Detection strategies across cloud and identities against infiltrating IT workers

In this article 1. Attack chain overview 1. Activities in pre-recruitment phase 2. Activities in recruiting phase 3. Activities in post-recruitment phase 2. Mitigation and protection guidance 3. Microsoft Defender XDR detections The shift to remote and hybrid work since the pandemic expanded glob...

How to utilize VPN for safe work and remote work environments

A VPN enhances online privacy, encrypts data, and secures devices. Essential for remote work, it protects against cyber threats and ensures safer internet use...

Navigating Evolving Cybersecurity: Recent Trends and Future Outlook

“Those who fail to learn from history are doomed to repeat it." - Winston Churchill While Churchill may not have been the first person to use a variation of this quote, the essence of its meaning rang true then and still does today. In this spirit, and so that we may collectively learn and evolve...

Blunting RDP brute-force attacks with rate limiting

Thanks to the Malwarebytes Threat Intelligence Team for the information they provided for this article. Not long ago, guessing a Windows Remote Desktop Protocol RDP password successfully was widely regarded as ransomware operators number one choice for breaching a target. It attracted a lot of...

Securing Data With a Frenzied Remote Workforce–Podcast

The baby upchucks. The dog loudly informs you that she’s detected a budding squirrel armageddon. Your department’s Zoom meeting starts in four minutes. The Bank of Fezziwig texts: If you haven’t enabled online banking, click here. What. Do. You. DO?!? It doesn’t matter that you’ve been working...

How Wazuh Can Improve Digital Security for Businesses

2021 was a year peppered by cyberattacks, with numerous data breaches happening. Not only that, but ransomware has also become a prominent player in the hackers' world. Now, more than ever, it's important for enterprises to step up cybersecurity measures. They can do this through several pieces o...

A week in security (Dec 13 – 19)

Last week on Malwarebytes Labs: Spear phish, whale phish, regular phish: What’s the difference? Kronos crippled by ransomware, service may be out for weeks 5 security lessons from 18 months of working from home What SMBs can do to protect against Log4Shell attacks After Log4j, December’s Patch...

5 security lessons from 18 months of working from home

A little more than 20 months ago, many people around the world were asked or instructed to work from home to help slow the spread of COVID-19. It caused a seismic change to the way we all do business. Now, our latest research reveals how IT decision makers security concerns have been changed by...

New Secured-core servers are now available from the Microsoft ecosystem to help secure your infrastructure

In the current pandemic-driven remote work environments, security has become increasingly important. Earlier this year, Colonial Pipeline, one of the leading suppliers of fuel on the East Coast of the United States, was hit by a ransomware attack.1 This caused a massive disruption of the fuel...

#BeCyberSmart: When we learn together, we’re more secure together

2021 has been a watershed year in cybersecurity. The pandemic continued to bring new challenges as attackers took advantage of overstretched security teams to unleash new human-operated ransomware1, malware, and nation-state attacks like those against Colonial Pipeline2 and JBS Food3. With the mo...

How To Defend the Extended Network Against Web Risks

Smart cybercriminals are going after web servers and browsers, more so than after individuals. Unfortunately, these types of attacks often go ignored, as they’re harder to test for in terms of pen-testing. With much of the world now working remotely, this threat has intensified. Attackers use...

BlueVoyant optimizes customer security with Microsoft security services

This blog post is part of the Microsoft Intelligent Security Association MISA guest blog series. Learn more about MISA. What a year it has been. The rapid and unexpected transition to work from home is one of the biggest issues affecting companies of all sizes and industries in 2020. As companies...

Take the Full-Stack Approach to Securing Your Modern Attack Surface

A growing remote-work culture demands a graduation in the approach to security. It’s time to test, monitor, secure, and extend to the application layer. A modern methodology for vulnerability management VM is vital for organizations looking to minimize attack surfaces by prioritizing potential...

Deliver productive and seamless user experiences with Azure Active Directory

Several months into the COVID-19 pandemic, many of us are still working remotely, and our organizations are still adjusting. Top of mind for every IT leader in this current landscape is meeting users’ needs for seamless access to resources while safeguarding the business from cyber threats. The...

Cyberthreats to financial organizations in 2021

It is hard to believe that a year has gone since our last article on financial attacks and our predictions for 2020. It has been a tough one, but first things first. Let us review the forecasts we made at the end of 2019 and see how accurate we were. Then we will go through the key events of 2020...

Empowering employees to securely work from anywhere with an internet-first model and Zero Trust

Like many this year, our Microsoft workforce had to quickly transition to a work from the home model in response to COVID-19. While nobody could have predicted the world’s current state, it has provided a very real-world test of the investments we have made implementing a Zero Trust security mode...

Code42 Incydr Series: Secure data in the age of remote work

As 2020 began, security leaders were already abuzz about the data security for the growing remote workforce. Fast forward to today, and nearly half of the U.S. labor force is now WFH full time. A recent study by OpenVPN shows 90% of IT and Security pros believe that remote workers are not secure ...

Cybersecurity Awareness Month 2020: Top Resources on “If You Connect it, Protect it”

Leaves are turning red and gold, the temperature is dropping, and the smell of pumpkin spice is filling the air. It’s officially October! which also means it’s Cybersecurity Awareness Month CAM 2020. Now in its 17th year, Cybersecurity Awareness Month is an annual campaign that raises awareness o...

20 percent of organizations experienced breach due to remote worker, Labs report reveals

It is no surprise that moving to a fully remote work environment due to COVID-19 would cause a number of changes in organizations approaches to cybersecurity. What has been surprising, however, are some of the unanticipated shifts in employee habits and how they have impacted the security posture...

Cato SDP: Cloud-Scale and Global Remote Access Solution Review

The Scouts acknowledged the necessity to "Be Prepared" over 100 years ! ago; the industry should have, as well. Yet COVID-19 took businesses – more like the entire world – by surprise. Very few were prepared for the explosion of remote access, and the challenge of instantly shifting an entire...