Ask the Experts

Ask the Experts

Risk assessments, metrics and frameworks

• How does the MnuBot banking Trojan use unusual C&C servers?

  IBM X-Force found MnuBot -- a new banking Trojan -- manipulating C&C servers in an unusual way. Learn how this is possible and how this malware differs from those in the past.  Continue Reading

• Vulnerability scans: How effective are they for web apps?

  Equifax's Apache Struts vulnerability was an example of a scan not being read correctly. Kevin Beaver explains vulnerability scans and how issues can be missed by security teams.  Continue Reading

• How can the Dirty COW vulnerability be used to attack Android devices?

  A copy-on-write vulnerability known as 'Dirty COW' was found in the Linux kernel of Android devices. Expert Michael Cobb explains the risks of this attack.  Continue Reading

• How can enterprises leverage Google's Project Wycheproof?

  Google's Project Wycheproof tests crypto libraries for known vulnerabilities, but there are potential drawbacks to this tool. Expert Matthew Pascucci explains them.  Continue Reading

• How can two-factor authentication systems be used effectively?

  Two-factor authentication systems require more than using codes sent through SMS and smart cards. Expert Michael Cobb explains how to properly and effectively implement 2FA.  Continue Reading

• Why are cybersecurity KPIs important for enterprises to determine?

  Cybersecurity KPIs are important for enterprises to determine when setting up a security program. Expert Mike O. Villegas discusses why and what a KPI for security should be.  Continue Reading

• Irongate malware: What are the risks to industrial control systems?

  The Irongate malware has been discovered to have similar functionality to Stuxnet. Expert Nick Lewis explains how enterprises can protect their ICS and SCADA systems.  Continue Reading

• How can APT groups be stopped from exploiting a Microsoft Office flaw?

  APT groups have been continuously exploiting a flaw in Microsoft Office, despite it having been patched. Expert Nick Lewis explains how these attacks work and how to prevent them.  Continue Reading

• Rowhammer exploit: Are Microsoft Edge browser users at risk?

  The Rowhammer and memory deduplication attack enables read and write access to Microsoft Edge browsers. Expert Nick Lewis explains how to mitigate this threat.  Continue Reading

• SAP vulnerability: Why didn't the patch work correctly?

  An old SAP vulnerability that enabled remote administrative access was found to be ineffectually patched. Expert Nick Lewis explains how enterprises can secure their systems.  Continue Reading

• What are the new CFTC regulations on cybersecurity testing?

  The proposed CFTC regulations on cybersecurity testing are set to finalize in 2016. Expert Mike Chapple discusses the effects these regulations have on IT-reliant trading firms.  Continue Reading

• How can security automation tools keep organizations protected?

  Sometimes security teams fall into 'set and forget' habits with security automation. Expert Mike O. Villegas explains how to take advantage of automation while staying secure.  Continue Reading

• CVSS v3.0: What does Oracle's move mean for vulnerability assessment?

  Oracle has moved from using a modified version of CVSS v2.0 to CVSS v3.0. Expert Michael Cobb explains criticism of the old version, and the changes in vulnerability scoring in v3.0.  Continue Reading

• How can IP devices like multifunction printers and faxes be secured?

  IP devices like multifunction printers and faxes may be an attack vector. Expert Nick Lewis explains the vulnerabilities, and how to secure them against attacks.  Continue Reading

• Does mass scanning of the internet do more harm than good?

  Mass scanning of the internet can reveal how pervasive a vulnerability is. Expert Michael Cobb explains how these scans work and what the arguments for and against them are.  Continue Reading