Last week on Malwarebytes Labs, we looked into nasty search hijackers that worried a lot of Chrome users; a list of considerations for MSPs when looking for an RMM platform; the complaint faced by ParetoLogic, the company that issues SpeedyPC, a product that claims to find and remove various PC errors; and a ransomware attack that affected car manufacturers like Honda and Enel. Other … [Read more...]
June 15, 2020
June 10, 2020
MSPs, know what you’re really looking for in an RMM platform
MSPs naturally adapt and mature as innovative technologies and more effective processes are introduced into the industry. But with ransomware cyberattacks happening left and right, pushing them to evolve even further, MSPs are left with no choice but to go with the flow. Going for improved functionalities—although important—is simply no longer enough. MSPs must begin putting a lot of emphasis on … [Read more...]
May 26, 2020
Lock and Code S1Ep7: Sounding the trumpet on web browser privacy with Pieter Arntz
This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Pieter Arntz, malware intelligence researcher at Malwarebytes, about web browser privacy—an often neglected subcategory of data privacy. Without the proper restrictions, browsers can allow web trackers to follow you around the Internet, resulting in … [Read more...]
May 20, 2020
10 best practices for MSPs to secure their clients and themselves from ransomware
Lock-downs and social distancing may be on, but when it comes to addressing the need for IT support—whether by current of potential clients—it’s business as usual for MSPs. And, boy, is it a struggle. On the one hand, they keep an eye on their remote workers to ensure they’re still doing their job securely and safely in the comfort of their own homes. On the other hand, they must also … [Read more...]
May 5, 2020
Explained: cloud-delivered security
As a counterpart to security for your assets in the cloud, you may also run into solutions that offer security from the cloud. These solutions are generally referred to as cloud-delivered security. Cloud-delivered security is sometimes called security-as-a-service which we will avoid here as it might be confused with the more generally used term Software-as-a-Service (SaaS). Types of … [Read more...]
March 16, 2020
Lock and Code S1Ep2: On the challenges of managed service providers
This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to two representatives from an Atlanta-based managed service provider—a manager of engineering services and a data center architect—about the daily challenges of managing thousands of nodes and the future of the industry. Tune in for all this and more on … [Read more...]
March 11, 2020
Securing the MSP: best practices for vetting cybersecurity vendors
Ironically, to keep costs low for their enterprise and mid-market clients, managed service providers (MSPs) are some of the most reliant on third-party vendors—including those providing security. While this is generally not an indication of dysfunction or vulnerability, the responsible MSP will be looking with a critical eye while vetting cybersecurity vendors to evaluate how they might increase … [Read more...]
February 24, 2020
Why managed service providers (MSP) are critical for business continuity
With the threat landscape becoming more hostile to businesses, small- and medium-sized businesses (SMBs) are often finding it difficult to cope. Hence, they turn to managed service providers (MSPs) for help, not only to keep their businesses going—the concept known as business continuity—but also to offer salve to known pain points that encompass all industries. Short-staffed One of the … [Read more...]
January 30, 2020
Securing the MSP: their own worst enemy
We’ve previously discussed threats to managed service providers (MSPs), covering their status as a valuable secondary target to both an assortment of APT groups as well as financially motivated threat groups. The problem with covering new and novel attack vectors, however, is that behind each new vector is typically a system left unpatched, asset management undone, a security officer not … [Read more...]
December 13, 2019
5 tips for building an effective security operations center (SOC)
Security is more than just tools and processes. It is also the people that develop and operate security systems. Creating systems in which security professionals can work efficiently and effectively with current technologies is key to keeping your data and networks secure. Many enterprise organizations understand this need and are attempting to meet it with the creation of their own security … [Read more...]
