Ask the Experts

Ask the Experts

• Removable storage devices: Why are companies banning them?

  IBM banned removable storage devices to encourage employees to use the company's internal file-sharing system. Learn how a ban like this can improve enterprise security.  Continue Reading

• How does the resurgent VPNFilter botnet target victims?

  After a comeback of the Russian-built VPNFilter botnet, home network devices are at risk. Learn how this malware targets victims with expert Nick Lewis.  Continue Reading

• How did the IcedID and TrickBot banking Trojans join forces?

  The TrickBot banking Trojan joined forces with IcedID to form a dual threat that targets victims for money. Discover how this union occurred and how it has changed their behaviors.  Continue Reading

• How does the APT attack Double Kill work in Office documents?

  The Qihoo 360 Core Security team found a Microsoft vulnerability -- named Double Kill -- that affects applications via Office documents. Learn how this is possible with Nick Lewis.  Continue Reading

• How does the MnuBot banking Trojan use unusual C&C servers?

  IBM X-Force found MnuBot -- a new banking Trojan -- manipulating C&C servers in an unusual way. Learn how this is possible and how this malware differs from those in the past.  Continue Reading

• How does Apple's Quick Look endanger user privacy?

  Apple's Quick Look feature previews thumbnails that are not encrypted. Learn how this poses a security threat to enterprises from expert Michael Cobb.  Continue Reading

• How did Netflix phishing attacks use legitimate TLS certificates?

  Hackers can imitate the design and domain name of popular sites like Netflix to steal credentials. Expert Michael Cobb explains how these Netflix phishing attacks work.  Continue Reading

• How do hackers use legitimate admin tools to compromise networks?

  Hackers use legitimate admin tools to exfiltrate data in living off the land attacks that are hard to detect. Learn about this cyberattack tactic from expert Michael Cobb.  Continue Reading

• How was Google Firebase security bypassed?

  Google Firebase's inadequate back-end development led to data leaks and vulnerabilities, including HospitalGown. Learn more about this security flaw from expert Michael Cobb.  Continue Reading

• How does TLBleed abuse the Hyper-Threading feature in Intel chips?

  TLBleed exploits Intel's HTT feature to leak data via side-channel attacks. Learn about how TLBleed obtains sensitive memory information from expert Michael Cobb.  Continue Reading

• How does FacexWorm malware use Facebook Messenger to spread?

  Researchers at Trend Micro found a new strain of malware -- dubbed FacexWorm -- that targets users via a malicious Chrome extension. Discover how this attack works with Nick Lewis.  Continue Reading

• How does stegware malware exploit steganography techniques?

  Researchers at the 2018 RSA Conference discussed the increasing availability of malware that uses steganography, dubbed stegware. Discover how this works with expert Nick Lewis.  Continue Reading

• How does MassMiner malware infect systems across the web?

  Researchers from AlienVault found a new cryptocurrency mining malware -- dubbed MassMiner -- that infects systems across the web. Learn how this malware operates with Nick Lewis.  Continue Reading

• How can GravityRAT check for antimalware sandboxes?

  A remote access Trojan -- dubbed GravityRAT -- was discovered checking for antimalware sandboxes by Cisco Talos. Learn how this technique works and how it can be mitigated.  Continue Reading

• SamSam ransomware: How is this version different from others?

  Sophos recently discovered a SamSam extortion code that performs company-wide attacks using a range of vulnerability exploits. Discover how this version differs from past variants.  Continue Reading