Manage

Manage

Learn to apply best practices and optimize your operations.

• Microsoft CredSSP: How was it exploited by CVE-2018-0886?

  The CVE-2018-0886 vulnerability found within Microsoft's CredSSP was recently patched. Discover what this vulnerability is and how it affects the CredSSP protocol with Judith Myerson. Continue Reading

• federated identity management

  Federated identity management (FIM) is an arrangement that can be made between multiple enterprises to let subscribers use the same identification data to obtain access to the networks of all the enterprises in the group. Continue Reading

• Insider threats: Preventing intellectual property theft

  IP theft is often committed by insiders or disgruntled employees who feel entitled to information. Peter Sullivan explains the threat and how to prevent these insider attacks. Continue Reading

• How can a text editor plug-in enable privilege escalation?

  Developers use text editors to enhance efficiency in the workplace even though they require vulnerable third-party plug-ins. Discover these vulnerabilities with Judith Myerson. Continue Reading

• How are air-gapped computers put at risk by the Mosquito attack?

  Researchers recently discovered Mosquito -- an air-gapped attack that bites computers to put air-gapped networks at risk. Discover the logistics of this technique with Judith Myerson. Continue Reading

• How did the Panera Bread website expose customers?

  Panera Bread website users were put at risk after a security researcher discovered a vulnerability relating to a lack of authentication for their publicly available API endpoint.Continue Reading

• How white hat hackers can tell you more than threat intelligence

  White hat hackers can play a key role in assessing threats lurking on the dark web. Discover what traditional threat intelligence isn't telling you and how white hats can help.Continue Reading

• How does UBoatRAT use Google services and GitHub to spread?

  A new remote access Trojan called UBoatRAT was found spreading via Google services and GitHub. Learn how spotting command-and-control systems can protect enterprises with Nick Lewis.Continue Reading

• How to use the OODA loop to improve network security

  The OODA loop can be used to establish cyber deception against hackers to improve network security. Learn the OODA steps and how they can be applied to security with Kevin Fiscus.Continue Reading

• Golden SAML: How can it abuse SAML authentication protocol?

  CyberArk researchers created an attack called Golden SAML that uses Mimikatz techniques and applied it to a federated environment. Learn more about the attack with Nick Lewis.Continue Reading

• Scarab ransomware: How do botnets alter ransomware threats?

  The use of botnets to spread Scarab ransomware intensifies the threat for enterprises. Discover the best way to respond to such a threat and protect data with Nick Lewis.Continue Reading

• Application security programs: Establishing reasonable requirements

  Creating security program requirements can be a challenging task, especially with application security. In this tip, Kevin Beaver shares several ways to create an effective program.Continue Reading

• Fake WhatsApp app: How can counterfeit apps be avoided?

  After a fake WhatsApp app was discovered in the Google Play Store, users are questioning what can be done to avoid counterfeit apps. Learn several techniques with Nick Lewis.Continue Reading

• AVGater vulnerability: How are antivirus products impacted?

  A security researcher recently discovered a new vulnerability -- the AVGater vulnerability -- that puts antivirus products at risk. Discover how this vulnerability works with Nick Lewis.Continue Reading

• How can domain generation algorithms be used to bypass ad blockers?

  An ad network used domain generation algorithms to bypass ad blockers and launch cryptomining malware. Expert Michael Cobb explains how and the best way to prevent these attacks.Continue Reading