dcsimg
May 20, 2019

A week in security (May 13 – 19)

Last week, Malwarebytes Labs reviewed active and unique exploit kits targeting consumers and businesses alike, reported about a flaw in WhatsApp used to target a human rights lawyer, and wrote about an important Microsoft patch that aimed to prevent a “WannaCry level” attack. We also profiled the Dharma ransomware—aka CrySIS—and imparted four lessons from the DDoS attack against the US … [Read more...]

Filed Under: Android, bloatware, breaches, crysis ransomware, DDos attack, dharma, Hacking, healthcare cybersecurity, mds, Meltdown, Microsoft, ransomware, Security world, server vulnerabilities, Spectre, typosquatting, vpn, vulnerabilities, Week in security, whatsapp
April 15, 2019

A week in security (April 8 – 14)

Last week on Labs, we said hello to Baldr, a new stealer on the market, we wondered who is managing the security of medical management apps, discussed the different perceptions of personal information, and we looked at fake Instagram assistance apps found on Google Play that are stealing passwords. Other cybersecurity news German pharmaceuticals giant Bayer says it has been hit by malware, … [Read more...]

Filed Under: alexa, amazon, Baldr, china, facebook, fake news, Instagram, personal information, security, Security world, sextortion scams, vpn, week, Week in security
January 31, 2019

Apple pulls Facebook enterprise certificate

It’s been an astonishing few days for Facebook. They’ve seen both an app and their enterprise certificate removed and revoked with big consequences. What happened? Apple issue enterprise certificates to organizations with which they can create internal apps. Those apps don’t end up released on the Apple store, because the terms of service don’t allow it. Anything storefront-bound must go … [Read more...]

Filed Under: app, Apple, Data privacy, facebook, Facebook privacy, Mobile, privacy, Security world, store, vpn
November 8, 2018

How to create a sticky cybersecurity training program

Organizations know that training employees on cybersecurity and privacy are not only expensive but time-consuming. However, given that current threats are targeting businesses more than consumers, introducing and teaching cybersecurity and privacy best practices in the workplace has undoubtedly become an absolute must. Creating a successful training program is a massive undertaking. It doesn’t … [Read more...]

Filed Under: 101, bec, Business, Business Email Compromise, cybersecurity training, education, intranet, PERI-TRAINING, privacy training, security training, training and awareness program, vpn
October 31, 2018

How to tighten security and increase privacy on your browser

Is my browser making an effort to keep my system safe and my online behavior private? This is usually not the first question we ask ourselves when we choose our default browser. But maybe it should be. These days, threats to your privacy and security come at your from all angles, but browser-based attacks such as malvertising, drive-by downloads, adware, tracking, and rogue apps make going online … [Read more...]

Filed Under: ads, browlock, browser, browser security, browser-based attacks, Chrome Extension, control, cookies, cryptominers, fingerprinting, hijacker, online privacy, privacy, PUP, security, Security world, vpn, WebRTC
October 31, 2018

How to tighten security and increase privacy on your browser

Is my browser making an effort to keep my system safe and my online behavior private? This is usually not the first question we ask ourselves when we choose our default browser. But maybe it should be. These days, threats to your privacy and security come at your from all angles, but browser-based attacks such as malvertising, drive-by downloads, adware, tracking, and rogue apps make going online … [Read more...]

Filed Under: ads, browlock, browser, browser security, browser-based attacks, Chrome Extension, control, cookies, cryptominers, fingerprinting, hijacker, online privacy, privacy, PUP, security, Security world, vpn
October 2, 2018

Bring your own security (BYOS): good idea or not?

We’ve talked about the concept of Bring Your Own Device, or BYOD, on the blog before. BYOD is a popular policy whereby employees can bring personally-owned devices, such as laptops, tablets, or smartphones, to work and use them to access data and applications. It helps to cut costs and can increase productivity, but it brings with it many security concerns and implications. Similar in theory … [Read more...]

Filed Under: bring your own device, bring your own security, Business, BYOD, byos, policy, Technology, vpn
March 19, 2018

A week in security (March 12 – March 18)

Last week on Malwarebytes Labs, we took a look at the inner workings of a fileless attack, explored what happened in a zero day ransomware attack aimed at South Koreans, gave you hints and tips for avoiding cold calls, and took a deep dive into the secretive world of GrayKey. Other news The Equifax story just keep rumbling on. (Source: The Guardian) Some Meltdown and Spectre updates. (Source: The … [Read more...]

Filed Under: Android, cybercrime, Malware, Meltdown, Security world, Spectre, vpn, Week in security