A Box in Space
Contents from some of my favorite Websites
Skip to content
Security automation on display in 2019 RSAC Innovation Sandbox
Supply chain cybersecurity is a hot topic for RSAC 2019
A guide to SIEM platforms, benefits and features
CrowdStrike report says breakout time for threat actors is increasing
GitHub security bug bounty program stretches to enterprise cloud
Weighing the cost of mitigating Spectre variant 2
ConnectWise plugin flaw exploited in ransomware attacks on MSPs
Can a zero-trust approach fill the security perimeter void?
Is a Mirai botnet variant targeting unpatched enterprises?
Improve a mobile security strategy with the right policies
Key steps to put your zero-trust security plan into action
Microsegmentation security: Your key to zero trust
StorageCraft backup and object storage focuses on healthcare
Why is the N-gram content search key for threat detection?
What new technique does the Osiris banking Trojan use?
Palo Alto Networks to acquire SOAR vendor Demisto
How did Signal Desktop expose plaintext passwords?
Cybersecurity education: How HR can plan for the inevitable
How shared Lambda functions help microservices access control
How does the iPhone phishing scam work?
Should I use GitHub’s new private repositories?
How do I stop the Vidar malvertising attack?
Explore multifactor authentication products in-depth
Google Play security improved by targeting repeat offenders
Astaroth Trojan returns, abuses antivirus software
Ponemon study: Poor password practices remain rampant
How can credential stuffing attacks be detected?
How did the Dirty COW exploit get shipped in software?
Why did a Cisco patch for Webex have to be reissued?
Dunkin’ security alert warns of new credential-stuffing attacks
How did Browser Reaper cause browsers to crash?
Microsoft zero-day vulnerability closed on Patch Tuesday
Senators want potential VPN threat investigated by DHS
Should large enterprises add dark web monitoring to their security policies?
Carbonite acquisition of Webroot merges backup, cybersecurity
MongoDB security head addresses database exposures
Vet third-party apps to reduce supply chain threats
What are the pros and cons of machine learning in network security?
5-step checklist for web application security testing
How did the Python supply chain attack occur?
Apple releases FaceTime patch and iOS zero-day fixes
‘SpeakUp’ backdoor Trojan could spell further trouble for Linux servers
Trustwave finds security flaw in old Lifesize video products
USB attacks: Big threats to ICS from small devices
Defense Department eyes behavioral biometrics with new contract
Is there a viable breach notification tool?
Gartner: Expanding SOC capabilities a priority for enterprises
More Ghostscript vulnerabilities, more PostScript problems
Strengthen end-user security with effective training methods
Google’s Mark Risher: New types of 2FA are ‘game changers’
Ransomware backup protection requires comprehensive approach
How to create a more effective application security program
Google’s Mark Risher discusses 2FA adoption strategies
How to protect backups from ransomware infiltration
Compare the top multifactor authentication vendors
How much does Azure Update Management cost?
Waiting too long for Wi-Fi upgrade puts security at risk
CISO tackles banking cybersecurity and changing roles
Have newer security methods made NAC systems obsolete?
Cloud data management, security top of mind for government
Top 10 CISO concerns for 2019 span a wide range of issues
Cutting SecOps breach response time is key to success
Battling nation-state cyberattacks in a federal leadership vacuum
What a proactive cybersecurity stance means in 2019
CISOs build cybersecurity business case amid attack onslaught
Google planning warnings for lookalike URLs in Chrome
Cyber NYC initiative strives to make New York a cybersecurity hub
Dell unveils endpoint security portfolio with CrowdStrike, Secureworks
Data leak exposes list of Rubrik backup customers
Facebook and Google exploit Enterprise Certificate loophole on iOS
RSA’s diversity and inclusion initiative stresses equality on keynote stage
RSAC’s diversity and inclusion initiative stresses equality on keynote stage
How to comply with the California privacy act
Steps to improve an application environment and fix flaws
How to ensure a secure disaster recovery operation
New DDoS attack technique puts CSPs at risk
Major Apple FaceTime bug allows audio eavesdropping
Insecure MongoDB databases expose Russian backdoor access
Dailymotion credential stuffing attacks lasted more than 6 days
How a Windows antimalware tool helps endpoint security
An architect’s guide to microservices security
Will DNS Flag Day affect you? Infoblox’s Cricket Liu explains
The evolution of the Let’s Encrypt certificate authority
IoT identity management eyes PKI as de facto credential
What should IT look for in a mobile threat defense tool?
Cybersecurity maturity model lays out four readiness levels
SafeRide tackles connected vehicle security with machine learning
Infoblox’s Cricket Liu explains DNS over HTTPS security issues
How can a security automation tool help mitigate unknown threats?
DNS hijack attacks lead to government directive from DHS
How to manage cookies across web browsers
Ransomware backup strategy guidelines to help ensure recovery
How can synthetic clicks aid a privilege escalation attack?
Google GDPR fine of $57 million sets record
Three examples of multifactor authentication use cases
Purchasing multifactor authentication tools: What to consider
Top security initiatives for 2019 include MFA, end-user training
Cohesity backup gains ransomware detection, SAP HANA restores
How does cross-site tracking increase security risks?
DNC lawsuit claims Russian hackers attacked again after midterms
DerbyCon’s Dave Kennedy: The conference ‘got too big’
How can attacks bypass Windows Driver Signature Enforcement?
Government shutdown raises end-user security risks
Protect backup from ransomware attacks and recover safely
Man-in-the-disk attack: How are Android products affected?
Collection #1 breach data includes 773 million unique emails
Experts: A breach response plan is a must in 2019
Exploring multifactor authentication benefits and technology
This year’s DerbyCon conference will be the last
Java deserialization attacks: What are they and how do they work?
Shutdown of federal security services puts private sector at risk
How to perform an ICS risk assessment in an industrial facility
Government cybersecurity at risk as shutdown lingers
Ping of death: What is it and how is Apple affected?
Enterprises betting on SOAR tools to fill security gaps
Ryuk ransomware poses growing threat to enterprises
Updating TLS? Use cryptographic entropy for more secure keys
How was a credit card skimmer used to steal data from Newegg?
How to set up and enforce Azure multifactor authentication
Iran implicated in DNS hijacking campaign around the world
Key customer identity access management features to consider
Customer identity and access management: Why now and how?
Kaspersky Lab aided NSA hacking tools investigation
Samsung Knox platform: Can it improve Android device security?
DevOps testing: Never trust the world outside the enterprise
Get smart about threat intel tools and services
FIDO authentication standard could signal the passing of passwords
How to find the best next-generation firewall
Status quo: Data compromise holds steady in 2016
Can cybersecurity spending protect the U.S. government?
What endpoint protection software is on your short list?
How to buy the best antimalware tools to protect endpoints
A secure sync-and-share tool can provide powerful file protection
Can companies safely fire an information security manager?
Q&A: Rethink compensating controls, says Warner Bros. CISO
What EMM tool is on your short list?
Bug bounty programs narrow the crowd
The incident response process is on the clock
Security incident handling: Prepare to find answers
Adjusting a continuous monitoring strategy to a hybrid era
Threat defense, hybrid clouds and ‘connections others miss’
IoT security issues unplugged
Readers’ top picks for DLP products