Manage

Platform security

• IT and security teams collide as companies work from home

  The new world of remote work has given rise to IT and security teams working more closely than ever before. They need to come together to provide excellent UX and security. Continue Reading

• Employ AI for cybersecurity, reap strong defenses faster

  The cyber arms race is never-ending. Learn how to prevail over advanced attacks by putting the latest intelligent technology to service in your cybersecurity program. Continue Reading

• Windows IIS server hardening checklist

  Use this handy Windows IIS server hardening checklist on the job to ensure your IIS server is deployed safely and stays secure in use. Continue Reading

• How to use and manage BitLocker encryption

  Built into business versions of the Windows OS, Microsoft BitLocker encryption is an integral enterprise encryption tool. Read on to learn how BitLocker works and how to manage it. Continue Reading

• How Big Star Labs was able to use data collecting apps

  The ad-blocking vendor AdGuard found browser extensions and apps from Big Star Labs collecting browser history data. Discover how this was accomplished with Nick Lewis. Continue Reading

• Kronos banking Trojan: How does the new variant compare?

  Proofpoint researchers found a Kronos variant after it targeted victims in Germany, Japan and Poland. Learn how this variant compares to the original banking Trojan with Nick Lewis.Continue Reading

• Why is preloading HTTP Strict Transport Security risky?

  Despite being designed to improve security, infosec experts have warned against preloading the HSTS protocol. Learn about the risks of preloaded HSTS with Judith Myerson.Continue Reading

• Faxploit: How can sending a fax compromise a network?

  Check Point researchers found a fax machine attack allowing attackers to access scanned documents. Discover how this is possible and how users can avoid falling victim.Continue Reading

• Testing applications in production vs. non-production benefits

  To ensure proper application security testing, production and non-production systems should both be tested. In this tip, expert Kevin Beaver weighs the pros and cons.Continue Reading

• How does a Bluetooth vulnerability enable validation attacks?

  Bluetooth devices might be at risk after a new Bluetooth vulnerability was found targeting firmware and operating system software drivers. Learn how it works and can be mitigated.Continue Reading

• How is the Trezor cryptocurrency online wallet under attack?

  A phishing campaign targeting Trezor wallets may have poisoned DNS or hijacked BGP to gain access. Learn how the attack worked and how to mitigate it with expert Nick Lewis.Continue Reading

• SamSam ransomware: How is this version different from others?

  Sophos recently discovered a SamSam extortion code that performs company-wide attacks using a range of vulnerability exploits. Discover how this version differs from past variants.Continue Reading

• BlackTDS: How can enterprise security teams avoid an attack?

  Proofpoint researchers found a bulletproof hosting evolution, BlackTDS, this is believed to be advertised on the dark web. Learn what security teams should know with Nick Lewis.Continue Reading

• IonCube malware: Who do these malicious files put at risk?

  Malicious files posing as legitimate ionCube files were recently found by WordPress and Joomla admins. Learn how the ionCube malware works with expert Nick Lewis.Continue Reading

• Tom Van Vleck on the Multics operating system, security decisions

  Time-sharing systems got a lot right from a security standpoint. "We aimed toward a completely lights-out, 'no chance for mistakes' interface," says the security researcher.Continue Reading

• iOS updates: Why are some Apple products behind on updates?

  A study by Zimperium found that more than 23% of iOS devices aren't running the latest software. Matt Pascucci explains how this is possible, even though Apple controls iOS updates.Continue Reading

• Building a secure operating system with Roger R. Schell

  The 'father' of the Orange Book has first-hand knowledge of the standards required for classified computer systems and the issues with subversion.Continue Reading

• How do the Linux kernel memory protection features on Android work?

  Google has added Linux kernel memory protection and other security measures to the Android OS. Expert Michael Cobb explains how these features work to protect devices.Continue Reading

• Does the AFNetworking library inhibit iOS app security?

  Flaws in the AFNetworking code library threaten iOS app security. Expert Michael Cobb explains how to prevent falling victim to the flaws.Continue Reading

• Samsung vulnerability affects up to 600 million Android devices

  A flaw in the default keyboard found on many Samsung Galaxy Android devices may leave as many as 600 million devices at risk for a man-in-the-middle attack.Continue Reading

• Google's Adrian Ludwig talks about fighting Android threats

  Google is fighting a constant battle against Android malware and vulnerabilities, and Adrian Ludwig, Google's lead for Android security, talks to SearchSecurity about how protections are getting better.Continue Reading

• Microsoft SQL Server 2008 end of life: When's the time to migrate?

  Microsoft SQL Server 2008 reached the end of its mainstream support on July 8, 2014. Michael Cobb explains what this means to enterprise security, as well as how -- and when -- organizations should migrate from the software.Continue Reading