Malwarebytes Premium Security stops 100% of malware during AV Lab test

Malwarebytes Premium Security has maintained its long-running, perfect record in protecting users against online threats by blocking 100% of the malware samples deployed in the AV Lab Cybersecurity Foundation’s “Advanced In-The-Wild Malware Test.” For its performance in the May 2024 evaluation,...

CVSS v4 Is Now Live and What You Need To Know About It

On November 1st, 2023, the Common Vulnerability Scoring System version 4 CVSS v4 was officially launched in General Availability GA following a period of public preview and feedback collection. This launch was orchestrated by the Forum of Incident Response and Security Teams FIRST, marking a...

How to Interpret the 2023 MITRE ATT&CK Evaluation Results

Thorough, independent tests are a vital resource as cybersecurity leaders and their teams evaluate vendors' abilities to guard against increasingly sophisticated threats to their organization. And perhaps no assessment is more widely trusted than the annual MITRE Engenuity ATT&CK Evaluations:...

The 2022 Naughty and Nice List

It's the holiday season when children all over the world cross their fingers in the hope that they don't end up on a certain red-clad big man's naughty list. Turns out, we at Rapid7 have a similar tradition, only we're the ones making the list and there's a whole lotta naughty going on not like...

LodaRAT Malware Resurfaces with New Variants Employing Updated Functionalities

The LodaRAT malware has resurfaced with new variants that are being deployed in conjunction with other sophisticated malware, such as RedLine Stealer and Neshta. "The ease of access to its source code makes LodaRAT an attractive tool for any threat actor who is interested in its capabilities,"...

Reimagine Hybrid Work: Same CyberSec in Office and at Home

It was first the pandemic that changed the usual state of work - before, it was commuting, working in the office & coming home for most corporate employees. Then, when we had to adapt to the self-isolation rules, the work moved to home offices, which completely changed the workflow for many...

MITRE Madness: A Guide to Weathering the Upcoming Vendor Positioning Storm

April is usually a whirlwind month for the cybersecurity industry as it coincides with the release of the highly regarded and influential MITRE ATT&CK test results. The ATT&CK test measures cybersecurity platforms' abilities to detect and react to emulated, multistep attacks that can be used as a...

Defending the Intelligent Edge from Evolving Attacks

Cybercriminals keep their fingers on the pulse of potential new attack vectors at all times, looking for their next opportunity. They are currently moving significant resources to target and exploit emerging network-edge environments, such as the cloud and remote workers, rather than just targeti...

Lock and Code S1Ep2: On the challenges of managed service providers

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to two representatives from an Atlanta-based managed service provider—a manager of engineering services and a data center architect—about the daily challeng...

Stalkerware and online stalking are accepted by Americans. Why?

Despite warnings from domestic abuse networks, privacy rights advocates, and a committed faction of cybersecurity vendors, Americans may be accepting and minimizing online stalking behaviors, including the use of invasive apps that can pry into a user’s text messages, emails, photos, videos, and...

How to protect against stalkerware, a murky but dangerous mobile threat

Last week, we pledged that—in honor of National Cybersecurity Awareness and Domestic Violence Awareness months—we would continue the fight against the online scourge known as stalkerware, or applications used to track and spy on victims without their knowing consent. We told readers that, despite...