Manage

Manage

Learn to apply best practices and optimize your operations.

• How to mitigate the Efail flaws in OpenPGP and S/MIME

  Efail exploits vulnerabilities in the OpenPGP and S/MIME standards to reveal the plaintext in encrypted emails. Learn more about the Efail vulnerabilities from expert Michael Cobb. Continue Reading

• Skygofree Trojan: What makes this spyware unique?

  Android malware was discovered by Kaspersky Labs and named Skygofree. This Trojan targets smartphones and tablets using spyware and gathers user information and app data. Continue Reading

• Ransomware recovery: How can enterprises operate post-attack?

  A report detailed how Maersk recovered its infrastructure from a NotPetya ransomware attack along with its chosen recovery option. Expert Nick Lewis explains how it worked. Continue Reading

• 10 unified access management questions for OneLogin CSO Justin Calmus

  Enterprise security veteran Justin Calmus, who describes himself as an avid hacker, joined OneLogin as the CSO earlier this year. After last year's breach, who would want this job? Continue Reading

• Okiru malware: How does this Mirai malware variant work?

  A Mirai variant has the ability to put billions of devices at risk of becoming part of a botnet. Discover how this works and what devices are at risk with expert Nick Lewis. Continue Reading

• How criticality analysis benefits from an entropy engineer

  NIST published 'Criticality Analysis Process Model: Prioritizing Systems and Components' to guide organizations when prioritizing systems. Discover the key processes with Judith Myerson.Continue Reading

• How online malware collection aids threat intelligence

  Threat intelligence can facilitate cloud-based malware collection, which has value for enterprise cybersecurity. Expert Frank Siemons discusses collecting and analyzing malware.Continue Reading

• How do SDKs for ad networks cause data leaks?

  SDKs made user data susceptible to security vulnerabilities in mobile apps. Expert Michael Cobb explains how this security vulnerability put user data at risk.Continue Reading

• What to do when IPv4 and IPv6 policies disagree

  Unfortunately for enterprises, IPv4 and IPv6 policies don't always agree. Fernando Gont examines the differences between these two security policies, as well as some filtering rules.Continue Reading

• Security data scientists on how to make your data useful

  Data science and machine learning can reveal valuable security information that would otherwise remain hidden in large data sets. Security data scientists can be hard to find and may be out of reach for most organizations. Even without these skill ...Continue Reading

• Tom Van Vleck on the Multics operating system, security decisions

  Time-sharing systems got a lot right from a security standpoint. "We aimed toward a completely lights-out, 'no chance for mistakes' interface," says the security researcher.Continue Reading

• Fannie Mae CISO calls for more data on security incidents

  Chris Porter's years as a lead analyst and author of Verizon's Data Breach Investigations Report helped prepare him for the chief of security role at the primary housing lender.Continue Reading

• Not enough information security analysts, despite higher wages

  Survey data on global skills shortages does not show significant changes, even as companies turn to strategies such as security automation to make security teams more efficient.Continue Reading

• Overwhelmed by security data? Science to the rescue

  Security teams increasingly use large data sets from their networks to find hidden threats. Why companies should embark on their own data science and machine learning initiatives.Continue Reading

• Why third-party access to data may come at a price

  Google and other platform companies dangled not only APIs but access to user data from unwitting customers to attract third-party developers and other partners.Continue Reading

• Citrix's Peter Lefkowitz on impact of GDPR privacy requirements

  New consumer privacy laws are changing the global privacy landscape. Citrix's Peter Lefkowitz explains how Citrix is approaching GDPR compliance and privacy issues in general.Continue Reading

• Powerhammering: Can a power cable be used in air-gapped attacks?

  Air-gapped computers subject to PowerHammer attack: Proof-of-concept attack enables data exfiltration through control of current flow over power cables.Continue Reading

• How to identify and protect high-value data in the enterprise

  Protecting data in the enterprise is a crucial but challenging task. Expert Charles Kao shares key steps and strategies to consider to identify and protect high-value data.Continue Reading

• Cisco's chief privacy officer on the future of data after GDPR

  Michelle Dennedy, vice president and chief privacy officer at Cisco, discusses her company's approach to meeting the requirements of the EU's General Data Protection Regulation.Continue Reading

• Bouncy Castle keystore: How are files vulnerable to brute force?

  BKS files are being exposed to hash collisions, enabling hackers to use brute force attacks against C# and Java applications. Learn how this occurs and possible solutions with Judith Myerson.Continue Reading

• How did a Navarino Infinity flaw expose unauthenticated scripts?

  Navarino Infinity, a satellite communication system, found and fixed a flaw that exposed an unauthenticated script. Discover what threats this flaw enabled with Judith Myerson.Continue Reading

• Trojan.AndroidOS.Loapi: What is this jack-of-all-trades malware?

  Kaspersky researchers found a new Android malware that can physically harm phones. Learn how this works and the steps to mitigate the attack with expert Nick Lewis.Continue Reading

• Zealot campaign: How is the Apache Struts vulnerability used?

  The Zealot campaign discovered by F5 Networks uses the same Apache Struts vulnerability exploited in the Equifax breach. Learn how else it performs cryptomining with Nick Lewis.Continue Reading

• Spider ransomware: How do ransomware attacks differ?

  Spider ransomware has been found spreading malicious files via a phishing campaign that gives victims a 96-hour deadline. Learn how this attack is similar to past attacks with Nick Lewis.Continue Reading

• Drupalgeddon 2.0: Why is this vulnerability highly critical?

  A recently discovered Drupal vulnerability in its open source CMS allowed attackers to control websites. Learn how almost one million sites were affected with Michael Cobb.Continue Reading

• How to stop malicious browser add-ons from taking root

  Researchers at Malwarebytes discovered several new browser extension threats. Discover how to avoid and properly removed malicious add-ons with expert Nick Lewis.Continue Reading

• How can cryptojacking attacks in Chrome be stopped?

  Google instituted an aggressive ban on all cryptomining extensions for Chrome after cryptojacking attacks started to become more common. Learn how the ban works with Michael Cobb.Continue Reading

• What are the implications of DNS over HTTPS for privacy?

  With enterprises testing DNS over HTTPS to encrypt domain name traffic, some fear the potential privacy issues. Discover the challenges and benefits of the new protocol.Continue Reading

• The threat of shadow admins in the cloud to enterprises

  Having shadow admins in the cloud means unauthorized users can access everything a legitimate administrator can. Expert Ed Moyle explains how this works and how to stop it.Continue Reading

• What effect does GDPR have on the WHOIS database?

  With GDPR in effect, ICANN proposed redacting information from the WHOIS database. Expert Michael Cobb discusses what this could mean for the domain database.Continue Reading

• Common security oversights within an AWS environment

  There's often an assumption that AWS systems can't be tested, as they're hosted in the cloud; however, this is not the case. Discover common security oversights in AWS environments.Continue Reading

• How cyber resiliency is achieved via NIST's 14-step approach

  Improving cyber resiliency helps organizations manage risk. Discover the 14 techniques NIST has identified to help achieve cyber resiliency with expert Judith Myerson.Continue Reading

• Why a zero-trust network with authentication is essential

  Zero-trust networks are often deemed compromised and untrusted, making authentication variables essential to security. Expert Matthew Pascucci explains a zero-trust security model.Continue Reading

• How to use Packetbeat to monitor Docker container traffic

  Docker containers can help secure cloud applications, but malicious traffic can still move to and from those containers on a network. Dejan Lukan explains how to use Packetbeat to monitor such threats.Continue Reading

• Microsoft CredSSP: How was it exploited by CVE-2018-0886?

  The CVE-2018-0886 vulnerability found within Microsoft's CredSSP was recently patched. Discover what this vulnerability is and how it affects the CredSSP protocol with Judith Myerson.Continue Reading

• How can a text editor plug-in enable privilege escalation?

  Developers use text editors to enhance efficiency in the workplace even though they require vulnerable third-party plug-ins. Discover these vulnerabilities with Judith Myerson.Continue Reading

• Insider threats: Preventing intellectual property theft

  IP theft is often committed by insiders or disgruntled employees who feel entitled to information. Peter Sullivan explains the threat and how to prevent these insider attacks.Continue Reading

• How are air-gapped computers put at risk by the Mosquito attack?

  Researchers recently discovered Mosquito -- an air-gapped attack that bites computers to put air-gapped networks at risk. Discover the logistics of this technique with Judith Myerson.Continue Reading

• Identify gaps in cybersecurity processes to reduce organizational risk

  Organizational risk is a given at modern companies. But as threats persist, identifying preventable cybersecurity gaps presents an opportunity to strengthen enterprise defenses.Continue Reading

• How did the Panera Bread website expose customers?

  Panera Bread website users were put at risk after a security researcher discovered a vulnerability relating to a lack of authentication for their publicly available API endpoint.Continue Reading

• How white hat hackers can tell you more than threat intelligence

  White hat hackers can play a key role in assessing threats lurking on the dark web. Discover what traditional threat intelligence isn't telling you and how white hats can help.Continue Reading

• How does UBoatRAT use Google services and GitHub to spread?

  A new remote access Trojan called UBoatRAT was found spreading via Google services and GitHub. Learn how spotting command-and-control systems can protect enterprises with Nick Lewis.Continue Reading

• Golden SAML: How can it abuse SAML authentication protocol?

  CyberArk researchers created an attack called Golden SAML that uses Mimikatz techniques and applied it to a federated environment. Learn more about the attack with Nick Lewis.Continue Reading

• How to use the OODA loop to improve network security

  The OODA loop can be used to establish cyber deception against hackers to improve network security. Learn the OODA steps and how they can be applied to security with Kevin Fiscus.Continue Reading

• Scarab ransomware: How do botnets alter ransomware threats?

  The use of botnets to spread Scarab ransomware intensifies the threat for enterprises. Discover the best way to respond to such a threat and protect data with Nick Lewis.Continue Reading

• Fake WhatsApp app: How can counterfeit apps be avoided?

  After a fake WhatsApp app was discovered in the Google Play Store, users are questioning what can be done to avoid counterfeit apps. Learn several techniques with Nick Lewis.Continue Reading

• AVGater vulnerability: How are antivirus products impacted?

  A security researcher recently discovered a new vulnerability -- the AVGater vulnerability -- that puts antivirus products at risk. Discover how this vulnerability works with Nick Lewis.Continue Reading

• How can domain generation algorithms be used to bypass ad blockers?

  An ad network used domain generation algorithms to bypass ad blockers and launch cryptomining malware. Expert Michael Cobb explains how and the best way to prevent these attacks.Continue Reading

• How does a SAML vulnerability affect single sign-on systems?

  Researchers at Duo Security discovered a SAML vulnerability that enabled attackers to dupe single sign-on systems. Expert Michael Cobb explains how the exploit works.Continue Reading

• How lattice-based cryptography will improve encryption

  As the prospect of quantum computing-based attacks grows, the need for stronger encryption increases. Expert Michael Cobb discusses lattice-based cryptography as an option.Continue Reading

• What risks do untrusted certificates pose to enterprises?

  Researchers found that untrusted certificates are still used on many major websites. Expert Michael Cobb discusses the security risks of sticking with these certificates.Continue Reading

• How entropy sources help secure applications with SDLC

  Some applications need cryptographic algorithms to test and work properly. Expert Judith Myerson discusses this division in terms of the software development lifecycle.Continue Reading

• CISOs face the IoT security risks of stranger things

  The internet of things, by its very design, extends enterprise technology infrastructure further and further out, computerizing devices whose functions, if corrupted, could have catastrophic results. The sheer scope of internet-connected devices is ...Continue Reading

• Business email compromise moves closer to advanced threats

  The sophisticated techniques used in BEC scams differ from other email fraud in the steps taken to construct the criminal campaign. Here's how to stop these APT-style attacks.Continue Reading

• Insider threat report tracks annual cost of theft, carelessness

  The Ponemon Institute study "2018 Cost of Insider Threats" examines the cost to companies victimized by material insider threat incidents during the past 12 months.Continue Reading

• Walmart's Jerry Geisler on the CISO position, retail challenges

  A global CISO in charge of one of the world's largest cybersecurity programs got his start on the retail floor. He's arrived just in time for the digital transformation.Continue Reading

• Stranger things: IoT security concerns extend CISOs' reach

  The internet of things has drastically expanded the scope of what enterprises need to protect, adding challenges big and small to CISOs' responsibilities.Continue Reading

• Cybercrime study: Growing economic ecosystem spells trouble

  New research shows that cybercriminals are gaining momentum with connected infrastructure and collectively earning billions annually from a cybercrime economy. Now what?Continue Reading

• How layered security can help and hinder application security

  The growth of technology includes the growth of layered security. Join expert Kevin Beaver as he explains the pros and cons of layered defenses for application security.Continue Reading

• How has a Broadcom flaw affected the Lenovo ThinkPad?

  A previously disclosed flaw found in Broadcom's Wi-Fi controller chips is now believed to affect the Lenovo ThinkPad. Learn how this vulnerability works with expert Judith Myerson.Continue Reading

• How do BGP flaws affect Quagga routing software?

  Multiple Border Gateway Protocol vulnerabilities were found impacting security in the Quagga routing software. Expert Judith Myerson explains how these flaws impact systems.Continue Reading

• How are Linear eMerge E3 systems vulnerable to attacks?

  ICS-CERT issued a warning about a new vulnerability in Nortek Linear eMerge E3 products. Discover what this vulnerability is and how it affects access control for enterprises.Continue Reading

• How was a Cisco firewall vulnerability exploited by threat actors?

  Threat actors exploited a critical Cisco firewall vulnerability that received a CVSS score of 10. Discover how this flaw works and how it was exploited with Judith Myerson.Continue Reading

• How did Strava's Global Heatmap disclose sensitive U.S. info?

  Fitness tracking app Strava released its Global Heatmap that unknowingly disclosed routes of U.S. soldiers. Discover how this happened and how geolocation data can be blocked.Continue Reading

• How the Meltdown and Spectre vulnerabilities impact security

  The Meltdown and Spectre vulnerabilities impact the physical and hardware security of systems, making them extremely difficult to detect. Learn how to prevent these attacks with Nick Lewis.Continue Reading

• DeOS attacks: How enterprises can mitigate the threat

  An increase in DeOS attacks has been reported just as the 'Cisco 2017 Midyear Cybersecurity Report' predicted. Learn how these attacks target off-site backups with David Geer.Continue Reading

• How does the Terror exploit kit spread through malicious ads

  Zscaler recently discovered a malvertising campaign that spreads the Terror exploit kit through malicious ads. Discover more about the threat with expert Nick Lewis.Continue Reading

• How does a DDE attack exploit Microsoft Word functionality?

  The SANS Internet Storm Center discovered a DDE attack spreading Locky ransomware through Microsoft Word. Learn what a DDE attack is and how to mitigate it with expert Nick Lewis.Continue Reading

• Three IoT encryption alternatives for enterprises to consider

  The use of cryptography alternatives for IoT devices grants users certain benefits and potential security challenges. Learn more about each alternative with expert Judith Myerson.Continue Reading

• How security automation and orchestration impacts enterprises

  The use of security automation and orchestration systems is on the rise, as they have the ability to provide automatic responses to threats. Learn how this benefits the enterprise.Continue Reading

• IoT botnets: How are new Mirai variants impacting systems?

  An increase of IoT botnets has been seen since the Mirai malware source code was leaked. Learn how the new variants pose to be a serious threat to IoT devices with Michael Cobb.Continue Reading

• How the BloodHound tool can improve Active Directory security

  Auditing Active Directory can be made easier with tools like the open source BloodHound tool. Expert Joe Granneman looks at the different functions of the tool and how it can help.Continue Reading

• How a Blizzard DNS rebinding flaw put millions of gamers at risk

  A Blizzard DNS rebinding flaw could have put users of its online PC games at risk of attack. Expert Michael Cobb explains how a DNS rebinding attack works and what to do about it.Continue Reading

• Cloud security threats in 2018: Get ahead of the storm

  Consistent security for all data from cloud providers and third-party partners is what many consider the next evolution of cloud. The biggest cloud security threats for most companies, however, result from in-house staff mistakes, lack of patching ...Continue Reading

• Marcus Ranum decodes hardware vulnerabilities with Joe Grand

  Computer hardware designs with dangerous security flaws? That's no surprise to renowned hardware hacker Grand.Continue Reading

• Healthcare CISO: 'Hygiene and patching take you a long way'

  Cybersecurity and healthcare can get along, according to CISO Joey Johnson, who leads the security program at Premise Health, but it takes patience and attention to the details.Continue Reading

• AWS S3 bucket security falls short at high-profile companies

  Everyone is putting their data in the cloud, from IT staff to department heads. With functionality galore, basic security measures too often go unchecked.Continue Reading

• CISO survey paints a grim picture: Weak staff, breach fears

  Roughly 60% of CISOs expect phishing scams, malware disruptions and cyberattacks that cause 'significant downtime' to affect their company in 2018.Continue Reading

• New cloud threats as attackers embrace the power of cloud

  Safeguarding your critical data is getting harder as threat actors embrace the advantages -- and missteps -- of cloud. Here's what to watch out for in 2018.Continue Reading

• Cost of data privacy breach may not be enough

  While the European Union is taking major steps to protect residents' data privacy, little has happened in the United States, even after Equifax and Facebook.Continue Reading

• Do CISOs need computer science degrees?

  Equifax's CISO came under fire for having a music degree. David Shearer, CEO of (ISC)2, discusses what type of education infosec professionals should have.Continue Reading

• How are logic devices like WAGO PFC200 used by hackers?

  The Department of Homeland Security warned of a vulnerability affecting WAGO PFC200 logic devices. Discover how this flaw enables threat actors with expert Judith Myerson.Continue Reading

• CPE for CISSP: Top 10 ways to master continuing education

  Who says you can't have fun while earning CPE credits to maintain your CISSP certification? Check out the top 10 creative ways to meet CISSP continuing education requirements.Continue Reading

• Zyklon malware: What Microsoft Office flaws does it exploit?

  Zyklon malware targets three previously patched Microsoft Office vulnerabilities. Learn how attackers can access passwords and cryptocurrency wallet data with expert Judith Myerson.Continue Reading

• How can a Moxa MXview vulnerability be exploited by hackers?

  A vulnerability was found in Moxa MXview -- a software used to visualize network devices and physical connections. Learn how this vulnerability can enable privilege escalation.Continue Reading

• Com.google.provision virus: How does it attack Android devices?

  The com.google.provision virus reportedly targets Android users, but little is known about it. Nick Lewis discusses the mystery threat and how Common Malware Enumeration may help.Continue Reading

• Internet Explorer bug: How does it expose address bar info?

  A bug in Microsoft's Internet Explorer update exposes information that users enter into the browser's address bar. Learn more about the bug and URL tracking with Nick Lewis.Continue Reading

• CCleaner malware: How dangerous is it to enterprises?

  A watering hole attack led to CCleaner malware being installed on millions of systems. Nick Lewis explains how the attack worked and why it should concern enterprises.Continue Reading

• Entropy sources: How do NIST rules impact risk assessments?

  NIST recently released new guidance on entropy sources used for random bit generation. Judith Myerson explains these recommendations and how they alter cryptography principles.Continue Reading

• How can users deal with app trackers that collect customer data?

  App trackers were found in hundreds of Google Play apps. Expert Michael Cobb explains the threat they pose and how GDPR has the potential to reduce the risk.Continue Reading

• Patch management programs: Who should run them?

  Patch management is a crucial part of enterprise security defenses, but should security teams be in charge of it? Charles Kao explains how to make patching programs successful.Continue Reading

• How does Tizi spyware affect Android apps?

  Android apps affected by Tizi spyware were found in the Google Play Store by Google's Play Protect team. Expert Michael Cobb reviews the threat and how it was fixed.Continue Reading

• Continuous security monitoring advances automated scanning

  Battling threats in today's fast-paced cyberworld means shutting down vulnerabilities fast, which requires round-the-clock monitoring. Learn how to make it happen in your company.Continue Reading

• Automated patch management and the challenges from IoT

  From creating an inventory to scanning for IoT vulnerabilities, learn the key steps to take when it comes to automating patch management in your company.Continue Reading

• VMs per host: What are the risks of multiple connections?

  While there are no set rules, there are some security recommendations when it comes to virtual machines running on one host. Learn the best practices with expert Matt Pascucci.Continue Reading

• Single sign-on best practices: How can enterprises get SSO right?

  Proper planning is at the top of the list for single sign-on best practices, but it's important to get enterprise SSO implementations off to a good start. Here's how to do it.Continue Reading

• Typosquatting: How did threat actors access NPM libraries?

  Typosquatting was used by threat actors to spread malware in the NPM registry. Learn from expert Nick Lewis how this method was used and what it means for users.Continue Reading

• Protecting safety instrumented systems from malware attacks

  Trisis malware targets safety instrumented systems and puts industrial control systems at risk. Expert Ernie Hayden reviews what to know about SIS and its security measures.Continue Reading

• Embedded application security: Inside OWASP's best practices

  OWASP released a draft of new guidelines for creating secure code within embedded software. Expert Judith Myerson discusses best practices, pitfalls to avoid and auditing tools.Continue Reading

• Dynamic application security testing, honeypots hunt malware

  Stealth is an attacker's best friend, especially when it comes to sneaking malware past the firewall. Learn about some trusty tools that can stop malware in its tracks.Continue Reading