dcsimg
February 21, 2019

The lazy person’s guide to cybersecurity: minimum effort for maximum protection

Are you tired of that acquaintance who keeps bugging you with computer questions? Do you avoid visiting certain people because you know you will spend most of the evening cleaning up their machine? My uncle Bob is one of those people. He’s a nice guy, but with computers, he’s not just an accident waiting to happen—he’s an accident waiting to become a catastrophe. To keep Uncle Bob’s … [Read more...]

Filed Under: 101, cybersecurity, How-tos, password manager, potentially unwanted programs, push notifications, tech support scams, user awareness, user education
January 21, 2019

Has two-factor authentication been defeated? A spotlight on 2FA’s latest challenge

Multiple news reports about the defeat of two-factor authentication (2FA) have been making rounds lately. In November 2018, our friends at ESET discovered a purported Android battery utility tool called “Optimization Android” from a third-party app store. This app was designed to steal money from a user’s PayPal account without relying on stolen credentials. It operates by modifying a device’s … [Read more...]

Filed Under: 2fa, 2FA modlishka, Amnesty International, CERTFA, cybercrime, defeat 2FA, mantis, modlishka, password manager, pgp, Social engineering, the return of charming kitten, totp, two-factor authentication
October 8, 2018

A week in security (October 1 – 7)

Last week, Malwarebytes welcomed National Cybersecurity Awareness Month by renewing our pledge to do what we do best: offer the best protection for our customers and promote security awareness for all. On Labs, we raised the question of whether it is a good idea to bring your own security or not, talked a little bit more about fileless malware, homed in on a malware campaign targeting Fortnite … [Read more...]

Filed Under: adobe, Android, anti-swatting, blockchain, bring your own security, byos, Chrome Extension, Fake Fortnite, fortnite, hack the marine corps, IoT, IoT botnet, Lojack, national cybersecurity awareness month, NCSAM, not botnet, password manager, phishing, phishing campaign, rdp, recap, rip attacks, SC Magazine, Security world, swatting, Torii, voice phishing, vulnerabilities, Week in security, weekly blog roundup, ZDNet
December 6, 2017

Internet of Things (IoT) security: what is and what should never be

The Internet has penetrated seemingly all technological advances today, resulting in Internet for ALL THE THINGS. What was once confined to a desktop and a phone jack is now networked and connected in multiple devices, from home heating and cooling systems like the Nest to AI companions such as Alexa. The devices can pass information through the web to anywhere in the world—server farmers, company … [Read more...]

Filed Under: 101, Hacking, How-tos, Internet of Things, IoT, IoT security, password manager