Consumers want a fully connected life – but at what cost?
Convenience has always, and will always be king. That’s why it’s no surprise that the average person is collecting connected devices left and right and is expected to own 15 connected devices by 2030. While they vary from person to person, recent research shows that the most popular connected devices tend to be smart meters, […] more…KBOT: sometimes they come back
Although by force of habit many still refer to any malware as a virus, this once extremely common class of threats is gradually becoming a thing of the past. However, there are some interesting exceptions to this trend: we recently discovered malware that spread through injecting malicious code into Windows executable files; in other words, […] more…Ransomware: The Digital Plague that Still Persists
Ransomware began its reign of cyber terror in 1989 and remains a serious and dangerous threat today. In layman’s terms, ransomware is malware that employs encryption to lock users out of their devices or block access to critical data or files. A sum of money, or ransom, is then demanded in return for access to […] more…Expanding Our Vision to Expand the Cybersecurity Workforce
I recently had the opportunity to testify before Congress on how the United States can grow and diversify the cyber talent pipeline. It’s great that members of Congress have this issue on their radar, but at the same time, it’s concerning that we’re still having these discussions. A recent (ISC) Study puts the global cybersecurity […] more…IT threat evolution Q1 2019
Targeted attacks and malware campaigns Go Zebrocy Zebrocy was first observed being used as a Sofacy backdoor in 2015. However, the collection of cases where this tool has been used mean that we consider it a subset of activity in its own right. On the basis of this threat actor’s past behaviour, we predicted last […] more…Game of Threats
Introduction While the way we consume TV content is rapidly changing, the content itself remains in high demand, and users resort to any means available to get at it – including illegal and non-ethical ones like the use of pirated stuff. The world is embracing the idea of paying for entertainment more and more with […] more…Family Tech Check: 5 Ways to Help Kids Balance Tech Over Summer Break
It’s mind-blowing to think that when you become a parent, you have just 18 summers with your child before he or she steps out of the mini-van and into adulthood. So at the mid-summer point, it’s a great time to ask: How balanced is your child’s screen time? Don’t panic, it’s normal for screen time […] more…IoT Devices: The Gift that Keeps on Giving… to Hackers
McAfee Advanced Threat Research on Most Hackable Gifts You’ve probably noticed the recent increase in Internet connected drones, digital assistants, toys, appliances and other devices hitting the market and maybe even showing up in your own home. The sale of these “Internet-of-Things” (IoT) devices is expected to reach 600 million units this year[1] and, unfortunately, […] more…Dnsmasq: A Reality Check and Remediation Practices
Dnsmasq is the de-facto tool for meeting the DNS/DHCP requirements of small servers and embedded devices. Recently, Google Security researchers identified seven vulnerabilities that can allow a remote attacker to execute code on, leak information from, or crash a device running a Dnsmasq version earlier than 2.78, if configured with certain options. Based on Censys and Shodan data, […] more…Are Your Online Mainframes Exposing You to Business Process Compromise?
by Roel Reyes (Senior Threat Researcher) Legacy mainframes are still used by enterprises to handle big data transactions across a range of industries, from financial institutions, telecoms, and internet service providers (ISPs) to airlines and government agencies. Why are they still in use? As the saying goes: “if it ain’t broke, don’t fix it”. But […] more…Helping Kids Understand the Foolishness and Consequences of Sexting
Sexting and teens. Nearly every week, the headlines reflect the attempt of citizens, educators, and lawmakers to tackle the question: What should the punishment be for teens caught sexting? In most states, officials may prosecute anyone, regardless of age, who creates, distributes or possesses an image of a minor engaged in sexual acts under that state’s […] more…How to Secure the Future of the Internet of Things
The world of security for the Internet of Things just became more complex. IoT devices are no longer a potential threat to their owners; now they pose a significant threat to everything connected to the Internet. The old IoT security problem For the past year, the cybersecurity and IoT communities have been at odds regarding […] more…Crypto-Ransomware Sightings and Trends for 1Q 2015
It seems that cybercriminals have yet to tire of creating crypto-ransomware malware. Since the start of 2015, we have spotted several variants of crypto-ransomware plague the threat landscape. In January, the Australia-New Zealand region was beset by variants of TorrentLocker. But we soon discovered that TorrentLocker infections were not limited to that region; Turkey, Italy, […] more…Multiplatform Boleto Fraud Hits Users in Brazil
A study conducted around June last year revealed a malware-based fraud ring that infiltrated one of Brazil’s most popular payment methods – the Boleto Bancário, or simply the boleto. While the research and analysis was already published by RSA, we’ve recently discovered that this highly profitable fraud is still out in the wild and remains […] more…Website Security: A Case of SEO Poisoning
There are so many ways your website can be co-opted by hackers for many different reasons, targeting the value created via your SEO is highly attractive. It provides an attacker the opportunity to cheat the system by quickly benefiting from your raw traffic, your audience. In this post we will share details of a recent […] more…Understanding the WordPress Security Plugin Ecosystem
As a child, did you ever play that game where you sit in a circle and one person is responsible for whispering something into one persons ear, and that message gets relayed around the circle? Wasn’t it always funny to see what the final message received would be? Oh and how it would have morphed […] more…More information
- Cpanel Hacking/Cracking Tutorial
- Windows 8 setup shows ‘Do Not Track’ options
- IBM Spectrum Scale CVE-2019-4665 Cross Site Scripting Vulnerability
- EU, US Agree to New Internet ‘Privacy Shield’
- Canada Bans WeChat and Kaspersky on Government Phones
- Targeted Attack in Taiwan Uses Infamous Gh0st RAT
- Got an early iPhone or iPad? Update now or turn it into a paperweight
- Quantum key system could make mobile transactions far more secure
- Microsoft Windows ALPC CVE-2018-8584 Local Privilege Escalation Vulnerability
- Windows XP/Server 2003 Zero-Day Payload Uses Multiple Anti-Analysis Techniques