As the network boundary becomes more ephemeral, and attackers don't have obvious kickoff points for...

A new tool for finding malicious JavaScript and securely using external libraries. https://blog.foca...

Cool PoC of the Mac vulnerability CVE-2018-4193, an RCE in WindowServer. https://www.synacktiv.com/r...

A maintainer of the underlying runtime for Docker and Kubernetes) reported a vulnerability. htt...

Ullaakut on Reddit posted this toolset: Gorsair, a tool to remotely access the exposed Docker A...

Here's a thread by Michael Stanek about how bad 7-zip's encryption algorithm is.  I use this al...

A 773 million record file of usernames and passwords discovered https://www.troyhunt.com/the-773-mil...

New year, new vulnerabilities.   Or old vulnerabilities.  How about Open Redirects, the vu...

SplashData has their 100 worst passwords out again this year.  Remember, at least, prevent thes...

The House oversight report on Equifax is out, and it is a doosy.  Ouch. https://techcrunch.com/...

The big news this week was the first significant flaw in Kubernetes: https://groups.google.com/forum...