dcsimg

Data and device security for domestic abuse survivors

For more than a month, Malwarebytes has worked with advocacy groups, law enforcement, and cybersecurity researchers to deliver helpful information in fighting stalkerware—the disturbing cyber threat that enables domestic abusers to spy on their partners’ digital and physical lives. While we’ve ramped up our detections, written a safety guide for those who might have stalkerware on their … [Read more...]

Backdoors are a security vulnerability

Last month, US Attorney General William Barr resurrected a government appeal to technology companies: Provide law enforcement with an infallible, “secure” method to access, unscramble, and read encrypted data stored on devices and sent across secure messaging services. Barr asked, in more accurate, yet unspoken terms, for technology companies to develop encryption backdoors to their own … [Read more...]

The Difference Between PGP, OpenPGP, and GnuPG Encryption

Ah, cryptography. It’s so important to us in our every day lives and yet it has one of the longest and confusing pasts of any type of technology we use today. … [Read more...]

Why Your Encryption is Only as Good as Your (Multi-Factor) Authentication

Username and password may be the de-facto means of authentication for many organizations, but they can easily be the weakest link in security controls. In this article, we’ll detail why Multi-Factor Authentication (MFA) should be paired with encryption for top-level security. … [Read more...]

How to securely send your personal information

This story originally ran on The Parallax and was updated on July 3, 2019. A few months ago, my parents asked a great security question: How could they securely send their passport numbers to a travel agent? They knew email wasn’t safe on its own. Standard email indeed isn’t safe for sending high-value personal information such as credit card or passport numbers, according to security … [Read more...]

Double Encryption: Is It More Secure Or Dangerous?

Since encryption is used to secure data, it would seem only natural that encrypting something twice would increase security. However, that isn't always the case. … [Read more...]

Encryption at Rest isn’t Good Enough

There are basically two ways to keep data out of the hands of hackers. One is to protect every endpoint leading to it, making it essentially inaccessible. The other is to encrypt the data, so that even if hackers get to the document they cannot read it. But where should encryption be applied? … [Read more...]

Mozilla urges Apple to make privacy a team sport

We often say cybersecurity is a team sport, but, pending a public advocacy campaign from one major tech developer to another, the same might be true for online privacy. Mozilla is currently getting people around the world to lend their voices toward Apple, asking that the company place some extra barriers between iPhone users and online advertisers. Though cybersecurity researchers disagree … [Read more...]

Facebook’s history betrays its privacy pivot

Facebook CEO Mark Zuckerberg proposed a radical pivot for his company this month: it would start caring—really—about privacy, building out a new version of the platform that turns Facebook less into a public, open “town square” and more into a private, intimate “living room.” Zuckerberg promised end-to-end encryption across the company’s messaging platforms, interoperability, disappearing … [Read more...]

Compromising vital infrastructure: communication

Have you ever been witness to a Wi-Fi failure in a household with school-aged children? If so, I don’t have to convince you that communication qualifies as vital infrastructure. For the doubters: when you see people risking their lives in traffic just to check their phone, you’ll understand why most adults consider instant communication to be vital as well. Forms of communication Humanity … [Read more...]