Manage

Manage

Learn to apply best practices and optimize your operations.

• Com.google.provision virus: How does it attack Android devices?

  The com.google.provision virus reportedly targets Android users, but little is known about it. Nick Lewis discusses the mystery threat and how Common Malware Enumeration may help. Continue Reading

• Internet Explorer bug: How does it expose address bar info?

  A bug in Microsoft's Internet Explorer update exposes information that users enter into the browser's address bar. Learn more about the bug and URL tracking with Nick Lewis. Continue Reading

• CCleaner malware: How dangerous is it to enterprises?

  A watering hole attack led to CCleaner malware being installed on millions of systems. Nick Lewis explains how the attack worked and why it should concern enterprises. Continue Reading

• Entropy sources: How do NIST rules impact risk assessments?

  NIST recently released new guidance on entropy sources used for random bit generation. Judith Myerson explains these recommendations and how they alter cryptography principles. Continue Reading

• How can users deal with app trackers that collect customer data?

  App trackers were found in hundreds of Google Play apps. Expert Michael Cobb explains the threat they pose and how GDPR has the potential to reduce the risk. Continue Reading

• Patch management programs: Who should run them?

  Patch management is a crucial part of enterprise security defenses, but should security teams be in charge of it? Charles Kao explains how to make patching programs successful.Continue Reading

• How does Tizi spyware affect Android apps?

  Android apps affected by Tizi spyware were found in the Google Play Store by Google's Play Protect team. Expert Michael Cobb reviews the threat and how it was fixed.Continue Reading

• Continuous security monitoring advances automated scanning

  Battling threats in today's fast-paced cyberworld means shutting down vulnerabilities fast, which requires round-the-clock monitoring. Learn how to make it happen in your company.Continue Reading

• Automated patch management and the challenges from IoT

  From creating an inventory to scanning for IoT vulnerabilities, learn the key steps to take when it comes to automating patch management in your company.Continue Reading

• VMs per host: What are the risks of multiple connections?

  While there are no set rules, there are some security recommendations when it comes to virtual machines running on one host. Learn the best practices with expert Matt Pascucci.Continue Reading

• Single sign-on best practices: How can enterprises get SSO right?

  Proper planning is at the top of the list for single sign-on best practices, but it's important to get enterprise SSO implementations off to a good start. Here's how to do it.Continue Reading

• Typosquatting: How did threat actors access NPM libraries?

  Typosquatting was used by threat actors to spread malware in the NPM registry. Learn from expert Nick Lewis how this method was used and what it means for users.Continue Reading

• Protecting safety instrumented systems from malware attacks

  Trisis malware targets safety instrumented systems and puts industrial control systems at risk. Expert Ernie Hayden reviews what to know about SIS and its security measures.Continue Reading

• Embedded application security: Inside OWASP's best practices

  OWASP released a draft of new guidelines for creating secure code within embedded software. Expert Judith Myerson discusses best practices, pitfalls to avoid and auditing tools.Continue Reading

• Dynamic application security testing, honeypots hunt malware

  Stealth is an attacker's best friend, especially when it comes to sneaking malware past the firewall. Learn about some trusty tools that can stop malware in its tracks.Continue Reading

• Cloud security lessons to learn from the Uber data breach

  Any organization that uses cloud services can learn something from the 2016 Uber data breach. Expert Ed Moyle explains the main takeaways from the massive breach.Continue Reading

• How to manage application security risks and shortcomings

  A lack of proper testing, communication and insight into best practices all contribute to application security shortcomings. Kevin Beaver explains how to manage the risks.Continue Reading

• Fight a targeted cyberattack with network segmentation, monitoring

  It takes a variety of tactics, including network segmenting and monitoring, to safeguard the network. Learn the latest defenses to keep your network safe.Continue Reading

• Fred Cohen on strategic security: 'Start with the assumptions'

  Cohen is a globally recognized expert in information protection and cybersecurity. Since coining the term 'computer virus,' he has remained a pioneer in information assurance.Continue Reading

• GDPR breach notification: Time to focus on the requirements

  Some large U.S. companies have been working behind the scenes on GDPR requirements for more than a year, but there's strong evidence that many have not been as diligent.Continue Reading

• David Neuman: The CISO position and keeping the cloud safe

  The Rackspace CISO joined the enlisted ranks in the Air Force, eventually becoming an officer with global responsibilities before moving to the private sector.Continue Reading

• CISOs map out their cybersecurity plan for 2018

  What's on the short list for enterprise cybersecurity programs in the coming year? As attack vectors increase -- think IoT -- we ask information security leaders to discuss their plans.Continue Reading

• Data protection compliance costs less than noncompliance

  Smaller companies -- with fewer than 5,000 employees -- in particular may be hit hard by GDPR requirements and other data compliance hurdles. A new report does the math.Continue Reading

• RSA-1024 keys: How does a Libgcrypt vulnerability expose them?

  A Libgcrypt vulnerability could allow attackers to recover private RSA-1024 keys, as it allows a left-to-right sliding window that shows how specific parts of the algorithm work.Continue Reading

• CopyCat malware: How does this Android threat operate?

  Check Point researchers discovered new Android malware named CopyCat, which has infected 14 million devices. Learn how this malware works and how it spread from expert Nick Lewis.Continue Reading

• Cryptojacking: How to navigate the bitcoin mining threat

  Due to the rising value of bitcoin and other cryptocurrency, hackers have started to use cryptojacking to mine bitcoin. Learn what this means for end users with expert Nick Lewis.Continue Reading

• Insider threat behavior: How to identify warning signs

  Enterprises can prevent insider threat incidents if they know what to look for. Peter Sullivan explains the precursors to and precipitating events for insider threat behavior.Continue Reading

• Public key pinning: Why is Google switching to a new approach?

  After introducing HTTP Public Key Pinning to the internet two years ago, the upcoming Chrome will replace it with the Expect-CT header. Matt Pascucci explains the switch.Continue Reading

• TLS 1.3: What it means for enterprise cloud use

  The latest draft version of TLS 1.3 is out, and it will likely affect enterprises that use cloud services. Expert Ed Moyle explains the impact on users and their monitoring controls.Continue Reading

• Confused deputy: How did the vulnerability affect Slack?

  A major SAML vulnerability was found in Slack that granted expired login credentials permission into the system. Matt Pascucci explains how this 'confused deputy' problem was handled.Continue Reading

• What went wrong with the Dirty COW vulnerability patch?

  A patch was issued for the Dirty COW vulnerability, but researchers later discovered problems with the patch. Expert Judith Myerson explains what went wrong.Continue Reading

• How is IP theft possible despite cryptographic protections?

  Expert Judith Myerson explains how IP theft can happen despite the cryptographic protections in IEEE standard P1735, as well as what can be done to protect intellectual property.Continue Reading

• Mobile app risks: Five things enterprises should consider

  Just like any other risk in the enterprise, mobile app risks need to be a top priority. Join Kevin Beaver as he explains the dangers that unsecure mobile apps pose.Continue Reading

• Vulnerability scans: How effective are they for web apps?

  Equifax's Apache Struts vulnerability was an example of a scan not being read correctly. Kevin Beaver explains vulnerability scans and how issues can be missed by security teams.Continue Reading

• Broadpwn flaw: How does the new iOS exploit compare?

  An iOS exploit similar to the Broadpwn flaw was recently developed by a researcher at Google's Project Zero. Expert Kevin Beaver explains what the exploit is and how it works.Continue Reading

• How can a vulnerability in Ruggedcom switches be mitigated?

  Vulnerabilities in Ruggedcom switches could open the industrial switches and other communication devices up to attacks. Expert Judith Myerson explains how to mitigate the risks.Continue Reading

• iOS updates: Why are some Apple products behind on updates?

  A study by Zimperium found that more than 23% of iOS devices aren't running the latest software. Matt Pascucci explains how this is possible, even though Apple controls iOS updates.Continue Reading

• John Germain lands the new CISO position at Duck Creek

  Serving the technology needs of the property and casualty insurance industry means keeping a weathered eye on risk profiles, enterprise software and emerging threats.Continue Reading

• Use caution with OAuth 2.0 protocol for enterprise logins

  Many apps are using the OAuth 2.0 protocol for both authentication and authorization, but technically it's only a specification for delegated authorization, not for authentication.Continue Reading

• Thor's OS Xodus

  In this excerpt from chapter one of Thor's OS Xodus, author Timothy "Thor" Mullen discusses OS X, privacy, and online safety.Continue Reading

• How security controls affect web security assessment results

  Network security controls are a blessing and a curse as they help an organization's IT environment, yet hinder web security assessment results. Kevin Beaver explains how they work.Continue Reading

• Email security issues: How to root out and solve them

  Effectively tackling email security issues requires infosec pros to address a broad range of areas, including cloud, endpoints, user training and more.Continue Reading

• How to prepare for potential IPv6 DDoS attacks

  Enterprises learn how to prepare for IPv6 with DDoS attack tools. Michael Cobb further addresses the inevitable attacks and what users can do.Continue Reading

• Killer discovery: What does a new Intel kill switch mean for users?

  Cybersecurity company Positive Technologies recently discovered an Intel kill switch in the vendor's Management Engine. Learn more about this kill switch with expert Matt Pascucci.Continue Reading

• How should security teams handle the Onliner spambot leak?

  A security researcher recently discovered a list of 711 million records used by the Onliner spambot. Expert Matt Pascucci explains what actions exposed individuals should take.Continue Reading

• Monitoring employee communications: What do EU privacy laws say?

  The European Court of Human Rights recently placed strict regulations on monitoring employee communications. Matt Pascucci compares EU privacy laws to the U.S.'s standards.Continue Reading

• Are security operations centers doing enough?

  SOCs are maturing, but organizations facing the increased threat landscape understand that improving their effectiveness must be a priority in the year ahead.Continue Reading

• How shared cloud security assessments can benefit enterprises

  Ensuring cloud security is a constant problem that shared cloud security assessments are trying to address. Learn about the benefits of sharing assessments with Nick Lewis.Continue Reading

• EternalRocks malware: What exploits are in it?

  When NSA cyberweapons went public, attackers bundled them into the EternalRocks malware. Nick Lewis takes a closer look at this new threat and explains what's lurking inside.Continue Reading

• Windows XP patches: Did Microsoft make the right decision?

  Microsoft had to make several tradeoffs when developing patches for Windows XP. Expert Nick Lewis explains what these tradeoffs were and how enterprises should respond.Continue Reading

• Samsung S8 iris scanner: How was it bypassed?

  Hackers bypassed the Samsung S8 iris scanner, which could spell trouble for biometric authentication. Expert Nick Lewis explains how it happened and how to stay protected.Continue Reading

• HP keylogger: How did it get there and how can it be removed?

  A keylogging flaw found its way into dozens of Hewlett Packard laptops. Nick Lewis explains how the HP keylogger works and what can be done about it.Continue Reading

• Analyzing the flaws of Adobe's HTTP security headers

  A recent patching issue with Flash drew attention to shortcomings with Adobe's HTTP security headers. Judith Myerson discusses the importance of HTTP header security.Continue Reading

• Addressing web server vulnerabilities below the application layer

  Web application security is crucial, but enterprises also need to look below that layer for weaknesses. Kevin Beaver explains how to look for common web server vulnerabilities.Continue Reading

• Flash's end of life: How should security teams prepare?

  Adobe Flash's end of life is coming, and it includes an incremental removal method, allotting security teams enough time to adjust. Matt Pascucci explains how changes can be made.Continue Reading

• How the Docker REST API can be turned against enterprises

  Security researchers discovered how threat actors can use the Docker REST API for remote code execution attacks. Michael Cobb explains this threat to Docker containers.Continue Reading

• Agnes Kirk on the role of CISO, Washington's state of mind

  A state CISO champions innovation for Washington, from early development of a single sign-on system to leadership of the new Office of Cyber Security.Continue Reading

• No customer data leaks? Companies look down the rabbit hole

  When Yahoo finally disclosed a massive 2014 data breach to up to five hundred million affected account holders in September 2016, some already had legal representation.Continue Reading

• New WordPress malware: What to do about WP-Base-SEO

  A new type of WordPress malware, WP-Base-SEO, disguises itself as an SEO plug-in that opens backdoors. Nick Lewis explains how it works and how to avoid it.Continue Reading

• How does a Magento Community Edition flaw allow remote attacks?

  As the Magento Community Edition suffers a new zero-day vulnerability, expert Nick Lewis explains how it's being exploited and how to mitigate the cross-site request forgery flaw.Continue Reading

• How to balance organizational productivity and enterprise security

  It's no secret that enterprise security and organizational productivity can often conflict. Peter Sullivan looks at the root causes and how to address the friction.Continue Reading

• After Stuxnet: Windows Shell flaw still most abused years later

  A Windows Shell flaw used by the Stuxnet worm continues to pose problems years after it was patched. Nick Lewis explains how the flaw exposes enterprise security shortcomings.Continue Reading

• Why DevOps security must be on infosecs' priority list

  In the rush to implement DevOps, security is too often overlooked. But DevSecOps is essential in these hack-filled days. Learn how to add security to software development.Continue Reading

• From security product marketing to CEO: Jennifer Steffens

  The CEO of a global pen tester used to work for the New York Yankees. Find out how Jennifer Steffens went from sports marketing to head of a security service provider.Continue Reading

• Why WannaCry and other computer worms may inherit the earth

  A vast majority of APT attacks and malware delivery happens via spear phishing. But worms have always had a place in the toolkit when the delivery method fit the mission.Continue Reading

• A damaging spring of internet worms and poor performance

  Security is a hot topic for media outlets that report on stock markets as companies founder on corporate earnings. The financial fallout of global malware is a call to action.Continue Reading

• What to do when cybersecurity breaches seem inevitable

  The current threat landscape makes cybersecurity breaches seem unavoidable. Expert Peter Sullivan discusses some simple ways enterprises can reduce the risk of a breach.Continue Reading

• How is cross-platform malware carried in Word docs?

  Cross-platform malware enables attackers to leverage their attacks using infected Microsoft Word docs. Expert Nick Lewis explains how the attacks work and how to defend against them.Continue Reading

• The difference between security assessments and security audits

  Security audits vs. security assessments solve different needs. Organizations may use security audits to check their security stature while security assessments might be the better tool to use. Expert Ernie Hayden explains the differences.Continue Reading

• DoubleAgent malware could turn antivirus tools into attack vector

  DoubleAgent malware is a proof of concept for a zero-day vulnerability that can turn antivirus tools into attack vectors. Expert Nick Lewis explains how to contain the threat.Continue Reading

• Destruction of service: How ransomware attacks have changed

  New ransomware variants have introduced another threat to enterprises. Rob Shapland explains what destruction of service attacks are and how organizations should prepare for them.Continue Reading

• How to attack DDoS threats with a solid defense plan

  An anti-DDoS program requires solid understanding of the threat and a clearly thought-out strategy. This guide will help you define and implement a solid DDoS defense plan.Continue Reading

• Applying a hacker mindset to application security

  It can be beneficial to think like a black hat. Expert Kevin Beaver explains why enterprise security teams should apply a hacker mindset to their work and how it can help.Continue Reading

• How FBI cyber investigations handle obfuscation techniques

  An FBI agent discusses cyber investigations, how they handle obfuscation techniques, the anonymizing features of the deep web and how to catch the right person.Continue Reading

• Why data fidelity is crucial for enterprise cybersecurity

  Cybersecurity teams can't be effective if they don't trust their data. Expert Char Sample explains the importance of data fidelity and the threat of cognitive hacking.Continue Reading

• FBI: Cyber investigations no different from real world

  Despite a loud group claiming the burden of proof is harder to meet with digital evidence, an agent says FBI cyber investigations are not much different from traditional cases.Continue Reading

• Can a PCI Internal Security Assessor validate level 1 merchants?

  A PCI Internal Security Assessor might not be the best bet to validate the compliance of a level 1 service provider. Expert Matthew Pascucci explains why and the alternative.Continue Reading

• As privacy requirements evolve, CISSPs must stay informed

  Just as technology constantly changes, so too do the laws and regulations that govern data privacy. CISSPs must remain aware of their organization's individual requirements.Continue Reading

• Tactics for security threat analysis tools and better protection

  Threat analysis tools need to be in top form to counter a deluge of deadly security issues. Here are tips for getting the most from your analytics tool.Continue Reading

• Information privacy and security requires a balancing act

  Maintaining information privacy and security seem to be separate challenges, but in reality, each is integral to the other. Expert Kevin Beaver explains how to work toward both.Continue Reading

• To secure Office 365, take advantage of controls Microsoft offers

  Securing Office 365 properly requires addressing upfront any specific risks of a particular environment and taking advantage of the many security controls Microsoft offers.Continue Reading

• Cloud access security brokers: Hard to tell what's real

  Most cloud access security brokers offer CISOs a way to set policy and gain better understanding of multiple cloud services and data in use across the enterprise. As CASBs have gained momentum in recent years, use cases for them have expanded. Do ...Continue Reading

• Can BGP anycast addressing be used for DDoS attacks?

  The BGP anycast addressing technique could potentially be used for malicious purposes. Expert Judith Myerson explains how this might work and what types of attacks to look out for.Continue Reading

• Managing access to keep privileged users' credentials secure

  Privilege creep is a constant threat. It's why privileged user management must be part of any comprehensive security plan and always at the top of an infosec pro's to-do list.Continue Reading

• How should companies prepare for EU GDPR compliance?

  Companies that don't meet GDPR compliance standards by May 2018 will be fined. Expert Matthew Pascucci looks at how Microsoft is preparing, and what other companies should do to comply with GDPR.Continue Reading

• Mobile endpoint security: What enterprise infosec pros must know now

  Do you know how to take care of mobile endpoint security in your enterprise? This guide walks you through all aspects of the issue, from policy and strategy to emerging threats.Continue Reading

• Q&A: GDPR compliance with Microsoft CPO Brendon Lynch

  Failure to achieve compliance with the EU's General Data Protection Regulation in the next 12 months can trigger fines of up to 4% of a company's gross annual revenue.Continue Reading

• Polycom CISO focused on ISO 27001 certification, data privacy

  Tasked with security and compliance, Lucia Milica Turpin watches over internal systems and remote communications customers entrust to the video conferencing company.Continue Reading

• Challenging role of CISO presents many opportunities for change

  With some reports showing incredibly short tenures, new CISOs barely have time to make their mark. The salaries are good; the opportunities for the right skills, unlimited.Continue Reading

• Identity and access management strategy: Time to modernize?

  More likely than not, your company's identity and access management strategy needs an update. Learn how to decide if that's the case and, if so, what you should do now.Continue Reading

• Dedicated security teams: The pros and cons of splitting focus areas

  Could using dedicated security teams that focus on one area of risk help reduce the attack surface for enterprises? Expert Steven Weil looks at the pros and cons of that approach.Continue Reading

• Totally automatic: Improve DevOps and security in three key steps

  Concerned about DevOps security? Learn three key steps to embedding security into the software development process, including how to improve automation.Continue Reading

• MSSPs add advanced threats as managed security services gain hold

  Skill shortages and budget constraints have lead some companies to adopt a hybrid approach to managed security. Is it time for CISOs to start looking for 'expertise as a service'?Continue Reading

• The managed security provider comes knocking

  A constantly evolving threat landscape and a deepening skills crisis has more enterprises looking to a managed security service provider for help handling some of their security requirements. The trend is expected to drive strong demand for MSSPs ...Continue Reading

• CJIS Security Policy: How can companies ensure FIPS compliance?

  Companies and government agencies handling criminal justice information need to comply with CJIS Security Policy. Expert Michael Cobb explains the cryptographic modules to use.Continue Reading

• IoT development and implementation: Managing enterprise security

  The CSA's guidelines for secure IoT development can give enterprises an idea of how to evaluate IoT products. Expert Nick Lewis explains the steps enterprises should take.Continue Reading

• Why authorization management is paramount for cybersecurity readiness

  After enterprise identities are authenticated, an authorization management system should monitor how resources are being used. Expert Peter Sullivan explains how it can work.Continue Reading

• What to consider about signatureless malware detection

  Endpoint security is changing into signatureless malware detection and protection. Expert Matthew Pascucci discusses the transition away from signatures.Continue Reading

• Q&A: IBM's Diana Kelley got an early start in IT, security came later

  How did an editor become a security architect? A fascination with computers sparked a lifelong journey for IBM's executive security advisor.Continue Reading

• MIAX Options CSO on security's role in business continuity

  Faced with the demands of derivatives trading, CSO John Masserini understands the value of aligning controls with business risk. We ask him how he does it.Continue Reading