Ask the Experts

Ask the Experts

• What are the best ways to prevent a SIM swapping attack?

  SIM swapping is on the rise as the use of mobile devices increases. Discover what SIM swaps are, how they work and how they can be mitigated.  Continue Reading

• How can synthetic clicks aid a privilege escalation attack?

  An Apple security expert introduced the concept of synthetic clicks, which can bypass privilege escalation defenses. Find out how this new attack technique works with Nick Lewis.  Continue Reading

• How does cross-site tracking increase security risks?

  Mozilla's Firefox 63 automatically blocks tracking cookies and other site data from cross-site tracking. Learn what this is and what the benefits of blocking it are with Nick Lewis.  Continue Reading

• How can attacks bypass Windows Driver Signature Enforcement?

  Security researchers demonstrated how a new fileless attack technique can bypass a Windows kernel protection feature at Black Hat 2018. Find out how the technique works.  Continue Reading

• Man-in-the-disk attack: How are Android products affected?

  Researchers from Check Point announced a new attack at Black Hat 2018 that targets Android devices. Discover how this attack works and how devices should be protected with Nick Lewis.  Continue Reading

• Java deserialization attacks: What are they and how do they work?

  The TP-Link EAP Controller for Linux was recently found to be vulnerable to attacks. Learn from Judith Myerson what this means for users and how it can be prevented.  Continue Reading

• Ping of death: What is it and how is Apple affected?

  An Apple vulnerability recently resurfaced and is targeting Apple devices that are connected to public hotspots. Discover what this vulnerability is and how to protect your devices.  Continue Reading

• Network shaping: How does it enable BGP attacks to divert data

  The use of BGPsec protocols was found after looking into threat actors in China that controlled U.S. internet traffic. Discover how this technique works and how it can be mitigated.  Continue Reading

• How was a credit card skimmer used to steal data from Newegg?

  Researchers believe that malicious JavaScript code was used to steal credit card data from online retailer Newegg. Learn more about this attack with Judith Myerson.  Continue Reading

• How can an authentication bypass vulnerability be exploited?

  A vulnerability was found in Western Digital's My Cloud NAS device that can be easily exploited by hackers. Discover what this vulnerability is and how users can be protected.  Continue Reading

• How is SamSam ransomware using a manual attack process?

  Sophos researchers believe the SamSam ransomware campaign could be the work of one or a few threat actors using manual techniques. Learn how it works and if recovery is possible.  Continue Reading

• Ticketmaster breach: How did this card skimming attack work?

  The hacking group Magecart was recently found to have run a card skimming campaign that put customer information at risk. Learn how this attack worked from Nick Lewis.  Continue Reading

• GandCrab ransomware: How does it differ from previous versions?

  A new version of GandCrab was discovered by researchers in July 2018 and involves the use of legacy systems. Learn how this version differs and who is at risk with Nick Lewis.  Continue Reading

• How Big Star Labs was able to use data collecting apps

  The ad-blocking vendor AdGuard found browser extensions and apps from Big Star Labs collecting browser history data. Discover how this was accomplished with Nick Lewis.  Continue Reading

• Kronos banking Trojan: How does the new variant compare?

  Proofpoint researchers found a Kronos variant after it targeted victims in Germany, Japan and Poland. Learn how this variant compares to the original banking Trojan with Nick Lewis.  Continue Reading