dcsimg

A week in security (December 3 – 9)

Last week on Malwarebytes Labs, we gave readers an FYI on multiple breaches that affected Humble Bundle, Quora, and Dunkin’ Donuts, to name a few. This follows the announcement from Marriott about a four-year long breach that impacted half a billion of its patrons. We also pushed out the report, “Under the Radar: The Future of Undetected Malware”, wherein we examined current … [Read more...]

A week in security (December 3 – 9)

Last week on Malwarebytes Labs, we gave readers an FYI on multiple breaches that affected Humble Bundle, Quora, and Dunkin’ Donuts, to name a few. This follows the announcement from Marriott about a four-year long breach that impacted half a billion of its patrons. We also pushed out the report, “Under the Radar: The Future of Undetected Malware”, wherein we examined current … [Read more...]

How to Make an Offline Root Certificate Authority for Windows PKI in WSL

Using WSL for the offline root allows us to protect it easily. Using Windows Server as the intermediate allows us maximal benefits. Full how-to guide. Read the post here: How to Make an Offline Root Certificate Authority for Windows PKI in WSL … [Read more...]

Something else is phishy: How to detect phishing attempts on mobile

In a report published in 2011, IBM revealed that mobile users are three times more likely to fall for phishing scams compared to desktop users. This claim was based on accessed log files found on Web servers used to host websites involved in phishing campaigns. Almost a decade later, we continue to see different organizations reporting an increased trend in phishing attacks targeting the mobile … [Read more...]

What Are Intrusion Prevention Systems and Can They Protect Your Network from Attacks?

Trying to understand what network security solutions are available, the differences between them, how and when they should be used, can be overwhelming for most organizations. While there are many options to choose from, a typical suite of tools would include an Intrusion Prevention System (IPS), Data Loss Prevention (DLP) software/hardware, and a sophisticated Data-Centric Audit & Protection … [Read more...]

How to Overcome Barriers that Lead to AI Failure

At this week’s AI Summit, AI leaders from IBM and Google examined the factors that contribute to AI failure and shared best practices for getting past those obstacles.Business leaders see tremendous competitive advantage in artificial intelligence, due to the promise it holds to greatly improve customer satisfaction, retention and loyalty; increase revenues; and save money. Yet, only five percent … [Read more...]

Mac malware combines EmPyre backdoor and XMRig miner

Earlier this week, we discovered a new piece of Mac malware that is combining two different open-source tools—the EmPyre backdoor and the XMRig cryptominer—for the purpose of evil. The malware was being distributed through an application named Adobe Zii. Adobe Zii is software that is designed to aid in the piracy of a variety of Adobe applications. In this case, however, the app was called Adobe … [Read more...]

7 Tips for Improving Your Time to Completion

When managed services providers (MSPs) are looking for ways to improve business growth and increase customer satisfaction, time to completion (TTC) is a common metric that can help move the needle on both.  Read More … [Read more...]

Thycotic Named a Visionary in the 2018 Gartner Magic Quadrant for Privileged Access Management

 Evaluation Based on Completeness of Vision and Ability to Execute WASHINGTON, D.C., December 7, 2018 — Thycotic, provider of privileged account management (PAM) solutions for more than 10,000 organizations worldwide, today announced that it has been named a Visionary by Gartner, Inc. in its December 2018 Magic Quadrant for Privileged Access Management.1 Gartner recently published its top 10 … [Read more...]

7 tips to help you implement a GDPR staff awareness training programme

Staff awareness training is an essential component of the GDPR (General Data Protection Regulation), but do you know how it works in practice? Here are seven things you can do to make your awareness programme a success. Consider your requirements There isn’t a ‘one-size-fits-all’ approach for staff awareness training. Every organisation needs to tailor its programme according to several … [Read more...]