Michael Cobb CISSP-ISSAP Search Security Why did the PHPMailer library vulnerability have to be patched twice? 04 May 2017 Search Security Same-origin policy: How did Adobe Flash Player's implementation fail? 03 May 2017 Search Security How can a distributed guessing attack obtain payment card data? 02 May 2017 Search Security Panasonic Avionics IFE systems: How serious are the vulnerabilities? 01 May 2017 Search Security Identity and access management strategy: Time to modernize? 19 Apr 2017 Search Security How have ARM TrustZone flaws affected Android encryption? 07 Apr 2017 Search Security How serious is a malicious DLL file vulnerability for enterprises? 06 Apr 2017 Search Security How does a WebKit framework flaw enable denial-of-service attacks? 04 Apr 2017 Search Security How did firmware create an Android backdoor in budget devices? 03 Apr 2017 Search Security 1024-bit encryption keys: How 'trapdoored' primes have caused insecurity 30 Mar 2017 Search Security Attack by TIFF images: What are the vulnerabilities in LibTIFF? 10 Mar 2017 Search Security CJIS Security Policy: How can companies ensure FIPS compliance? 09 Mar 2017 Search Security How can attacks bypass ASLR protection on Intel chips? 08 Mar 2017 Search Security How can the Dirty COW vulnerability be used to attack Android devices? 07 Mar 2017 Search Security SHA-1 certificates: How will Mozilla's deprecation affect enterprises? 06 Mar 2017 Search Security What caused the ClixSense privacy breach that exposed user data? 10 Feb 2017 Search Security What global threat intelligence can and can't do for security programs 09 Feb 2017 Search Security How did iOS 10 security checks open brute force risk on local backups? 09 Feb 2017 Search Security HTTP public key pinning: Is the Firefox browser insecure without it? 08 Feb 2017 Search Security How did a Signal app bug let attackers alter encrypted attachments? 07 Feb 2017 Search Security How does Overseer spyware work on infected Android apps? 06 Feb 2017 Search Security How are hackers using Twitter as C&C servers for malware? 06 Jan 2017 Search Security How can two-factor authentication systems be used effectively? 04 Jan 2017 Search Security How does a Linux vulnerability allow attacks on TCP communications? 04 Jan 2017 Search Security How to buy digital certificates for your enterprise 03 Jan 2017 Search Security What new NIST password recommendations should enterprises adopt? 02 Jan 2017 Search Security SWIFT network communications: How can bank security be improved? 23 Dec 2016 Search Security Test your privileged user management knowledge 01 Dec 2016 Search Security Can an HTML5 document with a digital signature be authenticated? 25 Oct 2016 Search Security Preventing privilege creep: How to keep access and roles aligned 24 Oct 2016 Search Security Trusted? Certificate authority risks and how to manage them 21 Sep 2016 Search Security Planning for an IPv6 attack: DDoS, neighbor discovery threats and more 02 Sep 2016 Search Security How can the AirDroid app phone hijacking be prevented? 04 Jul 2016 Search Security Why signature-based detection isn't enough for enterprises 18 May 2016 Search Security How can Kerberos protocol vulnerabilities be mitigated? 06 May 2016 Search Security Breaking down the DROWN attack and SSLv2 vulnerability 21 Apr 2016 Search Security How does the M-Pesa service work and what are the risks? 13 Apr 2016 Search Security What's the difference between two-step verification and 2FA? 22 Mar 2016 Search Security Microsoft Device Guard tackles Windows 10 malware 11 Jan 2016 Search Security Should the RC4 cipher still be used in enterprises? 30 Dec 2015 Search Security How can software transplants fix bad code? 28 Dec 2015 Search Security Can Google's Chrome extension policy improve Web security? 16 Nov 2015 Search Security Secure Hash Algorithm-3: How SHA-3 is a next-gen security tool 30 Oct 2015 Search Security Getting to the bottom of the software vulnerability disclosure debate 12 Oct 2015 Search Security Can a new encryption trick prevent reverse engineering? 17 Aug 2015 Search Security How can I mitigate the risks of alternative Android browsers? 13 Aug 2015 Search Security Is third-party access the next IAM frontier? 03 Aug 2015 Search Security Certificate authorities are limited but new TLS versions can help 15 Jul 2015 Search Security From SSL and early TLS to TLS 1.2: Creating a PCI DSS 3.1 migration plan 13 Jul 2015 Search Security SSL/TLS security: Addressing WinShock, the Schannel vulnerability 06 Feb 2015 Search Security The POODLE vulnerability and its effect on SSL/TLS security 16 Jan 2015 Search Security Detecting backdoors: The Apple backdoor that never was? 07 Jan 2015 Search Security Can setting a cache-control header improve application data security? 01 Dec 2014 Search Security Are LibreSSL and BoringSSL safe OpenSSL alternatives? 01 Dec 2014 Search Security SHA-2 algorithm: The how and why of the transition 17 Oct 2014 Search Security Security School: Distributed denial-of-service attack defense 29 Aug 2014 Search Security Authentication caching: How it reduces enterprise network congestion 28 Mar 2014 Search Security Preventing plaintext password problems in Google Chrome 30 Jan 2014 Search Security The value of 2,048-bit encryption: Why encryption key length matters 07 Oct 2013 Search Security Can an unqualified domain name cause man-in-the-middle attacks? 10 Sep 2013 Search Security Bing security: Is search engine poisoning a problem for Bing users? 12 Mar 2013 Search Security Quiz: Targeted attacks 07 Mar 2013 Search Security What risk does the Apple UDID security leak pose to iOS users? 12 Feb 2013 Search Security Windows Server 2012 security: Is it time to upgrade? 08 Jan 2013 Search Security Examining Kindle Fire security, Silk browser security in the enterprise 07 May 2012 ComputerWeekly.com Segregation of duties: Small business best practices 19 Dec 2011 Search Security OAuth 2.0: Pros and cons of using the federation protocol 09 Nov 2011 Search Security Comparing relational database security and NoSQL security 17 Oct 2011 Search Security How to mitigate the risk of a TOCTTOU attack 31 Aug 2011 Search Security How MAC and HMAC use hash function encryption for authentication 30 Aug 2011 ComputerWeekly.com Best practices for audit, log review for IT security investigations 08 Aug 2011 ComputerWeekly.com Website secure login: Alternatives to out-of-wallet questions 27 Jul 2011 ComputerWeekly.com What is OpenID? How to use OpenID SSO in your organisation 22 Mar 2011 Search Mobile Computing Can smartphones get viruses and spread them to the network? 28 Feb 2011 ComputerWeekly.com How to use the Microsoft FCIV command-line checksum tool 17 Nov 2010 Search Security Why it's important to turn on DEP and ASLR Windows security features 05 Jul 2010 Search Security Enterprise PDF attack prevention best practices 07 Jun 2010 Search Security MD5 security: Time to migrate to SHA-1 hash algorithm? 19 May 2010 Search Security Performing a security risk analysis to assess acceptable level of risk 16 Apr 2010 ComputerWeekly.com Using resource allocation management to prevent DoS and other attacks 05 Apr 2010 Search Security What is an encryption collision? 23 Oct 2009 Search Security How to prevent ActiveX security risks 22 Sep 2009 ComputerWeekly.com How to use a netstat command in Windows to watch open ports 09 Sep 2009 Search Security What are new and commonly used public-key cryptography algorithms? 28 Aug 2009 Search Security What are the export limitations for AES data encryption? 25 Aug 2009 Search Security How does a Web server model differ from an application server model? 11 Feb 2009 Search Security Is it impossible to successfully remove a rootkit? 21 Oct 2008 Search Security Is Triple DES a more secure encryption scheme than DUKPT? 27 Mar 2008 Search Security Preparing for uniform resource identifier (URI) exploits 11 Oct 2007 Search Security How does SSL 'sit' between the network layer and application layer? 31 Jul 2007 Search Security How secure is the Windows registry? 26 Jul 2007 Search Security What are the drawbacks to application firewalls? 31 May 2007 Search Security What should be done with a RAID-5 array's failed drives? 31 May 2007 Search Security How secure are document scanners and other 'scan to email' appliances? 30 May 2007 Search Security How can header information track down an email spoofer? 02 May 2007 Search Security Will two different operating systems cause administrative problems? 17 Jan 2007 1 2 3
