 49 million customer records in data breach https://www.bleepingcomputer.com/news/security/dell-api-abused-to-steal-49-million-customer-records-in-data-breach/
[infosecurity-magazine.com] 53,000 Nissan Employees’ Social Security Numbers Exposed https://www.infosecurity-magazine.com/news/employees-social-security-nissan/
[Tom’s Guide] New Cuckoo macOS malware can take over all Macs and steal your passwords https://www.tomsguide.com/computing/malware-adware/new-cuckoo-macos-malware-can-take-over-all-macs-and-steals-your-passwords-too-dont-fall-for-this
[Dark Reading] Ascension Healthcare Suffers Major Cyberattack https://www.darkreading.com/cyberattacks-data-breaches/ascension-healthcare-hit-by-cyberattack
[restoreprivacy.com] Proton Mail Discloses User Data Leading to Arrest in Spain https://restoreprivacy.com/protonmail-discloses-user-data-leading-to-arrest-in-spain/
[Ars Technica] Novel attack against virtually all VPN apps neuters their entire purpose https://arstechnica.com/security/2024/05/novel-attack-against-virtually-all-vpn-apps-neuters-their-entire-purpose/
[mullvad.net] Evaluating the impact of TunnelVision https://mullvad.net/en/blog/evaluating-the-impact-of-tunnelvision
[epic.org] Vermont Passes Landmark Data Privacy Bill https://epic.org/vermont-passes-landmark-data-privacy-bill/
[epic.org] Governor Moore Signs Maryland Online Data Privacy Act https://epic.org/governor-moore-signs-maryland-online-data-privacy-act/
[9to5Mac] Here’s how the new Cross-Platform Tracking Detection works https://9to5mac.com/2024/05/13/cross-platform-tracking-detection-ios-17-5/
Tip of the Week: How to Choose a PIN https://firewallsdontstopdragons.com/how-to-choose-a-pin/ 

Further Info

Send me your questions! https://fdsd.me/qna 
Check out my book, Firewalls Don’t Stop Dragons: https://fdsd.me/book 
Subscribe to the newsletter: https://fdsd.me/newsletter 
Become a patron! https://www.patreon.com/FirewallsDontStopDragons 
Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch 
Give the gift of privacy and security: https://fdsd.me/coupons 
Support our mission! https://fdsd.me/support 
Generate secure passphrases! https://d20key.com/#/ 

Table of Contents

Use these timestamps to jump to a particular section of the show.

0:00:34: Update Apple devices, Chrome
0:01:16: A note on supporting Firefox
0:03:48: News preview
0:07:00: MediSecure hit by large-scale data breach
0:09:01: CISA Warns of Actively Exploited D-Link Router Vulnerabilities
0:13:14: How I upgraded my water heater and discovered how bad smart home security can be
0:19:46: Dell API abused to steal 49 million customer records
0:23:11: 53,000 Nissan Employees’ Social Security Numbers Exposed
0:27:06: New Cuckoo macOS malware can take over all Macs and steal your passwords
0:32:41: Ascension Healthcare Suffers Major Cyberattack
0:35:22: Proton Mail Discloses User Data Leading to Arrest in Spain
0:43:35: Novel attack against virtually all VPN apps neuters their entire purpose
0:47:28: Mullvad: Evaluating the impact of TunnelVision
0:55:48: Vermont & Maryland Pass Data Privacy Laws
0:58:27: Here’s how the new Cross-Platform Tracking Detection works
1:01:50: Tip of the Week: How to Choose a PIN
1:10:12: Looking ahead