Problem solve

Problem solve

Get help with specific problems with your technologies, process and projects.

• How have ARM TrustZone flaws affected Android encryption?

  Android encryption on devices using Qualcomm chips can be broken due to two vulnerabilities. Expert Michael Cobb explains how these flaws affect encryption. Continue Reading

• How serious is a malicious DLL file vulnerability for enterprises?

  A flaw that allows attackers to load malicious DLL files in Symantec products was labeled as severe. Expert Michael Cobb explains the vulnerability and its classification. Continue Reading

• Insecure OAuth implementations: How are mobile app users at risk?

  Mobile apps using insecure OAuth could lead to over one billion user accounts being attacked. Expert Michael Cobb explains how developers can implement OAuth securely. Continue Reading

• How does a WebKit framework flaw enable denial-of-service attacks?

  A vulnerability in Apple's WebKit framework allows attackers to initiate phone calls through mobile apps on victims' devices. Expert Michael Cobb explains how the attack works. Continue Reading

• Politics of cyber attribution pose risk for private industry

  Why nation-state attribution plays a major role in the U.S. government's willingness to share cyberthreat intelligence with private-sector companies. Continue Reading

• How did firmware create an Android backdoor in budget devices?

  An Android backdoor was discovered in the Ragentek firmware used in almost three million low-cost devices. Expert Michael Cobb explains how to prevent attacks on affected devices.Continue Reading

• How did vulnerabilities in AirWatch Agent and Inbox work?

  Flaws in AirWatch Agent and AirWatch Inbox allowed rooted devices to bypass the software's security measures. Expert Matthew Pascucci explains how these vulnerabilities worked.Continue Reading

• 1024-bit encryption keys: How 'trapdoored' primes have caused insecurity

  Encryption algorithms using 1024-bit keys are no longer secure, due to the emergence of 'trapdoored' primes. Expert Michael Cobb explains how the encryption backdoor works.Continue Reading

• How does a U2F security key keep Facebook users safe?

  Universal second factor devices can be used to strengthen authentication on major websites such as Facebook. Expert Matthew Pascucci explains how U2F works.Continue Reading

• How can users tell if Windows SMB v1 is on their systems?

  US-CERT encouraged users to use newer versions of Windows SMB, since version one is out of date. Expert Matthew Pascucci explains how to tell if SMB v1 is on your systems.Continue Reading

• Android VPN apps: How to address privacy and security issues

  New research on Android VPN apps revealed the extent of their privacy and security flaws. Expert Kevin Beaver explains how IT professionals can mitigate the risks.Continue Reading

• How does the Locky ransomware file type affect enterprise protection?

  Locky ransomware has, again, changed tactics by moving to using LNK files for distribution. Expert Nick Lewis explains how enterprises can adjust protections for this shift.Continue Reading

• Crafting an insider threat program: Why and how

  IT threats are tough to tackle when they originate from within your business. This technical guide considers that issue and offers ways to deal with insider security threats.Continue Reading

• Is encryption one of the required HIPAA implementation specifications?

  When it comes to encryption, the HIPAA implementation specifications are complicated. Expert Joseph Granneman explains whether it's required or addressable.Continue Reading

• Hajime malware: How does it differ from the Mirai worm?

  Hajime malware was discovered to have links to the Mirai botnet that launched powerful DDoS attacks last year. Expert Nick Lewis explains how Hajime differs from Mirai.Continue Reading

• How does the Drammer attack exploit ARM-based mobile devices?

  Drammer, or a deterministic Rowhammer attack, was found to be more effective on ARM-based mobile devices. Expert Nick Lewis explains the issue with ARM processors.Continue Reading

• How can attackers turn Instagram into C&C infrastructure?

  An Instagram application can be turned into C&C infrastructure with the help of image steganography malware attacks. Expert Nick Lewis explains how this works.Continue Reading

• Using IPv6 atomic fragments for a denial-of-service attack

  IPv6 atomic fragments can be dangerous for enterprises. Expert Fernando Gont explains their relation to a new denial-of-service attack vector and how to mitigate the threat.Continue Reading

• Pork Explosion Android flaw: How is it used to create a backdoor?

  The Pork Explosion vulnerability present in some Foxconn-created app bootloaders can be used to create an Android backdoor. Expert Nick Lewis explains how the flaw works.Continue Reading

• Can CISOs facilitate peace between privacy and information security?

  Privacy and information security can often be at odds with each other in enterprises. Expert Mike O. Villegas explains how C-levels can help to get the two to work in harmony.Continue Reading

• Reporting ransomware attacks to the FBI: Pros and cons

  Reporting ransomware attacks to law enforcement can pose potential risks to the targeted organization. Expert Mike O. Villegas discusses the key aspects of disclosing an attack.Continue Reading

• How can CISOs strengthen communications with cybersecurity staff?

  Effective CISO communications are key to fostering a healthy relationship with the cybersecurity staff. Expert Mike O. Villegas reviews some ways to build that relationship.Continue Reading

• What are some best practices for reporting ransomware attacks?

  Enterprises are advised to start reporting ransomware attacks, but are there risks? Expert Mike O. Villegas discusses whether organizations are obligated to report attacks.Continue Reading

• How can attacks bypass ASLR protection on Intel chips?

  An Intel chip flaw lets attackers bypass ASLR protection on most operating systems. Expert Michael Cobb explains the vulnerability and how to prevent attacks.Continue Reading

• Why authorization management is paramount for cybersecurity readiness

  After enterprise identities are authenticated, an authorization management system should monitor how resources are being used. Expert Peter Sullivan explains how it can work.Continue Reading

• Risk & Repeat: Cloudflare bug poses incident response challenges

  In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the recent Cloudflare bug that leaked an undetermined amount of customer data over several months.Continue Reading

• What's the best corporate email security policy for erroneous emails?

  If an employee receives invalidated emails, should the corporate email security policy handle it? Expert Matthew Pascucci discusses the rights of the enterprise.Continue Reading

• What should enterprises know about how a stored XSS exploit works?

  A stored XSS exploit can be damaging to enterprises that aren't fully protected. Expert Matthew Pascucci explains what stored XSS attacks are and how to defend against them.Continue Reading

• Machine learning in security explodes: Does it work?

  Machine learning in security is continuing to advance, and many companies now claim to have introduced artificial intelligence techniques into their platforms. With the high volume of data that most security teams have to prioritize, machine ...Continue Reading

• What basic steps can improve network device security in enterprises?

  Network device security is a big problem for enterprises, but there are some basic steps they can take to improve it. Expert Matthew Pascucci outlines the process.Continue Reading

• How can enterprises leverage Google's Project Wycheproof?

  Google's Project Wycheproof tests crypto libraries for known vulnerabilities, but there are potential drawbacks to this tool. Expert Matthew Pascucci explains them.Continue Reading

• DNS reverse address mapping: Exploiting the scanning technique

  Scanning IPv6 addresses can be made easy with DNS reverse mapping. In part two of this series, expert Fernando Gont explains how this technique can be exploited and mitigated.Continue Reading

• How does the iSpy keylogger steal passwords and software license keys?

  A recent version of the iSpy keylogger has the ability to steal passwords and record Skype chats. Expert Nick Lewis explains how it works and how to protect your systems.Continue Reading

• IoT malware: How can internet-connected devices be secured?

  IoT botnet DDoS attacks have been growing in volume and impact. Expert Nick Lewis explains how you can ensure your internet-connected devices are secure from IoT malware.Continue Reading

• How can obfuscated macro malware be located and removed?

  A new type of macro malware has the ability to evade the detection of virtual machines and sandbox environments. Expert Nick Lewis explains how to find and remove this malware.Continue Reading

• How does BENIGNCERTAIN exploit Cisco PIX firewalls?

  The BENIGNCERTAIN exploit affects certain versions of Cisco systems using the IKEv1 protocol. Expert Nick Lewis explains what the protocol does and how the vulnerability works.Continue Reading

• How can open FTP servers be protected from Miner-C malware?

  Enterprises with open FTP servers are being targeted by Miner-C malware for crypto coin mining activities. Expert Nick Lewis explains how enterprises can protect their servers.Continue Reading

• Intrusion response plans: Tales from front-line IT support

  The right intrusion response training can make all the difference in data breach prevention. Expert Joe Granneman provides a real-world example from which enterprises can learn.Continue Reading

• How does a security portfolio help an enterprise security program?

  A security portfolio shouldn't be used as an alternative to a reporting structure, but it can still be beneficial to enterprises. Expert Mike O. Villegas explains how.Continue Reading

• How can CISOs get past security vendor hype and make smart purchases?

  Security vendor hype is a problem CISOs often have to deal with. Expert Mike O. Villegas discusses some ways to cut through the hype and make smart purchasing decisions.Continue Reading

• What caused the ClixSense privacy breach that exposed user data?

  A privacy breach at ClixSense led to user account details being put up for sale. Expert Michael Cobb explains how companies should be held accountable for their security practices.Continue Reading

• How did iOS 10 security checks open brute force risk on local backups?

  A password-verification flaw in iOS 10 allowed attackers to decrypt local backups. Expert Michael Cobb explains how removing certain security checks led to this vulnerability.Continue Reading

• HTTP public key pinning: Is the Firefox browser insecure without it?

  HTTP public key pinning, a security mechanism to prevent fraudulent certificates, was not used by Firefox, and left it open to attack. Expert Michael Cobb explains how HPKP works.Continue Reading

• Risk & Repeat: Pentagon cybersecurity under fire

  In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss Pentagon cybersecurity amid reports of misconfigured servers at the U.S. Department of Defense.Continue Reading

• How did a Signal app bug let attackers alter encrypted attachments?

  The Signal app, used for end-to-end encrypted mobile messaging, contained a bug that allowed data to be added to attachments. Expert Michael Cobb explains the flaw.Continue Reading

• How Windows hardening techniques can improve Windows 10

  Windows 10 may be the most secure Windows ever, but expert Ed Tittel explains how to use Windows hardening techniques to make systems even more secure.Continue Reading

• How does Overseer spyware work on infected Android apps?

  Spyware was found on infected Android apps, which were meant to convey embassy information and news, in the Google Play Store. Expert Michael Cobb explains how the spyware works.Continue Reading

• What are the best anti-network reconnaissance tools for Linux systems?

  Anti-network reconnaissance tools can prevent attackers from getting access to system information. Expert Judith Myerson goes over the best enterprise options.Continue Reading

• Recent ransomware attacks: Data shows 50% growth in 2016

  With high sums paid, ransomware gets all the attention. But malware is not the only way that criminals gained control of enterprise systems, a new report shows.Continue Reading

• Risk & Repeat: Bad Symantec certificates strike again

  In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the discovery of more bad Symantec certificates and what it means for the antivirus software maker.Continue Reading

• Looming cloud security threats: How attacks will follow your data

  You can move your data to cloud-based systems and web services, but you can't hide it there. Hackers and predators have more ways to find it.Continue Reading

• How does DNSChanger take advantage of WebRTC protocols?

  WebRTC protocols are being targeted by a new version of the DNSChanger exploit kit. Judith Myerson explains how these attacks work and what enterprises should know.Continue Reading

• Are free VPN clients secure enough for enterprise users?

  There are many free VPN clients on the market, but are they secure enough for enterprise users? Expert Judith Myerson looks at the pros and cons of ad-supported VPNs.Continue Reading

• The consequences of removing PPTP support from iOS 10

  Apple's removal of PPTP support on iOS 10 and Mac OS Sierra leaves companies scrambling to implement other VPN protocols. Expert Michael Cobb explains enterprise options.Continue Reading

• Which encryption tools can secure data on IoT devices?

  Protecting the data that moves through the internet of things can be a challenge for enterprises. Expert Judith Myerson offers several encryption tools for the task.Continue Reading

• Preventing DoS attacks: The best ways to defend the enterprise

  Preventing DoS attacks may not always be possible, but with a strong defense, enterprises can reduce their impact and recover quickly. Expert Kevin Beaver explains the best approaches.Continue Reading

• How does a Netgear vulnerability enable command injection attacks?

  A Netgear vulnerability exposed a number of wireless router models to command injection attacks. Expert Judith Myerson explains how the attack works and how to stop it.Continue Reading

• How can enterprises fix the NTP daemon vulnerability to DoS attacks?

  A recently patched NTP daemon vulnerability has put enterprises at risk. Expert Matthew Pascucci explains the vulnerability and how organizations can defend against it.Continue Reading

• When not to renew a vendor contract due to security issues

  Opting out of a vendor contract for security reasons can be a tough decision for CISOs. Expert Mike O. Villegas discusses how NASA handled the situation and what CISOs can do.Continue Reading

• Monitoring outbound traffic on your network: What to look for

  Outbound network traffic remains a weakness for many enterprises and is a major attack vector. Expert Kevin Beaver explains how to spot irregular occurrences in your network.Continue Reading

• How does Stampado ransomware spread to external drives?

  The Stampado ransomware is a low-cost threat to networks and external drives. Expert Matthew Pascucci explains how Stampado works and how enterprises should handle it.Continue Reading

• How serious are the flaws in St. Jude Medical's IoT medical devices?

  MedSec and Muddy Waters Capital revealed serious flaws in IoT medical devices manufactured by St. Jude Medical. Expert Nick Lewis explains the severity of these vulnerabilities.Continue Reading

• How does RIPPER ATM malware use malicious EMV chips?

  RIPPER malware has been found responsible for the theft of $378,000 from ATMs in Thailand. Expert Nick Lewis explains how this ATM malware works.Continue Reading

• How do facial recognition systems get bypassed by attackers?

  Researchers found that facial recognition systems can be bypassed with 3D models. Expert Nick Lewis explains how these spoofing attacks work and what can be done to prevent them.Continue Reading

• Risk & Repeat: Doxware emerges as a new threat to data privacy

  In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the emergence of doxware and extortionware and what that means for enterprises and their employees.Continue Reading

• How does USBee turn USB storage devices into covert channels?

  USB storage devices can be turned into covert channels with a software tool called USBee. Expert Nick Lewis explains how to protect your enterprise data from this attack.Continue Reading

• Managing vulnerable software: Using data to mitigate the biggest risks

  Three pieces of vulnerable software are most targeted by the exploit kits studied in a Digital Shadows report. Expert Nick Lewis explains how your enterprise can manage them.Continue Reading

• How do man-in-the-middle attacks on PIN pads expose credit card data?

  Passive man-in-the-middle attacks on PIN pads can lead to attackers stealing credit card details. Expert Nick Lewis explains how companies can mitigate these attacks.Continue Reading

• What effect does FITARA have on U.S. government cybersecurity?

  FITARA became a law in 2014, but government cybersecurity continues to struggle. Expert Mike O. Villegas discusses the effects of the law.Continue Reading

• Are bug bounty programs secure enough for enterprise use?

  The use of bug bounty programs in enterprises is growing, but they aren't risk free. Expert Mike O. Villegas discusses some concerns related to bug bounties.Continue Reading

• Insider Edition: Attaining security for IoT, through discovery, identity and testing

  Ever since the internet of things became a "thing," the potential for abuse has been well documented; how best to achieve security for IoT is not yet clear. This Insider Edition of Information Security magazine tackles that second ...Continue Reading

• How to maintain digital privacy in an evolving world

  Protecting a user's digital privacy across different technologies requires a plethora of tools. Expert Matthew Pascucci explores the different ways to protect sensitive data.Continue Reading

• Risk & Repeat: Corero on DDoS defense in the IoT era

  In this episode of SearchSecurity's Risk & Repeat podcast, Dave Larson of Corero Network Security discusses how DDoS defense has shifted to deal with IoT threats.Continue Reading

• How are hackers using Twitter as C&C servers for malware?

  C&C servers have been replaced with Twitter accounts, which spread the Android Trojan Twitoor to user devices. Expert Michael Cobb explains how to stop this attack.Continue Reading

• How can two-factor authentication systems be used effectively?

  Two-factor authentication systems require more than using codes sent through SMS and smart cards. Expert Michael Cobb explains how to properly and effectively implement 2FA.Continue Reading

• How does a Linux vulnerability allow attacks on TCP communications?

  A Linux vulnerability that affects 80% of Android devices allows for attacks on TCP communications and remote code execution. Expert Michael Cobb explains how to mitigate these risks.Continue Reading

• How can PGP short key IDs be protected from collision attacks?

  A well-known PGP short key ID flaw has been discovered to be the cause of collision attacks on Linux developers. Expert Michael Cobb explains the flaw with short key IDs.Continue Reading

• Zero-day attacks: Addressing the Equation Group vulnerabilities

  Zero-day exploits for network routers and firewalls were released by the Shadow Brokers. Expert Kevin Beaver offers steps for enterprises to address zero-day attacks.Continue Reading

• How to prevent DoS attacks in the enterprise

  It's not possible to eradicate the risk of DoS attacks, but there are steps infosec pros can take to reduce their impact. Mike Chapple shares pointers on how to prevent DoS attacks.Continue Reading

• How does the BlackNurse attack overwhelm firewalls?

  A new attack called "BlackNurse" can disrupt firewalls with a small amount of ICMP packets. Expert Judith Myerson explains how it works and why it's a security issue for enterprises.Continue Reading

• SWIFT network communications: How can bank security be improved?

  The SWIFT network has increasingly been abused by cybercriminals to carry out bank fraud and theft. Expert Michael Cobb explains possible ways to boost security.Continue Reading

• How limiting administrative access can protect your enterprise

  Limiting administrative access can strengthen an enterprise's security posture significantly. Expert Joe Granneman discusses why this is such an important practice.Continue Reading

• Can security employee tenure be improved by CISOs?

  Security employee tenure is shorter than in most industries. Expert Mike O. Villegas outlines five budget-friendly steps CISOs can take to help lengthen it.Continue Reading

• Combatting the top cybersecurity threats with intelligence

  Security professionals are playing an ever-greater role in managing business risk. Their efforts against top cybersecurity threats include investing in the latest defensive tools that promise to shut down attackers.

  At the top of enterprises' ...Continue Reading

• Risk & Repeat: Second Yahoo data breach uncovered

  In this episode of SearchSecurity's Risk & Repeat podcast, the editors discuss the second major Yahoo data breach and what it means for both the company and its users.Continue Reading

• Protecting the open source Redis tool from ransomware attacks

  Duo Labs discovered a flaw in the Redis tool that led to Fairware ransomware attacks on Linux servers. Expert Nick Lewis explains the security measures that enterprises can take.Continue Reading

• Meet security goals by avoiding threat intel and analytics mistakes

  Meeting top security goals is only the first step. Get up to speed on how to avoid common pitfalls in the use of threat intelligence and analytics.Continue Reading

• What should happen after an employee clicks on a malicious link?

  The response to an employee clicking on a malicious link is important for organizations to get right. Expert Matthew Pascucci discusses how to handle the aftermath of an attack.Continue Reading

• CISO Q&A: Healthcare information security needs more leadership

  Anahi Santiago of Christiana Care Health System has spent much of her career in healthcare information security. "We are under attack," she says.Continue Reading

• Building a threat intelligence program? How to avoid the 'feed' frenzy

  Cyberthreat intelligence is just data if it is not actionable. We offer tips to help your team focus on relevant CTI for faster threat detection and response.Continue Reading

• Risk & Repeat: Rapid7 tackles IoT threats, vulnerabilities

  In this episode of SearchSecurity's Risk & Repeat podcast, Tod Beardsley and Rebekah Brown of Rapid7 talk about the IoT threat landscape and improving IoT device security.Continue Reading

• Aflac CISO Tim Callahan on global security, risk management

  With today's cyberthreats, the CISO has to know more about intelligence, working with government and private industry, and how to tailor the security program to further the business.Continue Reading

• How does the HummingBad malware enable click fraud?

  The HummingBad malware has infected 10 million mobile devices worldwide. Expert Michael Cobb explains how this exploit enables click fraud and other risks for users.Continue Reading

• Incident response tools can help automate your security

  In this era of nonstop security threats, incident response tools that help automate detection and reaction are now essential. Learn how to update your IR process.Continue Reading

• Insider Edition: Improved threat detection and incident response

  The security incident response process isn't getting any easier, not in an age characterized by mobile workers, cloud computing and faster networks. So much can go wrong: Attacks can come from any source and use every method imaginable -- and some ...Continue Reading

• Cybersecurity and Applied Mathematics

  In this excerpt of Cybersecurity and Applied Mathematics, authors Leigh Metcalf and William Casey explain string analysis and how it can be applied to cyber data.Continue Reading

• DevOps and security promises better apps, infrastructures

  DevOps is a process aimed at creating and updating applications quickly and, traditionally, it has lacked effective security controls. The software that was created too often contained vulnerabilities right from the start. Combining DevOps and ...Continue Reading

• Are browsers using the HTTP/2 protocol vulnerable to HEIST attacks?

  HEIST, a new HTTP/2 protocol exploit, can steal encrypted content from HTTPS traffic. Expert Michael Cobb explains how this attack works and how to stop it.Continue Reading

• Is it possible to get a new CISO position after being fired?

  CISO turnover is common after a security incident, but it's not the end of a career in security. Expert Mike O. Villegas discusses how to increase the odds of finding a new CISO position.Continue Reading

• Behavioral threat assessment means real-time threat detection

  Real-time behavioral threat analytics is the next frontier in security. Learn how a behavioral threat assessment tool can protect your enterprise systems and data.Continue Reading