Ask the Experts

Ask the Experts

• What tools were used to hide fileless malware in server memory?

  Fileless malware hidden in server memory led to attacks on many companies worldwide. Expert Nick Lewis explains how these attacks fit in with the wider fileless malware trend.  Continue Reading

• How are FTP injection attacks carried out on Java and Python?

  Vulnerabilities in Java and Python have opened them up to possible FTP injections. Expert Nick Lewis explains how enterprises can mitigate these attacks.  Continue Reading

• ASLR side-channel attack: How is JavaScript used to bypass protection?

  Researchers have developed an ASLR Cache side-channel attack that enables them to eliminate ASLR protections. Expert Nick Lewis explains how JavaScript code is used in the attack.  Continue Reading

• SQL Slammer worm returns: How risky is it for enterprises?

  The SQL Slammer worm has re-emerged to attack a vulnerability in Microsoft SQL Server 2000. Expert Nick Lewis explains what enterprises can do to manage out-of-date systems.  Continue Reading

• How do the malware implants RedLeaves and PlugX work?

  Malware implants RedLeaves and PlugX infected networked systems in multiple industries and leveraged stolen administrator credentials. Expert Judith Myerson explains how it works.  Continue Reading

• How can users protect themselves from the DocuSign phishing email?

  A DocuSign phishing email with a link to a malicious Word document recently targeted the company's users. Expert Judith Myerson outlines six ways to avoid this type of attack.  Continue Reading

• How does an Intel AMT flaw enable attackers to gain device access?

  A vulnerability in Intel AMT enables attackers to gain remote access to PCs and devices. Expert Judith Myerson explains how the attack works and what can be done to prevent it.  Continue Reading

• How can an SMB server be used to steal Windows login credentials?

  A Google Chrome flaw enables attackers to automatically download Windows credentials to their SMB sever. Expert Judith Myerson explains how that works.  Continue Reading

• How can enterprises address Nagios Core vulnerabilities?

  Early versions of Nagios Core, the open source network monitoring tool, had privilege escalation vulnerabilities. Expert Judith Myerson explains the flaw and what to do about it.  Continue Reading

• Android sandboxing tools: How can work data separation be bypassed?

  Android for Work's sandboxing tools, which split work and personal profiles, can be bypassed with a proof-of-concept attack. Expert Michael Cobb explains how the attack works.  Continue Reading

• How are forged cookies used in attacks on online user accounts?

  Yahoo claimed a vulnerability in its email service enabled attackers to use forged cookies to gain access to user accounts. Expert Michael Cobb explains what forged cookies are and how they are used in attacks  Continue Reading

• What made iOS apps handling sensitive data vulnerable to MitM attacks?

  A researcher discovered 76 iOS apps containing sensitive user data that were vulnerable to man-in-the-middle attacks. Expert Michael Cobb explains how developers can prevent this.  Continue Reading

• Ticketbleed flaw: How can SSL session identities be protected?

  The Ticketbleed flaw in F5 Networks' BIG-IP appliances leaks uninitialized memory and SSL session identities. Expert Michael Cobb explains how enterprises can mitigate it.  Continue Reading

• WordPress REST API flaw: How did it lead to widespread attacks?

  A REST API endpoint vulnerability enabled attacks on 1.5 million sites running WordPress. Expert Michael Cobb explains how this vulnerability works and how to prevent attacks.  Continue Reading

• How are hackers using Unicode domains for spoofing attacks?

  A proof of concept showed that hackers can use Unicode domains to make phishing sites look legitimate. Expert Matthew Pascucci explains how this spoofing attack works.  Continue Reading