Michael Cobb CISSP-ISSAP - SearchSecurity SearchSecurity 1024-bit encryption keys: How 'trapdoored' primes have caused insecurity 30 Mar 2017 SearchSecurity Attack by TIFF images: What are the vulnerabilities in LibTIFF? 10 Mar 2017 SearchSecurity CJIS Security Policy: How can companies ensure FIPS compliance? 09 Mar 2017 SearchSecurity How can attacks bypass ASLR protection on Intel chips? 08 Mar 2017 SearchSecurity How can the Dirty COW vulnerability be used to attack Android devices? 07 Mar 2017 SearchSecurity SHA-1 certificates: How will Mozilla's deprecation affect enterprises? 06 Mar 2017 SearchSecurity What caused the ClixSense privacy breach that exposed user data? 10 Feb 2017 SearchSecurity What global threat intelligence can and can't do for security programs 09 Feb 2017 SearchSecurity How did iOS 10 security checks open brute force risk on local backups? 09 Feb 2017 SearchSecurity HTTP public key pinning: Is the Firefox browser insecure without it? 08 Feb 2017 SearchSecurity How did a Signal app bug let attackers alter encrypted attachments? 07 Feb 2017 SearchSecurity How does Overseer spyware work on infected Android apps? 06 Feb 2017 SearchSecurity The consequences of removing PPTP support from iOS 10 31 Jan 2017 IoT Agenda Fight internet of things dangers through device awareness 10 Jan 2017 SearchSecurity How are hackers using Twitter as C&C servers for malware? 06 Jan 2017 SearchSecurity How can two-factor authentication systems be used effectively? 04 Jan 2017 SearchSecurity How does a Linux vulnerability allow attacks on TCP communications? 04 Jan 2017 SearchSecurity FIDO authentication standard could signal the passing of passwords 03 Jan 2017 SearchSecurity How can PGP short key IDs be protected from collision attacks? 03 Jan 2017 SearchSecurity How to buy digital certificates for your enterprise 03 Jan 2017 SearchSecurity What new NIST password recommendations should enterprises adopt? 02 Jan 2017 SearchSecurity SWIFT network communications: How can bank security be improved? 23 Dec 2016 SearchSecurity Test your privileged user management knowledge 01 Dec 2016 SearchSecurity Privileged user access: Managing and monitoring accounts 27 Oct 2016 SearchSecurity Can an HTML5 document with a digital signature be authenticated? 25 Oct 2016 SearchSecurity Preventing privilege creep: How to keep access and roles aligned 24 Oct 2016 SearchSecurity Trusted? Certificate authority risks and how to manage them 21 Sep 2016 SearchSecurity Planning for an IPv6 attack: DDoS, neighbor discovery threats and more 02 Sep 2016 IoT Agenda When your IAM policy encounters the internet of things 11 Aug 2016 SearchSecurity How can the AirDroid app phone hijacking be prevented? 04 Jul 2016 SearchSecurity Why signature-based detection isn't enough for enterprises 18 May 2016 SearchSecurity How can Kerberos protocol vulnerabilities be mitigated? 06 May 2016 SearchSecurity Breaking down the DROWN attack and SSLv2 vulnerability 21 Apr 2016 SearchSecurity How does the M-Pesa service work and what are the risks? 13 Apr 2016 SearchSecurity What's the difference between two-step verification and 2FA? 22 Mar 2016 WhatIs.com Pretty Easy Privacy (pEp) 21 Jan 2016 SearchSecurity Microsoft Device Guard tackles Windows 10 malware 11 Jan 2016 SearchSecurity Should the RC4 cipher still be used in enterprises? 30 Dec 2015 SearchSecurity How can software transplants fix bad code? 28 Dec 2015 SearchSecurity Can Google's Chrome extension policy improve Web security? 16 Nov 2015 SearchSecurity Secure Hash Algorithm-3: How SHA-3 is a next-gen security tool 30 Oct 2015 IoT Agenda What's the key to IoT device discovery in the enterprise? 22 Oct 2015 SearchSecurity Getting to the bottom of the software vulnerability disclosure debate 12 Oct 2015 WhatIs.com wearables security 08 Oct 2015 SearchSecurity Can a new encryption trick prevent reverse engineering? 17 Aug 2015 SearchSecurity How can I mitigate the risks of alternative Android browsers? 13 Aug 2015 SearchSecurity Is third-party access the next IAM frontier? 03 Aug 2015 SearchSecurity Certificate authorities are limited but new TLS versions can help 15 Jul 2015 SearchSecurity From SSL and early TLS to TLS 1.2: Creating a PCI DSS 3.1 migration plan 13 Jul 2015 SearchSecurity SSL/TLS security: Addressing WinShock, the Schannel vulnerability 06 Feb 2015 SearchSecurity The POODLE vulnerability and its effect on SSL/TLS security 16 Jan 2015 SearchSecurity Detecting backdoors: The Apple backdoor that never was? 07 Jan 2015 SearchSecurity Can setting a cache-control header improve application data security? 01 Dec 2014 SearchSecurity Are LibreSSL and BoringSSL safe OpenSSL alternatives? 01 Dec 2014 SearchSecurity SHA-2 algorithm: The how and why of the transition 17 Oct 2014 SearchSecurity Security School: Distributed denial-of-service attack defense 29 Aug 2014 SearchSecurity Are malicious mobile apps a mere inconvenience or a real threat? 11 Jun 2014 SearchSecurity Authentication caching: How it reduces enterprise network congestion 28 Mar 2014 SearchSecurity Preventing plaintext password problems in Google Chrome 30 Jan 2014 SearchSecurity The value of 2,048-bit encryption: Why encryption key length matters 07 Oct 2013 SearchSecurity Can an unqualified domain name cause man-in-the-middle attacks? 10 Sep 2013 SearchSecurity Quiz: Database security issues 30 May 2013 SearchSecurity Bing security: Is search engine poisoning a problem for Bing users? 12 Mar 2013 SearchSecurity Quiz: Targeted attacks 07 Mar 2013 SearchSecurity What risk does the Apple UDID security leak pose to iOS users? 12 Feb 2013 SearchSecurity Windows Server 2012 security: Is it time to upgrade? 08 Jan 2013 SearchDataCenter en Español searchDataCenterES_echapter2 29 Nov 2012 ComputerWeekly.com “Click-for-tickets” fraud: Teaching users to sidestep Olympic scams 08 Jun 2012 ComputerWeekly.com Password security best practices: Change passwords to passphrases 01 Jun 2012 ComputerWeekly.com Prep and test your Olympics 2012 security contingency plans 22 May 2012 SearchSecurity Examining Kindle Fire security, Silk browser security in the enterprise 07 May 2012 ComputerWeekly.com Adding cybercrime software demos to security awareness training 01 May 2012 ComputerWeekly.com International computer crime requires an international response 30 Apr 2012 ComputerWeekly.com Building a secure website and maintaining good website design 13 Apr 2012 ComputerWeekly.com Open source software security issues: How to review OSS for security 15 Feb 2012 ComputerWeekly.com Incident reporting and employee surveillance laws in other countries 25 Jan 2012 ComputerWeekly.com Security policy and international employment laws for hiring overseas 23 Jan 2012 ComputerWeekly.com Assessing home offices for compliance with security teleworking policy 11 Jan 2012 ComputerWeekly.com Stop phone tracking and GPS data leakage 06 Jan 2012 ComputerWeekly.com Getting control of IT security documentation 28 Dec 2011 ComputerWeekly.com Outsourcing security issues: Managing outsourced software development 21 Dec 2011 ComputerWeekly.com Segregation of duties: Small business best practices 19 Dec 2011 ComputerWeekly.com How to prevent unauthorised personnel from hacking voicemail 13 Dec 2011 ComputerWeekly.com The case for ongoing end-user security awareness training 02 Dec 2011 ComputerWeekly.com Managing security during acquisition: A merger integration checklist 18 Nov 2011 ComputerWeekly.com Web application security guidelines for developers 18 Nov 2011 ComputerWeekly.com Add threat modelling to your Web application security best practices 14 Nov 2011 SearchSecurity Securing applications with a network pen test 10 Nov 2011 SearchSecurity OAuth 2.0: Pros and cons of using the federation protocol 09 Nov 2011 ComputerWeekly.com Maintaining a third-party security policy for DPA compliance 04 Nov 2011 ComputerWeekly.com Employee monitoring policy to avoid breaking employee monitoring laws 26 Oct 2011 ComputerWeekly.com How UK security laws and European privacy laws impact businesses 24 Oct 2011 ComputerWeekly.com PHP MVC framework tutorial: Learn Web application development security 17 Oct 2011 SearchSecurity Comparing relational database security and NoSQL security 17 Oct 2011 ComputerWeekly.com Organising an information security discussion on IT security processes 12 Oct 2011 ComputerWeekly.com Secure software development lifecycle: An approach for SMBs 21 Sep 2011 ComputerWeekly.com DPA personal data: Policies for employee information privacy 20 Sep 2011 SearchSecurity How to mitigate the risk of a TOCTTOU attack 31 Aug 2011 SearchSecurity How MAC and HMAC use hash function encryption for authentication 30 Aug 2011 ComputerWeekly.com Creating secure virtual machines with strong data separation policies 25 Aug 2011 1 2 3 4 5
