/Security

New Research: How Effective Is Basic Account Hygiene At Preventing Hijacking

- Kurt Thomas Angelika Moscicki tl;dr: Adding a recovery phone number can block up to 100% of automated bots, 99% of bulk phishing attacks, and 66% of targeted attacks.

featured in #142

The Inception Bar: A New Phishing Method

- James Fisher tl;dr: Security flaw in Chrome mobile where the URL shown is incorrect once scrolling starts. The author demonstrates this behavior in the article.

featured in #140

Chaos Engineering Traps

- Nora Jones tl;dr: A guide on how to approach Chaos Engineering - the increasingly common practice of simulating unexpected real world conditions on distributed systems to test for vulnerabilities - along with the common traps. Click this tweet if paywalled.

featured in #138

9 Kubernetes Security Best Practices Everyone Must Follow

- Connor Gilbert

featured in #125

Keeping Passwords Safe in 2017 (Video)

- Emil Bay

featured in #117.1

Maybe Skip SHA-3

- Adam Langley

featured in #117.1

The End of SHA-1 on the Public Web

- JC Jones

featured in #112.1

Communicating The Dangers of Non-Secure HTTP

- Tanvi Vyas

featured in #110.1

Everything You Need to Know About HTTP Security Headers

- Max Veytsman

featured in #109.1

Let's Encrypt Everything

- Jeff Atwood

featured in #105.1