A Box in Space
Contents from some of my favorite Websites
Skip to content
Pentagon data breach exposed travel data for 30,000 individuals
How does the APT attack Double Kill work in Office documents?
Create an email phishing test to minimize attack vectors
How does the MnuBot banking Trojan use unusual C&C servers?
Facebook breach affected 20 million fewer than thought
Mozilla delays distrust of Symantec TLS certificates, Google doesn’t
Industroyer, NotPetya linked to TeleBots group by ESET researchers
ONUG conference to highlight cybersecurity and data protection
What does a Windows 10 digital certificate do?
How does Apple’s Quick Look endanger user privacy?
Paul Vixie wants to stop malicious domains before they’re created
Tips to track down and neutralize PowerShell malware
U.S. weapon systems cybersecurity failing, GAO report says
Patched MikroTik router vulnerability worse than initially thought
How entropy sources interact with security and privacy plans
How did Netflix phishing attacks use legitimate TLS certificates?
PowerShell commands for Active Directory: Groups management
SIEM tools, future tech and how to prepare for what’s ahead
Give your SIEM system a power boost with machine learning
The time to consider SIEM as a service has arrived
Prepping your SIEM architecture for the future
Google security audit begets product changes, German probe
How do hackers use legitimate admin tools to compromise networks?
October Patch Tuesday grounds JET Database Engine flaw
At (ISC)² Security Congress 2018, a congressman calls for action
At (ISC)² Security Congress 2018, a congressman calls to action
U.S. government domain officials to start using 2FA
How was Google Firebase security bypassed?
(ISC)² Security Congress 2018 tackles industry challenges
How does TLBleed abuse the Hyper-Threading feature in Intel chips?
GRU indictment accuses 7 Russians in global cyberattacks
Compromised Supermicro chips reportedly infiltrated US
North Korean APT38 of $100+ million attributed to APT38
North Korean APT38 stole $100+ million and destroyed evidence
North Korean cybertheft of $100-plus million attributed to APT38
How Shodan helps identify ICS cybersecurity vulnerabilities
DigiCert, Gemalto and ISARA to provide quantum-proof certificates
How to collect open source threat intelligence in the cloud
Facebook GDPR fate uncertain following data breach
User behavior analytics tackles cloud, hybrid environments
Beware of the gray hat hacker, survey warns
Cloud-first? User and entity behavior analytics takes flight
Seven criteria for evaluating today’s leading SIEM tools
How does MassMiner malware infect systems across the web?
Industries seek to improve third-party security risk controls
White hat Dave Kennedy on purple teaming, penetration testing
Nanosatellite companies extend IoT connectivity
Kurt Huhn discusses the role of CISO in the Ocean State
CISOs face third-party risk management challenges
How can GravityRAT check for antimalware sandboxes?
Teramind CTO talks insider threat prevention, employee monitoring
Facebook breach affected nearly 50 million accounts
UN exposes sensitive data on public Trello boards
DEF CON report: Election equipment plagued by 10-year-old flaw
Alphabet’s Chronicle launches VirusTotal Enterprise
role-based access control (RBAC)
Wireshark tutorial: Using Wireshark to sniff network traffic
Microsoft wants to eliminate passwords — and there’s an app for that
Congressional websites need to work on TLS
Election website security a mess for states and candidates alike
Controversial Chrome login feature to be partially rolled back
Browser Reaper POC exploit crashes Mozilla Firefox
Android Trojan: How is data being stolen from messaging apps?
What are the top Windows Defender features in Windows 10?
Google Chrome sign-in changes cause confusion and concern
How to create an internal phishing campaign from scratch
Hardcoded credentials continue to bedevil Cisco
Cybersecurity Tech Accord expands with new members, partners
Why a unified local government security program is crucial
Can monitoring help defend against Sanny malware update?
AI and machine learning expected to solve security problems
GoScanSSH: How does this malware work and differ from others?
White House National Cyber Strategy praised by experts
Mirai botnet creators avoid jail time after helping the FBI
CrowdStrike responds to NSS Labs lawsuit over product testing
4 tips on getting up to speed with GDPR for U.S. companies
State Department data breach exposes employee info
PulseNet: How do improper authentication flaws affect it?
GovPayNow leak exposes 14 million records dating back six years
Secure encrypted virtualization: How is this technology exploited?
Sumo Logic breaks security data silos with cloud SIEM
NSS Labs lawsuit takes aim at Crowdstrike, Symantec and ESET
WPA3 protocol: Should enterprises implement the changes?
How SOC metrics improve security operation centers’ performance
WannaMine cryptojacker targets unpatched EternalBlue flaw
What are the steps for an Exchange certificate renewal?
VPNFilter malware: How can users protect themselves?
New Mirai variant attacks Apache Struts vulnerability
Bot security through AI openness
How can attackers exploit a buffer underflow vulnerability?
Researchers bring back cold boot attacks on modern computers
British Airways data breach may be the work of Magecart
How does the SynAck ransomware use Process Doppelgänging?
What to do if Windows Defender updates don’t work
Trend Micro apps fiasco generates even more questions
CEO: Veeam database exposure fixed, investigation launched
How does Telegram malware bypass end-to-end encryption?
Understanding the risk SQL injection vulnerabilities pose
Microsoft patches Windows ALPC flaw exploited in the wild
Jake Braun discusses the Voting Village at DEF CON
How does Android Protected Confirmation provide security for users?
Microsoft shuts down zero-day exploit on September Patch Tuesday
Security access controls over identities must be priority
Identity and access management in cloud: The way forward
What about enterprise identity management for ‘non-users’?
Trend Micro apps on Mac accused of stealing data
Robot social engineering works because people personify robots
What issues can arise from hardware debug exception flaws?
How hardening options help handle unpatchable vulnerabilities
How does the Android Rowhammer exploit affect users?
Samsung Knox platform: Can it improve Android device security?
DevOps testing: Never trust the world outside the enterprise
Get smart about threat intel tools and services
FIDO authentication standard could signal the passing of passwords
How to find the best next-generation firewall
Status quo: Data compromise holds steady in 2016
Can cybersecurity spending protect the U.S. government?
What endpoint protection software is on your short list?
How to buy the best antimalware tools to protect endpoints
A secure sync-and-share tool can provide powerful file protection
Can companies safely fire an information security manager?
Q&A: Rethink compensating controls, says Warner Bros. CISO
What EMM tool is on your short list?
Bug bounty programs narrow the crowd
The incident response process is on the clock
Security incident handling: Prepare to find answers
Adjusting a continuous monitoring strategy to a hybrid era
Threat defense, hybrid clouds and ‘connections others miss’
IoT security issues unplugged
Readers’ top picks for DLP products