Ask the Experts

Ask the Experts

Web security tools and best practices

• How to prevent software piracy

  Pirated software is still a major concern nowadays. Uncover how to prevent software piracy and protect your organization's intellectual property.  Continue Reading

• 7 TCP/IP vulnerabilities and how to prevent them

  While many TCP/IP security issues are in the protocol suite's implementation, there are some vulnerabilities in the underlying protocols to be aware of.  Continue Reading

• Comparing Diffie-Hellman vs. RSA key exchange algorithms

  See which encryption method uses digital signatures, symmetric key exchanges, bulk encryption and much more in this Diffie-Hellman vs. RSA showdown.  Continue Reading

• What's the purpose of CAPTCHA technology and how does it work?

  Learn about the purpose of CAPTCHA challenges that enable websites to differentiate bots from authentic users to stop spammers from hijacking forums and blog comment sections.  Continue Reading

• How can developers avoid a Git repository security risk?

  Learn how managing web development content with the popular version control system can be risky without taking action to avoid these basic Git repository security risks.  Continue Reading

• How can credential stuffing attacks be detected?

  Credential stuffing attacks can put companies that offer online membership programs, as well as their customers, at risk. Find out how to proactively manage the threat.  Continue Reading

• How did Browser Reaper cause browsers to crash?

  A Mozilla vulnerability duplicated in the Browser Reaper set of DoS proofs of concept caused Chrome, Firefox and Safari to crash. Learn why and how this occurred.  Continue Reading

• How does cross-site tracking increase security risks?

  Mozilla's Firefox 63 automatically blocks tracking cookies and other site data from cross-site tracking. Learn what this is and what the benefits of blocking it are with Nick Lewis.  Continue Reading

• Java deserialization attacks: What are they and how do they work?

  The TP-Link EAP Controller for Linux was recently found to be vulnerable to attacks. Learn from Judith Myerson what this means for users and how it can be prevented.  Continue Reading

• How did WhatsApp vulnerabilities get around encryption?

  WhatsApp vulnerabilities can enable hackers to bypass end-to-end encryption and spoof messages. Expert Michael Cobb explains how these attacks work and how to prevent them.  Continue Reading

• How does TLS 1.3 differ from TLS 1.2?

  Compared to TLS 1.2, TLS 1.3 saw improvements in security, performance and privacy. Learn how TLS 1.3 eliminated vulnerabilities using cryptographic algorithms.  Continue Reading

• What are the security risks of third-party app stores?

  Unlike most apps developed in app stores, users can download Fortnite from Epic Games' website. Expert Michael Cobb explains the security risks of third-party app stores.  Continue Reading

• How was Kea DHCP v1.4.0 affected by a security advisory?

  Kea, an open source DHCP server, was issued a medium security advisory for a flaw that causes memory leakage in version 1.4.0. Discover the workarounds with Judith Myerson.  Continue Reading

• How does a WDC vulnerability put hardcoded passwords at risk?

  Several vulnerabilities were found in Western Digital's My Cloud, including one that affects the default hardcoded password. Learn how to avoid such risks with expert Nick Lewis.  Continue Reading

• How can a 13-year-old configuration flaw affect SAP systems?

  Cybersecurity vendor Onapsis found a 13-year-old flaw that affects nine out of 10 SAP NetWeaver systems. Learn how the flaw affects SAP systems with expert Judith Myerson.  Continue Reading

• What is missing from the NIST/DHS botnet security report?

  The joint DHS and NIST report on botnet security offers goals and action items to counter distributed cyberthreats. Learn the report recommendations with expert Nick Lewis.  Continue Reading

• How did a Navarino Infinity flaw expose unauthenticated scripts?

  Navarino Infinity, a satellite communication system, found and fixed a flaw that exposed an unauthenticated script. Discover what threats this flaw enabled with Judith Myerson.  Continue Reading

• How can cryptojacking attacks in Chrome be stopped?

  Google instituted an aggressive ban on all cryptomining extensions for Chrome after cryptojacking attacks started to become more common. Learn how the ban works with Michael Cobb.  Continue Reading

• How did an old, unpatched Firefox bug expose master passwords?

  A Firefox bug went undetected for nine years. Expert Michael Cobb explains how it enabled attackers to access the browser's master password and what's being done to mitigate it.  Continue Reading

• Microsoft CredSSP: How was it exploited by CVE-2018-0886?

  The CVE-2018-0886 vulnerability found within Microsoft's CredSSP was recently patched. Discover what this vulnerability is and how it affects the CredSSP protocol with Judith Myerson.  Continue Reading

• How can a text editor plug-in enable privilege escalation?

  Developers use text editors to enhance efficiency in the workplace even though they require vulnerable third-party plug-ins. Discover these vulnerabilities with Judith Myerson.  Continue Reading

• How are air-gapped computers put at risk by the Mosquito attack?

  Researchers recently discovered Mosquito -- an air-gapped attack that bites computers to put air-gapped networks at risk. Discover the logistics of this technique with Judith Myerson.  Continue Reading

• How did the Panera Bread website expose customers?

  Panera Bread website users were put at risk after a security researcher discovered a vulnerability relating to a lack of authentication for their publicly available API endpoint.  Continue Reading

• How can domain generation algorithms be used to bypass ad blockers?

  An ad network used domain generation algorithms to bypass ad blockers and launch cryptomining malware. Expert Michael Cobb explains how and the best way to prevent these attacks.  Continue Reading

• What risks do untrusted certificates pose to enterprises?

  Researchers found that untrusted certificates are still used on many major websites. Expert Michael Cobb discusses the security risks of sticking with these certificates.  Continue Reading

• How did an Electron framework flaw put Slack at risk?

  An Electron framework flaw put users of Slack, Skype and other big apps at risk. Expert Michael Cobb explains how this remote code execution flaw works and how to prevent it.  Continue Reading

• How can a Moxa MXview vulnerability be exploited by hackers?

  A vulnerability was found in Moxa MXview -- a software used to visualize network devices and physical connections. Learn how this vulnerability can enable privilege escalation.  Continue Reading

• Internet Explorer bug: How does it expose address bar info?

  A bug in Microsoft's Internet Explorer update exposes information that users enter into the browser's address bar. Learn more about the bug and URL tracking with Nick Lewis.  Continue Reading

• How can improper certificate pinning be stopped by the Spinner tool?

  Researchers developed a tool to help prevent improper certificate pinning that causes security issues. Expert Michael Cobb reviews the issue and the Spinner tool.  Continue Reading

• The Keeper browser extension flaw: How can users stay secure?

  The Keeper browser extension had a vulnerability that highlighted security issues with password managers. Expert Michael Cobb looks at how to avoid security flaws in these tools.  Continue Reading

• Uber breach: How did a private GitHub repository fail Uber?

  The recent Uber breach calls into question the use of code repositories. Expert Matt Pascucci explains how the breach of GitHub and Amazon Web Services occurred.  Continue Reading

• How did OurMine hackers use DNS poisoning to attack WikiLeaks?

  The OurMine hacking group recently used DNS poisoning to attack WikiLeaks and take over its web address. Learn how this attack was performed from expert Nick Lewis.  Continue Reading

• Typosquatting: How did threat actors access NPM libraries?

  Typosquatting was used by threat actors to spread malware in the NPM registry. Learn from expert Nick Lewis how this method was used and what it means for users.  Continue Reading

• Antivirus tools: Are two programs better than one?

  Antivirus software is crucial to your device's security. However, less is often more, especially when considering a secondary free antivirus program. Nick Lewis explains why.  Continue Reading

• Katyusha Scanner: How does it work via a Telegram account?

  The Katyusha Scanner is based on the open source penetration test scanner Arachni. However, it has been modified to work through Telegram accounts. Nick Lewis explains how it works.  Continue Reading

• Public key pinning: Why is Google switching to a new approach?

  After introducing HTTP Public Key Pinning to the internet two years ago, the upcoming Chrome will replace it with the Expect-CT header. Matt Pascucci explains the switch.  Continue Reading

• Advanced Protection Program: How has Google improved security?

  Google added a layer to its account security system with Advanced Protection Program. Matt Pascucci explains how individuals can better defend themselves from malicious actors.  Continue Reading

• Canvas fingerprinting: How does it compromise security?

  Mozilla recently decided to pull the HTML canvas element from the Firefox browser. Learn from expert Matt Pascucci what this means for the security and privacy of users.  Continue Reading

• OneLogin data breach: What does the attack mean for SSOs?

  A OneLogin data breach affected all of the company's U.S. customers after threat actors abused an Amazon Web Services API. Discover what this means for customers and SSO companies.  Continue Reading

• HTTP Strict Transport Security: What are the security benefits?

  Google's use of HTTP Strict Transport Security aims to improve web browsing security. Expert Judith Myerson explains how HSTS can make the internet more secure.  Continue Reading

• How can hackers use subtitle files to control endpoint devices?

  New media player vulnerabilities have been exposed that enable hackers to use subtitle files to control devices. Expert Judith Myerson explains how this happens.  Continue Reading

• Flash's end of life: How should security teams prepare?

  Adobe Flash's end of life is coming, and it includes an incremental removal method, allotting security teams enough time to adjust. Matt Pascucci explains how changes can be made.  Continue Reading

• WoSign certificates: What happens when Google Chrome removes trust?

  Google Chrome has started removing trust in certificates issued by WoSign. Matthew Pascucci explains this decision and what it means for companies using WoSign certificates.  Continue Reading

• How does a Magento Community Edition flaw allow remote attacks?

  As the Magento Community Edition suffers a new zero-day vulnerability, expert Nick Lewis explains how it's being exploited and how to mitigate the cross-site request forgery flaw.  Continue Reading

• How can the Jenkins vulnerabilities in plug-ins be mitigated?

  A wave of Jenkins vulnerabilities related to plug-ins were recently discovered. Expert Judith Myerson explains the flaws and how enterprises should mitigate them.  Continue Reading

• Are long URLs better for security than short URLs?

  Shortened URLs are weak on security and easy for attackers to inject with malware. Expert Judith Myerson discusses how long URLs are more secure, despite the inconvenience.  Continue Reading

• What tools can bypass Google's CAPTCHA challenges?

  The ReBreakCaptcha exploit can bypass Google's reCAPTCHA verification system using flaws in Google's own API. Expert Michael Cobb explains how the attack works.  Continue Reading

• How did a Moodle security vulnerability enable remote code execution?

  A series of logic flaws in Moodle enabled attackers to remotely execute code on servers. Expert Michael Cobb explains how the Moodle security vulnerability can be exploited.  Continue Reading

• ASLR side-channel attack: How is JavaScript used to bypass protection?

  Researchers have developed an ASLR Cache side-channel attack that enables them to eliminate ASLR protections. Expert Nick Lewis explains how JavaScript code is used in the attack.  Continue Reading

• How are forged cookies used in attacks on online user accounts?

  Yahoo claimed a vulnerability in its email service enabled attackers to use forged cookies to gain access to user accounts. Expert Michael Cobb explains what forged cookies are and how they are used in attacks  Continue Reading

• Ticketbleed flaw: How can SSL session identities be protected?

  The Ticketbleed flaw in F5 Networks' BIG-IP appliances leaks uninitialized memory and SSL session identities. Expert Michael Cobb explains how enterprises can mitigate it.  Continue Reading

• WordPress REST API flaw: How did it lead to widespread attacks?

  A REST API endpoint vulnerability enabled attacks on 1.5 million sites running WordPress. Expert Michael Cobb explains how this vulnerability works and how to prevent attacks.  Continue Reading

• How are hackers using Unicode domains for spoofing attacks?

  A proof of concept showed that hackers can use Unicode domains to make phishing sites look legitimate. Expert Matthew Pascucci explains how this spoofing attack works.  Continue Reading

• What are the challenges of migrating to HTTPS from HTTP?

  Migrating to HTTPS from HTTP is a good idea for security, but the process can be a challenge. Expert Matthew Pascucci explains how to make it easier for enterprises.  Continue Reading

• Why do HTTPS interception tools weaken TLS security?

  HTTPS interception tools help protect websites, but they can also hurt TLS security. Expert Judith Myerson explains how this works and what enterprises can do about it.  Continue Reading

• Adobe Acrobat Chrome extension: What are the risks?

  An Adobe Acrobat extension was automatically installed onto users' Chrome browsers during an update. Expert Michael Cobb explains the problems that existed with the extension.  Continue Reading

• Cisco WebEx extension flaw: How does the patch fall short?

  Cisco's WebEx extension flaw was patched to prevent remote code execution from all but WebEx sites. Expert Michael Cobb explains how this flaw could still introduce risk to users.  Continue Reading

• Domain validation certificates: What are the security issues?

  Let's Encrypt domain validation certificates had some security issues. Expert Matthew Pascucci explains how DV certificates work and what the issues were.  Continue Reading

• How does the Stegano exploit kit use malvertising to spread?

  A malvertising campaign by the AdGholas group has been found spreading the Stegano exploit kit. Expert Nick Lewis explains how web advertisements are used in this attack.  Continue Reading

• Same-origin policy: How did Adobe Flash Player's implementation fail?

  The same-origin security feature in Adobe Flash Player was implemented incorrectly, allowing local attackers to spy on users. Expert Michael Cobb explains how this flaw occurred.  Continue Reading

• How does Ticketbleed affect session ID security?

  The Ticketbleed bug in some F5 Networks products caused session IDs and uninitialized memory to leak. Expert Judith Myerson explains what a session ID is and how attackers use it.  Continue Reading

• How does Nemucod malware get spread through Facebook Messenger?

  The Nemucod downloader malware is being spread through Facebook Messenger disguised as an image file. Expert Nick Lewis explains the available protections against this attack.  Continue Reading

• SHA-1 certificates: How will Mozilla's deprecation affect enterprises?

  Mozilla browser users will encounter 'untrusted connection' errors if they use SHA-1 signed certificates. Expert Michael Cobb explains why, and what enterprises can do.  Continue Reading

• HTTP public key pinning: Is the Firefox browser insecure without it?

  HTTP public key pinning, a security mechanism to prevent fraudulent certificates, was not used by Firefox, and left it open to attack. Expert Michael Cobb explains how HPKP works.  Continue Reading

• How are hackers using Twitter as C&C servers for malware?

  C&C servers have been replaced with Twitter accounts, which spread the Android Trojan Twitoor to user devices. Expert Michael Cobb explains how to stop this attack.  Continue Reading

• How did Ammyy Admin software get repeatedly abused by malware?

  The remote administration Ammyy Admin software was repeatedly found to be spreading different types of malware. Expert Nick Lewis explains how enterprises should protect themselves.  Continue Reading

• CryptXXX: How does this ransomware spread through legitimate websites?

  The CryptXXX ransomware has been spreading through compromised legitimate websites that redirect to malicious sites. Expert Nick Lewis explains how this happens with WordPress.  Continue Reading

• How can an HTTPS session get hijacked with the Forbidden attack?

  An HTTPS session with a reused nonce is vulnerable to the Forbidden attack. Expert Nick Lewis explains how the attack works, and how to properly secure HTTPS-authenticated sites.  Continue Reading

• Rowhammer exploit: Are Microsoft Edge browser users at risk?

  The Rowhammer and memory deduplication attack enables read and write access to Microsoft Edge browsers. Expert Nick Lewis explains how to mitigate this threat.  Continue Reading

• How can web shells be used to exploit security tools and servers?

  A web shell from the JexBoss security tool was used to exploit servers through an unpatched JBoss vulnerability. Expert Michael Cobb explains how to prevent similar attacks.  Continue Reading

• Is the BREACH attack update a threat to Gmail security?

  The BREACH attack has been updated to perform faster data theft. Expert Nick Lewis explains the differences in this attack and the threat level for organizations that use Gmail.  Continue Reading

• Secure web browser options: Does Firefox or Chrome fare better?

  Crowning the most secure web browser is difficult, with research often turning up biased results. Expert Michael Cobb explains how to make a choice based on different surveys.  Continue Reading

• Session cookies: When should they be protected by a salted hash?

  Is cookie encryption enough to protect sensitive information? Expert Michael Cobb explains how salted hashes can prevent attacks, and the secure way to use cookies.  Continue Reading

• Oracle Java browser plug-in: How will its death affect enterprises?

  Oracle is killing off the Java browser plug-in due to security risks. Expert Michael Cobb explains the next steps for enterprises with Java-based applications.  Continue Reading

• ProxyBack malware: How does it affect Internet proxies?

  ProxyBack malware turns infected user systems into Internet proxies, which can obfuscate the attack source. Expert Nick Lewis explains how the malware works, and its purpose.  Continue Reading

• How did AVG Web TuneUp expose user data?

  The AVG Web TuneUp browser extension, advertised as a way to control user privacy, exposed Chrome users' personal data. Expert Michael Cobb explains how this happened.  Continue Reading

• How can Vonteera adware be prevented from disabling antimalware?

  Vonteera adware has the ability to disable antimalware software on endpoint devices. Expert Nick Lewis explains how enterprises can prevent this attack.  Continue Reading

• What HTML5 security measures do enterprises need to take?

  With HTML5 taking over as the preferred technology over Adobe Flash, Flash content's days are numbered. Expert Michael Cobb discusses HTML5 security and features for developers.  Continue Reading

• Can Firefox tracking protection improve private browsing?

  Firefox aims to improve private browsing with a new tracking protection feature. Expert Michael Cobb explains how the feature works.  Continue Reading

• How can enterprises prevent ASLR bypass flaws?

  Microsoft won't patch certain ASLR bypass flaws, but enterprises still need to protect against them. Expert Nick Lewis explains the threat and how to avoid it.  Continue Reading

• How does a new malware obfuscation technique use HTML5?

  A new malware obfuscation technique uses HTML5 to prevent detection of drive-by downloads. Expert Nick Lewis explains the technique and what enterprises can do about it.  Continue Reading

• How does CSIM hijack e-commerce traffic?

  Client-side injection malware, or CSIM, can manipulate how Web advertisements are served on a user's browser. Expert Nick Lewis explains how this happens and how enterprises can stop CSIM.  Continue Reading

• Should the RC4 cipher still be used in enterprises?

  A newly discovered attack can break the RC4 cipher and decrypt user cookies. Expert Michael Cobb explains the attack and the relevance of RC4 in enterprises today.  Continue Reading

• Should enterprises use the Let's Encrypt open certificate authority?

  Let's Encrypt, a new open certificate authority, is coming soon. Expert Michael Cobb explores the merits of using free and open CAs and whether or not enterprises should explore them.  Continue Reading

• How can address bar spoofing vulnerabilities be prevented?

  Address bar spoofing attacks can be detrimental to an organization. Expert Michael Cobb details several vulnerabilities and explains how to defend against the threat.  Continue Reading

• Can Google's Chrome extension policy improve Web security?

  The updated Chrome extension policy allows users and developers to only install extensions from the Chrome Web Store. Learn how this affects security and enterprise apps.  Continue Reading

• How can stealthy SSL attacks be detected and mitigated?

  SSL attacks "in stealth mode" are helping attackers avoid detection and analysis. Expert Nick Lewis explains how to discover and defend against the threat.  Continue Reading

• Does analyzing motion for mobile malware detection work?

  Motion and gestures are being used for mobile malware detection on smartphones. Learn how this method works and whether it is a worthy addition to an enterprise security strategy.  Continue Reading

• XSS vs. XSSI: What is cross-site script inclusion?

  Expert Michael Cobb explains the difference between cross-site scripting and cross-site scripting inclusion (XSSI) flaws.  Continue Reading

• Can a subscription ease SSL certificate management?

  SSL subscription services are emerging to help enterprises handle the daunting task of SSL certificate management. Expert Michael Cobb discusses the benefits of such a service.  Continue Reading

• Can opportunistic encryption improve browser security?

  Opportunistic encryption offers encryption for servers that don't support HTTPS. Expert Michael Cobb explains how it works and how it can help Web security.  Continue Reading

• How can enterprises prevent same-origin policy XSS vulnerabilities?

  Researchers warned about the rise of a new cross-site scripting flaw involving same-origin policy. Expert Nick Lewis explains the vulnerability and how to prevent falling victim.  Continue Reading

• How can malicious software wrapping be avoided?

  Malware authors are adopting software wrapping to hide malicious code and avoid detection. Expert Nick Lewis explains how to defend against the threat.  Continue Reading

• How can enterprises defend against digitally signed malware?

  Malicious software using legitimate digital certificates is reportedly on the rise. Expert Nick Lewis explains how to mitigate the risks of digitally signed malware.  Continue Reading

• How can power consumption-tracking malware be avoided?

  Malware authors are using power consumption tracking-malware to eavesdrop on and attack mobile devices. Expert Nick Lewis explains the threat and how to defend against it.  Continue Reading

• What is domain shadowing and how can enterprises defend against it?

  Exploit kits and malware attacks have adopted a technique called domain shadowing to stay ahead of the game. Learn what domain shadowing is and how to defend against attacks using it.  Continue Reading

• Is Project Shumway a viable enterprise option to replace Flash?

  Mozilla's Project Shumway was designed to replace the security-troubled Flash Player, so should it be on an enterprise's radar? Expert Michael Cobb discusses.  Continue Reading

• Do third-party DNS providers pose security risks?

  Third-party DNS providers claim to improve browsing times and speeds, but are they a secure enterprise option? Expert Michael Cobb explains.  Continue Reading

• What are the compliance requirements for Web application firewalls?

  Web application firewalls may be a way to better security, but organizations need to be aware of the compliance implications of WAFs.  Continue Reading

• Can a walled garden approach help secure Web browsers?

  While a walled garden can help secure Web browsers, they are not seen as beneficial by all. Expert Michael Cobb explains why.  Continue Reading