Who regulates social media?

Social media platforms have repeatedly found themselves in the United States government’s crosshairs over the last few years, as it has been progressively revealed just how much power they really wield, and to what purposes they’ve chosen to wield it. But unlike, say, a firearm or drug manufacturer, there is no designated authority who says what these platforms can and can’t do. So who regulates them? You might say everyone and no one.

A week in security (September 12 – September 18)

Last week on Malwarebytes Labs, we looked at journalism’s role in cybersecurity on our Lock and Code podcast, gave tips for safer shopping on Amazon Prime day, and discussed an APT attack springing into life as Academia returned to the real and virtual campus environment. We also dug into potential FIFA 21 scams, the return of QR code scams, Covid fatigue, and the absence of Deepfakes from the 2020 US elections.

The FBI Builds Enduring Partnerships in Cyber

October 19, 2020 • Caitlin Mattingly

The U.S. Federal Bureau of Investigation, the FBI, has taken an increasingly prominent role in the day-to-day cyber defense of organizations and institutions here in the U.S. and globally. Through the establishment of the IC3, the Internet Crime Complaint Center, the FBI provides an invaluable public resource for prevention, response, and mitigation of cyber threats to businesses and public organizations of all sizes.

How to avoid getting locked out of your own account with multi-factor authentication

Multi-factor authentication (MFA) is one of the most popular authentication security solutions available to organizations today. It really comes as no surprise, as the multi-factor authentication benefits of enhanced security go beyond the basic password security measures by forcing the user to authenticate with another method that (presumably) only the legitimate user has access to. 

Typo 1: VulnHub CTF walkthrough (part 1)

In this article, we will solve a Capture the Flag (CTF) challenge that was posted on the VulnHub website by an author named Akanksha Sachin Verma. As per the description given by the author, it is an intermediate-level challenge. The goal is to get root access of the machine and read the root flag.

Deepfakes and the 2020 United States election: missing in action?

If you believe reports in the news, impending deepfake disaster is headed our way in time for the 2020 United States election. Political intrigue, dubious clips, mischief and mayhem were all promised. We’ll need to be careful around clips of the President issuing statements about being at war, or politicians making defamatory statements. Everything is up for grabs, and in play, or at stake. Then, all of a sudden…it wasn’t.

BrandPost: Episode 13: Serving up a risk management culture at McDonald’s

In addition to being the largest fast food restaurant in the world, McDonald’s is also one of the world’s largest employers, real estate companies, and toy companies, thanks to the Happy Meal. It has also been transitioning into a tech company over the past several years, introducing a mobile app, kiosk systems, and digital menu boards, and investing in a data analytics company, a mobile tech company, and a voice analytics company. For CISO Tim Youngblood that means driving a framework for understanding and managing risk, and building a risk-aware culture at the fast food giant. Tune in to learn how he approaches risk management and how he believes the pandemic changed the security landscape.

Qualys Policy Compliance Plugin for Jenkins Now Available

Various factors may introduce vulnerabilities in a product during its lifecycle, resulting in a drift from the required compliance status. Hence, it is of utmost importance that security is baked into the product at every stage of development and possibilities of security gaps are ruled out. CI/CD integration in the product lifecycle establishes a consistent and automated way to build, package, and test applications; thereby, ensuring that the security parameters are a part of each delivery.

Thwarting Malware Attacks with Bitglass

As more and more data is stored in the cloud and companies enable BYOD and remote work, comprehensive threat protection against known and zero-day malware becomes a critical need. Unfortunately, even some of the largest organizations have fallen victim to today’s threats. From operation-disrupting ransomware to viruses that steal sensitive information, there is much that can go wrong. Fortunately, through modern security measures designed for transforming IT ecosystems, organizations can prevent malware attacks and their ramifications that consume time, money, and end up destroying brand reputation.