Ask the Experts

Ask the Experts

• How bad is the iBoot source code leak for Apple security?

  The iBoot source code on Apple devices was leaked to the public on GitHub. Expert Michael Cobb explains how it happened and what the implications are for iOS security.  Continue Reading

• How has a Broadcom flaw affected the Lenovo ThinkPad?

  A previously disclosed flaw found in Broadcom's Wi-Fi controller chips is now believed to affect the Lenovo ThinkPad. Learn how this vulnerability works with expert Judith Myerson.  Continue Reading

• How do BGP flaws affect Quagga routing software?

  Multiple Border Gateway Protocol vulnerabilities were found impacting security in the Quagga routing software. Expert Judith Myerson explains how these flaws impact systems.  Continue Reading

• How are Linear eMerge E3 systems vulnerable to attacks?

  ICS-CERT issued a warning about a new vulnerability in Nortek Linear eMerge E3 products. Discover what this vulnerability is and how it affects access control for enterprises.  Continue Reading

• How was a Cisco firewall vulnerability exploited by threat actors?

  Threat actors exploited a critical Cisco firewall vulnerability that received a CVSS score of 10. Discover how this flaw works and how it was exploited with Judith Myerson.  Continue Reading

• How did Strava's Global Heatmap disclose sensitive U.S. info?

  Fitness tracking app Strava released its Global Heatmap that unknowingly disclosed routes of U.S. soldiers. Discover how this happened and how geolocation data can be blocked.  Continue Reading

• How does the Terror exploit kit spread through malicious ads

  Zscaler recently discovered a malvertising campaign that spreads the Terror exploit kit through malicious ads. Discover more about the threat with expert Nick Lewis.  Continue Reading

• SSH private keys: How do threat actors find exposed keys?

  Cybersecurity vendor Wordfence reported a rise in scans for SSH private keys that are often accidentally exposed to the public. Learn how to stay protected with Nick Lewis.  Continue Reading

• How does a DDE attack exploit Microsoft Word functionality?

  The SANS Internet Storm Center discovered a DDE attack spreading Locky ransomware through Microsoft Word. Learn what a DDE attack is and how to mitigate it with expert Nick Lewis.  Continue Reading

• How does the KRACK vulnerability use encryption keys?

  The KRACK vulnerability was found in the WPA2 protocol for wireless networks and it enables attackers to crack encrypted connections. Learn how it works from Nick Lewis.  Continue Reading

• Bad Rabbit ransomware: How does it compare to other variants?

  Bad Rabbit ransomware mimics other recent ransomware variants, such as NotPetya. Discover the similarities and differences between the two with expert Nick Lewis.  Continue Reading

• How will the new WPA3 protocol strengthen password security?

  The development of WPA3 helps advance Wi-Fi protocol, as the next generation of Wi-Fi-enabled devices begins to demand more. Expert Michael Cobb explains how it differs from WPA2.  Continue Reading

• IoT botnets: How are new Mirai variants impacting systems?

  An increase of IoT botnets has been seen since the Mirai malware source code was leaked. Learn how the new variants pose to be a serious threat to IoT devices with Michael Cobb.  Continue Reading

• How were Android Pixel vulnerabilities exploited?

  Android Pixel vulnerabilities could open the smartphone up to attack. Expert Michael Cobb explains the vulnerabilities and how to defend against them.  Continue Reading

• How did an Electron framework flaw put Slack at risk?

  An Electron framework flaw put users of Slack, Skype and other big apps at risk. Expert Michael Cobb explains how this remote code execution flaw works and how to prevent it.  Continue Reading