Judith Myerson

SearchSecurity

Judith Myerson is a veteran independent cybersecurity and system enterprise consultant. Prior to that, she oversaw the implementation of a risk management and security program at a naval facility for 1,000 enterprise-wide information systems. Myerson holds a M.S. in Engineering and holds CRISC certification. She has written over 750 articles and served as the editor of Enterprise Systems Integration. Myerson writes predominantly for SearchSecurity.com and contributes to TheServerSide.com.

Judith Myerson’s Most Recent Content

SearchCompliance

4 steps to remain compliant with SOX data retention policies
13 Jun 2019
TheServerSide.com

Don't let plugins open up more Jenkins vulnerabilities
15 May 2019
TheServerSide.com

Use entropy as a service to bolster your security
26 Apr 2019
TheServerSide.com

Fix this runC vulnerability to prevent unwanted root access
14 Mar 2019
TheServerSide.com

Manage Jenkins vulnerabilities via Security Advisory page
11 Mar 2019
SearchSecurity

Should I worry about the Constrained Application Protocol?
08 Mar 2019
SearchSecurity

How can I protect my self-encrypting drives?
07 Mar 2019
SearchSecurity

How did Signal Desktop expose plaintext passwords?
19 Feb 2019
SearchSecurity

How did the Dirty COW exploit get shipped in software?
14 Feb 2019
SearchSecurity

Why did a Cisco patch for Webex have to be reissued?
14 Feb 2019
SearchSecurity

Java deserialization attacks: What are they and how do they work?
18 Jan 2019
SearchSecurity

Ping of death: What is it and how is Apple affected?
17 Jan 2019
SearchSecurity

Network shaping: How does it enable BGP attacks to divert data
16 Jan 2019
SearchSecurity

How was a credit card skimmer used to steal data from Newegg?
15 Jan 2019
SearchSecurity

Updating TLS? Use cryptographic entropy for more secure keys
15 Jan 2019
SearchSecurity

How can an authentication bypass vulnerability be exploited?
14 Jan 2019
SearchSecurity

How does the new Dharma Ransomware variant work?
14 Dec 2018
SearchSecurity

Why is preloading HTTP Strict Transport Security risky?
13 Dec 2018
SearchSecurity

Faxploit: How can sending a fax compromise a network?
12 Dec 2018
SearchSecurity

FragmentSmack: How is this denial-of-service exploited?
11 Dec 2018
SearchSecurity

How the SHA-3 competition declared a winning hash function
11 Dec 2018
SearchSecurity

L1TF: How do new vulnerabilities affect Intel processors?
10 Dec 2018
SearchSecurity

How was a MikroTik router hack used to hijack traffic?
23 Nov 2018
SearchSecurity

How was a black box attack used to exploit ATM vulnerabilities?
22 Nov 2018
SearchSecurity

How were attackers able to bypass 2FA in a Reddit breach?
21 Nov 2018
SearchSecurity

Can a D-Link router vulnerability threaten bank customers?
20 Nov 2018
SearchSecurity

How does a Bluetooth vulnerability enable validation attacks?
19 Nov 2018
SearchSecurity

Why entropy sources should be added to mobile application vetting
08 Nov 2018
SearchSecurity

How was Kea DHCP v1.4.0 affected by a security advisory?
26 Oct 2018
SearchSecurity

Does pcAnywhere put election management systems at risk?
25 Oct 2018
SearchSecurity

Siemens Siclock: How do threat actors exploit these devices?
24 Oct 2018
SearchSecurity

How do newly found flaws affect robot controllers?
23 Oct 2018
SearchSecurity

What are DMARC records and can they improve email security?
22 Oct 2018
SearchSecurity

How entropy sources interact with security and privacy plans
11 Oct 2018
SearchSecurity

PulseNet: How do improper authentication flaws affect it?
21 Sep 2018
SearchSecurity

Secure encrypted virtualization: How is this technology exploited?
20 Sep 2018
SearchSecurity

WPA3 protocol: Should enterprises implement the changes?
19 Sep 2018
SearchSecurity

What is VPNFilter malware and how can users protect themselves?
18 Sep 2018
SearchSecurity

How can attackers exploit a buffer underflow vulnerability?
17 Sep 2018
SearchSecurity

How hardening options help handle unpatchable vulnerabilities
11 Sep 2018
SearchSecurity

What risks does the OpenFlow protocol vulnerability present?
24 Aug 2018
SearchSecurity

How can a 13-year-old configuration flaw affect SAP systems?
23 Aug 2018
SearchSecurity

My Cloud EX2: How can this device expose unauthorized data?
22 Aug 2018
SearchSecurity

LG network: How can attackers use preauthenticated commands?
21 Aug 2018
SearchSecurity

How does an IMSI catcher exploit SS7 vulnerabilities?
20 Aug 2018
SearchSecurity

How criticality analysis benefits from an entropy engineer
09 Aug 2018
SearchSecurity

Powerhammering: Can a power cable be used in air-gapped attacks?
27 Jul 2018
SearchSecurity

How does SirenJack put emergency warning systems at risk?
26 Jul 2018
SearchSecurity

How is Apple iOS 11 affected by a QR code vulnerability?
25 Jul 2018
SearchSecurity

Bouncy Castle keystore: How are files vulnerable to brute force?
24 Jul 2018
SearchSecurity

How did a Navarino Infinity flaw expose unauthenticated scripts?
23 Jul 2018
SearchSecurity

How cyber resiliency is achieved via NIST's 14-step approach
05 Jul 2018
SearchSecurity

Microsoft CredSSP: How was it exploited by CVE-2018-0886?
29 Jun 2018
SearchSecurity

How can a text editor plug-in enable privilege escalation?
28 Jun 2018
SearchSecurity

How are air-gapped computers put at risk by the Mosquito attack?
27 Jun 2018
SearchSecurity

How can a hardcoded password vulnerability affect Cisco PCP?
26 Jun 2018
SearchSecurity

How did the Panera Bread website expose customers?
25 Jun 2018
SearchSecurity

How entropy sources help secure applications with SDLC
05 Jun 2018
SearchSecurity

How has a Broadcom flaw affected the Lenovo ThinkPad?
31 May 2018
SearchSecurity

How do BGP flaws affect Quagga routing software?
31 May 2018
SearchSecurity

How are Linear eMerge E3 systems vulnerable to attacks?
30 May 2018
SearchSecurity

How was a Cisco firewall vulnerability exploited by threat actors?
29 May 2018
SearchSecurity

How did Strava's Global Heatmap disclose sensitive U.S. info?
28 May 2018
SearchSecurity

Three IoT encryption alternatives for enterprises to consider
10 May 2018
SearchSecurity

What VPN alternatives should enterprises consider using?
30 Mar 2018
SearchSecurity

How are logic devices like WAGO PFC200 used by hackers?
29 Mar 2018
SearchSecurity

Zyklon malware: What Microsoft Office flaws does it exploit?
28 Mar 2018
SearchSecurity

How can a Moxa MXview vulnerability be exploited by hackers?
27 Mar 2018
SearchSecurity

Intel AMT flaw: How are corporate endpoints put at risk?
26 Mar 2018
SearchSecurity

Entropy sources: How do NIST rules impact risk assessments?
08 Mar 2018
SearchSecurity

What can be done to prevent a swatting attack?
16 Feb 2018
SearchSecurity

How does the Devil's Ivy bug compromise security cameras?
15 Feb 2018
SearchSecurity

Embedded application security: Inside OWASP's best practices
15 Feb 2018
SearchSecurity

What can enterprises do to prevent an IoT botnet attack?
14 Feb 2018
SearchSecurity

How should BGP route hijacking be addressed?
13 Feb 2018
SearchSecurity

How did a Microsoft Equation Editor flaw put systems at risk?
12 Feb 2018
SearchSecurity

How HTTP security headers can defend enterprise systems
18 Jan 2018
SearchSecurity

What went wrong with the Dirty COW vulnerability patch?
12 Jan 2018
SearchSecurity

How should enterprise firewall settings be reviewed?
11 Jan 2018
SearchSecurity

How is IP theft possible despite cryptographic protections?
10 Jan 2018
SearchCloudSecurity

Secure cloud migration: What pitfalls should companies avoid?
09 Jan 2018
SearchSecurity

How can a BGP vulnerability in Cisco products be fixed?
08 Jan 2018
SearchSecurity

How can a vulnerability in Ruggedcom switches be mitigated?
15 Dec 2017
SearchSecurity

Which 4G vulnerabilities should BYOD users be aware of?
14 Dec 2017
SearchSecurity

How can a local file inclusion attack be stopped?
13 Dec 2017
SearchSecurity

How can platform firmware be protected from attacks?
12 Dec 2017
SearchSecurity

How to manage HTTP response headers for IIS, Nginx and Apache
12 Dec 2017
SearchSecurity

How does port swapping work to bypass two-factor authentication?
11 Dec 2017
SearchSecurity

How to add HTTP security headers to various types of servers
21 Nov 2017
SearchSecurity

Ransomware recovery methods: What does the NIST suggest?
17 Nov 2017
SearchSecurity

What QNAP vulnerabilities affect NAS storage device security?
16 Nov 2017
SearchSecurity

How did a Rufus software vulnerability put enterprises at risk?
15 Nov 2017
SearchSecurity

HTTP Strict Transport Security: What are the security benefits?
14 Nov 2017
SearchCloudSecurity

How can a hypervisor deployment avoid security risks?
13 Nov 2017
SearchSecurity

Analyzing the flaws of Adobe's HTTP security headers
17 Oct 2017
SearchSecurity

Telerik web UI: Can the cryptographic weakness be mitigated?
16 Oct 2017
SearchSecurity

How can hackers use subtitle files to control endpoint devices?
12 Oct 2017
SearchSecurity

Foxit Reader vulnerabilities: What can be done to mitigate them?
11 Oct 2017
SearchSecurity

How are Windows shortcut files vulnerable to attacks?
10 Oct 2017
SearchSecurity

How does an Amazon Echo vulnerability enable attackers to eavesdrop?
09 Oct 2017

1
2

Close