The IronBox Team Blog

How the US tracked down a the suspected WannaCry hacker

If you’re interested in what it takes to track down hackers, you’ll love this article: https://www.zdnet.com/article/how-us-authorities-tracked-down-the-north-korean-hacker-behind-wannacry Great investigative work, enjoy –Kevin

Read More

GDPR – What IronBox is doing about it

IronBox has always taken the security and privacy of customer data very serious, and has consistently demonstrated this by exceeding industry standards. From day one, IronBox has taken the approach of only storing (and protecting) what is necessary for the

Read More

How download your Facebook data

You’ve probably heard about the trouble Facebook is in these days regarding the Cambridge Analytica user data “breach of trust”, and now there’s a story about Facebook (for Android users using Messenger) recording your call logs: https://www.nbcnews.com/tech/social-media/facebook-confirms-it-records-call-history-stoking-privacy-furor-n860006 If you want to

Read More

GitHub Reveals 4M JavaScript and Ruby Vulnerabilities in Public Repositories

This is very cool, I didn’t know that GitHub did this. Every time a vulnerability is disclosed in the public related to some open source library, GitHub scans its repositories for applications that depend on those libraries, and in this

Read More

Notable 2017 Security Hiccups

Here’s some of the notable 2017 security hiccups from ZDNet: http://www.zdnet.com/article/2017-in-security-privacy-a-total-dumpster-fire Happy holidays and enjoy, –Kevin  

Read More

The United States National Security Strategy, Retaining In-House Expertise

Here’s a link to the United States National Security Strategy released today: https://www.whitehouse.gov/wp-content/uploads/2017/12/NSS-Final-12-18-2017-0905.pdf (cyberspace security strategy starts on page 31). No plan is perfect, but I’d like to point out a bright a really good (and surprising) focus of the strategy,

Read More

Yahoo and Equifax Data Breach Senate Hearing

I got this in my inbox this morning about a Senate hearing regarding major data breaches (Yahoo and Equifax): http://www.zdnet.com/article/equifax-yahoo-fail-to-answer-the-most-basic-questions-during-senate-hearing. If you’re interested in watching the actual hearing, check out YouTube at https://www.youtube.com/watch?v=LunazYJGNXU (starts at about the 12:20 mark). The article reports

Read More

Cybersecurity Month Tips (from Google)

Was just using Google and noticed this under the search bar: https://privacy.google.com/your-security.html?utm_source=google&utm_medium=hpp-desktop-auth&utm_campaign=security-tips&categories_activeEl=sign-in#your-security-action Great short little tips from Google (especially since the Equifax hack is still fresh in everyone’s minds) that you can use to help protect your accounts. –Kevin

Read More

macOS High Sierra 0-Day Released Hours Before Launch

A security researcher (and by the way ex-NSA guy) named Patrick Wardle released an exploit that enables attackers to exfiltrate passwords from macOS reportedly hours before Apple released their new operating system macOS High Sierra. http://www.zdnet.com/article/apple-macos-high-sierra-password-vulnerable-to-password-stealing-hack There’s no point in

Read More

The importance of keeping up to date with patches

Here’s a story about what caused hackers to be able to compromise the Equifax hack which eventually led to 143 million accounts to be accessed: http://www.zdnet.com/article/equifax-confirms-apache-struts-flaw-it-failed-to-patch-was-to-blame-for-data-breach The cause was a series of patches that were available since March that slipped

Read More