Problem solve

Problem solve

Get help with specific problems with your technologies, process and projects.

• How can obfuscated macro malware be located and removed?

  A new type of macro malware has the ability to evade the detection of virtual machines and sandbox environments. Expert Nick Lewis explains how to find and remove this malware. Continue Reading

• How does BENIGNCERTAIN exploit Cisco PIX firewalls?

  The BENIGNCERTAIN exploit affects certain versions of Cisco systems using the IKEv1 protocol. Expert Nick Lewis explains what the protocol does and how the vulnerability works. Continue Reading

• How can open FTP servers be protected from Miner-C malware?

  Enterprises with open FTP servers are being targeted by Miner-C malware for crypto coin mining activities. Expert Nick Lewis explains how enterprises can protect their servers. Continue Reading

• Intrusion response plans: Tales from front-line IT support

  The right intrusion response training can make all the difference in data breach prevention. Expert Joe Granneman provides a real-world example from which enterprises can learn. Continue Reading

• How does a security portfolio help an enterprise security program?

  A security portfolio shouldn't be used as an alternative to a reporting structure, but it can still be beneficial to enterprises. Expert Mike O. Villegas explains how. Continue Reading

• How can CISOs get past security vendor hype and make smart purchases?

  Security vendor hype is a problem CISOs often have to deal with. Expert Mike O. Villegas discusses some ways to cut through the hype and make smart purchasing decisions.Continue Reading

• What caused the ClixSense privacy breach that exposed user data?

  A privacy breach at ClixSense led to user account details being put up for sale. Expert Michael Cobb explains how companies should be held accountable for their security practices.Continue Reading

• How did iOS 10 security checks open brute force risk on local backups?

  A password-verification flaw in iOS 10 allowed attackers to decrypt local backups. Expert Michael Cobb explains how removing certain security checks led to this vulnerability.Continue Reading

• HTTP public key pinning: Is the Firefox browser insecure without it?

  HTTP public key pinning, a security mechanism to prevent fraudulent certificates, was not used by Firefox, and left it open to attack. Expert Michael Cobb explains how HPKP works.Continue Reading

• Risk & Repeat: Pentagon cybersecurity under fire

  In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss Pentagon cybersecurity amid reports of misconfigured servers at the U.S. Department of Defense.Continue Reading

• How did a Signal app bug let attackers alter encrypted attachments?

  The Signal app, used for end-to-end encrypted mobile messaging, contained a bug that allowed data to be added to attachments. Expert Michael Cobb explains the flaw.Continue Reading

• How Windows hardening techniques can improve Windows 10

  Windows 10 may be the most secure Windows ever, but expert Ed Tittel explains how to use Windows hardening techniques to make systems even more secure.Continue Reading

• How does Overseer spyware work on infected Android apps?

  Spyware was found on infected Android apps, which were meant to convey embassy information and news, in the Google Play Store. Expert Michael Cobb explains how the spyware works.Continue Reading

• What are the best anti-network reconnaissance tools for Linux systems?

  Anti-network reconnaissance tools can prevent attackers from getting access to system information. Expert Judith Myerson goes over the best enterprise options.Continue Reading

• Recent ransomware attacks: Data shows 50% growth in 2016

  With high sums paid, ransomware gets all the attention. But malware is not the only way that criminals gained control of enterprise systems, a new report shows.Continue Reading

• Risk & Repeat: Bad Symantec certificates strike again

  In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the discovery of more bad Symantec certificates and what it means for the antivirus software maker.Continue Reading

• Looming cloud security threats: How attacks will follow your data

  You can move your data to cloud-based systems and web services, but you can't hide it there. Hackers and predators have more ways to find it.Continue Reading

• How does DNSChanger take advantage of WebRTC protocols?

  WebRTC protocols are being targeted by a new version of the DNSChanger exploit kit. Judith Myerson explains how these attacks work and what enterprises should know.Continue Reading

• Which encryption tools can secure data on IoT devices?

  Protecting the data that moves through the internet of things can be a challenge for enterprises. Expert Judith Myerson offers several encryption tools for the task.Continue Reading

• Preventing DoS attacks: The best ways to defend the enterprise

  Preventing DoS attacks may not always be possible, but with a strong defense, enterprises can reduce their impact and recover quickly. Expert Kevin Beaver explains the best approaches.Continue Reading

• How does a Netgear vulnerability enable command injection attacks?

  A Netgear vulnerability exposed a number of wireless router models to command injection attacks. Expert Judith Myerson explains how the attack works and how to stop it.Continue Reading

• When not to renew a vendor contract due to security issues

  Opting out of a vendor contract for security reasons can be a tough decision for CISOs. Expert Mike O. Villegas discusses how NASA handled the situation and what CISOs can do.Continue Reading

• Monitoring outbound traffic on your network: What to look for

  Outbound network traffic remains a weakness for many enterprises and is a major attack vector. Expert Kevin Beaver explains how to spot irregular occurrences in your network.Continue Reading

• How does Stampado ransomware spread to external drives?

  The Stampado ransomware is a low-cost threat to networks and external drives. Expert Matthew Pascucci explains how Stampado works and how enterprises should handle it.Continue Reading

• How serious are the flaws in St. Jude Medical's IoT medical devices?

  MedSec and Muddy Waters Capital revealed serious flaws in IoT medical devices manufactured by St. Jude Medical. Expert Nick Lewis explains the severity of these vulnerabilities.Continue Reading

• How does RIPPER ATM malware use malicious EMV chips?

  RIPPER malware has been found responsible for the theft of $378,000 from ATMs in Thailand. Expert Nick Lewis explains how this ATM malware works.Continue Reading

• How do facial recognition systems get bypassed by attackers?

  Researchers found that facial recognition systems can be bypassed with 3D models. Expert Nick Lewis explains how these spoofing attacks work and what can be done to prevent them.Continue Reading

• Risk & Repeat: Doxware emerges as a new threat to data privacy

  In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the emergence of doxware and extortionware and what that means for enterprises and their employees.Continue Reading

• How does USBee turn USB storage devices into covert channels?

  USB storage devices can be turned into covert channels with a software tool called USBee. Expert Nick Lewis explains how to protect your enterprise data from this attack.Continue Reading

• Managing vulnerable software: Using data to mitigate the biggest risks

  Three pieces of vulnerable software are most targeted by the exploit kits studied in a Digital Shadows report. Expert Nick Lewis explains how your enterprise can manage them.Continue Reading

• How do man-in-the-middle attacks on PIN pads expose credit card data?

  Passive man-in-the-middle attacks on PIN pads can lead to attackers stealing credit card details. Expert Nick Lewis explains how companies can mitigate these attacks.Continue Reading

• What effect does FITARA have on U.S. government cybersecurity?

  FITARA became a law in 2014, but government cybersecurity continues to struggle. Expert Mike O. Villegas discusses the effects of the law.Continue Reading

• Are bug bounty programs secure enough for enterprise use?

  The use of bug bounty programs in enterprises is growing, but they aren't risk free. Expert Mike O. Villegas discusses some concerns related to bug bounties.Continue Reading

• Insider Edition: Attaining security for IoT, through discovery, identity and testing

  Ever since the internet of things became a "thing," the potential for abuse has been well documented; how best to achieve security for IoT is not yet clear. This Insider Edition of Information Security magazine tackles that second ...Continue Reading

• How to maintain digital privacy in an evolving world

  Protecting a user's digital privacy across different technologies requires a plethora of tools. Expert Matthew Pascucci explores the different ways to protect sensitive data.Continue Reading

• Risk & Repeat: Corero on DDoS defense in the IoT era

  In this episode of SearchSecurity's Risk & Repeat podcast, Dave Larson of Corero Network Security discusses how DDoS defense has shifted to deal with IoT threats.Continue Reading

• How are hackers using Twitter as C&C servers for malware?

  C&C servers have been replaced with Twitter accounts, which spread the Android Trojan Twitoor to user devices. Expert Michael Cobb explains how to stop this attack.Continue Reading

• How can two-factor authentication systems be used effectively?

  Two-factor authentication systems require more than using codes sent through SMS and smart cards. Expert Michael Cobb explains how to properly and effectively implement 2FA.Continue Reading

• How does a Linux vulnerability allow attacks on TCP communications?

  A Linux vulnerability that affects 80% of Android devices allows for attacks on TCP communications and remote code execution. Expert Michael Cobb explains how to mitigate these risks.Continue Reading

• SWIFT network communications: How can bank security be improved?

  The SWIFT network has increasingly been abused by cybercriminals to carry out bank fraud and theft. Expert Michael Cobb explains possible ways to boost security.Continue Reading

• What should happen after an employee clicks on a malicious link?

  The response to an employee clicking on a malicious link is important for organizations to get right. Expert Matthew Pascucci discusses how to handle the aftermath of an attack.Continue Reading

• Want a board-level cybersecurity expert? They're hard to find

  Members of the board must be ready to defend their fiduciary decisions, corporate policies, compliance actions and, soon, cybersecurity preparedness.Continue Reading

• Trusted? Certificate authority risks and how to manage them

  Trusted certificate authorities are essential in today's business climate, but that doesn't mean they are easy to come by. Certificate authority risks are many, certainly, but this three-part technical guide is designed to make plain the challenges ...Continue Reading

• Is settling a data breach lawsuit the best option for enterprises?

  In the unfortunate event of a data breach lawsuit, it's often better to settle before the case reaches court. Expert Mike O. Villegas explains why and how CISOs can help.Continue Reading

• Insider security threats: What CISOs can do to mitigate them

  Dealing with insider security threats requires a combination of tactics. Expert Mike O. Villegas discusses the various aspects of insider threat mitigation strategies.Continue Reading

• Best practices for an information security assessment

  Information security assessments can be effective for identifying and fixing issues in your enterprise's policies. Expert Kevin Beaver explains the key components of the process.Continue Reading

• What new Asacub Trojan features should enterprises watch out for?

  The Asacub Trojan has new banking malware features. Expert Nick Lewis explains how it made this transition and what enterprises should be watching out for.Continue Reading

• Why signature-based detection isn't enough for enterprises

  Signature-based detection and machine learning algorithms identify malicious code and threats. Expert Michael Cobb explains how both techniques defend networks and endpoints.Continue Reading

• How encryption legislation could affect enterprises

  The legal battle between the FBI and Apple brought encryption legislation into the public eye, for better or worse. Expert Mike Chapple discusses the effect of this on enterprises.Continue Reading

• Detecting and Combating Malicious Email

  In this excerpt of Detecting and Combating Malicious Email, authors Julie JCH Ryan and Cade Kamachi discuss the elements of an email structure and touch on how attackers can use these elements to trick unwitting victims.Continue Reading

• How to protect an origin IP address from attackers

  Cloud security providers protect enterprises from DDoS attacks, but attackers can still find the origin IP addresses. Expert Rob Shapland explains why that's a significant threat.Continue Reading

• Outdated apps: What are the best ways to address them?

  Dead and outdated apps can pose serious security risks for enterprises. Expert Nick Lewis explains how to find and remove dead apps before they become a problem.Continue Reading

• How can software transplants fix bad code?

  Copying and pasting bad code into an application is a big problem for developers, but software transplants can help. Expert Michael Cobb explains the technology.Continue Reading

• Moose worm: How can enterprises stop social media fraud?

  A Linux-based Moose worm causes social media fraud through infected routers. Expert Nick Lewis explains how the Moose worm works and how to avoid it.Continue Reading

• 'Going dark': Weighing the public safety costs of end-to-end encryption

  'Going dark' -- or the FBI's inability to access data because of encryption -- could put public safety at risk, intelligence officials say. But tech companies argue that strong encryption is needed to protect corporate and customer data.Continue Reading

• Why did Anthem resist government vulnerability assessments?

  Vulnerability assessments are often a requirement for organizations that have suffered a data breach and the assessors' results can be invaluable to protect a business.Continue Reading

• The malware lifecycle: Knowing when to analyze threats

  Not responding to low-level threats can be perilous, yet enterprises can't always examine each issue. Expert Nick Lewis explains when an investigation is imperative.Continue Reading

• How should enterprises manage social media compliance incidents?

  Social media compliance incidents in financial institutions are on the rise. Here are the most common violations and how to avoid them in the future.Continue Reading

• Emerging security threats you're up against now

  Learn about the 'hacking as a service' and other emerging security threats.Continue Reading

• Cyber Reconnaissance, Surveillance and Defense

  In this excerpt of Cyber Reconnaissance, Surveillance and Defense, author Robert Shimonski describes commonly used mobile technology and how phone tracking works.Continue Reading

• How can power consumption-tracking malware be avoided?

  Malware authors are using power consumption tracking-malware to eavesdrop on and attack mobile devices. Expert Nick Lewis explains the threat and how to defend against it.Continue Reading

• McGraw: Seven myths of software security best practices

  According to expert Gary McGraw, you're not helping yourself by believing the things -- all seven of them -- you've heard about secure software development.Continue Reading

• How can I mitigate the risks of alternative Android browsers?

  Expert Michael Cobb explains the security risks surrounding alternative Web browsers, as well as approaches enterprises can take to prevent BYOD employees from using them.Continue Reading

• Understanding and mitigating a FREAK vulnerability attack

  After the discovery that the FREAK vulnerability can affect a wide variety of OSes, enterprises should amp up mitigation efforts. Here's some background on the attack and how to stop it.Continue Reading

• How should we hire for specialized information security roles?

  A rise in specialized roles puts extra pressure on security hiring. Expert Mike O. Villegas explains how to meet this demand and find talented security professionals.Continue Reading

• The CEO refuses cybersecurity best practices: Now what?

  Some executives don't think cybersecurity best practices apply to them. Expert Mike O. Villegas explains how to handle that situation.Continue Reading

• Social engineering: You got nailed!

  Move beyond prevention to fast detection to combat a stealthy social engineering attack.Continue Reading

• Is the CISO job description getting out of hand?

  CISO roles and responsibilities are built on impossible standards and unrealistic expecations. Expert Joseph Granneman explains this trend and why enterprises need to reverse it.Continue Reading

• Four questions to ask before buying a Web application firewall

  Web application firewalls are complex products. Expert Brad Causey explains the key criteria enterprises need to consider before investing in a WAF product.Continue Reading

• What the Community Health Systems breach can teach your organization

  The Community Health Systems breach in 2014 provided a learning opportunity for organizations handling PHI. Expert Mike Chapple reviews the key takeaways from the breach.Continue Reading

• Understanding and responding to POS malware

  Organizations must confront threats like Backoff malware to their point-of-sale systems. This guide reviews the POS malware dangers out there and offers remediation tactics.Continue Reading

• What's the best way to find enterprise compliance tools?

  Looking for compliance tools? Expert Mike Chapple explains why the best place to start the search is within your own information security infrastructure.Continue Reading

• Targeted Cyber Attacks

  In this excerpt of Targeted Cyber Attacks, authors Aditya Sood and Richard Enbody outline the cyberattack model and different vectors used to attack targets.Continue Reading

• The Basics of Information Security

  In this excerpt of The Basics of Information Security, author Jason Andress outlines methods for improving operating systems security.Continue Reading

• How can vishing attacks be prevented?

  Enterprise threats expert Nick Lewis explains what vishing attacks are and offers best practices for defending against them.Continue Reading

• How vulnerable is Silverlight security?

  Microsoft Silverlight has been in the spotlight due to an increase in the number of exploit kits it is included in. Expert Nick Lewis explains the threat's severity and how to mitigate it.Continue Reading

• Malware Forensics Field Guide for Linux Systems: Digital Forensics Field Guides

  In this excerpt of Malware Forensics Field Guide for Linux Systems: Digital Forensics Field Guides, the authors explain how to discover and extract malware from a Linux system.Continue Reading

• Introduction to Information Security: A Strategic-Based Approach

  In this excerpt of Introduction to Information Security: A Strategic-Based Approach, authors Timothy J. Shimeall and Jonathan M. Spring discuss the importance of intrusion detection and prevention.Continue Reading

• NSA TAO: What Tailored Access Operations unit means for enterprises

  The NSA's top-secret Tailored Access Operations offensive hacking unit offers enterprise defense strategy lessons. Expert Nick Lewis discusses.Continue Reading

• Authentication caching: How it reduces enterprise network congestion

  Michael Cobb explores the pros and cons of authentication caching and whether the practice can truly calm network strain.Continue Reading

• Why TCP traffic spikes with source port zero should sound an alarm

  Are spikes in TCP traffic with source port zero warning signs that future attacks are imminent? Discover why enterprises should be concerned.Continue Reading

• Preventing plaintext password problems in Google Chrome

  Plaintext passwords are risky business. Michael Cobb discusses what Google says about the Chrome password vulnerability and potential exploits.Continue Reading

• Femtocell security: Defending against a femtocell hack

  The risk of a femtocell hack is a real enterprise concern. Nick Lewis explains why and explores how to defend against an attack.Continue Reading

• Locking the backdoor: Reducing the risk of unauthorized system access

  Rampant backdoors in enterprise IT products too often provide unauthorized access to attackers and governments. Learn how to defend against the risks.Continue Reading

• Heap spray attacks: Details and mitigations for new techniques

  Expert Nick Lewis details a new heap spray attack technique and provides mitigations for both new and old heap spray attacks.Continue Reading

• Use John the Ripper to test network devices against brute forcing

  Enterprise IT security organizations should test network devices using John the Ripper to ensure they are not susceptible to brute-force attacks.Continue Reading

• PCI DSS version 3.0: The five most important changes for merchants

  PCI DSS version 3.0 isn't a wholesale revision, but longtime PCI expert Ed Moyle says merchants' transitions must start now to avoid problems later.Continue Reading

• Inside the BREACH attack: How to avoid HTTPS traffic exploits

  Enterprise threats expert Nick Lewis examines how the BREACH attack exploits HTTPS traffic and what enterprises can do to mitigate the attack risk.Continue Reading

• The value of 2,048-bit encryption: Why encryption key length matters

  Leading browsers are required to use 2,048-bit length keys by the end of the year, but what effect does this have on security?Continue Reading

• Can an unqualified domain name cause man-in-the-middle attacks?

  An unqualified domain name can make reaching internal resources easier, but expert Michael Cobb warns that man-in-the-middle attacks could result.Continue Reading

• Security incident response procedures: When to do a system shutdown

  At times, security incident response procedures require drastic measures. Expert Nick Lewis explains when and how to perform a system shutdown.Continue Reading

• Are FedRAMP security controls enough?

  Cloud service providers are working with authorized third-party auditors to meet FedRAMP security controls. The 3PAOs tell us how it’s going, so far.Continue Reading

• Amazon S3 encryption overview: How to secure data in the Amazon cloud

  Learn details for employing Amazon S3 encryption features. Expert Dave Shackleford compares S3 encryption to other cloud provider offerings.Continue Reading

• Fiber optic networking: Assessing security risks

  Matthew Pascucci discusses the potential security risks associated with fiber optic networking.Continue Reading

• How to configure a VLAN to achieve the benefits of VLAN security

  Expert Brad Casey explains how to configure a VLAN in order to achieve the benefits of VLAN security, including protection against insider attacks.Continue Reading

• Bing security: Is search engine poisoning a problem for Bing users?

  Is Microsoft's Bing search engine more susceptible to search engine poisoning than Google? Expert Michael Cobb discusses Bing security.Continue Reading

• Antivirus evasion techniques show ease in avoiding antivirus detection

  In the wake of the New York Times attack, a look at antivirus evasion techniques show how easy it is to avoid antivirus detection and why new defenses are needed.Continue Reading

• What risk does the Apple UDID security leak pose to iOS users?

  Expert Michael Cobb details Apple's Unique Device Identifiers, plus why iOS users should be concerned about the Anonymous UDID security leak.Continue Reading

• How to implement firewall policy management with a 5-tuple firewall

  Matt Pascucci explains how to implement firewall policy management for 5-tuple firewalls when ports must be kept open for business reasons.Continue Reading

• BYOD security: How to remotely wipe iPhone and Android devices

  Remote data wipe is key to any BYOD security policy, but each OS handles it differently. Lisa Phifer covers how to use it with other controls to protect data.Continue Reading