Ask the Experts

Ask the Experts

• How are Windows shortcut files vulnerable to attacks?

  A Windows vulnerability targets shortcut files and enables hackers to automatically execute code. Expert Judith Myerson explains the flaw and how to stop it.  Continue Reading

• How does an Amazon Echo vulnerability enable attackers to eavesdrop?

  Hackers could take advantage of a physical Amazon Echo vulnerability to turn the Echo into a listening device. Judith Myerson explains how this works and what can be done about it.  Continue Reading

• How does the Ursnif Trojan variant exploit mouse movements?

  A new version of the Ursnif Trojan uses mouse movements to bypass security efforts by beating sandbox detection. Expert Matthew Pascucci explains how this technique works.  Continue Reading

• Flash's end of life: How should security teams prepare?

  Adobe Flash's end of life is coming, and it includes an incremental removal method, allotting security teams enough time to adjust. Matt Pascucci explains how changes can be made.  Continue Reading

• How does a private bug bounty program compare to a public program?

  Explore the differences of public versus private bug bounty programs, as well as the benefits of each one. Expert Mathew Pascucci explains the risk and return of both programs.  Continue Reading

• WoSign certificates: What happens when Google Chrome removes trust?

  Google Chrome has started removing trust in certificates issued by WoSign. Matthew Pascucci explains this decision and what it means for companies using WoSign certificates.  Continue Reading

• How can peer group analysis address malicious apps?

  Google is using machine learning and peer group analysis to protect against malicious Android apps in the Google Play Store. Matt Pascucci explains how this works.  Continue Reading

• Can the STIX security framework improve threat intelligence sharing?

  Can Structured Threat Information eXpression improve threat intelligence sharing? Nick Lewis breaks down the evolution of the STIX security framework.  Continue Reading

• New WordPress malware: What to do about WP-Base-SEO

  A new type of WordPress malware, WP-Base-SEO, disguises itself as an SEO plug-in that opens backdoors. Nick Lewis explains how it works and how to avoid it.  Continue Reading

• How can a DDoS reflection attack abuse CLDAP?

  A new exploit of CLDAP servers can be used for a DDoS reflection attack that gives attackers a 70x boost. Nick Lewis explains how to defend against this new threat.  Continue Reading

• PINLogger: How does this exploit steal PINs?

  The proof-of-concept PINLogger attack exploits mobile device sensors to steal PINs. Nick Lewis explains how the attack works and offers advice on how to stop it.  Continue Reading

• Hajime IoT worm: Is it pure malware or vigilante malware?

  The Hajime IoT worm aims to help users tighten up security, whether they want to or not, but it's probably not a good security strategy. Expert Nick Lewis explains the risks.  Continue Reading

• How does a Magento Community Edition flaw allow remote attacks?

  As the Magento Community Edition suffers a new zero-day vulnerability, expert Nick Lewis explains how it's being exploited and how to mitigate the cross-site request forgery flaw.  Continue Reading

• Application containers: What are the major risks?

  NIST recently issued guidance on mitigating the security risks of application containers. Expert Judith Myerson outlines some of the risks and fixes highlighted in the guide.  Continue Reading

• How does BrickerBot threaten enterprise IoT devices?

  BrickerBot is similar to other IoT malware like Mirai, Hajime and others. Expert Judith Myerson explains what makes BrickerBot different, and what can be done to defend against it.  Continue Reading