Ask the Experts

Ask the Experts

• How does a WebKit framework flaw enable denial-of-service attacks?

  A vulnerability in Apple's WebKit framework allows attackers to initiate phone calls through mobile apps on victims' devices. Expert Michael Cobb explains how the attack works.  Continue Reading

• How did firmware create an Android backdoor in budget devices?

  An Android backdoor was discovered in the Ragentek firmware used in almost three million low-cost devices. Expert Michael Cobb explains how to prevent attacks on affected devices.  Continue Reading

• How did vulnerabilities in AirWatch Agent and Inbox work?

  Flaws in AirWatch Agent and AirWatch Inbox allowed rooted devices to bypass the software's security measures. Expert Matthew Pascucci explains how these vulnerabilities worked.  Continue Reading

• How does a U2F security key keep Facebook users safe?

  Universal second factor devices can be used to strengthen authentication on major websites such as Facebook. Expert Matthew Pascucci explains how U2F works.  Continue Reading

• How can users tell if Windows SMB v1 is on their systems?

  US-CERT encouraged users to use newer versions of Windows SMB, since version one is out of date. Expert Matthew Pascucci explains how to tell if SMB v1 is on your systems.  Continue Reading

• How do identity governance and access management systems differ?

  Identity governance and access management systems overlap naturally, but they are still distinct. Expert Matthew Pascucci explains the difference between these two aspects of IAM.  Continue Reading

• How does the Locky ransomware file type affect enterprise protection?

  Locky ransomware has, again, changed tactics by moving to using LNK files for distribution. Expert Nick Lewis explains how enterprises can adjust protections for this shift.  Continue Reading

• Hajime malware: How does it differ from the Mirai worm?

  Hajime malware was discovered to have links to the Mirai botnet that launched powerful DDoS attacks last year. Expert Nick Lewis explains how Hajime differs from Mirai.  Continue Reading

• How does the Drammer attack exploit ARM-based mobile devices?

  Drammer, or a deterministic Rowhammer attack, was found to be more effective on ARM-based mobile devices. Expert Nick Lewis explains the issue with ARM processors.  Continue Reading

• How can attackers turn Instagram into C&C infrastructure?

  An Instagram application can be turned into C&C infrastructure with the help of image steganography malware attacks. Expert Nick Lewis explains how this works.  Continue Reading

• Pork Explosion Android flaw: How is it used to create a backdoor?

  The Pork Explosion vulnerability present in some Foxconn-created app bootloaders can be used to create an Android backdoor. Expert Nick Lewis explains how the flaw works.  Continue Reading

• Can CISOs facilitate peace between privacy and information security?

  Privacy and information security can often be at odds with each other in enterprises. Expert Mike O. Villegas explains how C-levels can help to get the two to work in harmony.  Continue Reading

• How can CISOs strengthen communications with cybersecurity staff?

  Effective CISO communications are key to fostering a healthy relationship with the cybersecurity staff. Expert Mike O. Villegas reviews some ways to build that relationship.  Continue Reading

• What effect does a federal CISO have on government cybersecurity?

  The brief tenure of a federal CISO in the U.S. government recently came to an end. Expert Mike O. Villegas discusses the effect this has on the U.S. cybersecurity posture.  Continue Reading

• What are some best practices for reporting ransomware attacks?

  Enterprises are advised to start reporting ransomware attacks, but are there risks? Expert Mike O. Villegas discusses whether organizations are obligated to report attacks.  Continue Reading