Assessing the impact of protection from web miners
Brief summary: We present the results of evaluating the positive economic and environmental impact of blocking web miners with Kaspersky products. The total power saving can be calculated with known accuracy using the formula <w>·N, where <w> is the average value of the increase in power consumption of the user device during web mining, and […] more…Beware of Back-To-School Scams
These days it seems that there is a scam for every season, and back-to-school is no different. From phony financial aid, to debt scams, and phishing emails designed to steal your identity information, there are a lot of threats to study up on. Of course, many of these scams are just different twists on the […] more…Expanding Our Vision to Expand the Cybersecurity Workforce
I recently had the opportunity to testify before Congress on how the United States can grow and diversify the cyber talent pipeline. It’s great that members of Congress have this issue on their radar, but at the same time, it’s concerning that we’re still having these discussions. A recent (ISC) Study puts the global cybersecurity […] more…How McAfee’s Mentorship Program Helped Me Shine in My Career Journey
By: Anshu, Software Engineer “The mind is not a vessel that needs filling, but wood that needs igniting.”—Mestrius Plutarchus A mentor isn’t someone who answers your questions, but someone who helps you ask the right ones. After joining the McAfee WISE mentorship program as a mentee, I understood the essence of these words. WISE is […] more…IT threat evolution Q1 2019
Targeted attacks and malware campaigns Go Zebrocy Zebrocy was first observed being used as a Sofacy backdoor in 2015. However, the collection of cases where this tool has been used mean that we consider it a subset of activity in its own right. On the basis of this threat actor’s past behaviour, we predicted last […] more…Mirrorthief Group Uses Magecart Skimming Attack to Hit Hundreds of Campus Online Stores in US and Canada
We uncovered a recent activity involving the notorious online credit card skimming attack known as Magecart. The attack, facilitated by a new cybercrime group, impacted 201 online campus stores in the United States and Canada. We started detecting the attacks against multiple campus store websites on April 14, during which the sites were injected with […] more…Game of Threats
Introduction While the way we consume TV content is rapidly changing, the content itself remains in high demand, and users resort to any means available to get at it – including illegal and non-ethical ones like the use of pirated stuff. The world is embracing the idea of paying for entertainment more and more with […] more…ANZAC Day – Nurses of the Great War
ANZAC Day is a big deal to Australians and New Zealanders. With a different meaning to so many, it’s usually regarded as an unnecessary and sad loss of life in a British Empire backed bloodbath, or it’s the most memorable of losing military conflicts that defined both countries and shaped their futures. Remembrance celebrations for […] more…DNS Manipulation in Venezuela in regards to the Humanitarian Aid Campaign
Venezuela is a country facing an uncertain moment in its history. Reports suggests it is in significant need of humanitarian aid. On February 10th, Mr. Juan Guaidó made a public call asking for volunteers to join a new movement called “Voluntarios por Venezuela” (Volunteers for Venezuela). According to the media, it already numbers thousands of […] more…New Magecart Attack Delivered Through Compromised Advertising Supply Chain
by Chaoying Liu and Joseph C. Chen On January 1, we detected a significant increase in activity from one of the web skimmer groups we’ve been tracking. During this time, we found their malicious skimming code (detected by Trend Micro as JS_OBFUS.C.) loaded on 277 e-commerce websites providing ticketing, touring, and flight booking services as […] more…APT review of the year
What were the most interesting developments in terms of APT activity throughout the year and what can we learn from them? Not an easy question to answer; everybody has partial visibility and it’s never possible to really understand the motivations of some attacks or the developments behind them. Still, with the benefit of hindsight, let’s […] more…Transforming Students into Professionals to Close the Skills Gap: A Million Dollar Investment
Innovation. It’s at the core of any security breakthrough. Just ask an expert in the crowd gathered at MPOWER, McAfee’s Annual Security Summit. And if you ask me, as McAfee’s SVP and chief human resource officer, innovation is not just how our industry can defend against the growing number of cyberthreats, but also how we […] more…Stolen Data from Chinese Hotel Chain and Other Illicit Products Sold in Deep Web Forum
by Fyodor Yarochkin (Senior Threat Researcher) We uncovered personally identifiable information (PII) stolen from a China-based hotel chain being sold on a deep web forum we were monitoring. Further analysis revealed that the stolen data was not only the PII of Chinese customers, but also included the hotel chain’s customers from Western and East Asian […] more…How Machine Learning Can Help Identify Web Defacement Campaigns
By Federico Maggi, Marco Balduzzi, Ryan Flores, and Vincenzo Ciancaglini Website defacement — the act of visibly altering the pages of a website, notably in the aftermath of a political event to advance the political agenda of a threat actor— has been explored in our various research works. We broke down top defacement campaigns in a […] more…Trojan watch
We continue to research how proliferation of IoT devices affects the daily lives of users and their information security. In our previous study, we touched upon ways of intercepting authentication data using single-board microcomputers. This time, we turned out attention to wearable devices: smartwatches and fitness trackers. Or more precisely, the accelerometers and gyroscopes inside […] more…Streamin’ in the Sun – Your Essential Checklist for Safely Watching this Summer’s Biggest Events Online
With several major European sporting events, music festivals and a huge royal wedding on the way, this summer is set to be filled with many must-see moments. For those occasions where a television isn’t close by or the content is not freely available, many of us may resort to streaming services so that we can […] more…More information
- Vulnerabilities in OpenEMR Healthcare Software Expose Patient Data
- Blackberry debates killing off handsets
- Q&A: Workplace exec on employee productivity, app plans for 2021
- Issues Logging into Lynda.com
- FBI spills iPhone hacking secret to senators
- T-Mobile Hack Involved Exposed Router, Specialized Tools and Brute Force Attacks
- Giving Your Boo Your Password Is Dumb. Do This Instead
- Google Patches Android Zero-Day Exploited in Targeted Attacks
- Facebook’s Crisis Response hub centralizes help for disaster victims
- ICANN’s next decision: Deleting the dot from new domains?