Ask the Expert - 'Herd intelligence' provides a distributed sensor net, finding new specimens that are potentially evil. Information security threat expert Ed Skoudis explains how effective the antimalware technology really is. 11 February 2008
Ask the Expert - Enterprises that don't have thoroughly patched browsers, PDF readers, media players and other client-side software are very likely to get compromised by MPack and similar crimeware tools. Ed Skoudis explains. 11 February 2008
Ask the Expert - Improper input validation leads to numerous kinds of attacks, including cross-site scripting, SQL injection and command injection. In this expert Q&A, Michael Cobb reviews the most important application development practices. 11 February 2008
Ask the Expert - Cookies hold data, such as user preferences and session tracking credentials. In this expert Q&A, Ed Skoudis explains how application developers can define and manage the cookies appropriately. 11 February 2008
Ask the Expert - The vast majority of phishing emails still include HTTP links, but there has been a recent smattering that refer to FTP sites. In this SearchSecurity.com Q&A, Ed Skoudis explains how to be ready for the malicious messages. 04 January 2008
Ask the Expert - Teredo allows internal networks to transition to IPv6, interconnecting them through their NAT devices and across the IPv4 Internet. Ed Skoudis explains why this function isn't as innocent as it seems. 04 January 2008
Ask the Expert - Critical security flaws are often discovered in Java Runtime Environment implementations. Unfortunately, most users don't apply any appropriate patches. Ed Skoudis reveals the security risks posed by a vulnerable JRE. 04 January 2008
11 - 20 of 91 in Expert Archive: Information Security Threats
Amazon EBS encryption is now offered by AWS. Expert Dave Shackleford explains how it works, why companies might struggle with it and whether it brings the industry one step closer to default cloud data encryption.
SearchMidmarketSecurity.com’s tutorials offer IT professionals in-depth lessons and technical advice on the hottest topics in the midmarket IT security industry. Through our tutorials we seek to provide site members with the foundational knowledge needed to deal with the increasingly challenging job of keeping their organizations secure.
Arguably the most important task of any endpoint security system is to protect against malware. However, these products are less effective as attackers develop increasingly novel ways of sidelining device security.