Platform security

Get the latest news, advice and best practices for platform security. Here you'll find information on vulnerability and threat management, operating system security fundamentals, virtualization security basics, Web security and more.

October 22, 2018 22 Oct'18
Zero-day jQuery plugin vulnerability exploited for 3 years

A zero-day in jQuery File Upload could affect thousands of projects because the jQuery plugin vulnerability has existed for eight years and actively exploited for at least three years.
August 29, 2018 29 Aug'18
Windows 10 zero-day disclosed on Twitter, no fix in sight

Security researcher SandboxEscaper released proof-of-concept code for a Windows 10 zero-day on Twitter, but Microsoft has no details for a potential patch.
August 17, 2018 17 Aug'18
Intel disclosed Spectre-like L1TF vulnerabilities

News roundup: Intel disclosed L1TF vulnerabilities with similarities to Spectre, but with a focus on data. Plus, the NIST Small Business Cybersecurity Act is now a law, and more.
June 06, 2018 06 Jun'18
Apple iOS 12 USB Restricted Mode to foil thieves, law enforcement

A rumored security feature, USB Restricted Mode, is making its premiere in Apple's iOS 12 and will protect users from brute-force passcode attacks by thieves and law enforcement alike.

Bring yourself up to speed with our introductory content

What are the Windows Defender management tools?

If you're using Windows Defender AV to protect your company, it's imperative to configure the malware protection properly. This tip lays out the management options for admins. Continue Reading
AI and machine learning in network security advance detection

Applying AI, and specifically machine learning, in network security helps protect enterprises against advanced persistent threats and sophisticated cybercriminals. Continue Reading
How do I avoid Windows Defender compatibility issues?

Microsoft offers a free antimalware tool for client and server systems, but administrators need to tune the layers of protection to avoid problems. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

What are the top Windows Defender features in Windows 10?

Windows Defender includes several features IT pros can use to tighten security. Application Guard, for example, isolates browser sessions to defend against internet-based attacks. Continue Reading
Get to know enterprise patch management tools

Unpatched software and OSes can create a huge security hole in any organization. IT should know what tools can fill in the gaps. Continue Reading
Machine learning security, a real advance in tech protection

Some pioneers of AI in cybersecurity find progress thus far limited, but machine learning still offers an advancement in protecting enterprise networks and data. Continue Reading

Learn to apply best practices and optimize your operations.

How does the APT attack Double Kill work in Office documents?

The Qihoo 360 Core Security team found a Microsoft vulnerability -- named Double Kill -- that affects applications via Office documents. Learn how this is possible with Nick Lewis. Continue Reading
How does Apple's Quick Look endanger user privacy?

Apple's Quick Look feature previews thumbnails that are not encrypted. Learn how this poses a security threat to enterprises from expert Michael Cobb. Continue Reading
SamSam ransomware: How is this version different from others?

Sophos recently discovered a SamSam extortion code that performs company-wide attacks using a range of vulnerability exploits. Discover how this version differs from past variants. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

How do newly found flaws affect robot controllers?

Several vulnerabilities were found in controllers made by Universal Robots. Discover what these controllers are used for and how threat actors can exploit these vulnerabilities. Continue Reading
Removable storage devices: Why are companies banning them?

IBM banned removable storage devices to encourage employees to use the company's internal file-sharing system. Learn how a ban like this can improve enterprise security. Continue Reading
How does MassMiner malware infect systems across the web?

Researchers from AlienVault found a new cryptocurrency mining malware -- dubbed MassMiner -- that infects systems across the web. Learn how this malware operates with Nick Lewis. Continue Reading