Michael Cobb CISSP-ISSAP Search Security How did flaws in WhatsApp and Telegram enable account takeovers? 07 Aug 2017 Search Security Samsung Knox platform: Can it improve Android device security? 28 Jul 2017 Search Security SHA-1 collision: How the attack completely breaks the hash function 27 Jul 2017 Search Security Android sandboxing tools: How can work data separation be bypassed? 14 Jul 2017 Search Security How are forged cookies used in attacks on online user accounts? 13 Jul 2017 Search Security What made iOS apps handling sensitive data vulnerable to MitM attacks? 12 Jul 2017 Search Security Ticketbleed flaw: How can SSL session identities be protected? 11 Jul 2017 Search Security WordPress REST API flaw: How did it lead to widespread attacks? 10 Jul 2017 Search Security How the use of invalid certificates undermines cybersecurity 22 Jun 2017 Search Security How can a NULL pointer dereference flaw create a DoS attack? 09 Jun 2017 Search Security The Apple Notify flaw: How does it allow malicious script injection? 08 Jun 2017 Search Security How does Facebook's Delegated Recovery enable account verification? 07 Jun 2017 Search Security Adobe Acrobat Chrome extension: What are the risks? 06 Jun 2017 Search Security Cisco WebEx extension flaw: How does the patch fall short? 05 Jun 2017 Search Security How SSH key management and security can be improved 25 May 2017 Search Security Avoid privilege creep from the software development team 10 May 2017 Search Security How effective is geofencing technology as a security method? 05 May 2017 Search Security Why did the PHPMailer library vulnerability have to be patched twice? 04 May 2017 Search Security Same-origin policy: How did Adobe Flash Player's implementation fail? 03 May 2017 Search Security How can a distributed guessing attack obtain payment card data? 02 May 2017 Search Security Panasonic Avionics IFE systems: How serious are the vulnerabilities? 01 May 2017 Search Security Identity and access management strategy: Time to modernize? 19 Apr 2017 Search Security How have ARM TrustZone flaws affected Android encryption? 07 Apr 2017 Search Security How serious is a malicious DLL file vulnerability for enterprises? 06 Apr 2017 Search Security Insecure OAuth implementations: How are mobile app users at risk? 05 Apr 2017 Search Security How does a WebKit framework flaw enable denial-of-service attacks? 04 Apr 2017 Search Security How did firmware create an Android backdoor in budget devices? 03 Apr 2017 Search Security 1024-bit encryption keys: How 'trapdoored' primes have caused insecurity 30 Mar 2017 Search Security Attack by TIFF images: What are the vulnerabilities in LibTIFF? 10 Mar 2017 Search Security CJIS Security Policy: How can companies ensure FIPS compliance? 09 Mar 2017 Search Security How can attacks bypass ASLR protection on Intel chips? 08 Mar 2017 Search Security How can the Dirty COW vulnerability be used to attack Android devices? 07 Mar 2017 Search Security SHA-1 certificates: How will Mozilla's deprecation affect enterprises? 06 Mar 2017 Search Security What caused the ClixSense privacy breach that exposed user data? 10 Feb 2017 Search Security What global threat intelligence can and can't do for security programs 09 Feb 2017 Search Security How did iOS 10 security checks open brute force risk on local backups? 09 Feb 2017 Search Security HTTP public key pinning: Is the Firefox browser insecure without it? 08 Feb 2017 Search Security How did a Signal app bug let attackers alter encrypted attachments? 07 Feb 2017 Search Security How does Overseer spyware work on infected Android apps? 06 Feb 2017 Search Security How are hackers using Twitter as C&C servers for malware? 06 Jan 2017 Search Security How can two-factor authentication systems be used effectively? 04 Jan 2017 Search Security How does a Linux vulnerability allow attacks on TCP communications? 04 Jan 2017 Search Security How to buy digital certificates for your enterprise 03 Jan 2017 Search Security What new NIST password recommendations should enterprises adopt? 02 Jan 2017 Search Security SWIFT network communications: How can bank security be improved? 23 Dec 2016 Search Security Test your privileged user management knowledge 01 Dec 2016 Search Security Can an HTML5 document with a digital signature be authenticated? 25 Oct 2016 Search Security Preventing privilege creep: How to keep access and roles aligned 24 Oct 2016 Search Security Trusted? Certificate authority risks and how to manage them 21 Sep 2016 Search Security Planning for an IPv6 attack: DDoS, neighbor discovery threats and more 02 Sep 2016 Search Security How can the AirDroid app phone hijacking be prevented? 04 Jul 2016 Search Security Why signature-based detection isn't enough for enterprises 18 May 2016 Search Security How can Kerberos protocol vulnerabilities be mitigated? 06 May 2016 Search Security Breaking down the DROWN attack and SSLv2 vulnerability 21 Apr 2016 Search Security How does the M-Pesa service work and what are the risks? 13 Apr 2016 Search Security What's the difference between two-step verification and 2FA? 22 Mar 2016 Search Security Microsoft Device Guard tackles Windows 10 malware 11 Jan 2016 Search Security Should the RC4 cipher still be used in enterprises? 30 Dec 2015 Search Security How can software transplants fix bad code? 28 Dec 2015 Search Security Can Google's Chrome extension policy improve Web security? 16 Nov 2015 Search Security Secure Hash Algorithm-3: How SHA-3 is a next-gen security tool 30 Oct 2015 Search Security Getting to the bottom of the software vulnerability disclosure debate 12 Oct 2015 Search Security Can a new encryption trick prevent reverse engineering? 17 Aug 2015 Search Security How can I mitigate the risks of alternative Android browsers? 13 Aug 2015 Search Security Is third-party access the next IAM frontier? 03 Aug 2015 Search Security Certificate authorities are limited but new TLS versions can help 15 Jul 2015 Search Security From SSL and early TLS to TLS 1.2: Creating a PCI DSS 3.1 migration plan 13 Jul 2015 Search Security SSL/TLS security: Addressing WinShock, the Schannel vulnerability 06 Feb 2015 Search Security The POODLE vulnerability and its effect on SSL/TLS security 16 Jan 2015 Search Security Detecting backdoors: The Apple backdoor that never was? 07 Jan 2015 Search Security Can setting a cache-control header improve application data security? 01 Dec 2014 Search Security Are LibreSSL and BoringSSL safe OpenSSL alternatives? 01 Dec 2014 Search Security SHA-2 algorithm: The how and why of the transition 17 Oct 2014 Search Security Security School: Distributed denial-of-service attack defense 29 Aug 2014 Search Security Are malicious mobile apps a mere inconvenience or a real threat? 11 Jun 2014 Search Security Authentication caching: How it reduces enterprise network congestion 28 Mar 2014 Search Security Preventing plaintext password problems in Google Chrome 30 Jan 2014 Search Security The value of 2,048-bit encryption: Why encryption key length matters 07 Oct 2013 Search Security Can an unqualified domain name cause man-in-the-middle attacks? 10 Sep 2013 Search Security Quiz: Database security issues 30 May 2013 Search Security Bing security: Is search engine poisoning a problem for Bing users? 12 Mar 2013 Search Security Quiz: Targeted attacks 07 Mar 2013 Search Security What risk does the Apple UDID security leak pose to iOS users? 12 Feb 2013 Search Security Windows Server 2012 security: Is it time to upgrade? 08 Jan 2013 Search Security Examining Kindle Fire security, Silk browser security in the enterprise 07 May 2012 ComputerWeekly.com Segregation of duties: Small business best practices 19 Dec 2011 Search Security OAuth 2.0: Pros and cons of using the federation protocol 09 Nov 2011 Search Security Comparing relational database security and NoSQL security 17 Oct 2011 Search Security How to mitigate the risk of a TOCTTOU attack 31 Aug 2011 Search Security How MAC and HMAC use hash function encryption for authentication 30 Aug 2011 ComputerWeekly.com Best practices for audit, log review for IT security investigations 08 Aug 2011 ComputerWeekly.com Website secure login: Alternatives to out-of-wallet questions 27 Jul 2011 ComputerWeekly.com What is OpenID? How to use OpenID SSO in your organisation 22 Mar 2011 Mobile Computing Can smartphones get viruses and spread them to the network? 28 Feb 2011 ComputerWeekly.com How to use the Microsoft FCIV command-line checksum tool 17 Nov 2010 Search Security Why it's important to turn on DEP and ASLR Windows security features 05 Jul 2010 Search Security Enterprise PDF attack prevention best practices 07 Jun 2010 Search Security MD5 security: Time to migrate to SHA-1 hash algorithm? 19 May 2010 Search Security Performing a security risk analysis to assess acceptable level of risk 16 Apr 2010 ComputerWeekly.com Using resource allocation management to prevent DoS and other attacks 05 Apr 2010 1 2 3 4