Manage

Topics Archive

• How a Blizzard DNS rebinding flaw put millions of gamers at risk

  A Blizzard DNS rebinding flaw could have put users of its online PC games at risk of attack. Expert Michael Cobb explains how a DNS rebinding attack works and what to do about it. Continue Reading

• Cloud security threats in 2018: Get ahead of the storm

  Consistent security for all data from cloud providers and third-party partners is what many consider the next evolution of cloud. The biggest cloud security threats for most companies, however, result from in-house staff mistakes, lack of patching ... Continue Reading

• Marcus Ranum decodes hardware vulnerabilities with Joe Grand

  Computer hardware designs with dangerous security flaws? That's no surprise to renowned hardware hacker Grand. Continue Reading

• Healthcare CISO: 'Hygiene and patching take you a long way'

  Cybersecurity and healthcare can get along, according to CISO Joey Johnson, who leads the security program at Premise Health, but it takes patience and attention to the details. Continue Reading

• CISO survey paints a grim picture: Weak staff, breach fears

  Roughly 60% of CISOs expect phishing scams, malware disruptions and cyberattacks that cause 'significant downtime' to affect their company in 2018. Continue Reading

• Cost of data privacy breach may not be enough

  While the European Union is taking major steps to protect residents' data privacy, little has happened in the United States, even after Equifax and Facebook.Continue Reading

• Do CISOs need computer science degrees?

  Equifax's CISO came under fire for having a music degree. David Shearer, CEO of (ISC)2, discusses what type of education infosec professionals should have.Continue Reading

• How are logic devices like WAGO PFC200 used by hackers?

  The Department of Homeland Security warned of a vulnerability affecting WAGO PFC200 logic devices. Discover how this flaw enables threat actors with expert Judith Myerson.Continue Reading

• CPE for CISSP: Top 10 ways to master continuing education

  Who says you can't have fun while earning CPE credits to maintain your CISSP certification? Check out the top 10 creative ways to meet CISSP continuing education requirements.Continue Reading

• Zyklon malware: What Microsoft Office flaws does it exploit?

  Zyklon malware targets three previously patched Microsoft Office vulnerabilities. Learn how attackers can access passwords and cryptocurrency wallet data with expert Judith Myerson.Continue Reading

• How can a Moxa MXview vulnerability be exploited by hackers?

  A vulnerability was found in Moxa MXview -- a software used to visualize network devices and physical connections. Learn how this vulnerability can enable privilege escalation.Continue Reading

• Com.google.provision virus: How does it attack Android devices?

  The com.google.provision virus reportedly targets Android users, but little is known about it. Nick Lewis discusses the mystery threat and how Common Malware Enumeration may help.Continue Reading

• Internet Explorer bug: How does it expose address bar info?

  A bug in Microsoft's Internet Explorer update exposes information that users enter into the browser's address bar. Learn more about the bug and URL tracking with Nick Lewis.Continue Reading

• CCleaner malware: How dangerous is it to enterprises?

  A watering hole attack led to CCleaner malware being installed on millions of systems. Nick Lewis explains how the attack worked and why it should concern enterprises.Continue Reading

• Entropy sources: How do NIST rules impact risk assessments?

  NIST recently released new guidance on entropy sources used for random bit generation. Judith Myerson explains these recommendations and how they alter cryptography principles.Continue Reading