Keeping up with security

Abstract Keeping up with security Body At IBM we often get asked about security vulnerabilities and how our products are impacted. Did you know there is a pro-active step you can take to stay informed? IBM has a community, similar to the Asset Management one, where you can subscribe to security...

S3Tk - A Security Toolkit For Amazon S3

A security toolkit for Amazon S3 Another day, another leaky Amazon S3 bucket — The Register, 12 Jul 2017 Don’t be the... next... big... data... leak Battle-tested at Instacart Installation Run: pip install s3tk You can use the AWS CLI to set up your AWS credentials: pip install awscli aws configu...

Combining AI and Playbooks to Predict Cyberattacks

When organizations invest in AI, they are not only able to automate menial tasks like patching, but they can also create an automated system that looks for and discovers attacks, not only after the fact, but even before they occur. This predictive capability becomes increasingly necessary as...

It’s Time for Your SOC to Level Up

Given an ever-increasing cyberattack surface, a global security workforce shortage, as well as an increased frequency and sophistication of attacks, security operations centers SOCs need to leverage better tools – namely artificial intelligence AI – in order to manage threats. An organization’s S...

D Shield suffers from a webshell bypass vulnerability ( CNVD-2020-04310).

D-Shield is a proactive defense software designed specifically for IIS to prevent websites and servers from being compromised with internal and external protection. D-Shield suffers from a webshell bypass vulnerability, which can be exploited by attackers to bypass D-Shield and gain access to the...

Announcing New CB ThreatHunter App for Phantom

Today’s cybersecurity landscape is facing multiple challenges - and not just from cyber attackers. Security teams are understaffed and struggling to find the talent they need to complete their day-to-day tasks, with limited visibility across their security stack. To address these challenges, SOC...

Why Rust for safe systems programming

In this series, we have explored the need for proactive measures to eliminate a class of vulnerabilities and walked through some examples of memory safety issues we’ve found in Microsoft code that could have been avoided with a different language. Now we’ll peek at why we think that Rust represen...

Why Rust for safe systems programming

In this series, we have explored the need for proactive measures to eliminate a class of vulnerabilities and walked through some examples of memory safety issues we’ve found in Microsoft code that could have been avoided with a different language. Now we’ll peek at why we think that Rust represen...

A proactive approach to more secure code

What if we could eliminate an entire class of vulnerabilities before they ever happened? Since 2004, the Microsoft Security Response Centre MSRC has triaged every reported Microsoft security vulnerability. From all that triage one astonishing fact sticks out: as Matt Miller discussed in his 2019...

Boosting Patch Management Is Key for Breach Prevention

Vulnerabilities that vendors have disclosed and issued patches for remain a major source of breaches. Why? Too many organizations take too long to deploy those patches -- or never do. That was the case with WannaCry. The ransomware exploited Windows vulnerability MS17-010, which Microsoft disclos...

3 Tips to Action Consumer Trust with Data Security and Privacy

Start Playing Here High-profile data breaches and increasingly sophisticated security threats are driving smart brands to better manage the mass amounts of consumer data they've spent years collecting. To do so, brands must prioritize their customers' interests and build a modern data security an...

Threat Intelligence – What It Is and Why You Need It

Threat intelligence is a broad term. Some might think it refers to having information about what threats are out there. But in the evolved world of cybersecurity, threat intelligence is actually a verb. Cybersecurity threat intelligence is the ability to take closed-source or open-source data fro...

Using Threat Modeling in Cybersecurity to Hunt and Remediate

Modern-day cyberattacks keep growing in sophistication and sheer volume. This dynamic makes it virtually impossible to detect and block all attacks using the traditional methods of comparing incoming requests to known attack signatures. To effectively operate in this new aggressive cyberthreat...

Using Threat Modeling in Cybersecurity to Hunt and Remediate

Modern-day cyberattacks keep growing in sophistication and sheer volume. This dynamic makes it virtually impossible to detect and block all attacks using the traditional methods of comparing incoming requests to known attack signatures. To effectively operate in this new aggressive cyberthreat...

Four Steps to Becoming a Threat Hunter

Roles in cybersecurity have evolved to now include the title of “Threat Hunter”. It sounds cool, but I’m sure many of you are wondering what it really means and how it is different from the job you’ve been doing. Up until now, most of us have performed a job more akin to “Threat Wrangler”. Once...

Free Cynet Threat Assessment for Mid-sized and Large Organizations

If you cannot see what’s happening in your network, your ability to make smart security decisions will suffer. Many vendors offer threat assessment options, but they usually require an investment of time and resources. One vendor out there – Cynet – is offering a no-cost threat assessment to...

DART: the Microsoft cybersecurity team we hope you never meet

If you spent 270 days away from home, not on vacation, you’d want it to be for a good reason. When boarding a plane, sometimes having been pulled out of bed to leave family for weeks on end, I know it’s because one of our customers is in need. It means there is a security compromise and they may ...

Partner Perspectives: Stay Proactive with Automated Threat Blocking from Carbon Black and IntSights

Alon Yotvat is a Senior Solutions Architect for IntSights. Carbon Black and IntSights have joined forces to combine next-gen endpoint security solutions with powerful external threat intelligence. This potent integration of cybersecurity technologies gives enterprises the protection they need to...

Reputation management in the age of cyberattacks against businesses

Avid readers of the Malwarebytes Labs blog would know that we strive to prepare businesses of all sizes for the inevitability of cyberattacks. From effectively training employees about basic cybersecurity hygiene to guiding organizations in formulating an incident response IR program, a...

How to Mature Your Threat Hunting Program with the ATT&CK™ Framework

John Wunder, Principal Cybersecurity Engineer at MITRE spoke in a recent webinar about how the ATT&CK framework is a knowledgebase of adversary behaviors, describing the things that are tough for the adversary to change – those at the top of David J. Bianco’s influential Pyramid of Pain. Wunder...