Problem solve

Problem solve

Get help with specific problems with your technologies, process and projects.

• How does SirenJack put emergency warning systems at risk?

  Bastille researchers created the SirenJack proof of concept to show how a vulnerability could put San Francisco's emergency warning system at risk. Judith Myerson explains how it works. Continue Reading

• How is Apple iOS 11 affected by a QR code vulnerability?

  A QR code vulnerability was recently discovered in the Apple iOS 11 camera app. Learn how an attacker could exploit it and how to avoid the issue with Judith Myerson. Continue Reading

• Digimine bot: How does social media influence cryptojacking?

  Facebook Messenger is being used to reach more victims with a cryptojacking bot that Trend Micro researchers named Digimine. Learn how this bot works with expert Nick Lewis. Continue Reading

• Android vulnerability: How can users mitigate Janus malware?

  The Janus vulnerability was found injecting malicious code into reputable Android apps. Once injected, users' endpoints become infected. Learn how to prevent this with expert Nick Lewis. Continue Reading

• How did an old, unpatched Firefox bug expose master passwords?

  A Firefox bug went undetected for nine years. Expert Michael Cobb explains how it enabled attackers to access the browser's master password and what's being done to mitigate it. Continue Reading

• How studying the black hat community can help enterprises

  White hat hackers often assimilate themselves into the black hat community to track the latest threats. Discover how this behavior actually benefits the enterprise with David Geer.Continue Reading

• How can a hardcoded password vulnerability affect Cisco PCP?

  Cisco patched a hardcoded password vulnerability found in their PCP software. Learn how the software works and how attackers can exploit this vulnerability with Judith Myerson.Continue Reading

• Where machine learning for cybersecurity works best now

  Need to up your endpoint protection endgame? Learn how applying machine learning for cybersecurity aids in the fight against botnets, evasive malware and more.Continue Reading

• How did cryptomining malware exploit a Telegram vulnerability?

  Hackers were able to exploit a Telegram vulnerability to launch cryptomining malware. Expert Michael Cobb explains how they were able to do so and how to prevent similar attacks.Continue Reading

• Q&A: Why data security controls are a hard problem to solve

  Feeling less friendly after Facebook? "There is a great deal of power in being able to combine data-sources," says Jay Jacobs, security data scientist.Continue Reading

• How to prevent cloud cryptojacking attacks on your enterprise

  As the value of bitcoin has risen over the last year, so has the prevalence of cloud cryptojacking attacks. Expert Rob Shapland explains how enterprises can prevent these attacks.Continue Reading

• How does the KRACK vulnerability use encryption keys?

  The KRACK vulnerability was found in the WPA2 protocol for wireless networks and it enables attackers to crack encrypted connections. Learn how it works from Nick Lewis.Continue Reading

• Bad Rabbit ransomware: How does it compare to other variants?

  Bad Rabbit ransomware mimics other recent ransomware variants, such as NotPetya. Discover the similarities and differences between the two with expert Nick Lewis.Continue Reading

• How will the new WPA3 protocol strengthen password security?

  The development of WPA3 helps advance Wi-Fi protocol, as the next generation of Wi-Fi-enabled devices begins to demand more. Expert Michael Cobb explains how it differs from WPA2.Continue Reading

• How were Android Pixel vulnerabilities exploited?

  Android Pixel vulnerabilities could open the smartphone up to attack. Expert Michael Cobb explains the vulnerabilities and how to defend against them.Continue Reading

• How did an Electron framework flaw put Slack at risk?

  An Electron framework flaw put users of Slack, Skype and other big apps at risk. Expert Michael Cobb explains how this remote code execution flaw works and how to prevent it.Continue Reading

• How air gap attacks challenge the notion of secure networks

  Today's cyberattacks are taking new shapes and sizes in the ever-changing tech environment. This guide explores air gap attacks, the history behind them and the latest threats facing air-gapped networks.Continue Reading

• How enterprises should handle GDPR compliance in the cloud

  GDPR compliance in the cloud can be an intimidating concept for some enterprises, but it doesn't have to be. Rob Shapland explains why it's not so different from on premises.Continue Reading

• Zero-trust model promises increased security, decreased risk

  The zero-trust model takes focused and sustained effort, but promises to improve most companies' risk posture. Learn what it takes to get the most out of zero trust.Continue Reading

• Imran Awan case shows lax security controls for IT staff

  Investigations into the conduct of the IT staff of the House of Representatives raised alarms. Kevin McDonald explains what we can learn from the case of Imran Awan.Continue Reading

• What VPN alternatives should enterprises consider using?

  VPN vulnerabilities in products from popular vendors were recently found to enable serious threats. Discover how detrimental these threats are and best alternatives to the use of VPNs.Continue Reading

• Emotet Trojan: How to defend against fileless attacks

  An increase in fileless malware, including PowerShell malware, was reported in McAfee Labs' December 2017 Threat Report. Discover how enterprises can defend again fileless attacks.Continue Reading

• Intel AMT flaw: How are corporate endpoints put at risk?

  A recent flaw in Intel's Advanced Management Technology enables hackers to gain access to endpoint devices. Discover how this flaw can be mitigated with expert Judith Myerson.Continue Reading

• When does the clock start for GDPR data breach notification?

  As new GDPR data breach notification rules go into effect, companies must be ready to move faster than before. Mimecast's Marc French explains what will change and how to cope.Continue Reading

• Secure DevOps: Inside the five lifecycle phases

  Secure DevOps and cloud computing are altering the design, build, deployment and operation of online systems. Learn more from Eric Johnson and Frank Kim of the SANS Institute.Continue Reading

• What will GDPR data portability mean for enterprises?

  Enforcement of the EU's Global Data Protection Regulation is coming soon. Mimecast's Marc French discusses the big questions about GDPR data portability for enterprises.Continue Reading

• Addressing vulnerable web systems that are often overlooked

  Web security vulnerability scanners often focus on large applications within the enterprise. However, there are plenty of overlooked web systems that contain hidden flaws.Continue Reading

• AIR-Jumper: How can security camera lights transmit data?

  Researchers developed aIR-Jumper, an exploit that leverages lights within security cameras to extract data. Learn how this attack works and how to prevent it with expert Nick Lewis.Continue Reading

• ExpensiveWall malware: How does this SMS attack function?

  A new SMS malware known as ExpensiveWall was recently discovered by Check Point. Learn how it infects devices and puts Android device users at risk with expert Nick Lewis.Continue Reading

• How can improper certificate pinning be stopped by the Spinner tool?

  Researchers developed a tool to help prevent improper certificate pinning that causes security issues. Expert Michael Cobb reviews the issue and the Spinner tool.Continue Reading

• How does a WPAD attack work and how can it be prevented?

  Google Project Zero discovered a WPAD attack that could target systems running Windows 10. Expert Michael Cobb explains how the attack works and how to bolster WPAD security.Continue Reading

• Search engine poisoning: How are poisoned results detected?

  Poisoned search results have spread the Zeus Panda banking Trojan throughout Google. Learn what this means, how search engine poisoning works and what can be done to stop it.Continue Reading

• Why the Bleichenbacher attack is still around

  The Bleichenbacher attack got a new name after 20 years. Expert Michael Cobb reviews the ROBOT attack and discusses why it's still active this long after it emerged.Continue Reading

• Fileless malware: What tools can jeopardize your system?

  A report from CrowdStrike highlights the growth of malware-less attacks using certain command-line tools. Learn how to handle these growing attacks with Matt Pascucci.Continue Reading

• Single sign-on best practices: How can enterprises get SSO right?

  Proper planning is at the top of the list for single sign-on best practices, but it's important to get enterprise SSO implementations off to a good start. Here's how to do it.Continue Reading

• How hard will the GDPR right to be forgotten be to get right?

  Under GDPR, the right to be forgotten is granted to all EU data subjects. Mimecast's Marc French explains why enterprises will need to be careful about how they manage the process.Continue Reading

• How did OurMine hackers use DNS poisoning to attack WikiLeaks?

  The OurMine hacking group recently used DNS poisoning to attack WikiLeaks and take over its web address. Learn how this attack was performed from expert Nick Lewis.Continue Reading

• Web vulnerability scanners: What you won't learn from vendors

  Web security flaws are a serious issue that web vulnerability scanners can manage. Discover your best fit scanner as expert Kevin Beaver shares tips that vendors won't tell you.Continue Reading

• How are tech support scams using phishing emails?

  Threat actors are using phishing email campaigns to fool users with tech support scams and fake Blue Screens of Death. Learn how these campaigns work with expert Nick Lewis.Continue Reading

• GD library: How did it open the Junos OS to attacks?

  The GD library used in the Junos operating system has opened Junos up to attacks. Nick Lewis explains how it happened and what it means for companies using open source software.Continue Reading

• Antivirus tools: Are two programs better than one?

  Antivirus software is crucial to your device's security. However, less is often more, especially when considering a secondary free antivirus program. Nick Lewis explains why.Continue Reading

• How to prevent SQL injection attacks in your enterprise

  SQL injection attacks threaten enterprise database security, but the use of cloud services can reduce the risk. Here's a look at some alternative SQL injection protection methods.Continue Reading

• What can enterprises do to prevent an IoT botnet attack?

  An IoT botnet attack on Huawei home routers showed similarities to the Mirai malware. Expert Judith Myerson explains the threat and how enterprises can protect themselves.Continue Reading

• How should BGP route hijacking be addressed?

  A new report from NIST shows how BGP route hijacking can threaten the internet. Expert Judith Myerson reviews the guidance for improving BGP security.Continue Reading

• How did a Microsoft Equation Editor flaw put systems at risk?

  A stack buffer overflow vulnerability in Microsoft Equation Editor may have put enterprises at risk of compromise. Expert Judith Myerson explains what went wrong.Continue Reading

• What are the root causes of the cybersecurity skills shortage?

  SearchSecurity talks with David Shearer, CEO of (ISC)2, about what is -- and isn't -- contributing to the cybersecurity skills shortage in the U.S., as well as how to fix the problem.Continue Reading

• NotPetya malware: How does it detect security products?

  Bitdefender discovered that the NotPetya malware changes its behavior when Kaspersky security products are detected. Nick Lewis explains how the malware's tricks work.Continue Reading

• Katyusha Scanner: How does it work via a Telegram account?

  The Katyusha Scanner is based on the open source penetration test scanner Arachni. However, it has been modified to work through Telegram accounts. Nick Lewis explains how it works.Continue Reading

• Cybersecurity professionals: Lack of training leaves skills behind

  Cybersecurity professionals' increased workloads leave little time for training, leaving their skill sets -- and their companies' data security -- vulnerable to outside threats.Continue Reading

• Devil's Ivy vulnerability: How does it put IoT devices at risk?

  A gSOAP flaw was found in an Axis Communications security camera and branded the Devil's Ivy vulnerability. Learn how it threatens IoT devices with expert Nick Lewis.Continue Reading

• How does credential stuffing enable account takeover attacks?

  Credential stuffing activity is outpacing the growth of other cyberattacks and enabling account takeover attacks. Akamai Technologies' Patrick Sullivan explains the threat.Continue Reading

• What do Dnsmasq vulnerabilities mean for Android users?

  Researchers found several Dnsmasq vulnerabilities that affect Google's Android operating system. Matt Pascucci explains how these flaws can be exploited by threat actors.Continue Reading

• How HTTP security headers can defend enterprise systems

  HTTP security headers that have the right configurations can be used as defense methods against cyberattacks. Expert Judith Myerson outlines how to use headers this way.Continue Reading

• Canvas fingerprinting: How does it compromise security?

  Mozilla recently decided to pull the HTML canvas element from the Firefox browser. Learn from expert Matt Pascucci what this means for the security and privacy of users.Continue Reading

• Security compliance standards as a guide in endpoint plans

  Consider security compliance regulations for your industry as a starting point and a guide for planning your specific approach to enterprise endpoint protection.Continue Reading

• The endpoint security controls you should consider now

  With the perimeter wall gone, securing enterprise endpoints is even more essential. Learn how automation and other developments can up endpoint protection now.Continue Reading

• IT sabotage: Identifying and preventing insider threats

  Preventing IT sabotage from insider threats can be a challenge. Peter Sullivan explains how enterprises should monitor for characteristics of insider threat behavior.Continue Reading

• How can a BGP vulnerability in Cisco products be fixed?

  A BGP vulnerability in some Cisco products enabled denial-of-service attacks. Expert Judith Myerson explains the vulnerability and how Cisco fixed the problem.Continue Reading

• Unknown apps: How does Android Oreo control installation?

  Android Oreo replaced the allow unknown sources setting with a new feature that enables users to selectively install unknown apps. Kevin Beaver explains what this change means.Continue Reading

• Android bootloader: How does it work and what is the risk?

  Several vulnerabilities were recently discovered in Android bootloaders via the BootStomp tool. Kevin Beaver explains how they work and what risk these vulnerabilities present.Continue Reading

• The ROCA vulnerability: How it works and what to do about it

  The ROCA vulnerability is a serious flaw in cryptographic keys. Expert Michael Cobb explains what the flaw is, how it works and what can be done to lessen the risk to enterprises.Continue Reading

• How should undocumented features in software be addressed?

  Kaspersky Lab recently discovered an undocumented feature in Microsoft Word. Expert Kevin Beaver explains the risks and what to do if you come across one of these software flaws.Continue Reading

• Brutal Kangaroo: How does it hop to air-gapped computers?

  The CIA Vault 7 cache exposed the Brutal Kangaroo USB malware, which can be spread to computers without an internet connection. Learn how this is possible with expert Nick Lewis.Continue Reading

• Botnet attacks are evolving; your defenses must too

  Botnets are evolving and will continue to plague organizations. There is no one tool that will be sufficient, so it’s time to layer your anti-botnet defenses.Continue Reading

• Get the best botnet protection with the right array of tools

  Enterprise anti-botnet defenses, to be effective, must be added in multiple layers. No single security product will do the trick, but the right combo of tools can.Continue Reading

• Antimalware software: How can Windows 10 disable it?

  Kaspersky Lab recently accused Windows 10 of acting as an antivirus block to third-party antimalware software. Discover how your software is being blocked and how this can be fixed.Continue Reading

• QakBot malware: How did it trigger Microsoft AD lockouts?

  QakBot malware triggered hundreds of thousands of Microsoft Active Directory account lockouts. Discover the malware's target and how these attacks are being carried out.Continue Reading

• Zusy malware: Are your PowerPoint files at risk?

  Several spam campaigns were discovered after a malicious PowerPoint file was exposed. Learn how Zusy malware is delivered upon hovering over hypertext and how files can be saved.Continue Reading

• Cryptographic keys: Your password's replacement is here

  As passwords become targets of phishing attacks, password management has become increasingly difficult. Expert Nick Lewis explains how cryptographic keys could replace passwords.Continue Reading

• How can a local file inclusion attack be stopped?

  A botnet-based local file inclusion attack targeted IBM X-Force customers. Expert Judith Myerson explains how these attacks work and how enterprises can defend against them.Continue Reading

• How can platform firmware be protected from attacks?

  The NIST published guidance on building up platform firmware resiliency. Expert Judith Myerson looks at the NIST guidelines and the major takeaways for enterprises.Continue Reading

• Information security certifications: Introductory level

  This series looks at the top information security certifications for IT professionals. Part one reviews basic, vendor-neutral certifications for entry-level positions.Continue Reading

• LDAP injection: How was it exploited in a Joomla attack?

  After eight years, Joomla discovered an LDAP vulnerability that could be exploited by threat actors. Learn how the attack works from expert Matt Pascucci.Continue Reading

• BlueBorne vulnerabilities: Are your Bluetooth devices safe?

  Armis Labs discovered a series of vulnerabilities that enables remote connection to Bluetooth devices. Learn more about the BlueBorne vulnerabilities with expert Matt Pascucci.Continue Reading

• How can Windows digital signature check be defeated?

  A security researcher discovered that editing two registry keys can alter a Windows digital signature check. Matt Pascucci explains what that means for digital signatures.Continue Reading

• PGP keys: Can accidental exposures be mitigated?

  The accidental publication of an Adobe private key could have put the company in jeopardy. Matt Pascucci explains how it happened and how to better protect PGP keys.Continue Reading

• How does the GhostHook attack bypass Microsoft PatchGuard?

  A technique known as the GhostHook attack can get around PatchGuard, but Microsoft hasn't patched the flaw. Expert Michael Cobb explains why, as well as how the attack works.Continue Reading

• Data breach litigation: What enterprises should know

  Data breach litigation can be highly detrimental to an organization that just suffered a major security incident. Find out what kinds of legal action enterprises could face in the event of a data breach.Continue Reading

• How can Intel AMT be used to bypass the Windows firewall?

  Software developed by the hacking group Platinum takes advantage of Intel AMT to bypass the built-in Windows firewall. Expert Michael Cobb explains how it works.Continue Reading

• Ransomware recovery methods: What does the NIST suggest?

  Knowing what ransomware recovery methods are available is important as the threat continues to grow. Expert Judith Myerson outlines what the NIST recommends for enterprises.Continue Reading

• What QNAP vulnerabilities affect NAS storage device security?

  QNAP vulnerabilities in NAS enabled attackers to control devices. Expert Judith Myerson explains each of the QNAP NAS vulnerabilities and their fixes.Continue Reading

• How social engineering attacks have embraced online personas

  Discover the extent to which attackers will go to plan social engineering attacks. Nick Lewis explains how the progression of threats is changing how we monitor social media.Continue Reading

• WireX botnet: How did it use infected Android apps?

  To avoid a mobile device catastrophe, several large tech organizations came together to stop the WireX botnet. Learn how this Android botnet with 300 infected apps was stopped.Continue Reading

• Google Docs phishing attack: How does it work?

  A Google Docs phishing attack used OAuth tokens to affect more than a million Gmail users. Nick Lewis explains how it happened, and how to defend against such an attack.Continue Reading

• What's the best career path to get CISSP certified?

  The CISSP certification can be a challenge to obtain. Mike Rothman unveils how to get on the right education and career tracks in order to get CISSP certified.Continue Reading

• How did a Windows Defender antivirus bug enable remote exploits?

  A vulnerability in Microsoft's Windows Defender antivirus tool left users open to remote code exploitation. Expert Nick Lewis explains how it happened, and what to do about it.Continue Reading

• How app libraries share user data, even without permission

  A new study shows how app libraries can share data among apps, even without permission. Michael Cobb explains how library collusion works and what users can do about it.Continue Reading

• How did an ImageMagick vulnerability endanger Yahoo servers?

  An ImageMagick vulnerability known as Yahoobleed could give hackers access to Yahoo servers. Expert Michael Cobb explains the flaw and how Yahoo handled the situation.Continue Reading

• Telerik web UI: Can the cryptographic weakness be mitigated?

  A cryptographic weakness was discovered in the Telerik web UI. Expert Judith Myerson alerts readers about this weakness and the alternative options for companies to explore.Continue Reading

• How can hackers use subtitle files to control endpoint devices?

  New media player vulnerabilities have been exposed that enable hackers to use subtitle files to control devices. Expert Judith Myerson explains how this happens.Continue Reading

• Foxit Reader vulnerabilities: What can be done to mitigate them?

  Two critical, zero-day Foxit Reader vulnerabilities haven't been patched and pose a threat to enterprises. Judith Myerson explains the vulnerabilities and how to mitigate them.Continue Reading

• How are Windows shortcut files vulnerable to attacks?

  A Windows vulnerability targets shortcut files and enables hackers to automatically execute code. Expert Judith Myerson explains the flaw and how to stop it.Continue Reading

• How does an Amazon Echo vulnerability enable attackers to eavesdrop?

  Hackers could take advantage of a physical Amazon Echo vulnerability to turn the Echo into a listening device. Judith Myerson explains how this works and what can be done about it.Continue Reading

• How does the Ursnif Trojan variant exploit mouse movements?

  A new version of the Ursnif Trojan uses mouse movements to bypass security efforts by beating sandbox detection. Expert Matthew Pascucci explains how this technique works.Continue Reading

• How can a DDoS reflection attack abuse CLDAP?

  A new exploit of CLDAP servers can be used for a DDoS reflection attack that gives attackers a 70x boost. Nick Lewis explains how to defend against this new threat.Continue Reading

• PINLogger: How does this exploit steal PINs?

  The proof-of-concept PINLogger attack exploits mobile device sensors to steal PINs. Nick Lewis explains how the attack works and offers advice on how to stop it.Continue Reading

• Hajime IoT worm: Is it pure malware or vigilante malware?

  The Hajime IoT worm aims to help users tighten up security, whether they want to or not, but it's probably not a good security strategy. Expert Nick Lewis explains the risks.Continue Reading

• How does a Magento Community Edition flaw allow remote attacks?

  As the Magento Community Edition suffers a new zero-day vulnerability, expert Nick Lewis explains how it's being exploited and how to mitigate the cross-site request forgery flaw.Continue Reading

• How does BrickerBot threaten enterprise IoT devices?

  BrickerBot is similar to other IoT malware like Mirai, Hajime and others. Expert Judith Myerson explains what makes BrickerBot different, and what can be done to defend against it.Continue Reading

• How attackers can intercept iCloud Keychain data

  A verification flaw in the synchronization service of iCloud Keychain enables attackers to intercept the data it transfers. Expert Frank Siemons explains what to do about it.Continue Reading