dcsimg

Lock and Code S1Ep9: Strengthening and forgetting passwords with Matt Davey and Kyle Swank

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Matt Davey, chief operations optimist at 1Password, and Kyle Swank, a member of 1Password’s security team, about—what else—passwords. We may know it’s important to have a strong, non-guessable, lengthy password, and yet we still probably all know … [Read more...]

Coronavirus impacts security conferences and events: check your schedule

With coronavirus starting to take hold globally, international travel restrictions are kicking in and more workplaces are advising to work from home whenever possible. When self-isolation is a potential solution, public gatherings are increasingly looking like a terrible idea. Events are becoming a bit of a hotspot for cases, leading to inevitably bizarre scenarios where coronavirus conferences … [Read more...]

A week in security (January 27 – February 2)

Last week on Malwarebytes Labs, we looked at the strengths and weaknesses of the Zero Trust model, gave you the low-down on spear phishing, and took a delve into the world of securing the managed service provider (MSP). Other cybersecurity news UN compromised via Sharepoint hack: An extraordinary tale highlighting that absolutely nobody is safe when bad things happen and are then covered up. … [Read more...]

A week in security (September 9 – 15)

Last week  on the Labs blog, we looked at free VPN offerings, how malware can hinder vital emergency services, and explored how the Heartbleed vulnerability is still causing problems. We also talked about a large FTC settlement involving Google, and how to keep an eye out for leaky AWS buckets. Other cybersecurity news The Cobalt Dickens group has returned to cause trouble. (Source: … [Read more...]

Caution: Misuse of security tools can turn against you

We have a saying in Greece: “They assigned the wolf to watch over the sheep.” In a security context, this is a word of caution about making sure the tools we use to keep our information private don’t actually cause the data leaks themselves. In this article, I will be talking about some cases that I have come across in which security tools have leaked data they were intended … [Read more...]

Malwarebytes Labs wins best cybersecurity vendor blog at InfoSec’s European Security Blogger Awards

Infosec Europe is now well underway, and last night was the annual EU Security Blogger Awards, where InfoSecurity Magazine: …recognise[s] the best blogs in the industry as first nominated by peers and then judged by a panel of (mostly) respected industry experts. Malwarebytes Labs was announced as winner of the Best Cybersecurity Vendor Blog. We previously won best corporate security blog in … [Read more...]

A 9-step guide to implementing ISO 27001

As with many projects, the hardest part of implementing ISO 27001 tends to be knowing where to begin. The Standard, which describes best practice for an ISMS (information security management system ISMS), explains the requirements you need to meet, but it doesn’t show you how to implement them.   In this blog, we explain in nine steps exactly what you need to do to implement … [Read more...]

Potential data breach under investigation at University Hospital Galway

Saolta University Health Care Group is investigating a potential data breach at UHG (University Hospital Galway) after scam letters were sent to patients’ home addresses.   The letters, from an organisation calling itself The Anglo America Lottery, informed recipients that they had won a significant prize in the ‘Hospital Sick Patient Lottery … [Read more...]

Learn how to implement and maintain an ISO 27001-compliant ISMS with IT Governance

ISO 27001 is one of the most popular cyber security standards in the world, with the number of organisations achieving certification growing by more than 450% in the past 10 years. The Standard outlines best practice for an ISMS (information security management system). Achieving accredited ISO 27001 certification demonstrates that your organisation is … [Read more...]

What is an ISMS and why does your organisation need one?

Those getting started in the information security industry might be wondering why experts are telling them to implement an ISMS. We’re here to explain.  An ISMS (information security management system) is essential for any organisation that’s serious about security. It’s a centrally managed framework that enables you to manage, monitor, review and improve your … [Read more...]