Problem solve

Problem solve

Get help with specific problems with your technologies, process and projects.

• How does the BlackNurse attack overwhelm firewalls?

  A new attack called "BlackNurse" can disrupt firewalls with a small amount of ICMP packets. Expert Judith Myerson explains how it works and why it's a security issue for enterprises. Continue Reading

• SWIFT network communications: How can bank security be improved?

  The SWIFT network has increasingly been abused by cybercriminals to carry out bank fraud and theft. Expert Michael Cobb explains possible ways to boost security. Continue Reading

• How limiting administrative access can protect your enterprise

  Limiting administrative access can strengthen an enterprise's security posture significantly. Expert Joe Granneman discusses why this is such an important practice. Continue Reading

• Can security employee tenure be improved by CISOs?

  Security employee tenure is shorter than in most industries. Expert Mike O. Villegas outlines five budget-friendly steps CISOs can take to help lengthen it. Continue Reading

• Combatting the top cybersecurity threats with intelligence

  Security professionals are playing an ever-greater role in managing business risk. Their efforts against top cybersecurity threats include investing in the latest defensive tools that promise to shut down attackers.

  At the top of enterprises' ... Continue Reading

• Risk & Repeat: Second Yahoo data breach uncovered

  In this episode of SearchSecurity's Risk & Repeat podcast, the editors discuss the second major Yahoo data breach and what it means for both the company and its users.Continue Reading

• Protecting the open source Redis tool from ransomware attacks

  Duo Labs discovered a flaw in the Redis tool that led to Fairware ransomware attacks on Linux servers. Expert Nick Lewis explains the security measures that enterprises can take.Continue Reading

• Meet security goals by avoiding threat intel and analytics mistakes

  Meeting top security goals is only the first step. Get up to speed on how to avoid common pitfalls in the use of threat intelligence and analytics.Continue Reading

• What should happen after an employee clicks on a malicious link?

  The response to an employee clicking on a malicious link is important for organizations to get right. Expert Matthew Pascucci discusses how to handle the aftermath of an attack.Continue Reading

• CISO Q&A: Healthcare information security needs more leadership

  Anahi Santiago of Christiana Care Health System has spent much of her career in healthcare information security. "We are under attack," she says.Continue Reading

• Building a threat intelligence program? How to avoid the 'feed' frenzy

  Cyberthreat intelligence is just data if it is not actionable. We offer tips to help your team focus on relevant CTI for faster threat detection and response.Continue Reading

• Risk & Repeat: Rapid7 tackles IoT threats, vulnerabilities

  In this episode of SearchSecurity's Risk & Repeat podcast, Tod Beardsley and Rebekah Brown of Rapid7 talk about the IoT threat landscape and improving IoT device security.Continue Reading

• Aflac CISO Tim Callahan on global security, risk management

  With today's cyberthreats, the CISO has to know more about intelligence, working with government and private industry, and how to tailor the security program to further the business.Continue Reading

• How does the HummingBad malware enable click fraud?

  The HummingBad malware has infected 10 million mobile devices worldwide. Expert Michael Cobb explains how this exploit enables click fraud and other risks for users.Continue Reading

• Incident response tools can help automate your security

  In this era of nonstop security threats, incident response tools that help automate detection and reaction are now essential. Learn how to update your IR process.Continue Reading

• Insider Edition: Improved threat detection and incident response

  The security incident response process isn't getting any easier, not in an age characterized by mobile workers, cloud computing and faster networks. So much can go wrong: Attacks can come from any source and use every method imaginable -- and some ...Continue Reading

• Cybersecurity and Applied Mathematics

  In this excerpt of Cybersecurity and Applied Mathematics, authors Leigh Metcalf and William Casey explain string analysis and how it can be applied to cyber data.Continue Reading

• DevOps and security promises better apps, infrastructures

  DevOps is a process aimed at creating and updating applications quickly and, traditionally, it has lacked effective security controls. The software that was created too often contained vulnerabilities right from the start. Combining DevOps and ...Continue Reading

• Are browsers using the HTTP/2 protocol vulnerable to HEIST attacks?

  HEIST, a new HTTP/2 protocol exploit, can steal encrypted content from HTTPS traffic. Expert Michael Cobb explains how this attack works and how to stop it.Continue Reading

• Is it possible to get a new CISO position after being fired?

  CISO turnover is common after a security incident, but it's not the end of a career in security. Expert Mike O. Villegas discusses how to increase the odds of finding a new CISO position.Continue Reading

• Behavioral threat assessment means real-time threat detection

  Real-time behavioral threat analytics is the next frontier in security. Learn how a behavioral threat assessment tool can protect your enterprise systems and data.Continue Reading

• Want a board-level cybersecurity expert? They're hard to find

  Members of the board must be ready to defend their fiduciary decisions, corporate policies, compliance actions and, soon, cybersecurity preparedness.Continue Reading

• Is destroying a decryption key a strong enough security practice?

  Destroying a decryption key isn't the same as destroying the data, but which method is more secure? Expert Mike Chapple explains the best way to combat a future encryption flaw.Continue Reading

• Preventing Microsoft's Authenticode from spreading stealth malware

  A Microsoft Authenticode vulnerability allowed malicious code to sneak through without invalidating a file's digital signature. Expert Nick Lewis explains how to address this flaw.Continue Reading

• Risk & Repeat: DNS DDoS attacks raise concerns over IoT devices

  In this Risk & Repeat podcast, SearchSecurity editors discuss the DDoS DNS attacks on Dyn and what they mean for DNS providers, IoT device manufacturers and enterprises.Continue Reading

• How does auto-rooting malware LevelDropper gain device root access?

  Auto-rooting app LevelDropper has the ability to silently root devices and gain system level privileges. Expert Michael Cobb explains how to detect and stop it.Continue Reading

• Why have macro malware authors moved toward using OLE technology?

  Threat actors are moving from macro malware to using OLE technology to spread their malicious code. Expert Michael Cobb explains what enterprises should look out for.Continue Reading

• Preventing and responding to a healthcare ransomware infection

  The healthcare industry is a target for ransomware infections. Expert Ernie Hayden explains how organizations can take steps to prevent and respond to these attacks.Continue Reading

• How can the cybersecurity skills shortage be fixed?

  With the skills shortage plaguing the industry, should enterprises put less of a focus on finding staff with cybersecurity skills? Expert Mike O. Villegas explains why not.Continue Reading

• How can APT groups be stopped from exploiting a Microsoft Office flaw?

  APT groups have been continuously exploiting a flaw in Microsoft Office, despite it having been patched. Expert Nick Lewis explains how these attacks work and how to prevent them.Continue Reading

• Rowhammer exploit: Are Microsoft Edge browser users at risk?

  The Rowhammer and memory deduplication attack enables read and write access to Microsoft Edge browsers. Expert Nick Lewis explains how to mitigate this threat.Continue Reading

• How to handle out-of-band management for network infrastructure

  Out-of-band management can be used for handling network infrastructure. Expert Judith Myerson explains the benefits of out-of-band management and how it can be implemented.Continue Reading

• Even with rise in crypto-ransomware, majority do not pay

  With data increasingly held hostage, companies are learning the downside of encryption and cryptocurrency. As some organizations admit to paying ransoms, will the problem get worse?Continue Reading

• Q&A: Looking at cyberweapons and other issues with Nathaniel Gleicher

  The former White House cybersecurity policy director talks about cyberthreats, the government's vulnerability equities process and lawful use of exploit toolkits.Continue Reading

• Cyber attribution: Whodunit takes on new meaning in November

  Political hacking is a regular occurrence. Should we worry more about cybercrime attribution or the ability of unknown actors to influence public discourse?Continue Reading

• How can privileged access accounts be managed in large companies?

  Network administrators typically resist policies for separate accounts when performing different tasks. Expert Michael Cobb explains the risk of privileged access.Continue Reading

• How are weak passwords banned with Microsoft's Smart Password Lockout?

  Microsoft is banning weak passwords on many of its services with the Smart Password Lockout feature. Expert Michael Cobb explains how it works, and if it will be beneficial.Continue Reading

• Trusted? Certificate authority risks and how to manage them

  Trusted certificate authorities are essential in today's business climate, but that doesn't mean they are easy to come by. Certificate authority risks are many, certainly, but this three-part technical guide is designed to make plain the challenges ...Continue Reading

• Is settling a data breach lawsuit the best option for enterprises?

  In the unfortunate event of a data breach lawsuit, it's often better to settle before the case reaches court. Expert Mike O. Villegas explains why and how CISOs can help.Continue Reading

• Insider security threats: What CISOs can do to mitigate them

  Dealing with insider security threats requires a combination of tactics. Expert Mike O. Villegas discusses the various aspects of insider threat mitigation strategies.Continue Reading

• What are the cloud compliance issues organizations have to deal with?

  Cloud compliance issues are no reason for enterprises not to move to the cloud. Expert Mike Chapple explains why, as well as what to keep in mind about cloud compliance.Continue Reading

• Global report: Cybersecurity skills shortage threatens security

  The shortage in the security skills pipeline is creating vulnerabilities worldwide, according to one report. Executives say "gaming" can help companies develop a better workforce.Continue Reading

• Q&A: Analyzing DNS services with Paul Vixie

  With targeted attacks such as distributed denial-of-service and ransomware on the rise, should domain name system analysis become part of your defense strategy?Continue Reading

• How to handle a problematic cybersecurity expert on your team

  Sometimes hiring a cybersecurity expert to help your security team isn't all it's cracked up to be. Expert Mike O. Villegas explains what CISOs should do when this happens.Continue Reading

• Why did QuickTime for Windows move to end of life so abruptly?

  QuickTime for Windows was found to have two zero-day vulnerabilities, and was then suddenly moved to end of life by Apple. Expert Michael Cobb explains the abrupt action.Continue Reading

• Risk & Repeat: Shadow Brokers' dump shakes IT industry

  In part two of Risk & Repeat's podcast on the Equation Group, SearchSecurity editors discuss the zero-day vulnerabilities discovered in the Shadow Brokers' data dump.Continue Reading

• Security startups: What do CISOs need to know before being customers?

  Being a customer of security startups comes with some risk. Expert Mike O. Villegas discusses this risk and how CISOs can dodge the potential issues.Continue Reading

• Building an application security program: Why education is key

  Education and training are crucial parts of a strong application security program. Sean Martin explains how enterprises should build these elements into their programs.Continue Reading

• Data breach cost: What influences it the most?

  Malicious or criminal attacks take a longer time to identify and contain, research shows, leading to a higher cost per breach. We look at the numbers.Continue Reading

• What's the best way to communicate about advanced persistent threats?

  Advanced persistent threats are a constant risk for enterprises, so the board needs to know about them. Expert Mike O. Villegas discusses how to effectively communicate about APTs.Continue Reading

• Preventing various types of DDoS attacks on your enterprise's systems

  The types of DDoS attacks organizations face have grown and size of these attacks has increased. Expert Michael Cobb explains how to secure systems against common DDoS methods.Continue Reading

• Government cybersecurity problems can teach enterprises what to do

  The U.S. government's cybersecurity problems are in the spotlight, so enterprises should learn from them. Expert Mike Chapple looks at the lessons organizations can learn.Continue Reading

• Best practices for an information security assessment

  Information security assessments can be effective for identifying and fixing issues in your enterprise's policies. Expert Kevin Beaver explains the key components of the process.Continue Reading

• How did a pirated app bypass Apple's App Store security?

  A pirated app called Happy Daily English beat Apple's App Store security review. Expert Michael Cobb explains how it works and what security teams can do about it.Continue Reading

• How does the Trochilus RAT evade detection and sandboxing?

  The new Trochilus RAT can avoid detection in cyberespionage attacks. Expert Nick Lewis explains how it works, and if enterprises need to adapt their security programs.Continue Reading

• What new Asacub Trojan features should enterprises watch out for?

  The Asacub Trojan has new banking malware features. Expert Nick Lewis explains how it made this transition and what enterprises should be watching out for.Continue Reading

• How does the Dridex Trojan conduct redirection attacks?

  The new version of the Dridex Trojan share Dyre malware's redirection attack capabilities. Expert Nick Lewis explains how enterprises can prevent these incidents.Continue Reading

• CISO challenges: Identifying and addressing common problems

  Enterprises often struggle to identify and prioritize the most pressing security concerns and threats. Sean Martin explains the common CISO challenges facing organizations today.Continue Reading

• Session cookies: When should they be protected by a salted hash?

  Is cookie encryption enough to protect sensitive information? Expert Michael Cobb explains how salted hashes can prevent attacks, and the secure way to use cookies.Continue Reading

• Cyberinsurance policies: Getting coverage and avoiding limitations

  The cyberinsurance market is maturing rapidly, but there are still gray areas to navigate. Sean Martin explains what enterprises should know about policies.Continue Reading

• Mobile security strategy matures with BYOD

  The basic level of mobile security is to protect data and access to a network, but understanding the needs of mobile users and their devices is the key to maturing that strategy.Continue Reading

• How does the mandatory access control model and application sandboxing differ?

  Mandatory access control and application sandboxing both offer layers of security through controlling access to system resources. Expert Michael Cobb explains what sets each apart.Continue Reading

• Enterprise mobile strategy: Step up security

  CISOs are tasked with developing an effective enterprise mobile strategy that offers different levels of mobile security, from device management to application-layer controls. Some companies are moving beyond device management and containerization ...Continue Reading

• Defense-in-depth strategy: Growing cyberthreat intelligence

  Cybersecurity defense in depth needs to learn from the military strategy it originated from. Expert Peter Sullivan explains where cybersecurity should not deviate.Continue Reading

• Are cybersecurity lawyers necessary for organizations?

  Cybersecurity lawyers can help handle a variety of enterprise security issues, but are they necessary? Expert Mike O. Villegas discusses the potential benefits.Continue Reading

• Symantec vulnerability raises big questions for antivirus industry

  SearchSecurity's Risk & Repeat podcast discusses the Symantec vulnerability disclosed by Google Project Zero and what the bug means for the antivirus industry.Continue Reading

• How does SlemBunk collect Android user credentials?

  An Android Trojan called SlemBunk is impersonating banking applications in order to collect user credentials. Expert Nick Lewis explains the security measures to stop this malware.Continue Reading

• Why signature-based detection isn't enough for enterprises

  Signature-based detection and machine learning algorithms identify malicious code and threats. Expert Michael Cobb explains how both techniques defend networks and endpoints.Continue Reading

• How encryption legislation could affect enterprises

  The legal battle between the FBI and Apple brought encryption legislation into the public eye, for better or worse. Expert Mike Chapple discusses the effect of this on enterprises.Continue Reading

• Removing malware: What are the best methods?

  When removing malware for client devices, how can security teams decide if the infection is truly gone? Expert Nick Lewis explains the cleanup process and the best practices.Continue Reading

• How can common mobile application security risks be reduced?

  A new Veracode report offers details on common mobile application security risks. Expert Michael Cobb explains these flaws, and what developers can do to reduce them.Continue Reading

• How IAM can address unstructured content security risks

  The amount of enterprise unstructured content is growing every year. Expert Sean Martin explains why IAM is an important component of unstructured data management and security.Continue Reading

• How to resolve a Web application security vulnerability

  Web application security vulnerabilities can exist from browser to SSL/TLS. Expert Brad Causey explains how application security testing and Web application firewalls can address this.Continue Reading

• What should candidates expect in interviews for CISO jobs?

  When candidates prepare for a CISO job interview, they should know the answer to 12 specific questions. Expert Mike O. Villegas reviews the questions.Continue Reading

• Why a cap-less cybersecurity budget could harm security

  An unlimited cybersecurity budget may sound like a dream, but in reality it could do more harm than good for an enterprise. Expert Mike O. Villegas explains.Continue Reading

• ModPOS: How can enterprises defend against POS malware?

  ModPOS, a new POS malware, compromised millions of credit card accounts in 2015. Expert Nick Lewis explains how cybercriminals use this malware and what can be done to stop it.Continue Reading

• Can credit card hacking be stopped with Chip and PIN alone?

  Amex cards have been discovered to be vulnerable to credit card hacking. Expert Nick Lewis explains how this happens, and what can be done about Chip and PIN security.Continue Reading

• Machine learning applications: Mitigating the risks

  Machine learning applications are beneficial to enterprises, but there are also several risks involved. Expert Judith Myerson explains five ways to combat them.Continue Reading

• Developing a security incident response policy: Avoiding pitfalls

  Does your enterprise have an effective incident response policy? Expert Kevin Beaver explains some of the mistakes that security managers should be avoiding.Continue Reading

• Personal email servers: What are the security risks?

  Hillary Clinton has taken much criticism over the use of a personal email server. Expert Michael Cobb explains the risks of shadow IT email and what enterprises can do about them.Continue Reading

• APT-style attacks: How cybercriminals are using them

  New research shows cybercriminals are using more advanced attack techniques. Expert Nick Lewis explains what enterprises need to know about the APT-style attacks.Continue Reading

• Evil maid attacks: How can they be stopped?

  What is an 'evil maid' attack and how can enterprises prevent it? Expert Nick Lewis explains the threat and the precautions employees should take when traveling.Continue Reading

• The security risks of network sensors in the enterprise

  The proliferation of network sensors for embedded systems and IoT devices can create problems for enterprises. Expert Kevin Beaver explains the risks these sensors pose.Continue Reading

• How does YiSpecter affect non-jailbroken iOS devices?

  New mobile malware can affect both jailbroken and non-jailbroken iOS devices. Expert Nick Lewis outlines the threat posed by YiSpecter and how to stop it.Continue Reading

• How can Internet hijacking be prevented or mitigated?

  An advanced persistent threat group used satellite Internet connections to mask its attacks. Expert Nick Lewis offers advice for preventing these types of schemes.Continue Reading

• Malware-free attacks: How can enterprises stop them?

  New research shows that threat actors are "living off the land" and infiltrating corporate networks using malware-free attacks. Expert Nick Lewis explains how this is done.Continue Reading

• How to tell a security backdoor from a vulnerability

  Security backdoors and security vulnerabilities can often be confused with one another. Expert Michael Cobb offers guidance on distinguishing the two.Continue Reading

• How can a malicious C&C server remain undetected?

  A command and control server for the "Gh0st" malware campaign went undetected for two years, according to security researchers. Expert Nick Lewis explains how it happened.Continue Reading

• How can a DMARC policy improve email security?

  Major email providers are adopting DMARC policies to reduce spam. Expert Michael Cobb explains how DMARC works and why it's is a good thing for email security.Continue Reading

• Detecting and Combating Malicious Email

  In this excerpt of Detecting and Combating Malicious Email, authors Julie JCH Ryan and Cade Kamachi discuss the elements of an email structure and touch on how attackers can use these elements to trick unwitting victims.Continue Reading

• De-anonymizing malware: Can a new tactic help?

  Researchers have discovered a new technique for de-anonymizing software that could help infosec teams attribute malware attacks. Expert Nick Lewis explains how it works.Continue Reading

• Can companies safely fire an information security manager?

  An information security manager has access to many privileged systems in an organization, so letting one go can be tricky. Expert Mike O. Villegas explains how to handle the process.Continue Reading

• How can a directory traversal attack be mitigated?

  A new iOS flaw could allow attackers to conduct directory traversal attacks on AirDrop-enabled devices. Nick Lewis explains how enterprises should handle the threat.Continue Reading

• Compromised credentials: What can enterprises do?

  Attackers use compromised credentials to infiltrate enterprises undetected and steal corporate data. Expert Nick Lewis offers the best ways to handle this threat.Continue Reading

• Outdated apps: What are the best ways to address them?

  Dead and outdated apps can pose serious security risks for enterprises. Expert Nick Lewis explains how to find and remove dead apps before they become a problem.Continue Reading

• How does GreenDispenser self-deleting malware work?

  A new type of self-deleting malware, known as GreenDispenser, allows attackers to rob ATMs of cash. Expert Nick Lewis explains how this threat works and how to prevent it.Continue Reading

• OPM breach: What's the risk of exposed fingerprint data?

  Millions of fingerprint records were exposed in the OPM breach. Expert Michael Cobb explains how attackers can abuse such biometric data and what enterprises can do about it.Continue Reading

• The rise of fileless malware attacks

  New malware threats can infect systems without leaving any files behind. Expert Nick Lewis explains how fileless malware operates and the best ways for security programs to stop it.Continue Reading

• How can enterprises mitigate ransomware as a service?

  A rise in ransomware attacks has been attributed to a new service model for cybercriminals. Nick Lewis explains what's behind this new threat.Continue Reading

• What's the effect of a financial malware tool going public?

  A malware tool that helped to compile the Zeus Trojan has been leaked on the Web. Expert Nick Lewis explains what this means for enterprise security teams.Continue Reading