Judith Myerson Judith Myerson is a former contributor to SearchSecurity. Judith Myerson’s Most Recent Content SearchSecurity Site-to-site VPN security benefits and potential risks 28 Aug 2020 SearchSecurity 5 steps to determine residual risk during the assessment process 28 May 2020 SearchCIO 4 steps to remain compliant with SOX data retention policies 13 Jun 2019 TheServerSide.com Don't let plugins open up more Jenkins vulnerabilities 15 May 2019 TheServerSide.com Use entropy as a service to bolster your security 26 Apr 2019 TheServerSide.com Fix this runC vulnerability to prevent unwanted root access 14 Mar 2019 TheServerSide.com Manage Jenkins vulnerabilities via Security Advisory page 11 Mar 2019 SearchSecurity Should I worry about the Constrained Application Protocol? 08 Mar 2019 SearchSecurity How can I protect my self-encrypting drives? 07 Mar 2019 SearchSecurity How did Signal Desktop expose plaintext passwords? 19 Feb 2019 SearchSecurity How did the Dirty COW exploit get shipped in software? 14 Feb 2019 SearchSecurity Why did a Cisco patch for Webex have to be reissued? 14 Feb 2019 SearchSecurity Java deserialization attacks: What are they and how do they work? 18 Jan 2019 SearchSecurity Ping of death: What is it and how is Apple affected? 17 Jan 2019 SearchSecurity Network shaping: How does it enable BGP attacks to divert data 16 Jan 2019 SearchSecurity Updating TLS? Use cryptographic entropy for more secure keys 15 Jan 2019 SearchSecurity How was a credit card skimmer used to steal data from Newegg? 15 Jan 2019 SearchSecurity How can an authentication bypass vulnerability be exploited? 14 Jan 2019 SearchSecurity How does the new Dharma Ransomware variant work? 14 Dec 2018 SearchSecurity Why is preloading HTTP Strict Transport Security risky? 13 Dec 2018 SearchSecurity Faxploit: How can sending a fax compromise a network? 12 Dec 2018 SearchSecurity FragmentSmack: How is this denial-of-service exploited? 11 Dec 2018 SearchSecurity How the SHA-3 competition declared a winning hash function 11 Dec 2018 SearchSecurity L1TF: How do new vulnerabilities affect Intel processors? 10 Dec 2018 SearchSecurity How was a MikroTik router hack used to hijack traffic? 23 Nov 2018 SearchSecurity How was a black box attack used to exploit ATM vulnerabilities? 22 Nov 2018 SearchSecurity How were attackers able to bypass 2FA in a Reddit breach? 21 Nov 2018 SearchSecurity Can a D-Link router vulnerability threaten bank customers? 20 Nov 2018 SearchSecurity How does a Bluetooth vulnerability enable validation attacks? 19 Nov 2018 SearchSecurity Why entropy sources should be added to mobile application vetting 08 Nov 2018 SearchSecurity How was Kea DHCP v1.4.0 affected by a security advisory? 26 Oct 2018 SearchSecurity Does pcAnywhere put election management systems at risk? 25 Oct 2018 SearchSecurity Siemens Siclock: How do threat actors exploit these devices? 24 Oct 2018 SearchSecurity How do newly found flaws affect robot controllers? 23 Oct 2018 SearchSecurity What are DMARC records and can they improve email security? 22 Oct 2018 SearchSecurity How entropy sources interact with security and privacy plans 11 Oct 2018 SearchSecurity PulseNet: How do improper authentication flaws affect it? 21 Sep 2018 SearchSecurity Secure encrypted virtualization: How is this technology exploited? 20 Sep 2018 SearchSecurity WPA3 protocol: Should enterprises implement the changes? 19 Sep 2018 SearchSecurity What is VPNFilter malware and how can users protect themselves? 18 Sep 2018 SearchSecurity How can attackers exploit a buffer underflow vulnerability? 17 Sep 2018 SearchSecurity How hardening options help handle unpatchable vulnerabilities 11 Sep 2018 SearchSecurity What risks does the OpenFlow protocol vulnerability present? 24 Aug 2018 SearchSecurity How can a 13-year-old configuration flaw affect SAP systems? 23 Aug 2018 SearchSecurity My Cloud EX2: How can this device expose unauthorized data? 22 Aug 2018 SearchSecurity LG network: How can attackers use preauthenticated commands? 21 Aug 2018 SearchSecurity How does an IMSI catcher exploit SS7 vulnerabilities? 20 Aug 2018 SearchSecurity How criticality analysis benefits from an entropy engineer 09 Aug 2018 SearchSecurity Powerhammering: Can a power cable be used in air-gapped attacks? 27 Jul 2018 SearchSecurity How does SirenJack put emergency warning systems at risk? 26 Jul 2018 SearchSecurity How is Apple iOS 11 affected by a QR code vulnerability? 25 Jul 2018 SearchSecurity Bouncy Castle keystore: How are files vulnerable to brute force? 24 Jul 2018 SearchSecurity How did a Navarino Infinity flaw expose unauthenticated scripts? 23 Jul 2018 SearchSecurity How cyber resiliency is achieved via NIST's 14-step approach 05 Jul 2018 SearchSecurity Microsoft CredSSP: How was it exploited by CVE-2018-0886? 29 Jun 2018 SearchSecurity How can a text editor plug-in enable privilege escalation? 28 Jun 2018 SearchSecurity How are air-gapped computers put at risk by the Mosquito attack? 27 Jun 2018 SearchSecurity How can a hardcoded password vulnerability affect Cisco PCP? 26 Jun 2018 SearchSecurity How did the Panera Bread website expose customers? 25 Jun 2018 SearchSecurity How entropy sources help secure applications with SDLC 05 Jun 2018 SearchSecurity How has a Broadcom flaw affected the Lenovo ThinkPad? 31 May 2018 SearchSecurity How do BGP flaws affect Quagga routing software? 31 May 2018 SearchSecurity How are Linear eMerge E3 systems vulnerable to attacks? 30 May 2018 SearchSecurity How was a Cisco firewall vulnerability exploited by threat actors? 29 May 2018 SearchSecurity How did Strava's Global Heatmap disclose sensitive U.S. info? 28 May 2018 SearchSecurity Three IoT encryption alternatives for enterprises to consider 10 May 2018 SearchSecurity What VPN alternatives should enterprises consider using? 30 Mar 2018 SearchSecurity How are logic devices like WAGO PFC200 used by hackers? 29 Mar 2018 SearchSecurity Zyklon malware: What Microsoft Office flaws does it exploit? 28 Mar 2018 SearchSecurity How can a Moxa MXview vulnerability be exploited by hackers? 27 Mar 2018 SearchSecurity Intel AMT flaw: How are corporate endpoints put at risk? 26 Mar 2018 SearchSecurity Entropy sources: How do NIST rules impact risk assessments? 08 Mar 2018 SearchSecurity What can be done to prevent a swatting attack? 16 Feb 2018 SearchSecurity How does the Devil's Ivy bug compromise security cameras? 15 Feb 2018 SearchSecurity Embedded application security: Inside OWASP's best practices 15 Feb 2018 SearchSecurity What can enterprises do to prevent an IoT botnet attack? 14 Feb 2018 SearchSecurity How should BGP route hijacking be addressed? 13 Feb 2018 SearchSecurity How did a Microsoft Equation Editor flaw put systems at risk? 12 Feb 2018 SearchSecurity How HTTP security headers can defend enterprise systems 18 Jan 2018 SearchSecurity What went wrong with the Dirty COW vulnerability patch? 12 Jan 2018 SearchSecurity How should enterprise firewall settings be reviewed? 11 Jan 2018 SearchSecurity How is IP theft possible despite cryptographic protections? 10 Jan 2018 SearchSecurity How can a BGP vulnerability in Cisco products be fixed? 08 Jan 2018 SearchSecurity How can a vulnerability in Ruggedcom switches be mitigated? 15 Dec 2017 SearchSecurity Which 4G vulnerabilities should BYOD users be aware of? 14 Dec 2017 SearchSecurity How can a local file inclusion attack be stopped? 13 Dec 2017 SearchSecurity How can platform firmware be protected from attacks? 12 Dec 2017 SearchSecurity How to manage HTTP response headers for IIS, Nginx and Apache 12 Dec 2017 SearchSecurity How does port swapping work to bypass two-factor authentication? 11 Dec 2017 SearchSecurity How to add HTTP security headers to various types of servers 21 Nov 2017 SearchSecurity Ransomware recovery methods: What does the NIST suggest? 17 Nov 2017 SearchSecurity What QNAP vulnerabilities affect NAS storage device security? 16 Nov 2017 SearchSecurity HTTP Strict Transport Security: What are the security benefits? 14 Nov 2017 SearchSecurity Analyzing the flaws of Adobe's HTTP security headers 17 Oct 2017 SearchSecurity Telerik web UI: Can the cryptographic weakness be mitigated? 16 Oct 2017 SearchSecurity How can hackers use subtitle files to control endpoint devices? 12 Oct 2017 SearchSecurity Foxit Reader vulnerabilities: What can be done to mitigate them? 11 Oct 2017 SearchSecurity How are Windows shortcut files vulnerable to attacks? 10 Oct 2017 SearchSecurity How does an Amazon Echo vulnerability enable attackers to eavesdrop? 09 Oct 2017 SearchSecurity Application containers: What are the major risks? 22 Sep 2017 1 2