Problem solve

Problem solve

Get help with specific problems with your technologies, process and projects.

• How can the Jenkins vulnerabilities in plug-ins be mitigated?

  A wave of Jenkins vulnerabilities related to plug-ins were recently discovered. Expert Judith Myerson explains the flaws and how enterprises should mitigate them. Continue Reading

• How can users detect dangerous open ports in mobile apps?

  Some malicious apps can hijack smartphones and expose those devices with open ports. Expert Michael Cobb explains how this happens and how users can protect themselves. Continue Reading

• The HTML5 vulnerabilities enterprises need to know

  Adobe Flash's end of life is coming, but there are some HTML5 vulnerabilities enterprises should be aware of before making the switch. Expert Judith Myerson outlines the risks. Continue Reading

• How can memory corruption attacks threaten smartphones?

  Smartphone users could be at risk of memory corruption attacks because of a baseband vulnerability. Expert Michael Cobb explains the attack and how concerned users should be. Continue Reading

• How do code-reuse attacks bypass Windows 10 security features?

  Certain Windows 10 security features can be bypassed with code-reuse attacks. Expert Michael Cobb explains how that works and what can be done to prevent it. Continue Reading

• How is Pegasus malware different on Android than on iOS?

  Pegasus malware used to only target iOS devices, but a variant called Chrysaor now goes after Android devices, too. Expert Michael Cobb explains what users need to know about it.Continue Reading

• How do network management systems simplify security?

  Network security teams can find themselves overwhelmed with protecting an enterprise network. Expert Matthew Pascucci explains how network management systems can help with that.Continue Reading

• How can enterprises secure encrypted traffic from cloud applications?

  As enterprises use more cloud applications, they generate more encrypted traffic. Expert Matthew Pascucci discusses the challenges that presents for network security teams.Continue Reading

• Should an enterprise BYOD strategy allow the use of Gmail?

  Using personal Gmail accounts for business purposes is not a secure enterprise BYOD strategy. Expert Matthew Pascucci discusses why companies should avoid implementing this tactic.Continue Reading

• What should you do when third-party compliance is failing?

  Third-party compliance is a necessary part of securing your organization's data. Expert Matthew Pascucci discusses what to do if you suspect a business partner isn't compliant.Continue Reading

• HTTPS interception gets a bad rap; now what?

  Should products intercept Transport Layer Security connections to gain visibility into network traffic? A new study by researchers and U.S.-CERT warn against it.Continue Reading

• How NotPetya ransomware used legitimate tools to move laterally

  WannaCry and NotPetya ransomware woke enterprises up to an expanded threat landscape. Expert Michael Cobb explains these threats and what enterprises can do to stop them.Continue Reading

• ATMitch malware: Can fileless ATM malware be stopped?

  How was the ATMitch malware able to loot cash machines, then delete itself? Expert Nick Lewis explains how the fileless malware works and how it spreads.Continue Reading

• DoubleAgent malware could turn antivirus tools into attack vector

  DoubleAgent malware is a proof of concept for a zero-day vulnerability that can turn antivirus tools into attack vectors. Expert Nick Lewis explains how to contain the threat.Continue Reading

• How does the MajikPOS malware evade detection?

  A new POS malware downloads a RAM scraper to avoid detection. Expert Nick Lewis explains the tricks MajikPOS uses to target retail terminals and how to defend against it.Continue Reading

• Why is the patched Apache Struts vulnerability still being exploited?

  An Apache Struts vulnerability is still being exploited, even though it has already been patched. Expert Nick Lewis explains why the Struts platform still carries risk for users.Continue Reading

• Stopping EternalBlue: Can the next Windows 10 update help?

  The upcoming Windows update, Redstone 3, will patch the vulnerability that enables EternalBlue exploits. Expert Judith Myerson discusses protection methods to use until the update.Continue Reading

• Common web application login security weaknesses and how to fix them

  Flawed web application login security can leave an enterprise vulnerable to attacks. Expert Kevin Beaver reviews the most common mistakes and how to fix them.Continue Reading

• How does CrashOverride malware threaten industrial control systems?

  CrashOverride malware targets industrial control systems and can wreak havoc. Expert Judith Myerson explains the capabilities of the malware and what to do to stop it.Continue Reading

• What is the best way to secure telematics information?

  SMS authentication is often used to secure telematics information, but it may not be strong enough. Expert Judith Myerson discusses why, and how to improve the protection of this data.Continue Reading

• How can VMware vulnerabilities in vSphere expose credentials?

  Two VMware vulnerabilities in vSphere Data Protection were recently patched. Expert Judith Myerson explains how the flaws work and how to defend against them.Continue Reading

• Libpurple flaw: How does it affect connected IM clients?

  The libpurple library contains a code execution vulnerability that affects the IM clients that were developed using it. Expert Michael Cobb explains how the flaw works.Continue Reading

• What tools can bypass Google's CAPTCHA challenges?

  The ReBreakCaptcha exploit can bypass Google's reCAPTCHA verification system using flaws in Google's own API. Expert Michael Cobb explains how the attack works.Continue Reading

• How did a Moodle security vulnerability enable remote code execution?

  A series of logic flaws in Moodle enabled attackers to remotely execute code on servers. Expert Michael Cobb explains how the Moodle security vulnerability can be exploited.Continue Reading

• How did flaws in WhatsApp and Telegram enable account takeovers?

  Flaws in WhatsApp and Telegram, popular messaging services, enable attackers to break encryption and take over accounts. Expert Michael Cobb explains how the attacks work.Continue Reading

• Could the WannaCry decryptor work on other ransomware strains?

  Researchers created WannaCry decryptor tools after the outbreak of the ransomware. Expert Matthew Pascucci explains how the tools work and if they work on other ransomware.Continue Reading

• How is the Samba vulnerability different from EternalBlue?

  A recently discovered Samba vulnerability bears a striking resemblance to the notorious Windows exploit EternalBlue. Expert Matthew Pascucci compares the two vulnerabilities.Continue Reading

• Deborah Wheeler lands role of CISO at Delta Air Lines

  The new CISO at Delta Air Lines earned her wings by sticking with security from the start. As the airline industry faces new challenges, Deborah Wheeler takes on a leadership role.Continue Reading

• Samsung Knox platform: Can it improve Android device security?

  Application security expert Michael Cobb discusses the Samsung Knox platform and its ability to improve Android device security in the enterprise.Continue Reading

• How are FTP injection attacks carried out on Java and Python?

  Vulnerabilities in Java and Python have opened them up to possible FTP injections. Expert Nick Lewis explains how enterprises can mitigate these attacks.Continue Reading

• Protecting Patient Information

  In this excerpt from chapter two of Protecting Patient Information, author Paul Cerrato discusses the consequences of data breaches in healthcare.Continue Reading

• Mobile Security and Privacy

  In this excerpt from chapter 11 of Mobile Security and Privacy, authors Raymond Choo and Man Ho Au discuss privacy and anonymity in terms of mathematics.Continue Reading

• ASLR side-channel attack: How is JavaScript used to bypass protection?

  Researchers have developed an ASLR Cache side-channel attack that enables them to eliminate ASLR protections. Expert Nick Lewis explains how JavaScript code is used in the attack.Continue Reading

• SQL Slammer worm returns: How risky is it for enterprises?

  The SQL Slammer worm has re-emerged to attack a vulnerability in Microsoft SQL Server 2000. Expert Nick Lewis explains what enterprises can do to manage out-of-date systems.Continue Reading

• How do the malware implants RedLeaves and PlugX work?

  Malware implants RedLeaves and PlugX infected networked systems in multiple industries and leveraged stolen administrator credentials. Expert Judith Myerson explains how it works.Continue Reading

• How can users protect themselves from the DocuSign phishing email?

  A DocuSign phishing email with a link to a malicious Word document recently targeted the company's users. Expert Judith Myerson outlines six ways to avoid this type of attack.Continue Reading

• How does an Intel AMT flaw enable attackers to gain device access?

  A vulnerability in Intel AMT enables attackers to gain remote access to PCs and devices. Expert Judith Myerson explains how the attack works and what can be done to prevent it.Continue Reading

• Android sandboxing tools: How can work data separation be bypassed?

  Android for Work's sandboxing tools, which split work and personal profiles, can be bypassed with a proof-of-concept attack. Expert Michael Cobb explains how the attack works.Continue Reading

• How are forged cookies used in attacks on online user accounts?

  Yahoo claimed a vulnerability in its email service enabled attackers to use forged cookies to gain access to user accounts. Expert Michael Cobb explains what forged cookies are and how they are used in attacksContinue Reading

• How to detect preinstalled malware in custom servers

  Preinstalled malware was reportedly found by Apple in its custom servers. Expert Nick Lewis explains how enterprises can protect themselves from encountering similar issues.Continue Reading

• What made iOS apps handling sensitive data vulnerable to MitM attacks?

  A researcher discovered 76 iOS apps containing sensitive user data that were vulnerable to man-in-the-middle attacks. Expert Michael Cobb explains how developers can prevent this.Continue Reading

• Ticketbleed flaw: How can SSL session identities be protected?

  The Ticketbleed flaw in F5 Networks' BIG-IP appliances leaks uninitialized memory and SSL session identities. Expert Michael Cobb explains how enterprises can mitigate it.Continue Reading

• WordPress REST API flaw: How did it lead to widespread attacks?

  A REST API endpoint vulnerability enabled attacks on 1.5 million sites running WordPress. Expert Michael Cobb explains how this vulnerability works and how to prevent attacks.Continue Reading

• How are hackers using Unicode domains for spoofing attacks?

  A proof of concept showed that hackers can use Unicode domains to make phishing sites look legitimate. Expert Matthew Pascucci explains how this spoofing attack works.Continue Reading

• How WannaCry malware affects enterprises' ICS networks

  WannaCry malware has been plaguing organizations across the world. Expert Ernie Hayden explains how this ransomware threatens ICS networks and their security.Continue Reading

• What are the challenges of migrating to HTTPS from HTTP?

  Migrating to HTTPS from HTTP is a good idea for security, but the process can be a challenge. Expert Matthew Pascucci explains how to make it easier for enterprises.Continue Reading

• How did Webroot's antivirus signature update create false positives?

  A Webroot antivirus signature update flagged Windows and Windows applications as dangerous. Expert Matthew Pascucci explains how it happened and what Webroot did about it.Continue Reading

• How does the Antbleed backdoor vulnerability work?

  Antbleed, a backdoor vulnerability, was discovered in bitcoin mining equipment. Expert Matthew Pascucci explains how the Bitmain flaw works and how it can be prevented.Continue Reading

• Incorporating static source code analysis into security testing

  Static source code analysis, along with dynamic analysis and pen testing, can help strengthen your application security. Expert Kevin Beaver goes over the features to look out for.Continue Reading

• Ransomware detection and prevention tools you need now

  Enterprises should improve their ransomware defense methods by examining the features in existing security tool deployments and deciding if replacements are needed.Continue Reading

• Risk & Repeat: Symantec, Mozilla spar over certificate issuance

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss Mozilla's suggested deadline for Symantec to turn over its certificate issuance operations.Continue Reading

• Fruitfly Mac malware: How does its decades-old code work?

  The Fruitfly Mac malware has decades-old code, but has been conducting surveillance attacks for over two years without detection. Expert Nick Lewis explains how it works.Continue Reading

• How the use of invalid certificates undermines cybersecurity

  Symantec and other trusted CAs were found using bad certificates, which can create huge risk for internet users. Expert Michael Cobb explains how these incidents can be prevented.Continue Reading

• What are HummingWhale malware's new ad fraud features?

  A HummingBad malware variant, HummingWhale, was discovered being spread through 20 apps on the Google Play Store. Expert Nick Lewis explains the malware's new features.Continue Reading

• Heartbleed vulnerability: Why does it persist on so many services?

  The Heartbleed flaw still impacts almost 200,000 services connected to the internet. Expert Nick Lewis explains why these services remain unpatched and vulnerable.Continue Reading

• How did thousands of MongoDB databases get hijacked?

  Thousands of MongoDB configurations were hijacked due to poor authentication practices. Expert Nick Lewis explains how organizations can properly configure their implementations.Continue Reading

• How intelligence data leaks caused collateral damage for infosec

  Alvaka Networks' Kevin McDonald looks at the real-world damage caused by data leaks at the CIA and NSA, which have put dangerous government cyberweapons in the hands of hackersContinue Reading

• Why do HTTPS interception tools weaken TLS security?

  HTTPS interception tools help protect websites, but they can also hurt TLS security. Expert Judith Myerson explains how this works and what enterprises can do about it.Continue Reading

• How do Linksys router vulnerabilities expose user data?

  Router vulnerabilities in over 20 Linksys models expose user data to attackers. Expert Judith Myerson explains how the flaws work and how to protect against them.Continue Reading

• How can DevOps application lifecycle management protect digital keys?

  Better DevOps application lifecycle management can help protect cryptographic and digital keys. Expert Judith Myerson explains the right approaches to secure DevOps.Continue Reading

• How can Bosch's diagnostic dongle be leveraged by hackers?

  Hacks on a car's diagnostic dongle can completely take over the vehicle and even shut off the engine. Expert Judith Myerson explains how this works and how to prevent it from happening.Continue Reading

• How do attackers use Microsoft Application Verifier for hijacking?

  Attackers found a way to use Microsoft Application Verifier to hijack security products, like antivirus tools. Expert Judith Myerson explains how it's done and what to do to stop it.Continue Reading

• How can a NULL pointer dereference flaw create a DoS attack?

  A flaw in the open source graphics library libpng enabling denial-of-service attacks was discovered. Expert Michael Cobb explains how the vulnerability works.Continue Reading

• Guide to vendor-specific IT security certifications

  The abundance of vendor-specific information technology security certifications can overwhelm any infosec professional. Expert Ed Tittel helps navigate the crowded field.Continue Reading

• Embedded malware: How OLE objects can harbor threats

  Nation-states have been carrying out attacks using RTF files with embedded malware. Expert Nick Lewis explains how OLE technology is used and how to protect your enterprise.Continue Reading

• The Apple Notify flaw: How does it allow malicious script injection?

  Flaws in the Apple Notify function and iTunes can enable attackers to inject malicious script into the application side. Expert Michael Cobb explains how these vulnerabilities work.Continue Reading

• Adobe Acrobat Chrome extension: What are the risks?

  An Adobe Acrobat extension was automatically installed onto users' Chrome browsers during an update. Expert Michael Cobb explains the problems that existed with the extension.Continue Reading

• Cisco WebEx extension flaw: How does the patch fall short?

  Cisco's WebEx extension flaw was patched to prevent remote code execution from all but WebEx sites. Expert Michael Cobb explains how this flaw could still introduce risk to users.Continue Reading

• How can the latest LastPass vulnerabilities be mitigated?

  More LastPass vulnerabilities were recently discovered. Expert Matthew Pascucci explains the flaws, as well as what enterprises can do to mitigate the threat they pose.Continue Reading

• Why is patching telecom infrastructures such a challenge?

  Patching telecom infrastructures presents many challenges. Expert Matthew Pascucci explains those challenges and what can be done to make sure the systems get patched anyway.Continue Reading

• Domain validation certificates: What are the security issues?

  Let's Encrypt domain validation certificates had some security issues. Expert Matthew Pascucci explains how DV certificates work and what the issues were.Continue Reading

• What MongoDB security issues are still unresolved?

  There are some MongoDB security issues that have yet to be resolved. Expert Matthew Pascucci discusses the risks and how to protect your enterprise from them.Continue Reading

• How can customer service staff spot social engineering email attacks?

  Social engineering emails targeted at customer service staff have led to the spread of the August malware. Expert Nick Lewis explains how to identify and mitigate these attacks.Continue Reading

• How SSH key management and security can be improved

  The widespread use of SSH keys is posing security risks for enterprises due to poor tracking and management. Expert Michael Cobb explains how some best practices can regain control over SSH.Continue Reading

• How does Gooligan malware compromise Google accounts?

  Android apps infected with Gooligan malware enable attackers to compromise the security of Google accounts. Expert Nick Lewis explains how users can protect themselves.Continue Reading

• How does the Stegano exploit kit use malvertising to spread?

  A malvertising campaign by the AdGholas group has been found spreading the Stegano exploit kit. Expert Nick Lewis explains how web advertisements are used in this attack.Continue Reading

• How does Rakos malware attack embedded Linux systems?

  Rakos malware is attempting to build a botnet by attacking embedded Linux systems. Expert Nick Lewis explains how enterprises can prevent attacks on their systems.Continue Reading

• Switcher Android Trojan: How does it attack wireless routers?

  The Switcher Trojan spreads to Android devices through the wireless router to which they are connected. Expert Nick Lewis explains how this attack is carried out.Continue Reading

• Cognitive hacking: Understanding the threat of bad data

  Bad data can create more than just 'fake news.' Expert Char Sample explains how cognitive hacking and weaponized information can undermine enterprise security.Continue Reading

• What is the SS7 protocol and what are its security implications?

  The SS7 protocol has been a source of controversy lately because of its security vulnerabilities. Expert Judith Myerson explains what the protocol is and what its issues are.Continue Reading

• How can a smart TV security vulnerability be mitigated?

  A smart TV security vulnerability could potentially be exploited to steal the owner's data. Expert Judith Myerson explains how this works and offers tips on how to protect yourself.Continue Reading

• What the end of hot patching mobile apps means for enterprise security

  Apple now restricts mobile app developers from using hot patching, as the technique can change app behavior after it is reviewed. Expert Kevin Beaver goes over enterprise concerns.Continue Reading

• Why WPA2-PSK can be a security risk even with an uncracked key

  WPA2-PSK is a popular way to bolster wireless security, but it's not perfect. Expert Joseph Granneman explains WPA2 and other aspects of the complicated history of Wi-Fi security.Continue Reading

• Are separate administrator accounts a good idea for enterprises?

  Separate administrator accounts are becoming a normal part of access policies in enterprises. Expert Matthew Pascucci explains why this is a good idea and how to implement it.Continue Reading

• How to identify and address overlooked web security vulnerabilities

  Certain web security vulnerabilities evade detection due to oversight or carelessness. Expert Kevin Beaver discusses the top overlooked issues and how to address them.Continue Reading

• Why did the PHPMailer library vulnerability have to be patched twice?

  After a remote code execution flaw in PHPMailer was patched, the problem persisted, and had to be repatched. Expert Michael Cobb explains how the critical vulnerability works.Continue Reading

• How can a distributed guessing attack obtain payment card data?

  Attackers can gather payment card data by carrying out distributed guessing with a minimal amount of existing information. Expert Michael Cobb explains how this attack works.Continue Reading

• Is threat hunting the next step for modern SOCs?

  The emergence of threat hunting programs underscores the importance of the human factor in fighting the most dangerous and costly security threats.Continue Reading

• Panasonic Avionics IFE systems: How serious are the vulnerabilities?

  Panasonic Avionics' in-flight entertainment system vulnerabilities allow attackers to tamper with passenger seat displays. Expert Michael Cobb explains the impact of these flaws.Continue Reading

• Improving the cybersecurity workforce with full spectrum development

  Eric Patterson, executive director of the SANS Technology Institute, explains why it's time to rethink educational development to strengthen the cybersecurity workforce.Continue Reading

• Handbook of System Safety and Security

  In this excerpt from chapter 10 of Handbook of System Safety and Security, editor Edward Griffor discusses cloud and mobile cloud architecture and security.Continue Reading

• How does the boot mode vulnerability in Android work?

  A boot mode vulnerability allowed attackers to eavesdrop on calls made on certain Android devices. Expert Judith Myerson explains how the complex exploit works.Continue Reading

• How can enterprises stop the Flip Feng Shui exploit from hijacking VMs?

  The Flip Feng Shui attack can target virtual machines. Expert Judith Myerson explains the exploit and describes how to prevent it from hijacking enterprise VMs.Continue Reading

• How does Ticketbleed affect session ID security?

  The Ticketbleed bug in some F5 Networks products caused session IDs and uninitialized memory to leak. Expert Judith Myerson explains what a session ID is and how attackers use it.Continue Reading

• How does USB Killer v3 damage devices through their USB connections?

  USB Killer devices, with the ability to destroy systems via a USB input, are available and inexpensive. Expert Nick Lewis explains how they work and how to defend against this threat.Continue Reading

• How does Exaspy spyware disguise itself on Android devices?

  Exaspy spyware, which can access messages, video chats and more, was found on Android devices owned by executives. Expert Nick Lewis explains how Exaspy is able to avoid detection.Continue Reading

• How does Nemucod malware get spread through Facebook Messenger?

  The Nemucod downloader malware is being spread through Facebook Messenger disguised as an image file. Expert Nick Lewis explains the available protections against this attack.Continue Reading

• How does the PoisonTap exploit bypass password locks on computers?

  The PoisonTap exploit can bypass password locks on computers, enabling an attacker to remotely control systems. Expert Nick Lewis explains how the attack works.Continue Reading

• What should be included in a social media security policy?

  A social media security policy is necessary for most enterprises today. Expert Mike O. Villegas discusses what should be included in social media policies.Continue Reading

• Preparing enterprise systems for the scriptless Linux exploit

  The scriptless Linux exploit deviates from usual methods that security tools recognize as attacks. Expert Nick Lewis explains how the exploit works and how to prevent it.Continue Reading