Judith Myerson Judith Myerson is a former contributor to SearchSecurity. Judith Myerson’s Most Recent Content Search Security Site-to-site VPN security benefits and potential risks 28 Aug 2020 Search Security 5 steps to determine residual risk during the assessment process 28 May 2020 Search CIO 4 steps to remain compliant with SOX data retention policies 13 Jun 2019 TheServerSide.com Don't let plugins open up more Jenkins vulnerabilities 15 May 2019 TheServerSide.com Use entropy as a service to bolster your security 26 Apr 2019 TheServerSide.com Fix this runC vulnerability to prevent unwanted root access 14 Mar 2019 TheServerSide.com Manage Jenkins vulnerabilities via Security Advisory page 11 Mar 2019 Search Security How can I protect my self-encrypting drives? 07 Mar 2019 Search Security How did Signal Desktop expose plaintext passwords? 19 Feb 2019 Search Security How did the Dirty COW exploit get shipped in software? 14 Feb 2019 Search Security Why did a Cisco patch for Webex have to be reissued? 14 Feb 2019 Search Security Java deserialization attacks: What are they and how do they work? 18 Jan 2019 Search Security Ping of death: What is it and how is Apple affected? 17 Jan 2019 Search Security Network shaping: How does it enable BGP attacks to divert data? 16 Jan 2019 Search Security How was a credit card skimmer used to steal data from Newegg? 15 Jan 2019 Search Security Updating TLS? Use cryptographic entropy for more secure keys 15 Jan 2019 Search Security How can an authentication bypass vulnerability be exploited? 14 Jan 2019 Search Security How does the new Dharma Ransomware variant work? 14 Dec 2018 Search Security Why is preloading HTTP Strict Transport Security risky? 13 Dec 2018 Search Security Faxploit: How can sending a fax compromise a network? 12 Dec 2018 Search Security FragmentSmack: How is this denial-of-service exploited? 11 Dec 2018 Search Security How the SHA-3 competition declared a winning hash function 11 Dec 2018 Search Security L1TF: How do new vulnerabilities affect Intel processors? 10 Dec 2018 Search Security How was a MikroTik router hack used to hijack traffic? 23 Nov 2018 Search Security How was a black box attack used to exploit ATM vulnerabilities? 22 Nov 2018 Search Security How were attackers able to bypass 2FA in a Reddit breach? 21 Nov 2018 Search Security Can a D-Link router vulnerability threaten bank customers? 20 Nov 2018 Search Security How does a Bluetooth vulnerability enable validation attacks? 19 Nov 2018 Search Security Why entropy sources should be added to mobile application vetting 08 Nov 2018 Search Security How was Kea DHCP v1.4.0 affected by a security advisory? 26 Oct 2018 Search Security Does pcAnywhere put election management systems at risk? 25 Oct 2018 Search Security Siemens Siclock: How do threat actors exploit these devices? 24 Oct 2018 Search Security How do newly found flaws affect robot controllers? 23 Oct 2018 Search Security What are DMARC records and can they improve email security? 22 Oct 2018 Search Security How entropy sources interact with security and privacy plans 11 Oct 2018 Search Security PulseNet: How do improper authentication flaws affect it? 21 Sep 2018 Search Security Secure encrypted virtualization: How is this technology exploited? 20 Sep 2018 Search Security WPA3 protocol: Should enterprises implement the changes? 19 Sep 2018 Search Security What is VPNFilter malware and how can users protect themselves? 18 Sep 2018 Search Security How can attackers exploit a buffer underflow vulnerability? 17 Sep 2018 Search Security How hardening options help handle unpatchable vulnerabilities 11 Sep 2018 Search Security What risks does the OpenFlow protocol vulnerability present? 24 Aug 2018 Search Security How can a 13-year-old configuration flaw affect SAP systems? 23 Aug 2018 Search Security My Cloud EX2: How can this device expose unauthorized data? 22 Aug 2018 Search Security LG network: How can attackers use preauthenticated commands? 21 Aug 2018 Search Security How does an IMSI catcher exploit SS7 vulnerabilities? 20 Aug 2018 Search Security How criticality analysis benefits from an entropy engineer 09 Aug 2018 Search Security Powerhammering: Can a power cable be used in air-gapped attacks? 27 Jul 2018 Search Security How does SirenJack put emergency warning systems at risk? 26 Jul 2018 Search Security How is Apple iOS 11 affected by a QR code vulnerability? 25 Jul 2018 Search Security Bouncy Castle keystore: How are files vulnerable to brute force? 24 Jul 2018 Search Security How did a Navarino Infinity flaw expose unauthenticated scripts? 23 Jul 2018 Search Security How cyber resiliency is achieved via NIST's 14-step approach 05 Jul 2018 Search Security Microsoft CredSSP: How was it exploited by CVE-2018-0886? 29 Jun 2018 Search Security How can a text editor plug-in enable privilege escalation? 28 Jun 2018 Search Security How are air-gapped computers put at risk by the Mosquito attack? 27 Jun 2018 Search Security How can a hardcoded password vulnerability affect Cisco PCP? 26 Jun 2018 Search Security How did the Panera Bread website expose customers? 25 Jun 2018 Search Security How entropy sources help secure applications with SDLC 05 Jun 2018 Search Security How has a Broadcom flaw affected the Lenovo ThinkPad? 31 May 2018 Search Security How do BGP flaws affect Quagga routing software? 31 May 2018 Search Security How are Linear eMerge E3 systems vulnerable to attacks? 30 May 2018 Search Security How was a Cisco firewall vulnerability exploited by threat actors? 29 May 2018 Search Security How did Strava's Global Heatmap disclose sensitive U.S. info? 28 May 2018 Search Security What VPN alternatives should enterprises consider using? 30 Mar 2018 Search Security How are logic devices like WAGO PFC200 used by hackers? 29 Mar 2018 Search Security Zyklon malware: What Microsoft Office flaws does it exploit? 28 Mar 2018 Search Security How can a Moxa MXview vulnerability be exploited by hackers? 27 Mar 2018 Search Security Intel AMT flaw: How are corporate endpoints put at risk? 26 Mar 2018 Search Security Entropy sources: How do NIST rules impact risk assessments? 08 Mar 2018 Search Security What can be done to prevent a swatting attack? 16 Feb 2018 Search Security How does the Devil's Ivy bug compromise security cameras? 15 Feb 2018 Search Security Embedded application security: Inside OWASP's best practices 15 Feb 2018 Search Security What can enterprises do to prevent an IoT botnet attack? 14 Feb 2018 Search Security How should BGP route hijacking be addressed? 13 Feb 2018 Search Security How did a Microsoft Equation Editor flaw put systems at risk? 12 Feb 2018 Search Security How HTTP security headers can defend enterprise systems 18 Jan 2018 Search Security What went wrong with the Dirty COW vulnerability patch? 12 Jan 2018 Search Security How should enterprise firewall settings be reviewed? 11 Jan 2018 Search Security How is IP theft possible despite cryptographic protections? 10 Jan 2018 Search Security How can a BGP vulnerability in Cisco products be fixed? 08 Jan 2018 Search Security How can a vulnerability in Ruggedcom switches be mitigated? 15 Dec 2017 Search Security Which 4G vulnerabilities should BYOD users be aware of? 14 Dec 2017 Search Security How can a local file inclusion attack be stopped? 13 Dec 2017 Search Security How can platform firmware be protected from attacks? 12 Dec 2017 Search Security How to manage HTTP response headers for IIS, Nginx and Apache 12 Dec 2017 Search Security How does port swapping work to bypass two-factor authentication? 11 Dec 2017 Search Security How to add HTTP security headers to various types of servers 21 Nov 2017 Search Security Ransomware recovery methods: What does the NIST suggest? 17 Nov 2017 Search Security What QNAP vulnerabilities affect NAS storage device security? 16 Nov 2017 Search Security HTTP Strict Transport Security: What are the security benefits? 14 Nov 2017 Search Security Analyzing the flaws of Adobe's HTTP security headers 17 Oct 2017 Search Security Telerik web UI: Can the cryptographic weakness be mitigated? 16 Oct 2017 Search Security How can hackers use subtitle files to control endpoint devices? 12 Oct 2017 Search Security Foxit Reader vulnerabilities: What can be done to mitigate them? 11 Oct 2017 Search Security How does an Amazon Echo vulnerability enable attackers to eavesdrop? 09 Oct 2017 Search Security Application containers: What are the major risks? 22 Sep 2017 Search Security How does BrickerBot threaten enterprise IoT devices? 21 Sep 2017 Search Security How can the Jenkins vulnerabilities in plug-ins be mitigated? 20 Sep 2017 Search Security Are long URLs better for security than short URLs? 18 Sep 2017 1 2