The New Intern-Net
By Cristina Barrera, Channel Team Intern in Plano, Texas. As a college student today, it often feels like it’s essential to get top grades, volunteer, participate in sports, play an instrument, and find a cure for a rare disease in my spare time just to get a job interview. And now, on top of this, […] more…DEFCON – Connected Car Security
This blog post was written by Christiaan Beek, Jesse Michael, Raj Samani, and Mickey Shkatov. Sometime in the distant past, that thing in your driveway was a car. According to Intel however, the “connected car is already the third fastest growing technological device after phones and tablets”. The days when a Haynes manual, a toolkit, […] more…A Look at JS_POWMET, a Completely Fileless Malware
by Michael Villanueva As cybercriminals start to focus on pulling off attacks without leaving a trace, fileless malware, such as the recent SOREBRECT ransomware, will become a more common attack method. However, many of these malware are fileless only while entering a user’s system, as they eventually reveal themselves when they execute their payload. Attacks […] more…HBO Targeted by a Cyberattack, Potential “Game of Thrones” Scripts and Episodes Leaked
The night is dark and full of hackers. HBO has been thrown into chaos, as the major television network was hit with a massive cyberattack Sunday morning. Just how massive? Cybercriminals have apparently leaked 1.5 Terabytes of data. The biggest target: the widely popular show “Game of Thrones”, with full length episodes and future scripts […] more…World Wide Web – The journey from 1990
This year on my birthday, family and friends sent me gifts and flowers bought from online stores. Even my cake was ordered online! I wondered, “How would things have been without the World Wide Web?” August 1, 2017 was the 26th birthday of the World Wide Web and this is the right opportunity to thank […] more…Enterprise Network Modification
Enterprise IT Systems Engineering, in cooperation with Data Centers Services and Enterprise Networking and Communication Services, will be reconfiguring several enterprise networks in order to place them behind Data Center firewalls. The first tests of the new configuration will be on August 8 and 9 during the maintenance window from 5:00 to 7:00 a.m. and […] more…How to write an IT security engineer job description
Whatever the role, good communication regarding the duties and expectations of a security professional is key to that person’s success. That communication starts with a solid, thorough job description. It will be an important benchmark when hiring for the role, and a touch point for performance once the candidate is on board. The job description […] more…ChessMaster Makes its Move: A Look into the Campaign’s Cyberespionage Arsenal
by Benson Sy, CH Lei, and Kawabata Kohei From gathering intelligence, using the right social engineering lures, and exploiting vulnerabilities to laterally moving within the network, targeted attacks have multifarious tools at their disposal. And like in a game of chess, they are the set pieces that make up their modus operandi. Take for instance the […] more…Everyday Hero: 5 Questions with McAfee Labs’ Paula Greve
With cybersecurity experts taking center stage this week at the Black Hat conference in Las Vegas, the world is watching for the release of the latest breakthrough research, development, and trends. Paula Greve, a principal engineer leading the data science team within McAfee Labs, is on the front lines of cybersecurity defense. As the industry […] more…McAfee Advanced Threat Defense Expands Threat Vector Coverage to Email Attachments
Email remains the most highly exploited attack vector. Two email threats—business email compromises (BECs) and ransomware—are rapidly gaining ground lately and deserve everyone’s attention. BECs are a sophisticated new form of phishing that leverage social engineering and email account credential theft. Ransomware is another insidious email-borne threat that has ramped up in a big way. […] more…Running from Ransomware: A Mobile User’s Guide
From the second my alarm goes off, my day goes 100 miles a minute. In addition to getting myself ready for work, I have to pack my kids some brag-worthy lunches, conquer the stack of unwashed dishes in the sink from the night before, and make sure that everyone is out the door on time. […] more…Four ways to use open data sources to find cybersecurity candidates
It’s tough to grow a tech business in Silicon Valley when you’re competing against “sexier” companies like Lyft, Airbnb, Facebook and Google for the same cyber talent, says Mai Ton, vice president of human resources at OneLogin. But that’s the harsh reality for the identity and access management provider. The ongoing cyber skills shortage isn’t […] more…Code Execution, DoS Vulnerabilities Found in FreeRADIUS
Security testing of FreeRADIUS using a technique known as fuzzing revealed more than a dozen issues, including vulnerabilities that can be exploited for denial-of-service (DoS) attacks and remote code execution. read more more…Preventing the Next Petya: Block New Exploits by Defending Old Vulnerabilities
For ransomware enthusiasts, the April release of stolen NSA Windows exploits is a gift that will not stop giving. Just weeks after the Shadowbrokers’ “Lost in Translation” file drop, WannaCry brought havoc and destruction to networks worldwide. Now a new Petya variant is using the same EternalBlue exploit—plus some newly weaponized Windows admin tools—to ransack […] more…Are Your Online Mainframes Exposing You to Business Process Compromise?
by Roel Reyes (Senior Threat Researcher) Legacy mainframes are still used by enterprises to handle big data transactions across a range of industries, from financial institutions, telecoms, and internet service providers (ISPs) to airlines and government agencies. Why are they still in use? As the saying goes: “if it ain’t broke, don’t fix it”. But […] more…Why Human-Machine Teaming Will Lead to Better Security Outcomes
Artificial intelligence and machine learning have never been more prominent in the public forum. CBS’s 60 Minutes recently featured a segment promising myriad benefits to humanity in fields ranging from medicine to manufacturing. World chess champion Garry Kasparov recently debuted a book on his historic chess game with IBM’s Deep Blue. Industry luminaries continue to opine about the […] more…More information
- Resolved: Resolved: PSU wireless service degradation – Northeast section of University Park
- Why You Lost Your Windows 10 Product Key
- Patch alert: Update browsers’ Flash ASAP to block log-on theft
- EPA Mandates States Report on Cyber Threats to Water Systems
- How Random is Random Enough For Cryptography?
- When Spam Hides In Plain Sight
- Files encrypted by CoinVault ransomware? New free tool may decrypt them
- Resolved: smtp.psu.edu degraded
- Comment on Locky: the encryptor taking the world by storm by EB
- Text message scam from the Motor Registry – how not to get stung