Problem solve
Get help with specific problems with your technologies, process and projects.
Problem solve
Get help with specific problems with your technologies, process and projects.
How does the BlackNurse attack overwhelm firewalls?
A new attack called "BlackNurse" can disrupt firewalls with a small amount of ICMP packets. Expert Judith Myerson explains how it works and why it's a security issue for enterprises. Continue Reading
SWIFT network communications: How can bank security be improved?
The SWIFT network has increasingly been abused by cybercriminals to carry out bank fraud and theft. Expert Michael Cobb explains possible ways to boost security. Continue Reading
How limiting administrative access can protect your enterprise
Limiting administrative access can strengthen an enterprise's security posture significantly. Expert Joe Granneman discusses why this is such an important practice. Continue Reading
-
Can security employee tenure be improved by CISOs?
Security employee tenure is shorter than in most industries. Expert Mike O. Villegas outlines five budget-friendly steps CISOs can take to help lengthen it. Continue Reading
Combatting the top cybersecurity threats with intelligence
Security professionals are playing an ever-greater role in managing business risk. Their efforts against top cybersecurity threats include investing in the latest defensive tools that promise to shut down attackers.
At the top of enterprises' ... Continue Reading
Risk & Repeat: Second Yahoo data breach uncovered
In this episode of SearchSecurity's Risk & Repeat podcast, the editors discuss the second major Yahoo data breach and what it means for both the company and its users.Continue Reading
Protecting the open source Redis tool from ransomware attacks
Duo Labs discovered a flaw in the Redis tool that led to Fairware ransomware attacks on Linux servers. Expert Nick Lewis explains the security measures that enterprises can take.Continue Reading
Meet security goals by avoiding threat intel and analytics mistakes
Meeting top security goals is only the first step. Get up to speed on how to avoid common pitfalls in the use of threat intelligence and analytics.Continue Reading
What should happen after an employee clicks on a malicious link?
The response to an employee clicking on a malicious link is important for organizations to get right. Expert Matthew Pascucci discusses how to handle the aftermath of an attack.Continue Reading
CISO Q&A: Healthcare information security needs more leadership
Anahi Santiago of Christiana Care Health System has spent much of her career in healthcare information security. "We are under attack," she says.Continue Reading
-
Building a threat intelligence program? How to avoid the 'feed' frenzy
Cyberthreat intelligence is just data if it is not actionable. We offer tips to help your team focus on relevant CTI for faster threat detection and response.Continue Reading
Risk & Repeat: Rapid7 tackles IoT threats, vulnerabilities
In this episode of SearchSecurity's Risk & Repeat podcast, Tod Beardsley and Rebekah Brown of Rapid7 talk about the IoT threat landscape and improving IoT device security.Continue Reading
Aflac CISO Tim Callahan on global security, risk management
With today's cyberthreats, the CISO has to know more about intelligence, working with government and private industry, and how to tailor the security program to further the business.Continue Reading
How does the HummingBad malware enable click fraud?
The HummingBad malware has infected 10 million mobile devices worldwide. Expert Michael Cobb explains how this exploit enables click fraud and other risks for users.Continue Reading
Incident response tools can help automate your security
In this era of nonstop security threats, incident response tools that help automate detection and reaction are now essential. Learn how to update your IR process.Continue Reading
Insider Edition: Improved threat detection and incident response
The security incident response process isn't getting any easier, not in an age characterized by mobile workers, cloud computing and faster networks. So much can go wrong: Attacks can come from any source and use every method imaginable -- and some ...Continue Reading
Cybersecurity and Applied Mathematics
In this excerpt of Cybersecurity and Applied Mathematics, authors Leigh Metcalf and William Casey explain string analysis and how it can be applied to cyber data.Continue Reading
DevOps and security promises better apps, infrastructures
DevOps is a process aimed at creating and updating applications quickly and, traditionally, it has lacked effective security controls. The software that was created too often contained vulnerabilities right from the start. Combining DevOps and ...Continue Reading
Are browsers using the HTTP/2 protocol vulnerable to HEIST attacks?
HEIST, a new HTTP/2 protocol exploit, can steal encrypted content from HTTPS traffic. Expert Michael Cobb explains how this attack works and how to stop it.Continue Reading
Is it possible to get a new CISO position after being fired?
CISO turnover is common after a security incident, but it's not the end of a career in security. Expert Mike O. Villegas discusses how to increase the odds of finding a new CISO position.Continue Reading
Behavioral threat assessment means real-time threat detection
Real-time behavioral threat analytics is the next frontier in security. Learn how a behavioral threat assessment tool can protect your enterprise systems and data.Continue Reading
Want a board-level cybersecurity expert? They're hard to find
Members of the board must be ready to defend their fiduciary decisions, corporate policies, compliance actions and, soon, cybersecurity preparedness.Continue Reading
Is destroying a decryption key a strong enough security practice?
Destroying a decryption key isn't the same as destroying the data, but which method is more secure? Expert Mike Chapple explains the best way to combat a future encryption flaw.Continue Reading
Preventing Microsoft's Authenticode from spreading stealth malware
A Microsoft Authenticode vulnerability allowed malicious code to sneak through without invalidating a file's digital signature. Expert Nick Lewis explains how to address this flaw.Continue Reading
Risk & Repeat: DNS DDoS attacks raise concerns over IoT devices
In this Risk & Repeat podcast, SearchSecurity editors discuss the DDoS DNS attacks on Dyn and what they mean for DNS providers, IoT device manufacturers and enterprises.Continue Reading
How does auto-rooting malware LevelDropper gain device root access?
Auto-rooting app LevelDropper has the ability to silently root devices and gain system level privileges. Expert Michael Cobb explains how to detect and stop it.Continue Reading
Why have macro malware authors moved toward using OLE technology?
Threat actors are moving from macro malware to using OLE technology to spread their malicious code. Expert Michael Cobb explains what enterprises should look out for.Continue Reading
Preventing and responding to a healthcare ransomware infection
The healthcare industry is a target for ransomware infections. Expert Ernie Hayden explains how organizations can take steps to prevent and respond to these attacks.Continue Reading
How can the cybersecurity skills shortage be fixed?
With the skills shortage plaguing the industry, should enterprises put less of a focus on finding staff with cybersecurity skills? Expert Mike O. Villegas explains why not.Continue Reading
How can APT groups be stopped from exploiting a Microsoft Office flaw?
APT groups have been continuously exploiting a flaw in Microsoft Office, despite it having been patched. Expert Nick Lewis explains how these attacks work and how to prevent them.Continue Reading
Rowhammer exploit: Are Microsoft Edge browser users at risk?
The Rowhammer and memory deduplication attack enables read and write access to Microsoft Edge browsers. Expert Nick Lewis explains how to mitigate this threat.Continue Reading
How to handle out-of-band management for network infrastructure
Out-of-band management can be used for handling network infrastructure. Expert Judith Myerson explains the benefits of out-of-band management and how it can be implemented.Continue Reading
Even with rise in crypto-ransomware, majority do not pay
With data increasingly held hostage, companies are learning the downside of encryption and cryptocurrency. As some organizations admit to paying ransoms, will the problem get worse?Continue Reading
Q&A: Looking at cyberweapons and other issues with Nathaniel Gleicher
The former White House cybersecurity policy director talks about cyberthreats, the government's vulnerability equities process and lawful use of exploit toolkits.Continue Reading
Cyber attribution: Whodunit takes on new meaning in November
Political hacking is a regular occurrence. Should we worry more about cybercrime attribution or the ability of unknown actors to influence public discourse?Continue Reading
How can privileged access accounts be managed in large companies?
Network administrators typically resist policies for separate accounts when performing different tasks. Expert Michael Cobb explains the risk of privileged access.Continue Reading
How are weak passwords banned with Microsoft's Smart Password Lockout?
Microsoft is banning weak passwords on many of its services with the Smart Password Lockout feature. Expert Michael Cobb explains how it works, and if it will be beneficial.Continue Reading
Trusted? Certificate authority risks and how to manage them
Trusted certificate authorities are essential in today's business climate, but that doesn't mean they are easy to come by. Certificate authority risks are many, certainly, but this three-part technical guide is designed to make plain the challenges ...Continue Reading
Is settling a data breach lawsuit the best option for enterprises?
In the unfortunate event of a data breach lawsuit, it's often better to settle before the case reaches court. Expert Mike O. Villegas explains why and how CISOs can help.Continue Reading
Insider security threats: What CISOs can do to mitigate them
Dealing with insider security threats requires a combination of tactics. Expert Mike O. Villegas discusses the various aspects of insider threat mitigation strategies.Continue Reading
What are the cloud compliance issues organizations have to deal with?
Cloud compliance issues are no reason for enterprises not to move to the cloud. Expert Mike Chapple explains why, as well as what to keep in mind about cloud compliance.Continue Reading
Global report: Cybersecurity skills shortage threatens security
The shortage in the security skills pipeline is creating vulnerabilities worldwide, according to one report. Executives say "gaming" can help companies develop a better workforce.Continue Reading
Q&A: Analyzing DNS services with Paul Vixie
With targeted attacks such as distributed denial-of-service and ransomware on the rise, should domain name system analysis become part of your defense strategy?Continue Reading
How to handle a problematic cybersecurity expert on your team
Sometimes hiring a cybersecurity expert to help your security team isn't all it's cracked up to be. Expert Mike O. Villegas explains what CISOs should do when this happens.Continue Reading
Why did QuickTime for Windows move to end of life so abruptly?
QuickTime for Windows was found to have two zero-day vulnerabilities, and was then suddenly moved to end of life by Apple. Expert Michael Cobb explains the abrupt action.Continue Reading
Risk & Repeat: Shadow Brokers' dump shakes IT industry
In part two of Risk & Repeat's podcast on the Equation Group, SearchSecurity editors discuss the zero-day vulnerabilities discovered in the Shadow Brokers' data dump.Continue Reading
Security startups: What do CISOs need to know before being customers?
Being a customer of security startups comes with some risk. Expert Mike O. Villegas discusses this risk and how CISOs can dodge the potential issues.Continue Reading
Building an application security program: Why education is key
Education and training are crucial parts of a strong application security program. Sean Martin explains how enterprises should build these elements into their programs.Continue Reading
Data breach cost: What influences it the most?
Malicious or criminal attacks take a longer time to identify and contain, research shows, leading to a higher cost per breach. We look at the numbers.Continue Reading
What's the best way to communicate about advanced persistent threats?
Advanced persistent threats are a constant risk for enterprises, so the board needs to know about them. Expert Mike O. Villegas discusses how to effectively communicate about APTs.Continue Reading
Preventing various types of DDoS attacks on your enterprise's systems
The types of DDoS attacks organizations face have grown and size of these attacks has increased. Expert Michael Cobb explains how to secure systems against common DDoS methods.Continue Reading
Government cybersecurity problems can teach enterprises what to do
The U.S. government's cybersecurity problems are in the spotlight, so enterprises should learn from them. Expert Mike Chapple looks at the lessons organizations can learn.Continue Reading
Best practices for an information security assessment
Information security assessments can be effective for identifying and fixing issues in your enterprise's policies. Expert Kevin Beaver explains the key components of the process.Continue Reading
How did a pirated app bypass Apple's App Store security?
A pirated app called Happy Daily English beat Apple's App Store security review. Expert Michael Cobb explains how it works and what security teams can do about it.Continue Reading
How does the Trochilus RAT evade detection and sandboxing?
The new Trochilus RAT can avoid detection in cyberespionage attacks. Expert Nick Lewis explains how it works, and if enterprises need to adapt their security programs.Continue Reading
What new Asacub Trojan features should enterprises watch out for?
The Asacub Trojan has new banking malware features. Expert Nick Lewis explains how it made this transition and what enterprises should be watching out for.Continue Reading
How does the Dridex Trojan conduct redirection attacks?
The new version of the Dridex Trojan share Dyre malware's redirection attack capabilities. Expert Nick Lewis explains how enterprises can prevent these incidents.Continue Reading
CISO challenges: Identifying and addressing common problems
Enterprises often struggle to identify and prioritize the most pressing security concerns and threats. Sean Martin explains the common CISO challenges facing organizations today.Continue Reading
Session cookies: When should they be protected by a salted hash?
Is cookie encryption enough to protect sensitive information? Expert Michael Cobb explains how salted hashes can prevent attacks, and the secure way to use cookies.Continue Reading
Cyberinsurance policies: Getting coverage and avoiding limitations
The cyberinsurance market is maturing rapidly, but there are still gray areas to navigate. Sean Martin explains what enterprises should know about policies.Continue Reading
Mobile security strategy matures with BYOD
The basic level of mobile security is to protect data and access to a network, but understanding the needs of mobile users and their devices is the key to maturing that strategy.Continue Reading
How does the mandatory access control model and application sandboxing differ?
Mandatory access control and application sandboxing both offer layers of security through controlling access to system resources. Expert Michael Cobb explains what sets each apart.Continue Reading
Enterprise mobile strategy: Step up security
CISOs are tasked with developing an effective enterprise mobile strategy that offers different levels of mobile security, from device management to application-layer controls. Some companies are moving beyond device management and containerization ...Continue Reading
Defense-in-depth strategy: Growing cyberthreat intelligence
Cybersecurity defense in depth needs to learn from the military strategy it originated from. Expert Peter Sullivan explains where cybersecurity should not deviate.Continue Reading
Are cybersecurity lawyers necessary for organizations?
Cybersecurity lawyers can help handle a variety of enterprise security issues, but are they necessary? Expert Mike O. Villegas discusses the potential benefits.Continue Reading
Symantec vulnerability raises big questions for antivirus industry
SearchSecurity's Risk & Repeat podcast discusses the Symantec vulnerability disclosed by Google Project Zero and what the bug means for the antivirus industry.Continue Reading
How does SlemBunk collect Android user credentials?
An Android Trojan called SlemBunk is impersonating banking applications in order to collect user credentials. Expert Nick Lewis explains the security measures to stop this malware.Continue Reading
Why signature-based detection isn't enough for enterprises
Signature-based detection and machine learning algorithms identify malicious code and threats. Expert Michael Cobb explains how both techniques defend networks and endpoints.Continue Reading
How encryption legislation could affect enterprises
The legal battle between the FBI and Apple brought encryption legislation into the public eye, for better or worse. Expert Mike Chapple discusses the effect of this on enterprises.Continue Reading
Removing malware: What are the best methods?
When removing malware for client devices, how can security teams decide if the infection is truly gone? Expert Nick Lewis explains the cleanup process and the best practices.Continue Reading
How can common mobile application security risks be reduced?
A new Veracode report offers details on common mobile application security risks. Expert Michael Cobb explains these flaws, and what developers can do to reduce them.Continue Reading
How IAM can address unstructured content security risks
The amount of enterprise unstructured content is growing every year. Expert Sean Martin explains why IAM is an important component of unstructured data management and security.Continue Reading
How to resolve a Web application security vulnerability
Web application security vulnerabilities can exist from browser to SSL/TLS. Expert Brad Causey explains how application security testing and Web application firewalls can address this.Continue Reading
What should candidates expect in interviews for CISO jobs?
When candidates prepare for a CISO job interview, they should know the answer to 12 specific questions. Expert Mike O. Villegas reviews the questions.Continue Reading
Why a cap-less cybersecurity budget could harm security
An unlimited cybersecurity budget may sound like a dream, but in reality it could do more harm than good for an enterprise. Expert Mike O. Villegas explains.Continue Reading
ModPOS: How can enterprises defend against POS malware?
ModPOS, a new POS malware, compromised millions of credit card accounts in 2015. Expert Nick Lewis explains how cybercriminals use this malware and what can be done to stop it.Continue Reading
Can credit card hacking be stopped with Chip and PIN alone?
Amex cards have been discovered to be vulnerable to credit card hacking. Expert Nick Lewis explains how this happens, and what can be done about Chip and PIN security.Continue Reading
Machine learning applications: Mitigating the risks
Machine learning applications are beneficial to enterprises, but there are also several risks involved. Expert Judith Myerson explains five ways to combat them.Continue Reading
Developing a security incident response policy: Avoiding pitfalls
Does your enterprise have an effective incident response policy? Expert Kevin Beaver explains some of the mistakes that security managers should be avoiding.Continue Reading
Personal email servers: What are the security risks?
Hillary Clinton has taken much criticism over the use of a personal email server. Expert Michael Cobb explains the risks of shadow IT email and what enterprises can do about them.Continue Reading
APT-style attacks: How cybercriminals are using them
New research shows cybercriminals are using more advanced attack techniques. Expert Nick Lewis explains what enterprises need to know about the APT-style attacks.Continue Reading
Evil maid attacks: How can they be stopped?
What is an 'evil maid' attack and how can enterprises prevent it? Expert Nick Lewis explains the threat and the precautions employees should take when traveling.Continue Reading
The security risks of network sensors in the enterprise
The proliferation of network sensors for embedded systems and IoT devices can create problems for enterprises. Expert Kevin Beaver explains the risks these sensors pose.Continue Reading
How does YiSpecter affect non-jailbroken iOS devices?
New mobile malware can affect both jailbroken and non-jailbroken iOS devices. Expert Nick Lewis outlines the threat posed by YiSpecter and how to stop it.Continue Reading
How can Internet hijacking be prevented or mitigated?
An advanced persistent threat group used satellite Internet connections to mask its attacks. Expert Nick Lewis offers advice for preventing these types of schemes.Continue Reading
Malware-free attacks: How can enterprises stop them?
New research shows that threat actors are "living off the land" and infiltrating corporate networks using malware-free attacks. Expert Nick Lewis explains how this is done.Continue Reading
How to tell a security backdoor from a vulnerability
Security backdoors and security vulnerabilities can often be confused with one another. Expert Michael Cobb offers guidance on distinguishing the two.Continue Reading
How can a malicious C&C server remain undetected?
A command and control server for the "Gh0st" malware campaign went undetected for two years, according to security researchers. Expert Nick Lewis explains how it happened.Continue Reading
How can a DMARC policy improve email security?
Major email providers are adopting DMARC policies to reduce spam. Expert Michael Cobb explains how DMARC works and why it's is a good thing for email security.Continue Reading
Detecting and Combating Malicious Email
In this excerpt of Detecting and Combating Malicious Email, authors Julie JCH Ryan and Cade Kamachi discuss the elements of an email structure and touch on how attackers can use these elements to trick unwitting victims.Continue Reading
De-anonymizing malware: Can a new tactic help?
Researchers have discovered a new technique for de-anonymizing software that could help infosec teams attribute malware attacks. Expert Nick Lewis explains how it works.Continue Reading
Can companies safely fire an information security manager?
An information security manager has access to many privileged systems in an organization, so letting one go can be tricky. Expert Mike O. Villegas explains how to handle the process.Continue Reading
How can a directory traversal attack be mitigated?
A new iOS flaw could allow attackers to conduct directory traversal attacks on AirDrop-enabled devices. Nick Lewis explains how enterprises should handle the threat.Continue Reading
Compromised credentials: What can enterprises do?
Attackers use compromised credentials to infiltrate enterprises undetected and steal corporate data. Expert Nick Lewis offers the best ways to handle this threat.Continue Reading
Outdated apps: What are the best ways to address them?
Dead and outdated apps can pose serious security risks for enterprises. Expert Nick Lewis explains how to find and remove dead apps before they become a problem.Continue Reading
How does GreenDispenser self-deleting malware work?
A new type of self-deleting malware, known as GreenDispenser, allows attackers to rob ATMs of cash. Expert Nick Lewis explains how this threat works and how to prevent it.Continue Reading
OPM breach: What's the risk of exposed fingerprint data?
Millions of fingerprint records were exposed in the OPM breach. Expert Michael Cobb explains how attackers can abuse such biometric data and what enterprises can do about it.Continue Reading
The rise of fileless malware attacks
New malware threats can infect systems without leaving any files behind. Expert Nick Lewis explains how fileless malware operates and the best ways for security programs to stop it.Continue Reading
How can enterprises mitigate ransomware as a service?
A rise in ransomware attacks has been attributed to a new service model for cybercriminals. Nick Lewis explains what's behind this new threat.Continue Reading
What's the effect of a financial malware tool going public?
A malware tool that helped to compile the Zeus Trojan has been leaked on the Web. Expert Nick Lewis explains what this means for enterprise security teams.Continue Reading