Salesforce “red team” members present tool at Defcon, get fired

“Red Team” members were fired as they stepped off stage after presenting internal attack tool.

Enlarge / Meatpistol was supposed to be released at DEFCON. But Salesforce pulled the plug—and fired two security employees for presenting about it.

At Defcon in Las Vegas last month, word rapidly spread that two speakers—members of Salesforce’s internal “red team”—had been fired by a senior executive from Salesforce “as they left the stage.” Those two speakers, who presented under their Twitter handles, were Josh “FuzzyNop” Schwartz, Salesforce’s director of offensive security, and John Cramb, a senior offensive security engineer.

Schwartz and Cramb were presenting the details of their tool, called Meatpistol. It’s a “modular malware implant framework” similar in intent to the Metasploit toolkit used by many penetration testers, except that Meatpistol is not a library of common exploits, and it is not intended for penetration testing. The tool was anticipated to be released as open source at the time of the presentation, but Salesforce has held back the code.

“Meatpistol is a framework for red teams to create better implants,” and an “offensive infrastructure automation tool,” Schwartz and Cramb explained in their presentation. It is intended to automate the grunt work of deploying new malware attacks for multiple types of targets. Rather than testing for common vulnerabilities as penetration testers often do, the internal red team Schwartz led until last month had the job of constantly probing and attacking Salesforce’s systems. It even stole data like real adversaries, operating with nearly unrestricted rules of engagement internally.

Meatpistol, while still in its early stages of development, had already improved the efficiency of the Salesforce red team. “Malware implant creation used to take days,” Schwartz said during his presentation. “Now it takes seconds,” he said, cutting “weeks off our operation time.”

Schwartz had reportedly gotten prior approval to speak at Defcon from Salesforce management, and he was working toward getting approval to open-source Meatpistol (which is currently in a very rough “alpha” state but was at use internally at Salesforce). But at the last moment, Salesforce’s management team had a change of heart, and it was trying to get the talk pulled. As ZDNet’s Zach Whittaker reports, a Salesforce executive sent a text message to Schwartz and Cramb an hour before their scheduled talk, telling the pair not to announce the public release of the code.

According to one source Ars spoke with at Defcon, Schwartz turned off his phone prior to the presentation so that he couldn’t be told directly not to speak.

Schwartz told the audience during the presentation that he would push to get the tool published as open source because he felt that it could only get better through community contributions. Following the presentation, Cramb posted to Twitter:

image

There’s no indication that Salesforce is taking any further action against Schwartz and Cramb. The Electronic Frontier Foundation’s deputy executive director, Kurt Opsahl, confirmed to Ars in an e-mail that the EFF is “representing Josh Schwartz and John Cramb with respect to their talk at Defcon. However, we are not aware of any charges or complaints, whether filed or pending, nor is there any reason to believe that any would be warranted.”

A Salesforce spokesperson contacted by Ars would not comment, stating, “We don’t comment on matters involving individual employees.”

Ars has been unable to contact Schwartz and Cramb directly. We’ll update this story as more details become available.

 

via:  arstechnica


Save pagePDF pageEmail pagePrint page

The Man Who Wrote Those Password Rules Has a New Tip: N3v$r M1^d!

Bill Burr’s 2003 report recommended using numbers, obscure characters and capital letters and updating regularly—he regrets the error

The man who wrote the book on password management has a confession to make: He blew it.

Back in 2003, as a midlevel manager at the National Institute of Standards and Technology, Bill Burr was the author of “NIST Special Publication 800-63. Appendix A.” The 8-page primer advised people to protect their accounts by inventing awkward new words rife with obscure characters, capital letters and numbers—and to change them regularly.

The document became a sort of Hammurabi Code of passwords, the go-to guide for federal agencies, universities and large companies looking for a set of password-setting rules to follow.

The problem is the advice ended up largely incorrect, Mr. Burr says. Change your password every 90 days? Most people make minor changes that are easy to guess, he laments. Changing Pa55word!1 to Pa55word!2 doesn’t keep the hackers at bay.

Also off the mark: demanding a letter, number, uppercase letter and special character such as an exclamation point or question mark—a finger-twisting requirement.

“Much of what I did I now regret,” said Mr. Burr, 72 years old, who is now retired.

In June, Special Publication 800-63 got a thorough rewrite, jettisoning the worst of these password commandments. Paul Grassi, an NIST standards-and-technology adviser who led the two-year-long do-over, said the group thought at the outset the document would require only a light edit.

“We ended up starting from scratch,” Mr. Grassi said.

The new guidelines, which are already filtering through to the wider world, drop the password-expiration advice and the requirement for special characters, Mr. Grassi said. Those rules did little for security—they “actually had a negative impact on usability,” he said.

Long, easy-to-remember phrases now get the nod over crazy characters, and users should be forced to change passwords only if there is a sign they may have been stolen, says NIST, the federal agency that helps set industrial standards in the U.S.

Amy LaMere had long suspected she was wasting her time with the hour a month it takes to keep track of the hundreds of passwords she has to juggle for her job as a client-resources manager with a trade-show-display company in Minneapolis. “The rules make it harder for you to remember what your password is,” she said. “Then you have to reset it and it just makes it take longer.”

When informed that password advice is changing, however, she wasn’t outraged. Instead, she said it just made her feel better. “I’m right,” she said of the previous rules. “It just doesn’t make sense.”

Academics who have studied passwords say using a series of four words can be harder for hackers to crack than a shorter hodgepodge of strange characters—since having a large number of letters makes things harder than a smaller number of letters, characters and numbers.

In a widely circulated piece, cartoonist Randall Munroe calculated it would take 550 years to crack the password “correct horse battery staple,” all written as one word. The password Tr0ub4dor&3—a typical example of a password using Mr. Burr’s old rules—could be cracked in three days, according to Mr. Munroe’s calculations, which have been verified by computer-security specialists.

Mr. Burr, who once programmed Army mainframe computers during the Vietnam War, had wanted to base his advice on real-world password data. But back in 2003, there just wasn’t much to find, and he said he was under pressure to publish guidance quickly.

He asked the computer administrators at NIST if they would let him have a look at the actual passwords on their network. They refused to share them, he said, citing privacy concerns.

“They were appalled I even asked,” Mr. Burr said.

With no empirical data on computer-password security to be found, Mr. Burr leaned heavily on a white paper written in the mid-1980s—long before consumers bought DVDs and cat food online.

The published guidelines were the best he could do.

“In the end, it was probably too complicated for a lot of folks to understand very well, and the truth is, it was barking up the wrong tree,” said Mr. Burr.

Nevertheless, NIST’s password advice became widely influential, not just within the federal government but on corporate networks, websites and mobile devices.

Collectively, humans spend the equivalent of more than 1,300 years each day typing passwords, according to Cormac Herley, a principal researcher at Microsoft Corp. His company once followed the Burr code for passwords, but no more.

The biggest argument against Mr. Burr’s prescriptions: they haven’t worked well. “It just drives people bananas and they don’t pick good passwords no matter what you do,” Mr. Burr said.

The past decade has seen a data-breach boom. Hackers have stolen and posted online hundreds of millions of passwords from companies such as MySpace, LinkedIn and Gawker Media.

Those postings have given researchers the data they need to take a hard look at how people’s passwords fare against the tools hackers used to break them. Their conclusion? While we may think our passwords are clever, they aren’t. We tend to gravitate toward the same old combinations over and over.

Back in 2003, Mr. Burr didn’t have the data to understand this phenomenon. Today, it is obvious to people like Lorrie Faith Cranor. After years of studying terrible concoctions, she put 500 of the most commonly used passwords on a blue and purple shift dress she made and wore to a 2015 White House cybersecurity summit at Stanford University.

Adorned with the world’s most common passwords—princess, monkey, iloveyou and others that are unprintable here—the dress has prompted careful study, and embarrassment.

“I’ve had people look at it and they’re like, ‘Oh, I’d better go change my passwords,’ ” said Ms. Cranor, a professor at Carnegie Mellon University.

The NIST rules were supposed to give us randomness. Instead they spawned a generation of widely used and goofy looking passwords such as Pa$$w0rd or Monkey1! “It’s not really random if you and 10,000 other people are doing it,” said Mr. Herley, the Microsoft researcher.

Mr. Grassi, who rewrote NIST’s new password guidelines, thinks his former colleague Mr. Burr is being a little bit hard on himself over his 2003 advice.

“He wrote a security document that held up for 10 to 15 years,” Mr. Grassi said. “I only hope to be able to have a document hold up that long.”

 

via:  wsj


Save pagePDF pageEmail pagePrint page

Windows 10 Linux subsystem gets first patches

Microsoft’s August 2017 Patch Tuesday brought the first Windows 10 Linux subsystem patches, just as a new version of the Linux subsystem is released for Windows Server.

Microsoft released its August 2017 Patch Tuesday fixes, which targeted 48 vulnerabilities across various Microsoft products, including 15 critical patches and the first two fixes for the Windows subsystem for Linux.

One patch for the Windows 10 Linux subsystem remediated a denial of service flaw (CVE-2017-8627) that Microsoft only listed as “important” not critical, but this issue was publicly disclosed so experts said it should be moved up the priority scale.

The other Linux subsystem patch fixed an escalation of privilege issue (CVE-2017-8622) that could allow an attacker to execute code, so Microsoft rated it as critical.

Both patches were for the Windows 10 Linux subsystem, but Microsoft also just announced Insider Builds of Windows Server could begin using the Linux subsystem and it is unclear if the vulnerabilities affect Windows Server as well.

Bobby McKeown, senior manager of engineering at Rapid7, said enterprises should be careful when enabling the Windows 10 Linux subsystem.

“It is likely to increase the attack surface, given that it is going to be harder to control what applications are installed on a machine. Also, the combination of two different systems, which have access to each other’s file systems, is likely to increase possible attack vectors,” McKeown told SearchSecurity. “This is not default for normal users, however, with more and more adoption, it will become a greater target for attacks, and possible disclosure of vulnerabilities will potentially raise the profile of these types of vulnerabilities.”

Dustin Childs, communications manager for Zero Day Initiative, said Microsoft has done well to minimize potential risks associated with using the Windows 10 Linux subsystem.

“While the addition of a new, interactive shell does increase the attack surface on a Windows system, the fact that [the Windows 10 Linux subsystem] cannot run persistent Linux services, such as daemons, jobs, etc. as background tasks limits this threat,” Childs told SearchSecurity. “Any time a new feature is introduced, we know researchers take a close look at it to see if they find anything interesting. After this initial spike, it’s likely this component will receive a similar amount of attention as other, similar components.”

Other patches to prioritize

Beyond the Windows 10 Linux subsystem patches, experts roundly agreed the highest priority patch was CVE-2017-8620, a critical vulnerability in the Windows Search service which could allow an attacker to take control of the target system and “install programs; view, change, or delete data; or create new accounts with full user rights,” according to Microsoft.

Jimmy Graham, director of product management at Qualys, said this was the third time Microsoft has needed to patch the Windows Search service.

“As with the others, this vulnerability can be exploited remotely via [server message block (SMB)] to take complete control of a system, and can impact both servers and workstations,” Graham wrote in a blog post. “While an exploit against this vulnerability can leverage SMB as an attack vector, this is not a vulnerability in SMB itself, and is not related to the recent SMB vulnerabilities leveraged by EternalBlue, WannaCry, and Petya.”

Childs agreed this was the most critical bug of the month.

“As with the previous Search flaw, within an enterprise, an attacker could remotely trigger the vulnerability through an SMB connection and then take control of a target computer,” Childs wrote in his analysis. “That’s pretty close to wormable and just the sort of thing malware writers look for in a bug. Also, let this be your monthly reminder to disable SMBv1.”

Childs also suggested organizations make note of CVE-2017-8664, a remote code execution flaw in Windows Hyper-V.

“This could allow for an attacker on a guest OS to escape and execute code on the underlying hypervisor,” Childs wrote. “Back at the 2017 Pwn2Own competition, a Hyper-V escape like this one would have earned the contestant $100,000 USD. Although we didn’t have anyone attempt this product this year, it’s safe to say we’ll likely get some attempts should the category return.”

 

via:  techtarget


Save pagePDF pageEmail pagePrint page

Six Reasons Why the SOC Analyst Role is So Hard

It’s no secret that the Level-1 SOC analyst has been continually vilified by the security industry as being ineffective against the modern threat. It’s really not the analysts’ fault because we are, in fact, expecting way too much from them. To understand this dynamic better, let’s examine the following six reasons why the job of monitoring a console for incidents in a SOC is so difficult to get right.

1.    The demand for SOC analysts far surpasses the available talent. And, as early career security professionals, the retention rate is very low — typically 18-24 months — because their market value continues to rise very rapidly. That puts most companies in a disadvantageous position of constantly hiring and retraining their front-line defenders, which costs in valuable time, money and resources.

2.    Today’s event volume levels boggle the imagination from even a few years ago. Using the traditional SIEM funnel, event volume is reduced to much less than 1% of the total to match the SOC analyst scarcity, or those available to look at the data.  So, it’s no surprise incidents are missed due to looking at much smaller sample sizes than should be to ensure modern threats are identified.

3.    The SIEM funnel is usually just a list of heuristics (correlation rules) that describe common attack scenarios. Some are even as bad as “multiple failed logins.” These static rules are an engineering headache to maintain and can only capture well understood or commodity attack patterns, leaving the real bad guys free to roam our networks.

4.    Level-1 SOC analysts also bring a host of management challenges. I’ve witnessed episodes of incredibly poor judgment displayed especially on a less than fully supervised night shift. This includes various types of non-professional behavior, to carrying guns to work to show their friends.  Experienced management is needed to help train and shape junior analysts into seasoned security pros. But that level of management talent is hard to staff on shift.

5.    Lack of knowledge when it comes to critical business context is also another factor to consider.  There are many complex business models in this modern economy. That means security analysts need to have an understanding of fundamental business operations across a wide array of enterprise disciplines. Understanding what a critical attack might look like across ecommerce, integrated supply chain logistics, finance, regulations, and more becomes a necessary skill.

6.     Finally, the attacker ecosystem has fully professionalized into a “dark market.” The dark market is capable of a stunning variety of advanced attacks that leverage “living off the land” tools, making them very difficult to detect by traditional security practices. We are pitting our youngest new hires against their criminal best and losing, which is no surprise.

From our point of view at Respond Software, the industry is overdue for a different, more effective approach. And, we shouldn’t blame the Level-1 SOC analyst for failing in the face of an almost impossible task. Analysts monitoring consoles to identify attackers is not the way we are going to get ahead of the bad guys in the future.

 

via:  linkedin


Save pagePDF pageEmail pagePrint page

Air Canada Silence Deletes Critical Data In San Francisco Near Disaster

 

NTSB provided graphic

This graphic accompanies the NTSB’s preliminary report into the Air Canada 759 investigation

In its investigation into the Air Canada flight that came thisclose to triggering a multi airliner pile-up at San Francisco Airport last month, American safety authorities will try to determine why the Airbus A320 was over a crowded taxiway instead of an open runway awaiting the plane’s arrival.

But the National Transportation Safety Board should also examine why Air Canada didn’t notify authorities that Flight 759 flew within feet of creating a chain-reaction disaster of historic proportions.

This is not just a procedural question. Air Canada’s silence allowed the recording from the cockpit voice recorder to be taped over by subsequent flights. The CVR contained information critical to the investigation.

“It’s not clear whether there has been an attempt to cover up an incident,” said Jim Hall, the former chairman of the NTSB and now a safety consultant in private practice.

Without a doubt, the event was pants-wetting for the pilots who were on the taxiway watching incredulously as the Air Canada airliner approached dead ahead.

“Where’s this guy going?” asks one of the pilots of United Airlines Flight 1, a 787 at the head of the line awaiting departure to Singapore. The crew of the plane behind, Philippine Airlines flight 115 headed for Manila flashes its landing lights in an attempt to signal the Air Canada crew not to touch down on top of them.

Before the engines responded to the Air Canada crews’ go-around attempt away from the line of airliners the Airbus was just 56 feet off the ground, just one foot, we’re talking 12 inches, above the highest point of the next Dreamliner in the line.

Nevertheless, it took two days before the safety board was notified. Even then, it was not the airline but the Federal Aviation Administration who rang up the investigators.

“It’s disturbing,” Hall told me of the delay. In his opinion, the FAA and Air Canada had an obligation to report it.

Citing the ongoing investigation, Air Canada declined to talk about its decision. But Keith Holloway, a spokesman for the NTSB referenced the federal regulations in explaining, “the operator was not required to make a report to the NTSB.”

Literally speaking Holloway may be correct. The case of a plane almost landing on a taxiway falls short of the requirement that applies to planes that actually land there.

And it comes close but not close enough to the case of pilots who must take corrective action to avoid a collision because once again that rule applies to planes that land. Air Canada flight 759 did a go-around.

This parsing of the rules may benefit the interest of the airline, by effectively allowing the destruction of valuable information about what led up to it.  It doesn’t serve the flying public, Hall says because aviation safety relies on looking “at misses in order to prevent accidents.

“Once you get into the weeds we all know who lives in the weeds; people who are trying to cause problems and cover up.”

That no one was killed or even injured can be called a miracle. But the reasons for the near catastrophe are grounded in clues the investigators must find and analyze. Air Canada’s silence means the NTSB no longer has the benefit of what was probably the most illuminating information about what went on in the cockpit that night.

Why that is the case, surely ought to be part of the probe.

 

via:  forbes


Save pagePDF pageEmail pagePrint page

U.S. Army halts use of Chinese-made drones over cyber concerns

image

Drones are displayed inside DJI’s first flagship store of DJI in Shenzhen, China December 18, 2015, two days before it’s official opening.

 

The U.S. Army has ordered its members to stop using drones made by Chinese manufacturer SZ DJI Technology Co Ltd because of “cyber vulnerabilities” in the products.

An Aug. 2 Army memo posted by sUAS News and verified by Reuters applies to all DJI drones and systems that use DJI components or software. It requires service members to “cease all use, uninstall all DJI applications, remove all batteries/storage media and secure equipment for follow-on direction.”

The memo says DJI drones are the most widely used by the Army among off-the-shelf equipment of that type.

DJI said in a statement that it was “surprised and disappointed” at the Army’s “unprompted restriction on DJI drones as we were not consulted during their decision.”

The privately held company said it would contact the Army to determine what it means by “cyber vulnerabilities” and was willing to work with the Pentagon to address concerns.

Analysts at Goldman Sachs and Oppenheimer estimated in 2016 that DJI had about 70 percent share of the global commercial and consumer drone market. Goldman analysts estimated the market, including military, to be worth more than $100 billion over the next five years.

The Army was considering issuing a statement about the policy, said Army spokesman Dov Schwartz.

The move appears to follow studies conducted by the Army Research Laboratory and the Navy that said there were risks and vulnerabilities in DJI products.

The memo cites a classified Army Research Laboratory report and a Navy memo, both from May as references for the order to cease use of DJI drones and related equipment.

 

via:  reuters


Save pagePDF pageEmail pagePrint page

DNS Attacks Could Cost Your Company $2 Million a Year

The DNS (Domain Name System) is the keystone of the proper functioning of the internet. Each time you access your email or your Facebook, you’re using it. So when a DNS server is under attack and inaccessible, every website that it supports also becomes unavailable. DNS attacks have already had a major impact in the functioning of companies, and it turns out to be absolutely essential to learn about the way this attack works and to implement measures to protect yourself from it.

The Domain Name System is a growing target for cyberattacks designed to cause downtime or simply harm businesses. When attacking it, a cybercriminal usually exploits a vulnerability. The DNS can be used by attackers as a vector for stealing valuable data or launching a DDoS attack. According to the DNS Threat Survey 2017, conducted by EfficientIP, 76% of organizations have fallen victim to a DNS attack this year.

“76% of organizations have fallen victim to a DNS attack this year.”

What are the most common DNS attacks?

There is a wide variety of these attacks that companies should be aware of. According to this study, there are three attacks in particular that mainly concern companies. The first of these is the DDoS attack on a DNS server, where attackers flood the servers with traffic and the service becomes inaccessible to users. In October 2016, a cyberattack on the servers of Dyn, the US company that controls most of the DNS infrastructure, caused sites like The Guardian, Reddit and CNN to go offline. In a survey of IT security managers, 32% reported having been victims of this type of attack, a significant increase from 22% in 2016.

The second method, and the one that most concerns companies, involves data theft via DNS. In this case, cybercriminals take advantage of the DNS to filter data through the User Datagram Protocol, using a tunnel to transfer data or to seize control of the computer. Because firewalls and other traditional security solutions do not perform deep DNS scans, they are unable to detect when a protocol has been breached. This year, of those surveyed by EfficientIP, 28% reported that sensitive data had been stolen from them as a result of this vulnerability.

Another one of the most headache-inducing attacks is the DNS zero-day attack: 19% of companies have reported falling victim to this type of attack. Here, the attacker takes advantage of a security breach in the DNS protocol or in the server software on the same day that the vulnerability comes to light. With a query previously formulated to the server, the attacker can block the system and inflict damage on the victim company.

“On average, DNS attacks cost companies 2.23 million dollars annually.”

How can you prevent a DNS attack?

The economic impact of a DNS attack is too high to ignore. On average, DNS attacks cost companies 2.23 million dollars annually. An insecure DNS system is already in itself an invitation for attackers to access your company’s data and inflict downtime on your services. That’s why it is vital to take into account the popularization of these attacks and implement the appropriate security measures and solutions.

Here are three tips from Panda Security to combat DNS attacks:

  • Update, update, update. This prevents attackers from taking advantage of vulnerabilities in software or operating systems. It is a measure that requires little effort and can end up saving you and your company a lot of stress.
  • Implement a complete detection system, such as a perimeter firewall that prevents connections between the corporate network and the internet unless they comply with company policy.
  • Incorporate advanced cybersecurity solutions that centrally protect all workstations and servers with advanced prevention, detection and remediation capabilities.

via:  pandasecurity


Save pagePDF pageEmail pagePrint page

Tesla has completed its first ever Solar Roof product installations

Tesla has already completed the first installations of its Solar Roof products, which use integrated solar panels to gather energy. The solar tiles were first introduced last year, and are designed to look essentially indistinguishable from traditional roofing materials so that they present an aesthetically attractive option to consumers who might shy away from traditional panel designs.

The first installations have been made on Tesla employee homes, which mirrors the way it’s distributing the very first Tesla Model 3 automobiles. This is partly a reward for their contribution to the immense effort represented by bringing these things to market, but it’s also likely a strategic decision that allows Tesla to test and monitor its new products early on in their production life.

“I have it on my house, [Tesla co-founder] JB [Straubel] has it on his house,” Elon Musk said on the call. He specified that the first installations were already generating energy as well as being installed.

Tesla started pre-orders for Solar Roof installations during Q2, and is offering a warranty for the lifetime of the house on which they’re installed, “or infinity, whichever comes first.”

image

image

 

 

via:  techcrunch

 

 


Save pagePDF pageEmail pagePrint page

Minecraft’s cross-platform ‘Better Together’ update arrives in beta

Minecraft’s “Better Together Update” is rolling out now in beta, for players on Windows 10 PCs and Android devices. That means players on either platform with the beta installed will be able to participate in games from either type of device, together in cross-platform play.

This update was originally revealed at E3 back in June, and includes other feature additions like community servers and a community Marketplace with paid add-ons. There are also a range of new in-game item types, multiplayer host and permission options, and more.

The beta is also set to roll out for Xbox One “soon,” Microsoft says, which will add the gaming console to the cross-platform action. Microsoft also said when the update was announced that it’ll eventually add support for the Play Together Update to iOS, Nintendo Switch and VR devices (Sony was apparently offered the chance to participate in the update for PlayStation, but declined).

To get in on the beta, players will need the Xbox Insider app for Windows 10 and Xbox One, and on Android they’ll need to have Google Play and of course everyone will need a copy of the game.

This could be huge for unifying Minecraft’s massive player community, which is already quite the club.

 

via:  techcrunch


Save pagePDF pageEmail pagePrint page

Malwarebytes for Mac 3 now available

malwarebytes-mac-768x452

For additional third-party real-time protection on a Mac, you could always install an “on demand” service which, rather than running continuously in the background, will scan your computer when you’re not trying to render animation, export a 4K video or crunch numbers, which all require vital CPU cycles.

Step up Malwarebytes for Mac 3. The previously titled Malwarebytes Anti-Malware was a huge success on the Windows platform, both as a free and premium version and it has now fully transitioned to the Mac OS.

Available as a free on-demand scanner, we’d always recommend adding Malwarebytes to your arsenal of tools to combat malware. Produced and developed in the United States, there’s an element of background history behind the brand, too. You know they have your back.

So, what’s new in v3? The first and most obvious addition is the new user-interface which has a consistent look of the Windows edition, without moving too far from Mac guidelines. Malwarebytes has added a menu bar for quick access, whilst a quarantine function will temporarily pause functionality rather than dumping files to trash. There’s also a trial mode so you can see the paid-for Premium features such as real-time protection.

Apart from that, there’s not a huge amount of new features. This of this release as a transition period to move the Mac version alongside the Windows edition for future mutual updates.

Malwarebytes for Mac v3 is available now and a Premium version is available for $39.99.

 

via:  betanews


Save pagePDF pageEmail pagePrint page