dcsimg

Looks like we’re stuck with Zoom: Is it any safer?

Earlier this month, Zoom’s stock price took a dive on news of two promising COVID vaccines offering over 90 percent effectiveness against the virus (a third vaccine was just announced). That’s nice. Glad to know some people think this nightmare is ending soon and we’ll all go back to the office and the classroom. But our ability to walk into a clinic and get either of these vaccines is still … [Read more...]

IoT forecast: Running antivirus on your smart device?

In 2016, threat actors pulled off a basic but devastating botnet attack that harnessed the power of the Internet of Things (IoT). After gathering a list of 61 default username and password combinations for IoT devices, threat actors scanned the Internet for open Telnet ports and, when they found a vulnerable device, gained entry, eventually amassing an army of IoT devices to launch a massive … [Read more...]

Chris Krebs, director of Cybersecurity and Infrastructure Security Agency, fired by President

On Tuesday evening, President Donald Trump fired Chris Krebs, director of the Cybersecurity and Infrastructure Security Agency (CISA), just days after CISA called the recent presidential election the “most secure in American history.” In a tweet posted the same day, the President justified his removal of Krebs: “The recent statement by Chris Krebs on the security of the 2020 Election … [Read more...]

A week in security (October 26 – November 1)

We had a very busy week at Malwarebytes Labs. We offered advice on Google’s patch for an actively exploited zero-day bug that affects Chrome users, our podcast talked about finding consumer value in Cybersecurity Awareness Month with Jamie Court, we provided guidance about keeping ransomware cash away from your business, pointed out how scammers are spoofing bank phone numbers to rob … [Read more...]

California’s Prop 24 splits data privacy supporters

California’s data privacy house is divided. On the Golden State’s November ballot this year is the question as to whether to amend California’s barely-two-year-old data privacy law, the California Consumer Privacy Act. Far from the first attempt to change the fledgling law, Proposition 24 sets itself apart because its primary backer is the same man who ushered in the state’s data privacy law … [Read more...]

HP printer issue on Mac: What happened?

Apple holds the keys to nearly all recent Mac software. This is a story of those keys, and how a Hewlett Packard (HP) error caused problems for a lot of people. Code signing and certificates First, it’s important to understand that when I say “keys,” what I really mean is “certificates.” These certificates are similar to the ones that are the basis for secure … [Read more...]

New Emotet delivery method spotted during downward detection trend

Emotet, one of cybersecurity’s most-feared malware threats, got a superficial facelift this week, hiding itself within a fake Microsoft Office request that asks users to update Microsoft Word so that they can take advantage of new features. This revamped presentation could point to internal efforts by threat actors to increase Emotet’s hit rate—a possibility supported by Malwarebytes telemetry … [Read more...]

The value of cybersecurity integration for MSPs

For modern Managed Service Providers (MSPs), gone are the days of disparate workflows, and that’s really for the best. Imagine trying to run a successful MSP business today—finding potential customers, procuring new clients, developing purchase orders, managing endpoints, and sending invoices—all without the help of Remote Monitoring and Management (RMM) and Professional Services Automation … [Read more...]

Silent Librarian APT right on schedule for 20/21 academic year

A threat actor known as Silent Librarian/TA407/COBALT DICKENS has been actively targeting universities via spear phishing campaigns since schools and universities went back. We were initially tipped off by one of our customers, and were able to identify a new active campaign from this APT group. Based off a number of intended victims, we can tell that Silent Librarian does not limit itself to … [Read more...]