<<   <   Page 2 / 2
Explained: Domain-Generating Algorithms
Malwarebytes Labs, Malwarebytes LabsCommentary
Cybercriminals use domain-generating algorithms to prevent their servers from being blacklisted or taken down.
By Malwarebytes Labs Malwarebytes Labs, 12/21/2016
Comment0 comments  |  Read  |  Post a Comment
Phishing Can Leverage Users To Bypass Sandboxes
Malwarebytes Labs, Malwarebytes LabsCommentary
Using social engineering to bypass traditional security defenses is not new and will certainly continue to grow.
By Malwarebytes Labs Malwarebytes Labs, 12/19/2016
Comment0 comments  |  Read  |  Post a Comment
Security In 2017: Ransomware Will Remain King
Malwarebytes Labs, Malwarebytes LabsCommentary
Businesses, consumers, and security professionals must face this reality and take the necessary steps to educate each other and protect their networks.
By Malwarebytes Labs Malwarebytes Labs, 12/13/2016
Comment0 comments  |  Read  |  Post a Comment
Survey Stresses Importance Of Securing The Internet of Things
Malwarebytes Labs, Malwarebytes LabsCommentary
If organizations monitor and deploy IoT devices with caution, they can stay ahead of the curve and continue to keep all of their endpoints protected.
By Malwarebytes Labs Malwarebytes Labs, 12/7/2016
Comment2 comments  |  Read  |  Post a Comment
5 Links Of The Attack Chain And How To Disrupt Them
Malwarebytes Labs, Malwarebytes LabsCommentary
By identifying steps in the attack chain, you can deploy appropriate defenses at each stage to prevent breaches from happening in the first place.
By Malwarebytes Labs Malwarebytes Labs, 11/28/2016
Comment1 Comment  |  Read  |  Post a Comment
Active Defense Framework Can Help Businesses Defend Against Cyberattacks
Malwarebytes Labs, Malwarebytes LabsCommentary
New report provides a framework that lets private sector entities defend themselves while at the same time protect individual liberties and privacy, and mitigate the risk of collateral damage.
By Malwarebytes Labs Malwarebytes Labs, 11/17/2016
Comment0 comments  |  Read  |  Post a Comment
8 Ways Businesses Can Better Secure Their Remote Workers
Malwarebytes Labs, Malwarebytes LabsCommentary
Remote workers may present challenges for IT staff, but a combination of cybersecurity best practices, strong policy, and a dedicated user awareness campaign could keep company data safe.
By Malwarebytes Labs Malwarebytes Labs, 11/14/2016
Comment0 comments  |  Read  |  Post a Comment
Ransomware Doesn’t Have To Mean Game Over
Malwarebytes Labs, Malwarebytes LabsCommentary
3 methods can help you recover from a ransomware attack relatively unscathed.
By Malwarebytes Labs Malwarebytes Labs, 11/8/2016
Comment0 comments  |  Read  |  Post a Comment
Phishing Threat Continues To Loom Large
Malwarebytes Labs, Malwarebytes LabsCommentary
Phishing and spear phishing will only get worse unless companies proactively train employees to recognize a scam when they see one.
By Malwarebytes Labs Malwarebytes Labs, 11/2/2016
Comment0 comments  |  Read  |  Post a Comment
Vendor Security Alliance To Improve Cybersecurity Of Third-Party Providers
Malwarebytes Labs, Malwarebytes LabsCommentary
Member companies can use their VSA rating when offering their services, effectively skipping the process of verification done by prospective businesses.
By Malwarebytes Labs Malwarebytes Labs, 10/24/2016
Comment4 comments  |  Read  |  Post a Comment
<<   <   Page 2 / 2
1268
RIP, 'IT Security'
Kevin Kurzawa, Senior Information Security Auditor,  11/13/2018
Understanding Evil Twin AP Attacks and How to Prevent Them
Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard Technologies,  11/14/2018
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
Malwarebytes protects businesses against malicious threats that escape detection by traditional antivirus solutions. Malwarebytes Anti-Malware, the company’s flagship product, has a highly advanced heuristic detection engine that has removed more than five billion malicious threats from computers worldwide. SMBs and enterprise businesses worldwide trust Malwarebytes to protect their data. Founded in 2008, the company is headquartered in California with offices in Europe, and a global team of researchers and experts. For more information, please visit us at www.malwarebytes.com/business.
Featured Writers
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-19367
PUBLISHED: 2018-11-20
Portainer through 1.19.2 provides an API endpoint (/api/users/admin/check) to verify that the admin user is already created. This API endpoint will return 404 if admin was not created and 204 if it was already created. Attackers can set an admin password in the 404 case.
CVE-2018-19335
PUBLISHED: 2018-11-20
Google Monorail before 2018-06-07 has a Cross-Site Search (XS-Search) vulnerability because CSV downloads are affected by CSRF, and calculations of download times (for requests with a crafted groupby value) can be used to obtain sensitive information about the content of bug reports.
CVE-2018-19334
PUBLISHED: 2018-11-20
Google Monorail before 2018-05-04 has a Cross-Site Search (XS-Search) vulnerability because CSV downloads are affected by CSRF, and calculations of download times (for requests with an unsupported axis) can be used to obtain sensitive information about the content of bug reports.
CVE-2018-10099
PUBLISHED: 2018-11-20
Google Monorail before 2018-04-04 has a Cross-Site Search (XS-Search) vulnerability because CSV downloads are affected by CSRF, and calculations of download times (for requests with duplicated columns) can be used to obtain sensitive information about the content of bug reports.
CVE-2018-17906
PUBLISHED: 2018-11-19
Philips iSite and IntelliSpace PACS, iSite PACS, all versions, and IntelliSpace PACS, all versions. Default credentials and no authentication within third party software may allow an attacker to compromise a component of the system.