dcsimg

The lazy person’s guide to cybersecurity: minimum effort for maximum protection

Are you tired of that acquaintance who keeps bugging you with computer questions? Do you avoid visiting certain people because you know you will spend most of the evening cleaning up their machine? My uncle Bob is one of those people. He’s a nice guy, but with computers, he’s not just an accident waiting to happen—he’s an accident waiting to become a catastrophe. To keep Uncle Bob’s … [Read more...]

A week in security (February 4 – 8)

Last week on Malwarebytes Labs, we took a closer look at the technical and reputational challenges for Facebook as it tries to integrate secure messaging across Messenger, WhatsApp, and Instagram. We explored Google’s latest attempts to change how the public sees—literally—web browser URLs, gave some of our best tips on how to safely browse the Internet at work, and detailed a unique spam campaign … [Read more...]

How the government shutdown is influencing cybersecurity jobs

As of this writing, the government shutdown of 2019 is the longest ever in America. The only good news about this situation is that, with each passing day, a new group of people in the country seems to rediscover just how essential government services are, now that they’re unavailable. The next likely casualty is the government’s stable of cybersecurity talent. Here’s why—and … [Read more...]

6 security concerns to consider when automating your business

Automation is an increasingly-enticing option for businesses, especially when those in operations are in a  perpetual cycle of “too much to do and not enough time to do it.” When considering an automation strategy, business representatives must be aware of any security risks involved. Here are six concerns network admins and other IT staff should keep in mind. 1. Using automation for … [Read more...]

A week in security (October 8 – 14)

Last week, we warned you away from some dubious Doctor Who streams, explained how Endpoint Detection and Response may not be enough, and explored what happens during a confusing supply chain story. We also showed you how to keep up with security, explained the risks of fake browser updates, and explored the unpleasant world of workplace violence. Other cybersecurity news: Google Plus suffers a … [Read more...]

6 ways to keep up with cybersecurity without going crazy

As we dive headfirst into National Cybersecurity Awareness Month, it seems only fitting to discuss ways to stay on top of developments in modern cybersecurity and privacy. What’s the best way to stay protected? How can you determine if something is a scam? Which big company has been breached now? The topic of security features heavily across many industries, blogs, and news channels simply … [Read more...]

Assessing the security of a portable router: a look inside its hardware

Network administrators should perform security assessments of hardware that they will provide their users, or particularly paranoid users might want to poke at their devices just to be extra sure. In this blog post, we will demonstrate the techniques used to assess security on a generic portable router purchased online. We have redacted its identifiable information as our goal here isn’t to … [Read more...]

A week in security (August 20 – 26)

Last week on Labs, we took a look at insider threats, doubled back on the privacy of search browser extensions, profiled green card scams, revisited Defcon badgelife, and talked about what happens to a user’s accounts when they die. Other cybersecurity news There was an archiving error in Twitch HQ. Unfortunately, that left some private user messages (even those with sensitive info in them) … [Read more...]

Engaging students in cybersecurity: a primer for educators

Give a man a fish and you feed him for a day; teach a man to fish and you feed him for a lifetime. ~ Maimonides The education sector has had its share of breaches. And schools, like medical and retail institutions, continue to struggle when it comes to securing their highly-priced assets: student and staff data and intellectual property. This is a big challenge for many. Unfortunately, it’s … [Read more...]

5 cybersecurity questions retailers must ask to protect their businesses

The Target breach in 2013 may not be the biggest retail breach in history, but for many retailers, it was their watershed moment. Point-of-sale (PoS) terminals were compromised for more than two weeks. 40 million card details and 70 million records of personal information swiped—part of which was “backlist,” historical transaction information dating back to more or less a decade ago. … [Read more...]