Ask the Experts

Ask the Experts

• What issues can arise from hardware debug exception flaws?

  Misinterpretation of Intel's System Programming Guide resulted in a hardware debug exception vulnerability. Expert Michael Cobb explains how attackers can gain unauthorized access.  Continue Reading

• How does the Android Rowhammer exploit affect users?

  Android Rowhammer is a hardware weakness in older devices that puts users at risk of remote exploits. Expert Michael Cobb explains why it's important to upgrade to newer devices.  Continue Reading

• How does a WDC vulnerability put hardcoded passwords at risk?

  Several vulnerabilities were found in Western Digital's My Cloud, including one that affects the default hardcoded password. Learn how to avoid such risks with expert Nick Lewis.  Continue Reading

• IonCube malware: Who do these malicious files put at risk?

  Malicious files posing as legitimate ionCube files were recently found by WordPress and Joomla admins. Learn how the ionCube malware works with expert Nick Lewis.  Continue Reading

• ATM jackpotting: How does the Ploutus.D malware work?

  Ploutus.D malware recently started popping up in the U.S. after several ATM jackpotting attacks. Discover how this is possible and what banks can do to prevent this with Nick Lewis.  Continue Reading

• SamSam ransomware: How can enterprises prevent an attack?

  SamSam ransomware infected the Colorado DOT after hitting hospitals, city councils and companies. Learn how this version differs from those we've seen in the past.  Continue Reading

• How does Google's new detection model find bad Android apps?

  Malicious apps have been a consistent problem for the Google Play Store, so a new detection model has been released to help clean it up. Learn how this system works with Nick Lewis.  Continue Reading

• What risks does the OpenFlow protocol vulnerability present?

  Researchers found a vulnerability in OpenFlow that can cause problems. Learn how vendor-specific SDN controllers may cause these OpenFlow protocol vulnerabilities.  Continue Reading

• How can a 13-year-old configuration flaw affect SAP systems?

  Cybersecurity vendor Onapsis found a 13-year-old flaw that affects nine out of 10 SAP NetWeaver systems. Learn how the flaw affects SAP systems with expert Judith Myerson.  Continue Reading

• My Cloud EX2: How can this device expose unauthorized data?

  SpiderLabs discovered My Cloud EX2 backup devices exposing unauthorized HTTP requests. Join Judith Myerson as she explains how this happens, as well as the impact on DLNA devices.  Continue Reading

• LG network: How can attackers use preauthenticated commands?

  A vulnerability was found in the LG network involving remote preauthenticated commands. Learn how researchers created a malicious password to show how it issue can be abused.  Continue Reading

• How does an IMSI catcher exploit SS7 vulnerabilities?

  A warning was issued by the Department of Homeland Security regarding the exploitation of SS7 vulnerabilities by IMSI catchers. Learn how this puts mobile communication at risk.  Continue Reading

• How is Oracle Micros POS affected by CVE 2018-2636?

  A security researcher found a security flaw dubbed CVE-2018-2636 that enables the installation of malware on Oracle Micros POS systems. Learn more about the vulnerability.  Continue Reading

• What is missing from the NIST/DHS botnet security report?

  The joint DHS and NIST report on botnet security offers goals and action items to counter distributed cyberthreats. Learn the report recommendations with expert Nick Lewis.  Continue Reading

• Skygofree Trojan: What makes this spyware unique?

  Android malware was discovered by Kaspersky Labs and named Skygofree. This Trojan targets smartphones and tablets using spyware and gathers user information and app data.  Continue Reading