SACK Panic: Linux and FreeBSD Kernels Vulnerable to Remote Denial of Service Vulnerabilities (CVE-2019-11477)

Researchers at Netflix have disclosed new remote denial of service and resource consumption vulnerabilities in most Linux and FreeBSD versions. Background On June 17, Netflix published an advisory to its GitHub repository for security bulletins. The advisory highlights the discovery of four Transmission Control Protocol (TCP) networking vulnerabilities in the Linux and FreeBSD kernels, including a … [Read more...]

Using AaronLocker to Easily Deploy Microsoft AppLocker

If you are a Windows user, you have likely heard of Microsoft AppLocker. This whitelisting program allows Windows users to protect itself from disk based malware by way of restricting executable programs to a specific list of paths, hashes, or signed applications. However, a new player has joined the fold, AaronLocker.    … [Read more...]

U.S. Government Announces Critical Warning For Microsoft Windows Users

Satnam Narang tells Forbes that the level of attention surrounding BlueKeep is warranted.https://www.forbes.com/sites/daveywinder/2019/06/18/u-s-government-announces-critical-warning-for-microsoft-windows-users/#6539b87d52d2 … [Read more...]

Hiring for the First Time—What to Expect and Who to Hire First

One of the most important milestones for any business is the hiring of its first full-time employee. Managed services providers (MSPs) are no exception.   Read More … [Read more...]

3 challenges when securing ISO 27001 approval from the board

So you’ve decided that it’s in your organisation’s best interest to adopt ISO 27001, the international standard for information security. Good decision. Now you just need to convince the board to give you the financial backing and resources to implement the Standard.  That’s not as hard it once was, given how highly publicised data breaches now are. But you might still struggle to persuade senior … [Read more...]

Microservices Architecture: LEGO for DevOps

DevOps is one of the biggest trends in tech today, but it wouldn’t be half of what it is without microservices architecture. … [Read more...]

Podcast: Can Former Cyber Criminals Be Trusted?

If you work in the cyber security field, chances are you've run into current or former black hats. But some of these hackers have put their dark pasts behind them and are doing great things in the world cyber security research today. The big question is should an individual's dark past define their future? … [Read more...]

A week in security (June 10 – 16)

Last week on Malwarebytes Labs, we revealed to readers the mindset of security pros as to why they lack confidence in their ability to prevent their organizations getting breached. We also reported on Maine Governor Janet Mills implementing the state’s own privacy protections, how Apple can better protect its users’ privacy, the continuous trending of the MegaCortex ransomware, how cyberbullies … [Read more...]

HIPAA Compliance Checklist and Requirements

<p>As a managed services provider (MSP), complying with a range of legal regulations can be a major part of your responsibilities. This is more than a way to provide great value to your customers—staying compliant can also protect you from penalties. This is especially true if you work with customers within the healthcare sector who are covered by the Health Insurance Portability and … [Read more...]

Hope Is Not a Strategy: Four Lessons ‘Survivor’ Taught Me About Cybersecurity

The Fijian island landscape may look very different from the Cyber Exposure landscape, but surviving them has more in common than you would think. And I have the personal experience to prove it. In 2018, I took a short break from my position as a Technical Writer at Tenable and traded writing documentation for vulnerability management solutions for something a little less high-tech. I flew to Fiji … [Read more...]