Last week, Malwarebytes Labs reviewed active and unique exploit kits targeting consumers and businesses alike, reported about a flaw in WhatsApp used to target a human rights lawyer, and wrote about an important Microsoft patch that aimed to prevent a “WannaCry level” attack. We also profiled the Dharma ransomware—aka CrySIS—and imparted four lessons from the DDoS attack against the US … [Read more...]
May 20, 2019
May 8, 2019
Vulnerabilities in financial mobile apps put consumers and businesses at risk
Security hubris. It’s the phrase we use to refer to our feeling of confidence grounded on assumptions we all have (but may not be aware of or care to admit) about cybersecurity—and, at times, privacy. It rears its ugly head when (1) we share the common notion that programmers know how to code securely; (2) we cherry-pick perceived-as-easier security and privacy practices over difficult and … [Read more...]
April 16, 2019
April 10, 2019
Who is managing the security of medical management apps?
One truth that is consistent across every sector—be it technology or education—is that software is vulnerable, which means that any device running software applications is also at risk. While virtually any application-running device could be compromised by an attacker, vulnerabilities in medical management apps pose a unique and more dangerous set of problems. Now add to vulnerabilities the issue … [Read more...]
April 4, 2019
Are you aware of your organisation’s cyber security vulnerabilities?
With 557 reported data breaches in 2018, it’s safe to say that cyber security should be a top priority for all organisations. Most organisations are already well-aware of this threat and are pouring money into their security budgets. Gartner estimates that worldwide cyber defence spending could hit $114 billion (about €102 billion) in 2019, as organisations … [Read more...]
April 4, 2019
Are you aware of your organisation’s cyber security vulnerabilities?
With 557 reported data breaches in 2018, it’s safe to say that cyber security should be a top priority for all organisations. Most organisations are already well-aware of this threat and are pouring money into their security budgets. Gartner estimates that worldwide cyber defence spending could hit $114 billion (about €102 billion) in 2019, as organisations … [Read more...]
March 25, 2019
A week in security (March 18 – 24)
Last week on Malwarebytes Labs, we touched on the susceptibility of hospitals against phishing attacks, password reuse, the risk of interactive TV shows to side-channel attacks, and Facebook’s new and out-of-character plan to promote privacy in the platform. Other cybersecurity news A study highlighted that 20 percent of Americans do not trust anyone with the protection of their data, … [Read more...]
December 14, 2018
How threat actors are using SMB vulnerabilities
Some of the most devastating ransomware and Trojan malware variants depend on vulnerabilities in the Windows Server Message Block (SMB) to propagate through an organization’s network. Windows SMB is a protocol used by PCs for file and printer sharing, as well as for access to remote services. A patch was released by Microsoft for SMB vulnerabilities in March 2017, but many organizations and home … [Read more...]
November 2, 2018
Meet your risk assessment requirements with vsRisk Cloud
Risk assessments play an essential role in information security, as they are the primary way organisations identify vulnerabilities and the ways data breaches can occur. The results of the risk assessment dictate defence strategies and are used by senior staff to allocate information security and business continuity budgets. This shouldn’t be a surprise for organisations that follow the … [Read more...]
October 8, 2018
A week in security (October 1 – 7)
Last week, Malwarebytes welcomed National Cybersecurity Awareness Month by renewing our pledge to do what we do best: offer the best protection for our customers and promote security awareness for all. On Labs, we raised the question of whether it is a good idea to bring your own security or not, talked a little bit more about fileless malware, homed in on a malware campaign targeting Fortnite … [Read more...]
