Blog

A space dedicated to sharing our thoughts on the latest cybersecurity news, trends, and threats

Subscribe

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

How I Built An XSS Worm On Atmail

This blog post was authored by Senior Security Analyst Zach Julian; you can connect with him on Twitter here. Atmail is a popular provider for cloud-based and on-premises email hosting. It is used by companies, hosting providers, and ISPs including DreamHost, LegalShield (US), m:tel (Bosnia), iiNet, and Optus (Australia). Being an atmail user on …

How We Can Stop Email Spoofing

According to our research, 98 percent of the internet is vulnerable to this attack. And here’s how our tool, SpoofCheck, can help us bring a stop to it. Most web domains are not protected against email spoofing, which is a relatively easy problem to solve. If you’re concerned that your domain may be vulnerable …

We’re Humbled; We’re Grateful; Thank You

Fresh off the celebration of our 11th-year anniversary, we at Bishop Fox would like to say a big thank you to everyone who helped us arrive where we are now. We are grateful to our clients and humbled by their continued faith in us, and offer our sincere gratitude to them. As a friendly update, …

The CIA Leak: A Look On the Bright Side…

Unless you have been living under a rock for the past 24 hours, you’ve heard all about the ongoing CIA / WikiLeaks fiasco.  However, you’ve probably missed one positive takeaway that seems to have gone unnoticed by the majority of those following this story – i.e. a closer examination of the leak reveals indicators …

In the News: A BGP Hijacking Technical Post-Mortem

This blog post was authored by Senior Security Analyst Zach Julian; you can connect with him on Twitter here. In the first week of 2017, Iranian ISP Telecommunication Infrastructure Company (TIC) performed a BGP hijack affecting 99.192.226.0/24. Their goal was to censor select websites residing on the /24 block from Iranian internet users. However, …

A Guide to Do-It-Yourself Network Segmentation

You may be interested in exploring the possibilities of network segmentation, but may not be sure what that looks like for your home network or the network of your small business. You don’t have the budget of a large corporation. You can’t afford the resources that they can, but nonetheless, you want to ensure your …

Telling the Security Story: An Interview with Josh Koplik

Josh Koplik is the Chief Information Security Officer at IAC, a media and internet holding company with assets including OKCupid, The Daily Beast, and Tinder. He spoke to Vincent Liu about his “security scorecard” system as well as his background and the schism between business and security objectives. You can read highlights of the …