Ask the Experts

Ask the Experts

Enterprise network security

• What is a password spraying attack and how does it work?

  Password spraying isn't a sophisticated attack, but don't discount the attackers if you detect one. Find out how this brute-force technique works and how to defend against it.  Continue Reading

• What is a port scan attack?

  Cyberattacks often begin with a port scan attack, which attackers use to find exploitable vulnerabilities on targeted systems. Learn how they work and how to defend against them.  Continue Reading

• How can I detect fileless malware attacks?

  Monitoring process memory is one way to combat fileless malware attacks. Here's what you can do to protect your network against these campaigns.  Continue Reading

• Why do DDoS attack patterns rise in the autumn?

  DDoS attack patterns indicate a sharp escalation in the fall. Why does that occur and what can be done to guard against these attacks?  Continue Reading

• Should I worry about the Constrained Application Protocol?

  The Constrained Application Protocol underpins IoT networks. But the protocol could allow a threat actor to launch an attack.  Continue Reading

• Is a Mirai botnet variant targeting unpatched enterprises?

  New variants of popular botnets were found targeting IoT devices by Palo Alto Networks' Unit 42. Discover how these variants differ from their sources and what new risks they pose.  Continue Reading

• What new technique does the Osiris banking Trojan use?

  A new Kronos banking Trojan variant was found to use process impersonation to bypass defenses. Learn what this evasion technique is and the threat it poses with Nick Lewis.  Continue Reading

• How do I stop the Vidar malvertising attack?

  The Vidar malvertising attack was part of a two-pronged intrusion that included the installation of ransomware in endpoints. How can enterprises protect themselves?  Continue Reading

• How do trusted app stores release and disclose patches?

  A flaw was found in the Android installer for Fortnite and was patched within 24 hours. Learn how such a quick turnaround affects mobile app security with expert Nick Lewis.  Continue Reading

• How did Browser Reaper cause browsers to crash?

  A Mozilla vulnerability duplicated in the Browser Reaper set of DoS proofs of concept caused Chrome, Firefox and Safari to crash. Learn why and how this occurred.  Continue Reading

• Will DNS Flag Day affect you? Infoblox's Cricket Liu explains

  What is DNS Flag Day? That's when old and broken DNS servers will stop working, improving DNS performance and safety for all. Infoblox's chief DNS architect Cricket Liu explains.  Continue Reading

• Java deserialization attacks: What are they and how do they work?

  The TP-Link EAP Controller for Linux was recently found to be vulnerable to attacks. Learn from Judith Myerson what this means for users and how it can be prevented.  Continue Reading

• Ping of death: What is it and how is Apple affected?

  An Apple vulnerability recently resurfaced and is targeting Apple devices that are connected to public hotspots. Discover what this vulnerability is and how to protect your devices.  Continue Reading

• Network shaping: How does it enable BGP attacks to divert data

  The use of BGPsec protocols was found after looking into threat actors in China that controlled U.S. internet traffic. Discover how this technique works and how it can be mitigated.  Continue Reading

• Kronos banking Trojan: How does the new variant compare?

  Proofpoint researchers found a Kronos variant after it targeted victims in Germany, Japan and Poland. Learn how this variant compares to the original banking Trojan with Nick Lewis.  Continue Reading