Problem solve

Problem solve

Get help with specific problems with your technologies, process and projects.

• Ticketbleed flaw: How can SSL session identities be protected?

  The Ticketbleed flaw in F5 Networks' BIG-IP appliances leaks uninitialized memory and SSL session identities. Expert Michael Cobb explains how enterprises can mitigate it. Continue Reading

• WordPress REST API flaw: How did it lead to widespread attacks?

  A REST API endpoint vulnerability enabled attacks on 1.5 million sites running WordPress. Expert Michael Cobb explains how this vulnerability works and how to prevent attacks. Continue Reading

• How are hackers using Unicode domains for spoofing attacks?

  A proof of concept showed that hackers can use Unicode domains to make phishing sites look legitimate. Expert Matthew Pascucci explains how this spoofing attack works. Continue Reading

• How WannaCry malware affects enterprises' ICS networks

  WannaCry malware has been plaguing organizations across the world. Expert Ernie Hayden explains how this ransomware threatens ICS networks and their security. Continue Reading

• What are the challenges of migrating to HTTPS from HTTP?

  Migrating to HTTPS from HTTP is a good idea for security, but the process can be a challenge. Expert Matthew Pascucci explains how to make it easier for enterprises. Continue Reading

• How did Webroot's antivirus signature update create false positives?

  A Webroot antivirus signature update flagged Windows and Windows applications as dangerous. Expert Matthew Pascucci explains how it happened and what Webroot did about it.Continue Reading

• How does the Antbleed backdoor vulnerability work?

  Antbleed, a backdoor vulnerability, was discovered in bitcoin mining equipment. Expert Matthew Pascucci explains how the Bitmain flaw works and how it can be prevented.Continue Reading

• Incorporating static source code analysis into security testing

  Static source code analysis, along with dynamic analysis and pen testing, can help strengthen your application security. Expert Kevin Beaver goes over the features to look out for.Continue Reading

• How to use an interface identifier to check for IPv6 network updates

  To find out if your IPv6 network has been updated to RFC 7217, you can perform a test using the interface identifier. Expert Fernando Gont explains how to do this.Continue Reading

• Ransomware detection and prevention tools you need now

  Enterprises should improve their ransomware defense methods by examining the features in existing security tool deployments and deciding if replacements are needed.Continue Reading

• Risk & Repeat: Symantec, Mozilla spar over certificate issuance

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss Mozilla's suggested deadline for Symantec to turn over its certificate issuance operations.Continue Reading

• Fruitfly Mac malware: How does its decades-old code work?

  The Fruitfly Mac malware has decades-old code, but has been conducting surveillance attacks for over two years without detection. Expert Nick Lewis explains how it works.Continue Reading

• How can users identify phishing techniques and fraudulent websites?

  A Gmail phishing attack brought users to fake login pages designed to look like Google's. Expert Nick Lewis explains how users can prevent similar phishing attacks.Continue Reading

• How the use of invalid certificates undermines cybersecurity

  Symantec and other trusted CAs were found using bad certificates, which can create huge risk for internet users. Expert Michael Cobb explains how these incidents can be prevented.Continue Reading

• What are HummingWhale malware's new ad fraud features?

  A HummingBad malware variant, HummingWhale, was discovered being spread through 20 apps on the Google Play Store. Expert Nick Lewis explains the malware's new features.Continue Reading