Ask the Experts

Ask the Experts

• How do the malware implants RedLeaves and PlugX work?

  Malware implants RedLeaves and PlugX infected networked systems in multiple industries and leveraged stolen administrator credentials. Expert Judith Myerson explains how it works.  Continue Reading

• How can users protect themselves from the DocuSign phishing email?

  A DocuSign phishing email with a link to a malicious Word document recently targeted the company's users. Expert Judith Myerson outlines six ways to avoid this type of attack.  Continue Reading

• How does an Intel AMT flaw enable attackers to gain device access?

  A vulnerability in Intel AMT enables attackers to gain remote access to PCs and devices. Expert Judith Myerson explains how the attack works and what can be done to prevent it.  Continue Reading

• How can an SMB server be used to steal Windows login credentials?

  A Google Chrome flaw enables attackers to automatically download Windows credentials to their SMB sever. Expert Judith Myerson explains how that works.  Continue Reading

• How can enterprises address Nagios Core vulnerabilities?

  Early versions of Nagios Core, the open source network monitoring tool, had privilege escalation vulnerabilities. Expert Judith Myerson explains the flaw and what to do about it.  Continue Reading

• Android sandboxing tools: How can work data separation be bypassed?

  Android for Work's sandboxing tools, which split work and personal profiles, can be bypassed with a proof-of-concept attack. Expert Michael Cobb explains how the attack works.  Continue Reading

• How are forged cookies used in attacks on online user accounts?

  Yahoo claimed a vulnerability in its email service enabled attackers to use forged cookies to gain access to user accounts. Expert Michael Cobb explains how these cookies are used.  Continue Reading

• What made iOS apps handling sensitive data vulnerable to MitM attacks?

  A researcher discovered 76 iOS apps containing sensitive user data that were vulnerable to man-in-the-middle attacks. Expert Michael Cobb explains how developers can prevent this.  Continue Reading

• Ticketbleed flaw: How can SSL session identities be protected?

  The Ticketbleed flaw in F5 Networks' BIG-IP appliances leaks uninitialized memory and SSL session identities. Expert Michael Cobb explains how enterprises can mitigate it.  Continue Reading

• WordPress REST API flaw: How did it lead to widespread attacks?

  A REST API endpoint vulnerability enabled attacks on 1.5 million sites running WordPress. Expert Michael Cobb explains how this vulnerability works and how to prevent attacks.  Continue Reading

• How are hackers using Unicode domains for spoofing attacks?

  A proof of concept showed that hackers can use Unicode domains to make phishing sites look legitimate. Expert Matthew Pascucci explains how this spoofing attack works.  Continue Reading

• How does the Microsoft Authenticator application affect password use?

  The Microsoft Authenticator application enables smartphone-based, two-factor authentication and attempts to reduce the use of passwords. Expert Matthew Pascucci explains how.  Continue Reading

• What are the challenges of migrating to HTTPS from HTTP?

  Migrating to HTTPS from HTTP is a good idea for security, but the process can be a challenge. Expert Matthew Pascucci explains how to make it easier for enterprises.  Continue Reading

• How did Webroot's antivirus signature update create false positives?

  A Webroot antivirus signature update flagged Windows and Windows applications as dangerous. Expert Matthew Pascucci explains how it happened and what Webroot did about it.  Continue Reading

• How does the Antbleed backdoor vulnerability work?

  Antbleed, a backdoor vulnerability, was discovered in bitcoin mining equipment. Expert Matthew Pascucci explains how the Bitmain flaw works and how it can be prevented.  Continue Reading