Malwarebytes has introduced Malwarebytes Breach Remediation for Mac and new forensics capabilities as part of its Malwarebytes Breach Remediation platform. This Malwarebytes endpoint detection and response (EDR) solution hunts for and is designed to remove advanced threats from Mac OS X and Windows endpoints.
Malwarebytes Breach Remediation is an EDR solution that detects and removes infections and related artifacts simultaneously across all endpoints on a network. Malwarebytes Breach Remediation scans network endpoints looking for suspicious files or anomalies and, when found, pieces together the threat traces and automatically remediates compromised systems. This approach to breach remediation is designed to help eliminate the possibility of new cyber attacks or lateral movements that capitalize on leftover malware traces.
Although Macs have faced nuisance apps like adware and PUPS for years, new threats are materializing, including ransomware (e.g., KeRanger). Many experts believe the KeRanger attacks were a “test run” or proof of concept—and that it’s only a matter of time before the next big attacks against Macs surface. With more companies turning to Macs and a rising number of new threats, concern about the possibility of widespread Mac vulnerabilities is on the rise.
“The idea that Macs are inherently safe and immune to malware and other threats is patently false. In fact, Apple stores themselves rely on Malwarebytes Anti-Malware for Mac frequently. Genius Bar technicians use the technology to clean infected customer computers,” says Thomas Reed, director of Mac offerings, Malwarebytes. “Also consider that on the first day of the Pwn2Own 2016 hacking event, one independent security researcher found four vulnerabilities highlighting just how vulnerable Macs can be. We built Breach Remediation for Mac in response to the hundreds of Malwarebytes customers demanding protection for their Mac endpoints.”
With Malwarebytes Breach Remediation, incident response teams can quickly remediate threats remotely, saving significant time and money and helping to reduce the dwell time of a malicious attack. The new Mac client easily integrates with existing Mac OS X management solutions, like Apple Remote Desktop, Casper Suite, and Munki, facilitating rapid deployment and use.
Malwarebytes Breach Remediation also includes new forensics capabilities that not only identify previously undetected breaches, but also answer the critical questions of what happened, how it happened, and when it happened. Forensic Timeliner is a command-line tool that is able to extract historical events from a computer in order to detect potential infections by new or undetected malware. The forensic engine gathers events from different sources of information on Windows endpoints, saving users significant time and effort, says Reed.
In addition to these Malwarebytes Breach Remediation enhancements, the company also released updates to their Malwarebytes Endpoint Security endpoint protection platform, including:
° Management Console (v1.7) with policy cloning and other improvements;
° Windows client support for Anti-Malware (v1.80.2) and Anti-Exploit (v1.08);
° Mac client (on-demand scanning and remediation)
For a full list of updates and the complete change log for Malwarebytes Management Console please visit https://www.malwarebytes.com/support/releasehistory/business/#mbmc.