This year is finally coming to an end, and it only took us about eight consecutive months of March to get here. There is a ton to talk about, and that’s without even discussing the literal global pandemic. You see, 2020’s news stories were the pressure-cooker product of mania, chaos, and the downright absurd. “Murder hornets” made the journey to the

In 2020, we experienced a major shift. Much of the world pitched in to limit the spread of the coronavirus, with people changing their daily routines to include a mixture of working from home, standing in socially-distanced lines, and awaiting local rules about what they could and could not do with members of different households. It was a stressful and c

Days before taking a week-long Thanksgiving recess, the US Senate passed an almost mundane cybersecurity bill that, if approved by the President, will improve security guidelines and protocols for Internet of Things (IoT) devices purchased and owned by the Federal government. The bill, called the Internet of Things Cybersecurity Improvement Act of 2020, w

Since its inception, the endpoint detection and response (EDR) market has evolved rapidly with new innovations to better address the cyber landscape and meet customers’ needs for an effective and simple solution that just works. But finding something that just works means something quite different for every business, depending on their size, security expe

UPDATE, 05/22/2020: In the advent of the EARN IT Act, the debate on government subversion of encryption has reignited.  Given that the material conditions of the technology have not changed, and the arguments given in favor of the bill are not novel, we’ve decided to republish the following blog outlining our stance on the subject. Originally published

As it becomes clear that some things will never again be the same after the global coronavirus pandemic, it is time to prepare for the future. The cybersecurity implications of upcoming changes will be most noticeable in organizations that rely on security models like the software defined perimeter. The software defined perimeter is a model closely relat

A little more than one month after the European Union enacted the General Data Protection Regulation (GDPR) to extend new data privacy rights to its people, the governor of California signed a separate, sweeping data protection law that borrowed several ideas from GDPR, sparking a torch in a legislative data privacy trend that has now spanned at least 10 cou

With coronavirus starting to take hold globally, international travel restrictions are kicking in and more workplaces are advising to work from home whenever possible. When self-isolation is a potential solution, public gatherings are increasingly looking like a terrible idea. Events are becoming a bit of a hotspot for cases, leading to inevitably bizarre sc

DISCLAIMER: This post is not partisan, but rather focuses on risk assessment based on history and what threats we are facing in the future. We do not endorse any healthcare plan style in any way, outside of examining its data security risk. For many folks, the term ‘Healthcare for All’ brings up an array of emotions ranging from concern to happiness, and

Last week, we saw spam posts suddenly appearing on a celebrity’s website, talked about a malvertising campaign on Blogger, dissected a fake KPN email that led to the CTB Locker ransomware, and unmasked several tech support scam actors to put a stop to criminals banking on the Malwarebytes brand. Senior Security Researcher Jérôme Segura reported a hacki

Last week, we gave a comprehensive introduction about Process Explorer, analyzed an Amazon Prime spam, and presented our readers some telltale signs that show their systems are infected with malware. We also stressed our stand against paying the ransom if users find their system has ransomware. Malware Intelligence Analyst Jovi Umawing published a malicious

Last week, we talked about another scam that promised to reward iPhone 6s units, a fake Donald Trump spam that leads to a supposed torrent site, and a bogus LastPass browser extension found on the Chrome Web Store. Senior Security Researcher Jérôme Segura discussed the latest malvertising campaign on The Pirate Bay, somewhat a repeat of what we documented a

Hey Folks! So late last year a quote was going around about a comment for the Special Agent in charge of the Cyber Intelligence program for a Boston branch of the FBI that mentioned how they advise users to just pay ransomware criminals because in many cases, getting the files back by any other method would have been impossible. Now the FBI itself never offi

Last week, we talked about a compromise on the 55 million registered voters in the Philippines, the return of tech support scammers—with fake AV in tow—and some other interesting finds we have outline below: Senior Security Researcher Jérôme Segura revealed that malicious actors are using a fake social button plugin (those that we commonly see on websites t

Last week, we talked about persistent tech support scammers, a BMW 419 scam, uncovered a malvertising campaign on a popular photo leak forum, and addressed (as best as we can) the survey feedback we received from our PUP Friday readers. We also raised the question of whether one would store their data on the cloud or not. On top of this, we released an infog