Judith Myerson Judith Myerson is a former contributor to SearchSecurity. Judith Myerson’s Most Recent Content Security Site-to-site VPN security benefits and potential risks 28 Aug 2020 Security 5 steps to determine residual risk during the assessment process 28 May 2020 CIO 4 steps to remain compliant with SOX data retention policies 13 Jun 2019 TheServerSide.com Don't let plugins open up more Jenkins vulnerabilities 15 May 2019 TheServerSide.com Use entropy as a service to bolster your security 26 Apr 2019 TheServerSide.com Fix this runC vulnerability to prevent unwanted root access 14 Mar 2019 TheServerSide.com Manage Jenkins vulnerabilities via Security Advisory page 11 Mar 2019 Security Should I worry about the Constrained Application Protocol? 08 Mar 2019 Security How can I protect my self-encrypting drives? 07 Mar 2019 Security How did Signal Desktop expose plaintext passwords? 19 Feb 2019 Security How did the Dirty COW exploit get shipped in software? 14 Feb 2019 Security Why did a Cisco patch for Webex have to be reissued? 14 Feb 2019 Security Java deserialization attacks: What are they and how do they work? 18 Jan 2019 Security Ping of death: What is it and how is Apple affected? 17 Jan 2019 Security Network shaping: How does it enable BGP attacks to divert data? 16 Jan 2019 Security How was a credit card skimmer used to steal data from Newegg? 15 Jan 2019 Security Updating TLS? Use cryptographic entropy for more secure keys 15 Jan 2019 Security How can an authentication bypass vulnerability be exploited? 14 Jan 2019 Security How does the new Dharma Ransomware variant work? 14 Dec 2018 Security Why is preloading HTTP Strict Transport Security risky? 13 Dec 2018 Security Faxploit: How can sending a fax compromise a network? 12 Dec 2018 Security FragmentSmack: How is this denial-of-service exploited? 11 Dec 2018 Security How the SHA-3 competition declared a winning hash function 11 Dec 2018 Security L1TF: How do new vulnerabilities affect Intel processors? 10 Dec 2018 Security How was a MikroTik router hack used to hijack traffic? 23 Nov 2018 Security How was a black box attack used to exploit ATM vulnerabilities? 22 Nov 2018 Security How were attackers able to bypass 2FA in a Reddit breach? 21 Nov 2018 Security Can a D-Link router vulnerability threaten bank customers? 20 Nov 2018 Security How does a Bluetooth vulnerability enable validation attacks? 19 Nov 2018 Security Why entropy sources should be added to mobile application vetting 08 Nov 2018 Security How was Kea DHCP v1.4.0 affected by a security advisory? 26 Oct 2018 Security Does pcAnywhere put election management systems at risk? 25 Oct 2018 Security Siemens Siclock: How do threat actors exploit these devices? 24 Oct 2018 Security How do newly found flaws affect robot controllers? 23 Oct 2018 Security What are DMARC records and can they improve email security? 22 Oct 2018 Security How entropy sources interact with security and privacy plans 11 Oct 2018 Security PulseNet: How do improper authentication flaws affect it? 21 Sep 2018 Security Secure encrypted virtualization: How is this technology exploited? 20 Sep 2018 Security WPA3 protocol: Should enterprises implement the changes? 19 Sep 2018 Security What is VPNFilter malware and how can users protect themselves? 18 Sep 2018 Security How can attackers exploit a buffer underflow vulnerability? 17 Sep 2018 Security How hardening options help handle unpatchable vulnerabilities 11 Sep 2018 Security What risks does the OpenFlow protocol vulnerability present? 24 Aug 2018 Security How can a 13-year-old configuration flaw affect SAP systems? 23 Aug 2018 Security My Cloud EX2: How can this device expose unauthorized data? 22 Aug 2018 Security LG network: How can attackers use preauthenticated commands? 21 Aug 2018 Security How does an IMSI catcher exploit SS7 vulnerabilities? 20 Aug 2018 Security How criticality analysis benefits from an entropy engineer 09 Aug 2018 Security Powerhammering: Can a power cable be used in air-gapped attacks? 27 Jul 2018 Security How does SirenJack put emergency warning systems at risk? 26 Jul 2018 Security How is Apple iOS 11 affected by a QR code vulnerability? 25 Jul 2018 Security Bouncy Castle keystore: How are files vulnerable to brute force? 24 Jul 2018 Security How did a Navarino Infinity flaw expose unauthenticated scripts? 23 Jul 2018 Security How cyber resiliency is achieved via NIST's 14-step approach 05 Jul 2018 Security Microsoft CredSSP: How was it exploited by CVE-2018-0886? 29 Jun 2018 Security How can a text editor plug-in enable privilege escalation? 28 Jun 2018 Security How are air-gapped computers put at risk by the Mosquito attack? 27 Jun 2018 Security How can a hardcoded password vulnerability affect Cisco PCP? 26 Jun 2018 Security How did the Panera Bread website expose customers? 25 Jun 2018 Security How entropy sources help secure applications with SDLC 05 Jun 2018 Security How has a Broadcom flaw affected the Lenovo ThinkPad? 31 May 2018 Security How do BGP flaws affect Quagga routing software? 31 May 2018 Security How are Linear eMerge E3 systems vulnerable to attacks? 30 May 2018 Security How was a Cisco firewall vulnerability exploited by threat actors? 29 May 2018 Security How did Strava's Global Heatmap disclose sensitive U.S. info? 28 May 2018 Security Three IoT encryption alternatives for enterprises to consider 10 May 2018 Security What VPN alternatives should enterprises consider using? 30 Mar 2018 Security How are logic devices like WAGO PFC200 used by hackers? 29 Mar 2018 Security Zyklon malware: What Microsoft Office flaws does it exploit? 28 Mar 2018 Security How can a Moxa MXview vulnerability be exploited by hackers? 27 Mar 2018 Security Intel AMT flaw: How are corporate endpoints put at risk? 26 Mar 2018 Security Entropy sources: How do NIST rules impact risk assessments? 08 Mar 2018 Security What can be done to prevent a swatting attack? 16 Feb 2018 Security Embedded application security: Inside OWASP's best practices 15 Feb 2018 Security How does the Devil's Ivy bug compromise security cameras? 15 Feb 2018 Security What can enterprises do to prevent an IoT botnet attack? 14 Feb 2018 Security How should BGP route hijacking be addressed? 13 Feb 2018 Security How did a Microsoft Equation Editor flaw put systems at risk? 12 Feb 2018 Security How HTTP security headers can defend enterprise systems 18 Jan 2018 Security What went wrong with the Dirty COW vulnerability patch? 12 Jan 2018 Security How should enterprise firewall settings be reviewed? 11 Jan 2018 Security How is IP theft possible despite cryptographic protections? 10 Jan 2018 Security How can a BGP vulnerability in Cisco products be fixed? 08 Jan 2018 Security How can a vulnerability in Ruggedcom switches be mitigated? 15 Dec 2017 Security Which 4G vulnerabilities should BYOD users be aware of? 14 Dec 2017 Security How can a local file inclusion attack be stopped? 13 Dec 2017 Security How can platform firmware be protected from attacks? 12 Dec 2017 Security How to manage HTTP response headers for IIS, Nginx and Apache 12 Dec 2017 Security How does port swapping work to bypass two-factor authentication? 11 Dec 2017 Security How to add HTTP security headers to various types of servers 21 Nov 2017 Security Ransomware recovery methods: What does the NIST suggest? 17 Nov 2017 Security What QNAP vulnerabilities affect NAS storage device security? 16 Nov 2017 Security HTTP Strict Transport Security: What are the security benefits? 14 Nov 2017 Security Analyzing the flaws of Adobe's HTTP security headers 17 Oct 2017 Security Telerik web UI: Can the cryptographic weakness be mitigated? 16 Oct 2017 Security How can hackers use subtitle files to control endpoint devices? 12 Oct 2017 Security Foxit Reader vulnerabilities: What can be done to mitigate them? 11 Oct 2017 Security How are Windows shortcut files vulnerable to attacks? 10 Oct 2017 Security How does an Amazon Echo vulnerability enable attackers to eavesdrop? 09 Oct 2017 Security Application containers: What are the major risks? 22 Sep 2017 1 2
