Threats and vulnerabilities
Keeping up with the latest threats and vulnerabilities is a battle for any security pro. Get up-to-date information on email threats, nation-state attacks, phishing techniques, ransomware and malware, DDoS attacks, APTs, application vulnerabilities, zero-day exploits, malicious insiders and more.
Top Stories
-
Feature
24 Mar 2023
SMS pumping attacks and how to mitigate them
Online forms that use SMS can be costly to organizations if they are vulnerable to SMS pumping attacks. Use the following methods to mitigate or prevent this fraud-based attack. Continue Reading
-
News
23 Mar 2023
More victims emerge from Fortra GoAnywhere zero-day attacks
Threat actors began exploiting a zero-day vulnerability in Fortra's GoAnywhere file sharing software in late January, victimizing several large enterprises. Continue Reading
-
Answer
26 Apr 2017
How does the boot mode vulnerability in Android work?
A boot mode vulnerability allowed attackers to eavesdrop on calls made on certain Android devices. Expert Judith Myerson explains how the complex exploit works. Continue Reading
-
News
25 Apr 2017
NSA spyware found infecting tens of thousands worldwide
A new security tool will let users scan their systems for the presence of NSA spyware found in the latest Equation Group leak, and tens of thousands are already infected. Continue Reading
-
News
21 Apr 2017
Hajime worm fights the forces of evil IoT malware, maybe
News roundup: The Hajime worm is the nicer, sneakier brother of Mirai malware. Plus, the FBI and CIA hunt for the Vault 7 whistleblower, Symantec adds to Zscaler lawsuit, and more. Continue Reading
-
Answer
20 Apr 2017
How does Exaspy spyware disguise itself on Android devices?
Exaspy spyware, which can access messages, video chats and more, was found on Android devices owned by executives. Expert Nick Lewis explains how Exaspy is able to avoid detection. Continue Reading
-
News
18 Apr 2017
Shadow Brokers' Windows exploits target unsupported systems
A new release of NSA cyberweapons falls flat, as Windows exploits from the Shadow Brokers have mostly been patched. But unsupported systems are still at risk. Continue Reading
-
News
14 Apr 2017
Shadow Brokers release SWIFT banking and Windows exploits
The Shadow Brokers released another cache of cyberweapons linked to the Equation Group, including Windows exploits and attack details for the SWIFT banking system. Continue Reading
-
News
13 Apr 2017
U.S. election hacking not an act of cyberwarfare, experts say
The government needs a better definition for an act of cyberwarfare, says ex-CIA Director Michael Hayden, because he doesn't think the U.S. election hacking applies. Continue Reading
-
News
11 Apr 2017
CIA Vault 7 tools attributed to hacking group for years
Security researchers said the CIA Vault 7 tools and techniques are linked to cyberattacks over the past six years targeting various foreign entities. Continue Reading
-
News
05 Apr 2017
Pegasus malware expands from iOS to Android
One of the more malicious iOS threats -- Pegasus malware -- has made its way to Android devices and it has some dangerous new tricks in its arsenal. Continue Reading
-
Feature
04 Apr 2017
Five criteria for purchasing from threat intelligence providers
Expert Ed Tittel explores key criteria for evaluating threat intelligence providers to determine the best service for an enterprise's needs. Continue Reading
-
Feature
03 Apr 2017
Politics of cyber attribution pose risk for private industry
Why nation-state attribution plays a major role in the U.S. government's willingness to share cyberthreat intelligence with private-sector companies. Continue Reading
-
Answer
03 Apr 2017
How did firmware create an Android backdoor in budget devices?
An Android backdoor was discovered in the Ragentek firmware used in almost three million low-cost devices. Expert Michael Cobb explains how to prevent attacks on affected devices. Continue Reading
-
Answer
30 Mar 2017
How did vulnerabilities in AirWatch Agent and Inbox work?
Flaws in AirWatch Agent and AirWatch Inbox allowed rooted devices to bypass the software's security measures. Expert Matthew Pascucci explains how these vulnerabilities worked. Continue Reading
- 30 Mar 2017
-
News
24 Mar 2017
Cisco issues fix for Vault 7 vulnerability without help from WikiLeaks
News roundup: Cisco fixes a Vault 7 flaw unaided, despite WikiLeaks' pledge to work with vendors. Plus, LastPass flaws leak user data; Apple held hostage by hackers; and more. Continue Reading
-
Answer
24 Mar 2017
How does the Locky ransomware file type affect enterprise protection?
Locky ransomware has, again, changed tactics by moving to using LNK files for distribution. Expert Nick Lewis explains how enterprises can adjust protections for this shift. Continue Reading
-
Answer
23 Mar 2017
Hajime malware: How does it differ from the Mirai worm?
Hajime malware was discovered to have links to the Mirai botnet that launched powerful DDoS attacks last year. Expert Nick Lewis explains how Hajime differs from Mirai. Continue Reading
-
Answer
22 Mar 2017
How does the Drammer attack exploit ARM-based mobile devices?
Drammer, or a deterministic Rowhammer attack, was found to be more effective on ARM-based mobile devices. Expert Nick Lewis explains the issue with ARM processors. Continue Reading
-
Answer
21 Mar 2017
How can attackers turn Instagram into C&C infrastructure?
An Instagram application can be turned into C&C infrastructure with the help of image steganography malware attacks. Expert Nick Lewis explains how this works. Continue Reading
-
News
17 Mar 2017
Patched Apache Struts vulnerability exploited in the wild
News roundup: An Apache Struts vulnerability is still being exploited, despite being patched. Plus, WhatsApp and Telegram release patches; Assange contacts Microsoft; and more. Continue Reading
-
News
14 Mar 2017
Is the antivirus industry dead? Experts weigh in
RSAC 2017: With malware-detecting software increasingly coming under fire for vulnerabilities, find out what the experts had to say about the future of the antivirus industry. Continue Reading
-
Answer
07 Mar 2017
How can the Dirty COW vulnerability be used to attack Android devices?
A copy-on-write vulnerability known as 'Dirty COW' was found in the Linux kernel of Android devices. Expert Michael Cobb explains the risks of this attack. Continue Reading
-
Answer
03 Mar 2017
What's the best corporate email security policy for erroneous emails?
If an employee receives invalidated emails, should the corporate email security policy handle it? Expert Matthew Pascucci discusses the rights of the enterprise. Continue Reading
-
Tip
02 Mar 2017
What to consider about signatureless malware detection
Endpoint security is changing into signatureless malware detection and protection. Expert Matthew Pascucci discusses the transition away from signatures. Continue Reading
-
Report
01 Mar 2017
Ransomware costs not limited to ransoms, research shows
The financial fallout from ransomware involves more than bitcoins, one study found. Targeted companies invest in security technology and fear loss of reputation and customers. Continue Reading
- 24 Feb 2017
- 24 Feb 2017
-
Answer
23 Feb 2017
IoT malware: How can internet-connected devices be secured?
IoT botnet DDoS attacks have been growing in volume and impact. Expert Nick Lewis explains how you can ensure your internet-connected devices are secure from IoT malware. Continue Reading
-
Answer
22 Feb 2017
How can obfuscated macro malware be located and removed?
A new type of macro malware has the ability to evade the detection of virtual machines and sandbox environments. Expert Nick Lewis explains how to find and remove this malware. Continue Reading
-
Answer
20 Feb 2017
How can open FTP servers be protected from Miner-C malware?
Enterprises with open FTP servers are being targeted by Miner-C malware for crypto coin mining activities. Expert Nick Lewis explains how enterprises can protect their servers. Continue Reading
-
News
16 Feb 2017
Connected medical devices spark debate at RSA Conference session
An RSA Conference session on a new attack on connected medical devices led to a spirited debate on vulnerability disclosure and manufacturer responsibility. Continue Reading
-
Blog Post
15 Feb 2017
Christopher Young: Don't sleep on the Mirai botnet
RSA Conference 2017 was full of talk about future IoT attacks, but Intel Security's Christopher Young said the Mirai botnet is still an enormous threat and demonstrated why that is. Continue Reading
-
News
14 Feb 2017
Microsoft: Nation-state cyberattacks have changed the security game
Microsoft's Brad Smith spoke at RSA Conference 2017 about the effects of nation-state cyberattacks and what businesses and governments can do about them. Continue Reading
-
News
13 Feb 2017
Ransomware threat continues to evolve, defense needs to catch up
With the rapid expansion of the ransomware threat landscape, defenders are scrambling to find ways to fight back. RSAC 2017 dedicated a full day for a ransomware seminar. Continue Reading
-
Blog Post
08 Feb 2017
Five things to watch at RSA Conference 2017
With no single trend or theme dominating at RSA Conference 2017, this year's show will still have plenty of material on machine learning, IoT security and much more. Continue Reading
-
Answer
07 Feb 2017
How did a Signal app bug let attackers alter encrypted attachments?
The Signal app, used for end-to-end encrypted mobile messaging, contained a bug that allowed data to be added to attachments. Expert Michael Cobb explains the flaw. Continue Reading
-
Answer
06 Feb 2017
How does Overseer spyware work on infected Android apps?
Spyware was found on infected Android apps, which were meant to convey embassy information and news, in the Google Play Store. Expert Michael Cobb explains how the spyware works. Continue Reading
-
Report
01 Feb 2017
Recent ransomware attacks: Data shows 50% growth in 2016
With high sums paid, ransomware gets all the attention. But malware is not the only way that criminals gained control of enterprise systems, a new report shows. Continue Reading
-
Feature
01 Feb 2017
Looming cloud security threats: How attacks will follow your data
You can move your data to cloud-based systems and web services, but you can't hide it there. Hackers and predators have more ways to find it. Continue Reading
-
E-Zine
01 Feb 2017
In 2017, cybersecurity attacks will follow your data
Thanks to a polarizing election, the potential ramifications of cybersecurity attacks are front and center. Your friends and relatives probably have some concept of what it is that you actually do and its importance. But the daily challenges of protecting most enterprise environments is less like The Americans than they might think. Still, it's exciting. In this issue of Information Security magazine, we look at the incoming threats in 2017 and some countermeasures that can help your organization bolster its defenses.
Last year, we saw the internet of things used as a beachhead in larger cybersecurity attacks. Many devices now use cloud-based systems to communicate. They regularly send status updates to the cloud server and retrieve new commands to execute. Weak and incorrectly implemented authentication between device and cloud is often the point of failure that can be exploited to either attack the cloud infrastructure or the device. So far, destructive attacks are not common and are mostly limited to distributed denial-of-service attacks, which do not cause permanent damage. But future attacks, if they are combined with ransom demands, may destroy devices intentionally.
Breaches of cloud storage that modify data instead of just "stealing" it and vulnerabilities in microservices environments are other areas in which attackers may get more leverage. With the emergence of cloud-based microservices, this problem will only become worse. Instead of including a library in software shipped to clients, the software now relies on cloud-based web services to perform certain functions. We look at what is coming next and ways to mitigate these cybersecurity attacks. Continue Reading
-
News
31 Jan 2017
Hacked CCTV cameras in DC before inauguration leave unanswered questions
The Washington, D.C., Police Department spotted hacked CCTV cameras before the inauguration and has remediated the ransomware, but questions still surround the attack. Continue Reading
- 30 Jan 2017
- 30 Jan 2017
-
Answer
23 Jan 2017
How does Stampado ransomware spread to external drives?
The Stampado ransomware is a low-cost threat to networks and external drives. Expert Matthew Pascucci explains how Stampado works and how enterprises should handle it. Continue Reading
-
News
20 Jan 2017
Carbanak gang using Google services for command and control
Researchers find the Carbanak gang has evolved its attacks on financial institutions to use Google services for command and control infrastructure in malware. Continue Reading
-
Answer
19 Jan 2017
How does RIPPER ATM malware use malicious EMV chips?
RIPPER malware has been found responsible for the theft of $378,000 from ATMs in Thailand. Expert Nick Lewis explains how this ATM malware works. Continue Reading
-
Podcast
18 Jan 2017
Risk & Repeat: Doxware emerges as a new threat to data privacy
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the emergence of doxware and extortionware and what that means for enterprises and their employees. Continue Reading
-
News
11 Jan 2017
Insecure MongoDB configuration leads to boom in ransom attacks
Poor authentication in MongoDB configurations has led to a sharp increase in ransom attacks, and experts say tens of thousands of databases could be at risk. Continue Reading
-
E-Zine
10 Jan 2017
Insider Edition: Attaining security for IoT, through discovery, identity and testing
Ever since the internet of things became a "thing," the potential for abuse has been well documented; how best to achieve security for IoT is not yet clear. This Insider Edition of Information Security magazine tackles that second issue head on.
In three feature stories, our experts examine the key aspects closely related to IoT security: device discovery, IoT identity and IoT security testing. It's basic to security that, to devise a proper security strategy, a security team must possess an accurate record of what exactly needs to be secured. The challenge when it comes to security for IoT is in cataloging, assessing and classifying devices that can number into the thousands and are often located outside an enterprise's physical boundaries. Certain industries, such as healthcare, are well into tackling this challenge. But increasingly more companies of all sizes will have to give the issue careful attention. Discovery involves identity issues, another focus of this edition, and once a security team has refined their IoT security policy, the next logical step is to implement a process of IoT security testing.
Readers of this Insider Edition will come away with a deeper understanding of how to approach security for IoT, from how to create a compilation of what needs to be secured to how to set up a successful security testing process. When it comes to internet of things security, the threat of breaches may never be fully eliminated, but the odds that enterprises will thwart attacks can be improved through proper policy and security systems.
Continue Reading -
Answer
06 Jan 2017
How are hackers using Twitter as C&C servers for malware?
C&C servers have been replaced with Twitter accounts, which spread the Android Trojan Twitoor to user devices. Expert Michael Cobb explains how to stop this attack. Continue Reading
-
News
06 Jan 2017
Doxware: New ransomware threat, or just extortionware rebranded?
The threat of ransomware continues to evolve, with a new spin on extortionware, called doxware, that's designed to target and potentially expose sensitive data of ransomware victims. Continue Reading
-
Answer
05 Dec 2016
What should happen after an employee clicks on a malicious link?
The response to an employee clicking on a malicious link is important for organizations to get right. Expert Matthew Pascucci discusses how to handle the aftermath of an attack. Continue Reading
-
News
29 Nov 2016
SF Municipal Railway restores systems after ransomware attack
The San Francisco Municipal Transportation Authority restored systems without paying following a ransomware attack that allowed free rides for travelers over the weekend. Continue Reading
-
News
17 Nov 2016
Chinese company caught preinstalling Android spyware on budget devices
A Chinese company was found to be preinstalling Android spyware on budget smartphones and collecting phone call and messaging data without consent. Continue Reading
-
Answer
11 Nov 2016
How can users protect mobile devices from SandJacking attacks?
Attackers can use the SandJacking attack to access sandboxed data on iOS devices. Expert Nick Lewis explains how to protect your enterprise from this attack. Continue Reading
-
News
29 Aug 2016
Pegasus iOS exploit uses three zero days to attack high-value targets
A new remote iOS exploit called Pegasus leverages three zero days in what appear to be state-sponsored targeted attack campaigns against political dissidents. Continue Reading
-
Answer
21 Jun 2016
What new Asacub Trojan features should enterprises watch out for?
The Asacub Trojan has new banking malware features. Expert Nick Lewis explains how it made this transition and what enterprises should be watching out for. Continue Reading
-
Podcast
15 Jun 2016
Ransomware worm raises concerns for enterprise security
In this Risk & Repeat podcast, SearchSecurity editors break down the discovery of the ZCryptor ransomware worm and what it means for future ransomware threats. Continue Reading
-
Feature
18 Mar 2016
Detecting and Combating Malicious Email
In this excerpt of Detecting and Combating Malicious Email, authors Julie JCH Ryan and Cade Kamachi discuss the elements of an email structure and touch on how attackers can use these elements to trick unwitting victims. Continue Reading
-
Answer
01 Feb 2016
How does the new voicemail phishing scam work?
A new phishing scam uses voicemail notification emails to spread malware. Expert Nick Lewis explains how this attack works and how enterprises can prevent it. Continue Reading
-
Feature
12 Jan 2016
Introduction to vulnerability management tools
Expert Ed Tittel explores how vulnerability management tools can help organizations of all sizes uncover defense weaknesses and close security gaps before they are exploited by attackers. Continue Reading
-
Feature
30 Dec 2015
Symantec Messaging Gateway and Symantec Email Security.cloud: Product overview
Expert Karen Scarfone examines the Symantec Messaging Gateway and Symantec Email Security.cloud email security gateway products that detects and blocks messages that contain suspicious content and threats. Continue Reading
-
Feature
30 Dec 2015
Proofpoint Enterprise Protection: Product overview
Expert Karen Scarfone examines the Proofpoint Enterprise Protection email security gateway product, which scans inbound and outbound email messages for malware, phishing and spam threats. Continue Reading
-
Feature
21 Dec 2015
McAfee Email Protection, Security for Email Servers: Product overview
Expert Karen Scarfone reviews the McAfee Email Protection and McAfee Security for Email Servers products that are used for monitoring, blocking and quarantining email messages. Continue Reading
-
Feature
21 Dec 2015
Clearswift SECURE Email Gateway: Product overview
Expert Karen Scarfone reviews the Clearswift SECURE Email Gateway product, which monitors incoming and outgoing emails. Continue Reading
-
Feature
21 Dec 2015
Fortinet FortiMail: Product overview
Expert Karen Scarfone reviews the Fortinet FortiMail email security gateway product that is used for monitoring email messages on behalf of an organization. Continue Reading
-
Feature
14 Dec 2015
Cisco Email Security Appliance: Product overview
Expert Karen Scarfone reviews Cisco's Email Security Appliance product that is designed for detecting and blocking email-borne threats. Continue Reading
-
News
01 Dec 2015
Amex credit card hack predicts replacement card number
Samy Kamkar found a weakness in the algorithm American Express uses to generate replacement card information and created a credit card hack as a proof-of-concept. Continue Reading
-
Opinion
01 Dec 2015
WMI tools make the perfect crime 'malware-free'
Security researchers claim that attackers are abusing a longstanding administrative tool in the Windows operating system. With no telltale signs of malware, how can you stop it? Continue Reading
-
Tip
14 Oct 2015
The malware lifecycle: Knowing when to analyze threats
Not responding to low-level threats can be perilous, yet enterprises can't always examine each issue. Expert Nick Lewis explains when an investigation is imperative. Continue Reading
-
Feature
08 Oct 2015
Emerging security threats you're up against now
Learn about the 'hacking as a service' and other emerging security threats. Continue Reading
-
Feature
05 Oct 2015
Cyber Reconnaissance, Surveillance and Defense
In this excerpt of Cyber Reconnaissance, Surveillance and Defense, author Robert Shimonski describes commonly used mobile technology and how phone tracking works. Continue Reading
-
Answer
01 Oct 2015
How can power consumption-tracking malware be avoided?
Malware authors are using power consumption tracking-malware to eavesdrop on and attack mobile devices. Expert Nick Lewis explains the threat and how to defend against it. Continue Reading
-
Tip
18 Jun 2015
Network anomaly detection: The essential antimalware tool
Traditional perimeter defenses are no longer enough; network anomaly detection tools are now essential in the battle against advanced malware. Continue Reading
-
News
11 Jun 2015
Duqu malware makes a comeback and infiltrates Kaspersky systems
The first strain of Duqu malware was found in late 2011. Now three and a half years later, Duqu 2.0 has emerged and is exploiting as many as three zero-day vulnerabilities in a new attack campaign. Continue Reading
-
Feature
01 Apr 2015
New cyberthreats: Defending against the digital invasion
The confluence of the Internet of Things and bring your own device may turn into a beachhead for attackers. Continue Reading
-
News
03 Mar 2015
Amid Apple Pay fraud, banks scramble to fix Yellow Path process
Banks are rushing to fix sloppy authentication processes at the heart of rising Apple Pay fraud. Experts also worry about potential fraud with other mobile payment systems. Continue Reading
-
Guide
15 Jan 2015
Understanding and responding to POS malware
Organizations must confront threats like Backoff malware to their point-of-sale systems. This guide reviews the POS malware dangers out there and offers remediation tactics. Continue Reading
-
Feature
16 Dec 2014
Targeted Cyber Attacks
In this excerpt of Targeted Cyber Attacks, authors Aditya Sood and Richard Enbody outline the cyberattack model and different vectors used to attack targets. Continue Reading
-
Answer
18 Nov 2014
How vulnerable is Silverlight security?
Microsoft Silverlight has been in the spotlight due to an increase in the number of exploit kits it is included in. Expert Nick Lewis explains the threat's severity and how to mitigate it. Continue Reading
-
Feature
02 Jun 2014
Command-and-control servers: The puppet masters that govern malware
Are there shadow networks within your enterprise? Stop malware by shutting down command-and-control communication channels. Continue Reading
-
Tip
10 Apr 2014
NSA TAO: What Tailored Access Operations unit means for enterprises
The NSA's top-secret Tailored Access Operations offensive hacking unit offers enterprise defense strategy lessons. Expert Nick Lewis discusses. Continue Reading
-
Answer
23 Jan 2014
Femtocell security: Defending against a femtocell hack
The risk of a femtocell hack is a real enterprise concern. Nick Lewis explains why and explores how to defend against an attack. Continue Reading
-
Tip
12 Dec 2013
Locking the backdoor: Reducing the risk of unauthorized system access
Rampant backdoors in enterprise IT products too often provide unauthorized access to attackers and governments. Learn how to defend against the risks. Continue Reading
-
Answer
02 Dec 2013
Heap spray attacks: Details and mitigations for new techniques
Expert Nick Lewis details a new heap spray attack technique and provides mitigations for both new and old heap spray attacks. Continue Reading
-
Tip
11 Nov 2013
Inside the BREACH attack: How to avoid HTTPS traffic exploits
Enterprise threats expert Nick Lewis examines how the BREACH attack exploits HTTPS traffic and what enterprises can do to mitigate the attack risk. Continue Reading
-
Answer
10 Sep 2013
Can an unqualified domain name cause man-in-the-middle attacks?
An unqualified domain name can make reaching internal resources easier, but expert Michael Cobb warns that man-in-the-middle attacks could result. Continue Reading
-
Quiz
07 Mar 2013
Quiz: Targeted attacks
Think you know a targeted attack when you see one? Check if you're up to speed and ready to protect your organization from this pernicious threat with this five-question quiz. Continue Reading
-
Feature
26 Feb 2013
Antivirus evasion techniques show ease in avoiding antivirus detection
In the wake of the New York Times attack, a look at antivirus evasion techniques show how easy it is to avoid antivirus detection and why new defenses are needed. Continue Reading
-
Answer
25 Aug 2011
Locate IP address location: How to confirm the origin of a cyberattack
What's the best way to determine the origin of a cyberattack? Expert Nick Lewis weighs in. Continue Reading
-
Answer
25 May 2010
Tips on how to remove malware manually
In this expert response, Nick Lewis explains how to remove malware manually, step by step. Continue Reading
-
Tip
06 Apr 2010
Operation Aurora: Tips for thwarting zero-day attacks, unknown malware
In December 2009, Google, Adobe and other companies were the victims of a damaging cyberattack called Operation Aurora. In this tip, expert Nick Lewis outlines the lessons learned from this attack, and how companies can avoid falling victim to similar attacks. Continue Reading
-
Tip
02 Jul 2009
How to defend against rogue DHCP server malware
Rogue DHCP server malware is a new twist on an old concept. The good news is that effective threat mitigation strategies exist; the bad news is that many organizations haven't bothered to deploy them. Continue Reading
-
Answer
26 Jan 2009
What are the security risks of opening port 110 and port 25?
If an external manufacturer wants to remotely access its leased copiers, is it risky to open both port 110 or port 25? Mike Chapple reveals a few security repercussions. Continue Reading
-
Answer
21 Oct 2008
Is it impossible to successfully remove a rootkit?
In this expert Q&A, Michael Cobb takes a closer a look at the nature of rootkits to see why they can be so difficult to remove. Continue Reading
-
Tip
05 Mar 2008
Built-in Windows commands to determine if a system has been hacked
In this tip, contributor Ed Skoudis identifies five of the most useful Windows command-line tools for machine analysis and discusses how they can assist administrators in determining if a machine has been hacked. Continue Reading
-
Tip
17 Jan 2008
Ten hacker tricks to exploit SQL Server systems
SQL Server hackers have a medley of tricks and tools to gain access to your database systems. Learn their techniques and test SQL Server security before they do. Continue Reading
-
Tip
17 Jan 2008
Cleansing an infected mail server
Learn five measures you can take to when cleaning up a massive email virus infection Continue Reading
-
Tip
13 Sep 2007
How to avoid dangling pointers: Tiny programming errors leave serious security vulnerabilities
For years, many have said that there is no practical way to exploit a dangling pointer, a common application programming error. But these software bugs should no longer be thought of as simple quality-assurance problems. Michael Cobb explains how the threat has grown and reveals the techniques that can keep pointers from dangling helplessly in the wind. Continue Reading
-
Answer
30 May 2007
How secure are document scanners and other 'scan to email' appliances?
Copiers and document scanners have always posed challenges for information security teams. In this SearchSecurity.com Q&A, Michael Cobb reveals how the right policies can control the use (and abuse) of these devices. Continue Reading