dcsimg

The strangest cybersecurity events of 2020: a look back

This year is finally coming to an end, and it only took us about eight consecutive months of March to get here. There is a ton to talk about, and that’s without even discussing the literal global pandemic. You see, 2020’s news stories were the pressure-cooker product of mania, chaos, and the downright absurd. “Murder hornets” made the journey to the US. Mystery seeds from China arrived in … [Read more...]

The most enticing cyberattacks of 2020

In 2020, we experienced a major shift. Much of the world pitched in to limit the spread of the coronavirus, with people changing their daily routines to include a mixture of working from home, standing in socially-distanced lines, and awaiting local rules about what they could and could not do with members of different households. It was a stressful and confusing time, and during it, … [Read more...]

IoT cybersecurity bill passed by Senate

Days before taking a week-long Thanksgiving recess, the US Senate passed an almost mundane cybersecurity bill that, if approved by the President, will improve security guidelines and protocols for Internet of Things (IoT) devices purchased and owned by the Federal government. The bill, called the Internet of Things Cybersecurity Improvement Act of 2020, was actually introduced into the US House … [Read more...]

The best test for an EDR solution is one that works for you

Since its inception, the endpoint detection and response (EDR) market has evolved rapidly with new innovations to better address the cyber landscape and meet customers’ needs for an effective and simple solution that just works. But finding something that just works means something quite different for every business, depending on their size, security expertise, and … [Read more...]

Going dark: encryption and law enforcement

UPDATE, 05/22/2020: In the advent of the EARN IT Act, the debate on government subversion of encryption has reignited.  Given that the material conditions of the technology have not changed, and the arguments given in favor of the bill are not novel, we’ve decided to republish the following blog outlining our stance on the subject. Originally published July 25, 2017 We’re hearing it a lot … [Read more...]

Switching from a “Just in Time” delivery system should include planning ahead

As it becomes clear that some things will never again be the same after the global coronavirus pandemic, it is time to prepare for the future. The cybersecurity implications of upcoming changes will be most noticeable in organizations that rely on security models like the software defined perimeter. The software defined perimeter is a model closely related to the zero trust framework, in which … [Read more...]

Coronavirus impacts security conferences and events: check your schedule

With coronavirus starting to take hold globally, international travel restrictions are kicking in and more workplaces are advising to work from home whenever possible. When self-isolation is a potential solution, public gatherings are increasingly looking like a terrible idea. Events are becoming a bit of a hotspot for cases, leading to inevitably bizarre scenarios where coronavirus conferences … [Read more...]

Would ‘Medicare for All’ help secure health data?

DISCLAIMER: This post is not partisan, but rather focuses on risk assessment based on history and what threats we are facing in the future. We do not endorse any healthcare plan style in any way, outside of examining its data security risk. For many folks, the term ‘Healthcare for All’ brings up an array of emotions ranging from concern to happiness, and with the changes that come with this … [Read more...]

Cybersecurity pros think the enemy is winning

There is a saying in security that the bad guys are always one step ahead of defense. Two new sets of research reveal that the constant cat-and-a-mouse game is wearing on security professionals, and many feel they are losing in the war against cybercriminals. The first figures are from the Information Systems Security Association (ISSA) and industry analyst firm Enterprise Strategy Group (ESG). … [Read more...]

A week in security (May 20 – 26)

Last week on Malwarebytes Labs, we took a look at a skimmer pretending to be a payment service provider, gave an overview of what riskware is, took a deep dive into concerns about PACS leaks, and dug around in the land of “These Governments said fix it…hurry up”. Other cybersecurity news Changes inbound for Microsoft network admins: If you’re managing Windows 10 updates, you’ll need to make some … [Read more...]