Problem solve

Problem solve

Get help with specific problems with your technologies, process and projects.

• What the end of hot patching mobile apps means for enterprise security

  Apple now restricts mobile app developers from using hot patching, as the technique can change app behavior after it is reviewed. Expert Kevin Beaver goes over enterprise concerns. Continue Reading

• How is session hijacking possible without passwords?

  Local Windows admins can perform session hijacking without passwords. Expert Judith Myerson explains how this type of attack works and what to include in a policy to prevent it. Continue Reading

• Why WPA2-PSK can be a security risk even with an uncracked key

  WPA2-PSK is a popular way to bolster wireless security, but it's not perfect. Expert Joseph Granneman explains WPA2 and other aspects of the complicated history of Wi-Fi security. Continue Reading

• Are separate administrator accounts a good idea for enterprises?

  Separate administrator accounts are becoming a normal part of access policies in enterprises. Expert Matthew Pascucci explains why this is a good idea and how to implement it. Continue Reading

• How to identify and address overlooked web security vulnerabilities

  Certain web security vulnerabilities evade detection due to oversight or carelessness. Expert Kevin Beaver discusses the top overlooked issues and how to address them. Continue Reading

• Why did the PHPMailer library vulnerability have to be patched twice?

  After a remote code execution flaw in PHPMailer was patched, the problem persisted, and had to be repatched. Expert Michael Cobb explains how the critical vulnerability works.Continue Reading

• How can a distributed guessing attack obtain payment card data?

  Attackers can gather payment card data by carrying out distributed guessing with a minimal amount of existing information. Expert Michael Cobb explains how this attack works.Continue Reading

• Is threat hunting the next step for modern SOCs?

  The emergence of threat hunting programs underscores the importance of the human factor in fighting the most dangerous and costly security threats.Continue Reading

• Panasonic Avionics IFE systems: How serious are the vulnerabilities?

  Panasonic Avionics' in-flight entertainment system vulnerabilities allow attackers to tamper with passenger seat displays. Expert Michael Cobb explains the impact of these flaws.Continue Reading

• Improving the cybersecurity workforce with full spectrum development

  Eric Patterson, executive director of the SANS Technology Institute, explains why it's time to rethink educational development to strengthen the cybersecurity workforce.Continue Reading

• How does IP hijacking work and how can it be prevented?

  IP hijacking incidents are on the rise because IP addresses can be easily targeted. Expert Judith Myerson explains how these attacks work and how they can be prevented.Continue Reading

• Handbook of System Safety and Security

  In this excerpt from chapter 10 of Handbook of System Safety and Security, editor Edward Griffor discusses cloud and mobile cloud architecture and security.Continue Reading

• How does the boot mode vulnerability in Android work?

  A boot mode vulnerability allowed attackers to eavesdrop on calls made on certain Android devices. Expert Judith Myerson explains how the complex exploit works.Continue Reading

• How can enterprises stop the Flip Feng Shui exploit from hijacking VMs?

  The Flip Feng Shui attack can target virtual machines. Expert Judith Myerson explains the exploit and describes how to prevent it from hijacking enterprise VMs.Continue Reading

• How does Ticketbleed affect session ID security?

  The Ticketbleed bug in some F5 Networks products caused session IDs and uninitialized memory to leak. Expert Judith Myerson explains what a session ID is and how attackers use it.Continue Reading