www.malwarebytes.com Open in urlscan Pro
2600:9000:2250:4800:16:26c7:ff80:93a1  Public Scan

Form analysis
2 forms found in the DOM

GET

<form id="search-form" onsubmit="submitSearchBlog(event)" method="get" __bizdiag="0" __biza="WJ__">
  <div class="searchbar-wrap-rightrail">
    <label for="cta-labs-rightrail-search-submit-en" aria-label="cta-labs-rightrail-search-submit-en" aria-labelledby="cta-labs-rightrail-search-submit-en">
      <input type="text" id="st-search-input-rightrail" class="st-search-input-rightrail" placeholder="Search Labs">
    </label>
    <button type="submit" id="cta-labs-rightrail-search-submit-en" aria-label="Submit your search query">
      <svg class="svg-icon svg-stroke-mwb-blue svg-search">
        <use href="/images/component-project/templates/blog/blog-svg.svg#svg-search"></use>
      </svg>
    </button>
  </div>
</form>

/newsletter/

<form class="newsletter-form form-inline" action="/newsletter/" __bizdiag="-1501917513" __biza="WJ__">
  <div class="email-input">
    <label for="cta-footer-newsletter-input-email-en" aria-label="cta-footer-newsletter-input-email-en" aria-labelledby="cta-footer-newsletter-input-email-en">
      <input type="text" class="email-input-field" id="cta-footer-newsletter-input-email-en" name="email" placeholder="Email Address">
    </label>
    <input name="source" type="hidden" value="">
    <input type="submit" class="submit-bttn" id="cta-footer-newsletter-subscribe-email-en" value="">
  </div>
</form>

Text Content

       
Personal
Personal
 * Security & Antivirus
 * Malwarebytes for Windows
 * Malwarebytes for Mac
 * Malwarebytes for Chromebook
 * Malwarebytes for Android
 * Malwarebytes for iOS
 * Malwarebytes AdwCleaner

 * Online Privacy
 * Malwarebytes Privacy VPN
 * Malwarebytes Browser Guard
 *  
 * All-in-one Protection

 * Malwarebytes Premium + Privacy VPN   New

 * Get Started

 * The ultimate guide to privacy protection  New
   
   VISIT PRIVACY HUB  VISIT PRIVACY HUB

 *  

 * Stop infections before they happen

 * GET A FREE TRIAL  GET A FREE TRIAL

 *  

 * Find the right solution for you

 * SEE PERSONAL PRICING  SEE PERSONAL PRICING

Business
Business
 * Solutions
 * BY COMPANY SIZE
 * Small Businesses
 * single figure icon  1-99 Employees  Buy Online
 * Mid-size Businesses
 * two figure icon  100-999 Employees
 * Large Enterprise
 * three figure icon  1000+ Employees
 * BY INDUSTRY
 * Education
 * Finance
 * Healthcare
 * Government

 * Products
 * CLOUD-BASED SECURITY MANAGEMENT
 * Endpoint Protection
 * Endpoint Protection for Servers
 * Endpoint Detection & Response
 * Endpoint Detection & Response for Servers
 * Incident Response
 * Nebula Platform Architecture
 * CLOUD-BASED SECURITY MODULES
 * DNS Filtering
 * Vulnerability & Patch Management
 * Remediation Connector Solution
 * SECURITY SERVICES
 * Managed Detection and Response  New
 * Cloud Storage Scanning Service  New
 * Malware Removal Service
 * NEXT-GEN ANTIVIRUS FOR SMALL BUSINESS
 * For Teams

 * Get Started
 *  * Find the right solution for your business
    * See business pricing See business pricing
   
   --------------------------------------------------------------------------------
   
    * Don't know where to start?
    * Help me choose a product See business products selector
   
   --------------------------------------------------------------------------------
   
    * See what Malwarebytes can do for you
    * Get a free trial Get a free trial
   
   --------------------------------------------------------------------------------
   
    * Our sales team is ready to help. Call us now
    * Phone icon +49 (800) 723-4800

Pricing
Partners
Partners
 * Partner Icon Explore Partnerships

 * Partner Solutions
 * Resellers
 * Managed Service Providers
 * Computer Repair
 * Technology Partners
 * Buy now Buy Now

 * Partner Success Story
 * Marek Drummond
   Managing Director at Optimus Systems
   
   "Thanks to the Malwarebytes MSP program, we have this high-quality product in
   our stack. It’s a great addition, and I have confidence that customers’
   systems are protected."

 * See full story See full story

Resources
Resources
 * Learn About Cybersecurity
 * Antivirus
 * Malware
 * Ransomware
 * Malwarebytes Labs – Blog
 * Glossary
 * Threat Center

 * Business Resources
 * Reviews
 * Analyst Reports
 * Case Studies
 * Press & News

 * Events
 * 
   
   
   
   Featured Event: RSA 2021

 * See Event See event

Support
Support
 * Technical Support
 * Personal Support
 * Business Support
 * Premium Services
 * Forums
 * Vulnerability Disclosure

 * Watch Icon Training for Personal Products
 * Watch Icon Training for Business Products

 * Featured Content
 * Privacy Logo
   
   
   
   Activate Malwarebytes Privacy on Windows device.

 * See Content See content

FREE DOWNLOAD
CONTACT US
CONTACT US
 * Personal Support
 * Business Support
 * Talk to Sales
 * Contact Press
 * Partner Programs
 * Submit Vulnerability

COMPANY
COMPANY
 * About Malwarebytes
 * Careers
 * News & Press

SIGN IN
SIGN IN
 * My Account
 * Cloud Console
 * Partner Portal

SUBSCRIBE


Business


5 ESSENTIAL SECURITY TIPS FOR SMBS

Posted: October 20, 2022 by Mark Stockley

Five things that every business can do (and should be paying attention to).

In any business, the security of each computer is intimately connected to the
security of every other computer. Interconnectedness allows attackers to turn a
breach, a fault, or an oversight on one machine into access on all the machines
its connected to. That means any attack on any computer is a potential jumping
off point for an attack on the entire business.

Trojans like Emotet and Agent Tesla can infiltrate deep into your organization,
silently stealing sensitive information, while ransomware like LockBit can bring
your entire business to a sudden, grinding halt.

To defend against them, organizations need to think about the tools and
practices that will pay dividends throughout their network. To help, we’ve
compiled five essential security tips for SMBs.


1. HAVE A PLAN FOR PATCHING

Criminals often break into computers by exploiting known flaws in the software
they’re running (you can think of this like jimmying a broken lock). Security
updates remove those flaws, which fixes the broken locks and shuts out the
criminals.

Be warned: Patching an organization isn’t like keeping your laptop up to date,
and many underestimate the time and planning required to do it properly. Like
any complex, ongoing process it requires commitment, planning and
prioritization.

Organizations need to know what computers they own, what software they’re
running, what updates that software needs, how urgently it needs to happen, who
is responsible for applying updates, what schedule they’re working to, and what
the rollback plan is if something goes wrong. While it's technically possible to
do this process manually, using an automated patch management platform will make
your life infinitely easier.

Some choose to do this themselves, but, for obvious reasons, many prefer to let
an experienced managed service provider (MSP) do it for them.


2. USE MULTI-FACTOR AUTHENTICATION

Getting on top of your patching closes a lot of doors on cybercriminals, but not
all of them. There is no need for criminals to jimmy a lock if they can steal a
key, and the keys to your kingdom are your users’ passwords.

In theory, putting those keys out of reach is easy: You just need all your users
to choose strong, unique passwords for every account they use, all the time. In
practice, this is an enormous uphill task that unnecessarily, and unfairly,
transfers the responsibility for a key area of security from your IT specialists
to your staff.

That’s where multi-factor authentication (MFA) comes in. There are many
different ways to do MFA, but the most common form is asking users to type a
one-time code from an app or SMS message next to their password. MFA is armour
for your users’ passwords. It is hugely effective: It can protect you from
stolen passwords and credential stuffing, shut out online and offline
brute-force guessing attacks, and some forms of MFA will even stop phishing
attempts.

The gold standard is MFA based on the FIDO2 standard, so we recommend you start
there.


3. TURN OFF RDP WHEREVER YOU CAN

Of course, you don’t have to worry about criminals jimmying locks or stealing
keys if you can simply block up the doorway. In most cases that’s not possible,
but in one very important place it often is: Remote Desktop Protocol (RDP).

Cybercriminals love RDP and for many years guessing RDP passwords was the number
one method of entry for ransomware gangs. No wonder: A stolen RDP session gives
a criminal on the other side of the world the same access to your network as
they’d get if they strolled into your office, pulled up a chair, and logged on
to one of your Windows terminals.

All RDP connections accessible from the Internet are found within hours of going
live, and spend their lives being probed relentlessly by multiple malicious
computer programs looking to guess their passwords.

Strong passwords can keep you safe, brute-force protection can too, and MFA is
very effective, but none of these work quite as well as simply turning off RDP
altogher.

RDP was a lifeline during Covid, but do you still need it everywhere it’s turned
on? Turn it off wherever you don’t need it and harden what’s left.


4. RESERVE ADMIN LOGINS FOR ADMIN TASKS

Every criminal or piece of malware that finds a way on to one of your computers
is constrained by a set of rights. They inherit these rights from whatever
legitimate program they’ve exploited or whichever user they’re impersonating. If
they don’t have the rights they need they’ll try to get them, perhaps by using a
tool like Mimikatz to steal the password of a passing admin. The harder they
have to work to get the rights they need, the more likely you are to spot them
before they do any real damage.

Standard users are heavily constrained, Local Administrators are powerful on one
computer, and Domain Administrators are powerful everywhere. The question you
must answer is: When a malicious actor ends up on your network, what type of
user would you wish them to be? The more administrator accounts you have, and
the more frequently they are used, the easier it for criminals to hijack one.

Admin accounts are designed for changing the way that computers and networks
work, not for doing work on computers and networks. Use and assign admin rights
as sparingly as you can.


5. MAKE OFFSITE, OFFLINE BACKUPS

Now, some hard truth: Even if you do your best to stop criminals breaking into
your organization, and your best to detect and evict any that succeed, the worst
can still happen.

We hope that you never find yourself locked out of your own network by
ransomware, and steps like the ones above will make it much less likely that you
are. However, the potential severity of a successful attack demands you are
never complacent. Ransomware affects organizations, not computers. It is an
existential threat to your business on the same level as fires, floods, and
other disasters.

If you are affected by a ransomware attack your aim should be to recover your
critical systems as quickly as possible. You will need a plan (one that isn’t
stored on a computer) that outlines who does what, and which systems you need to
restore in what order. To make this possible you’ll need comprehensive, recently
tested, backups that are both offline and offsite, beyond the reach of your
attackers.


A MULI-LAYERED APPROACH TO CYBER ATTACK PREVENTION

An organizations ideal approach to cybersecurity can be aptly summed up in the
maxim, "Prevent what you can, mitigate what you cannot." 

In this post, we've outlined a few best practices for your business to consider
to lessen the likelyhood of an attack (as well as mitigate the fallout from
one!). Now, all of these things sound great—but specifically what technologies
are available to us to help bring these tips to fruition?

Our article on 5 technologies that help prevent cyberattacks for SMBs is a great
start. Multi-vector Endpoint Protection (EP) is all but necessary to have as a
first-layer of defense, and Endpoint Detection and Response is integral for
detecting and responding to threats that do make it through.

Check out the resources below to learn more about what options are available for
SMBs to fight and recover from cyber attacks.

More resources

6 patch management best practices for businesses

Cyber threat hunting for SMBs: How MDR can help

Can your EDR handle a ransomware attack? 6-point checklist for an
anti-ransomware EDR

4 ways businesses can save money on cyber insurance

SHARE THIS ARTICLE

--------------------------------------------------------------------------------

COMMENTS



--------------------------------------------------------------------------------

RELATED ARTICLES

Podcast


HOW STUDENT SURVEILLANCE FAILS EVERYONE: LOCK AND CODE S03E23

November 7, 2022 - This week on Lock and Code, host David Ruiz digs into several
claims made by student surveillance technologies and how, based on prior
reporting, the claims fall short.

CONTINUE READING 0 Comments

News


ICRC PROPOSES DIGITAL EMBLEM TO PROTECT MEDICAL SECTOR AND HUMANITARIAN
ORGANIZATIONS DURING CYBERWARFARE

November 7, 2022 - The International Committee of the Red Cross (ICRC) has
proposed the introduction of a digital emblem to mark certain entities as
legally protected during hostile cyber operations.

CONTINUE READING 0 Comments

News | Threats


IS THE ROMCOM TROJAN TARGETING ENGLISH-SPEAKING COUNTRIES?

November 7, 2022 - New research form BlackBerry's Threat Research and
Intelligence Team suggests RomCom RAT's attentions may no longer be confined to
Ukraine.

CONTINUE READING 0 Comments

News


NCSC SCANS UK INTERNET TO BETTER UNDERSTAND THE BIG SECURITY PICTURE

November 7, 2022 - We take a look at new scanning capabilities being put to good
use by the UK's NCSC, in order to better understand some of the threats faced by
vulnerable devices.

CONTINUE READING 0 Comments

News | Privacy


TIKTOK PRIVACY CHIEF: CHINA'S NOT THE ONLY COUNTRY THAT CAN ACCESS YOUR DATA

November 7, 2022 - The UK and EU have concerns about TikTok's access to their
data. It turns out that other countries apart from China have access to it, too.

CONTINUE READING 0 Comments

--------------------------------------------------------------------------------

ABOUT THE AUTHOR

Mark Stockley





Contributors


Threat Center


Podcast


Glossary


Scams


Write for Labs

Cyberprotection for every one.

twitter
facebook
linkedin
Youtube
instagram

Cybersecurity info you can't do without

Want to stay informed on the latest news in cybersecurity? Sign up for our
newsletter and learn how to protect your computer from threats.



Cyberprotection for every one.

FOR PERSONAL

Windows

Mac

iOS

Android

VPN Connection

SEE ALL

COMPANY

About Us

Contact Us

Careers

News and Press

Blog

Scholarship

Forums

FOR BUSINESS

Small Businesses

Mid-size Businesses

Large Enterprise

Endpoint Protection

Endpoint Detection & Response

Managed Detection and Response (MDR)

MY ACCOUNT

Sign In

SOLUTIONS

Free Rootkit Scanner

Free Trojan Scanner

Free Virus Scanner

Free Spyware Scanner

Anti Ransomware Protection

SEE ALL

ADDRESS

3979 Freedom Circle
12th Floor
Santa Clara, CA 95054

ADDRESS

One Albert Quay
2nd Floor
Cork T12 X8N6
Ireland

LEARN

Malware

Hacking

Phishing

Ransomware

Computer Virus

Antivirus


What is VPN?

COMPANY

About Us

Contact Us

Careers

News and Press

Blog

Scholarship

Forums

MY ACCOUNT

Sign In

ADDRESS

3979 Freedom Circle, 12th Floor
Santa Clara, CA 95054

ADDRESS

One Albert Quay, 2nd Floor
Cork T12 X8N6
Ireland
twitter
facebook
linkedin
Youtube
instagram
   English
Legal
Privacy
Accessibility
Vulnerability Disclosure
Terms of Service


© 2022 All Rights Reserved

Select your language

 * English
 * Deutsch
 * Español
 * Français
 * Italiano
 * Português (Portugal)
 * Português (Brasil)
 * Nederlands
 * Polski
 * Pусский
 * 日本語
 * Svenska