A Box in Space
Contents from some of my favorite Websites
Skip to content
How to ensure your enterprise doesn’t have compromised hardware
For effective customer IAM, bundle security and performance
A recap of notable 2018 networking trends and news
Kronos banking Trojan: How does the new variant compare?
Facebook API bug exposed photos of 6.8 million users
Mozilla distrusts all Symantec certificates with Firefox 64 release
Initial RSA Conference 2019 keynote lineup released
How does the new Dharma Ransomware variant work?
Project Zero finds Logitech Options app critically flawed
Operation Sharpshooter targets infrastructure around the world
Why is preloading HTTP Strict Transport Security risky?
How a flaw in Apple DEP misuses an MDM server
How to address endpoint security issues caused by users
Equifax breach report highlights multiple security failures
How hackers use Docker APIs for cryptojacking
December Microsoft security patches bring a light end to 2018
Web browser quiz: Do you know Chrome, Firefox, Edge and IE?
Second Google+ data exposure leads to earlier service shutdown
Product roundup: Features of top SIEM software on the market
How the SHA-3 competition declared a winning hash function
FragmentSmack: How is this denial-of-service exploited?
Can deception security tactics turn the tables on attackers?
5 actionable deception-tech steps to take to fight hackers
L1TF: How do new vulnerabilities affect Intel processors?
Facebook app permissions skirted rules to gather call logs
Critical Kubernetes vulnerability could have widespread effects
How did WhatsApp vulnerabilities get around encryption?
NRCC email breach confirmed eight months later
NSO Group’s Pegasus spyware linked to Saudi journalist death
How can users remove Google location tracking completely?
Testing email security products: Results and analysis
New VirusTotal hash causes drop in antivirus detection rates
How does TLS 1.3 differ from TLS 1.2?
What are the security risks of third-party app stores?
Marcus Ranum: Systems administration is in the ‘crosshairs’
Ron Green: Keeping the payment ecosystem safe for Mastercard
IAM system strategy identifies metrics that work for business
Still no answers to endpoint security protection, survey finds
Threat hunting techniques move beyond the SOC
The threat hunting process is missing the human element
Allure of the threat hunter draws companies large and small
Mitre enters product testing with Mitre ATT&CK framework
RSA Conference launches diversity and inclusion initiative
Marriott discloses Starwood data breach affecting 500 million guests
Spectre v2 mitigation causes significant slowdown on Linux 4.20
Testing email security products: Challenges and methodologies
Ponemon study shows data valuation discrepancies in enterprises
Stay in control with these Active Directory basics
Why U.S. election security needs an immediate overhaul
How supply chain security has evolved over two decades
SamSam ransomware actors charged, sanctioned by US government
Is network traffic monitoring still relevant today?
Botnet takedown snares 3ve, Methbot ad fraud campaigns
Compromised NPM package highlights open source trouble
Web browser comparison: How Chrome, Firefox, IE, Edge stack up
How did the Emotet banking Trojan lead to a rise in attacks?
USPS website flaw exposed data for one year
How was a MikroTik router hack used to hijack traffic?
How was a black box attack used to exploit ATM vulnerabilities?
DeepMasterPrints fake fingerprints can fool fingerprint sensors
Backer says U.S. Internet Bill of Rights will not follow EU model
How were attackers able to bypass 2FA in a Reddit breach?
Recorded Future names Tessa88 suspect in LinkedIn, Myspace breaches
Zero-trust security means new thinking plus practical steps
AWS moves to curb S3 data leaks, but Chris Vickery is doubtful
How Windows 10 certificates create a chain of trust
Can a D-Link router vulnerability threaten bank customers?
How does a Bluetooth vulnerability enable validation attacks?
Hyper-convergence forms core of Windows Server 2019 features
Firefox Monitor offers breach alerts on visited websites
Understanding what Azure AD federation really means
Cylance acquisition shifts BlackBerry towards security
Google BGP route leak was accidental, not hijacking
After 2015 OPM data breach, agency failed to update security
Create and enforce a password policy across the enterprise
How does Thanatos ransomware decryptor tool restore data?
How to configure browsers to avoid web cache poisoning
BT Security CEO: Red teaming is valuable, but challenging
How is the Trezor cryptocurrency online wallet under attack?
Cybercrime agreement signed by 50 nations, not U.S., China and Russia
How does signed software help mitigate malware?
How does the Mylobot botnet differ from a typical botnet?
SSD encryption failures made worse by BitLocker settings
Insider threat protection: Strategies for enterprises
How does new MacOS malware target users through chat?
Enterprise devs win with Veracode’s SaaS security spinout
New spam botnet infects over 100,000 home routers
Jumio identity verification technology benefits from AI
How is Plead malware used for cyberespionage attacks?
U.S. Cyber Command malware samples to be logged in VirusTotal
What is behind the growing trend of BEC attacks?
Latest Symantec acquisitions target endpoint security
PortSmash side-channel attack targets Intel Hyper-Threading
How testing perspectives helps find application security flaws
How does the public Venmo API pose a threat for users?
Samsung Knox platform: Can it improve Android device security?
DevOps testing: Never trust the world outside the enterprise
Get smart about threat intel tools and services
FIDO authentication standard could signal the passing of passwords
How to find the best next-generation firewall
Status quo: Data compromise holds steady in 2016
Can cybersecurity spending protect the U.S. government?
What endpoint protection software is on your short list?
How to buy the best antimalware tools to protect endpoints
A secure sync-and-share tool can provide powerful file protection
Can companies safely fire an information security manager?
Q&A: Rethink compensating controls, says Warner Bros. CISO
What EMM tool is on your short list?
Bug bounty programs narrow the crowd
The incident response process is on the clock
Security incident handling: Prepare to find answers
Adjusting a continuous monitoring strategy to a hybrid era
Threat defense, hybrid clouds and ‘connections others miss’
IoT security issues unplugged
Readers’ top picks for DLP products