Ask the Experts

Ask the Experts

• Do CISOs need computer science degrees?

  Equifax's CISO came under fire for having a music degree. David Shearer, CEO of (ISC)2, discusses what type of education infosec professionals should have.  Continue Reading

• What VPN alternatives should enterprises consider using?

  VPN vulnerabilities in products from popular vendors were recently found to enable serious threats. Discover how detrimental these threats are and best alternatives to the use of VPNs.  Continue Reading

• How are logic devices like WAGO PFC200 used by hackers?

  The Department of Homeland Security warned of a vulnerability affecting WAGO PFC200 logic devices. Discover how this flaw enables threat actors with expert Judith Myerson.  Continue Reading

• Zyklon malware: What Microsoft Office flaws does it exploit?

  Zyklon malware targets three previously patched Microsoft Office vulnerabilities. Learn how attackers can access passwords and cryptocurrency wallet data with expert Judith Myerson.  Continue Reading

• How can a Moxa MXview vulnerability be exploited by hackers?

  A vulnerability was found in Moxa MXview -- a software used to visualize network devices and physical connections. Learn how this vulnerability can enable privilege escalation.  Continue Reading

• Intel AMT flaw: How are corporate endpoints put at risk?

  A recent flaw in Intel's Advanced Management Technology enables hackers to gain access to endpoint devices. Discover how this flaw can be mitigated with expert Judith Myerson.  Continue Reading

• When does the clock start for GDPR data breach notification?

  As new GDPR data breach notification rules go into effect, companies must be ready to move faster than before. Mimecast's Marc French explains what will change and how to cope.  Continue Reading

• What will GDPR data portability mean for enterprises?

  Enforcement of the EU's Global Data Protection Regulation is coming soon. Mimecast's Marc French discusses the big questions about GDPR data portability for enterprises.  Continue Reading

• AIR-Jumper: How can security camera lights transmit data?

  Researchers developed aIR-Jumper, an exploit that leverages lights within security cameras to extract data. Learn how this attack works and how to prevent it with expert Nick Lewis.  Continue Reading

• Com.google.provision virus: How does it attack Android devices?

  The com.google.provision virus reportedly targets Android users, but little is known about it. Nick Lewis discusses the mystery threat and how Common Malware Enumeration may help.  Continue Reading

• Internet Explorer bug: How does it expose address bar info?

  A bug in Microsoft's Internet Explorer update exposes information that users enter into the browser's address bar. Learn more about the bug and URL tracking with Nick Lewis.  Continue Reading

• CCleaner malware: How dangerous is it to enterprises?

  A watering hole attack led to CCleaner malware being installed on millions of systems. Nick Lewis explains how the attack worked and why it should concern enterprises.  Continue Reading

• ExpensiveWall malware: How does this SMS attack function?

  A new SMS malware known as ExpensiveWall was recently discovered by Check Point. Learn how it infects devices and puts Android device users at risk with expert Nick Lewis.  Continue Reading

• How can improper certificate pinning be stopped by the Spinner tool?

  Researchers developed a tool to help prevent improper certificate pinning that causes security issues. Expert Michael Cobb reviews the issue and the Spinner tool.  Continue Reading

• How does a WPAD attack work and how can it be prevented?

  Google Project Zero discovered a WPAD attack that could target systems running Windows 10. Expert Michael Cobb explains how the attack works and how to bolster WPAD security.  Continue Reading