How to Choose a PIN

Security experts talk at length about how to choose a good password – but we don’t often talk about how to choose a good PIN code. A recent analysis by a researcher shows popular patterns humans use when choosing PIN codes, and therefore what you should avoid doing.

In the news: MediSecure e-Rx firm hit by data breach; CISA warns of active D-Link router exploit; a couple cases of insecure APIs being abused; 53k Nissan employees’ SSN’s leaked; new macOS malware called Cuckoo; Ascension Healthcare suffers cyberattack; Proton user’s poor OpSec gives him away; TunnelVision VPN attack exploits DHCP feature; Maryland & Vermont pass data privacy laws; tracker detection feature debuts on iPhone & Android.

Article Links

  1. [BleepingComputer] MediSecure e-script firm hit by ‘large-scale’ data breach https://www.bleepingcomputer.com/news/security/medisecure-e-script-firm-hit-by-large-scale-ransomware-data-breach/
  2. [The Hacker News] CISA Warns of Actively Exploited D-Link Router Vulnerabilities https://thehackernews.com/2024/05/cisa-warns-of-actively-exploited-d-link.html
  3. [Ars Technica] How I upgraded my water heater and discovered how bad smart home security can be https://arstechnica.com/gadgets/2024/05/how-i-upgraded-my-water-heater-and-discovered-how-bad-smart-home-security-can-be/
  4. [BleepingComputer] Dell API abused to steal 49 million customer records in data breach https://www.bleepingcomputer.com/news/security/dell-api-abused-to-steal-49-million-customer-records-in-data-breach/
  5. [infosecurity-magazine.com] 53,000 Nissan Employees’ Social Security Numbers Exposed https://www.infosecurity-magazine.com/news/employees-social-security-nissan/
  6. [Tom’s Guide] New Cuckoo macOS malware can take over all Macs and steal your passwords https://www.tomsguide.com/computing/malware-adware/new-cuckoo-macos-malware-can-take-over-all-macs-and-steals-your-passwords-too-dont-fall-for-this
  7. [Dark Reading] Ascension Healthcare Suffers Major Cyberattack https://www.darkreading.com/cyberattacks-data-breaches/ascension-healthcare-hit-by-cyberattack
  8. [restoreprivacy.com] Proton Mail Discloses User Data Leading to Arrest in Spain https://restoreprivacy.com/protonmail-discloses-user-data-leading-to-arrest-in-spain/
  9. [Ars Technica] Novel attack against virtually all VPN apps neuters their entire purpose https://arstechnica.com/security/2024/05/novel-attack-against-virtually-all-vpn-apps-neuters-their-entire-purpose/
  10. [mullvad.net] Evaluating the impact of TunnelVision https://mullvad.net/en/blog/evaluating-the-impact-of-tunnelvision
  11. [epic.org] Vermont Passes Landmark Data Privacy Bill https://epic.org/vermont-passes-landmark-data-privacy-bill/
  12. [epic.org] Governor Moore Signs Maryland Online Data Privacy Act https://epic.org/governor-moore-signs-maryland-online-data-privacy-act/
  13. [9to5Mac] Here’s how the new Cross-Platform Tracking Detection works https://9to5mac.com/2024/05/13/cross-platform-tracking-detection-ios-17-5/
  14. Tip of the Week: How to Choose a PIN https://firewallsdontstopdragons.com/how-to-choose-a-pin/ 

Further Info

Table of Contents

Use these timestamps to jump to a particular section of the show.

  • 0:00:34: Update Apple devices, Chrome
  • 0:01:16: A note on supporting Firefox
  • 0:03:48: News preview
  • 0:07:00: MediSecure hit by large-scale data breach
  • 0:09:01: CISA Warns of Actively Exploited D-Link Router Vulnerabilities
  • 0:13:14: How I upgraded my water heater and discovered how bad smart home security can be
  • 0:19:46: Dell API abused to steal 49 million customer records
  • 0:23:11: 53,000 Nissan Employees’ Social Security Numbers Exposed
  • 0:27:06: New Cuckoo macOS malware can take over all Macs and steal your passwords
  • 0:32:41: Ascension Healthcare Suffers Major Cyberattack
  • 0:35:22: Proton Mail Discloses User Data Leading to Arrest in Spain
  • 0:43:35: Novel attack against virtually all VPN apps neuters their entire purpose
  • 0:47:28: Mullvad: Evaluating the impact of TunnelVision
  • 0:55:48: Vermont & Maryland Pass Data Privacy Laws
  • 0:58:27: Here’s how the new Cross-Platform Tracking Detection works
  • 1:01:50: Tip of the Week: How to Choose a PIN
  • 1:10:12: Looking ahead