Threat Hunting with VirusTotal
We recently conducted our first “Hunting with VirusTotal” open training session, providing some ideas on how to use VT Intelligence to hunt for in-the-wild examples of modern malware and infamous APT campaigns. In case you missed it, here you can find the video recording available on Brighttalk. We also created a PDF version of the […] more…Great R packages for data import, wrangling, and visualization
The table below shows my favorite go-to R packages for data import, wrangling, visualization and analysis — plus a few miscellaneous tasks tossed in. The package names in the table are clickable if you want more information. To find out more about a package once you’ve installed it, type help(package = "packagename") in your R […] more…Financial Cyberthreats in 2020
2020 was challenging for everyone: companies, regulators, individuals. Due to the limitations imposed by the epidemiological situation, particular categories of users and businesses were increasingly targeted by cybercriminals. While we were adjusting to remote work and the rest of the new conditions, so were scammers. As a result, 2020 was extremely eventful in terms of digital […] more…KBOT: sometimes they come back
Although by force of habit many still refer to any malware as a virus, this once extremely common class of threats is gradually becoming a thing of the past. However, there are some interesting exceptions to this trend: we recently discovered malware that spread through injecting malicious code into Windows executable files; in other words, […] more…The Top Technology Takeaways From CES 2020
Another Consumer Electronics Show (CES) has come and gone. Every year, this trade show joins practically everyone in the consumer electronics industry to show off the latest and greatest cutting-edge innovations in technology. From bendable tablets to 8k TVs and futuristic cars inspired by the movie “Avatar,” CES 2020 did not disappoint. Here are a […] more…IT threat evolution Q1 2019
Targeted attacks and malware campaigns Go Zebrocy Zebrocy was first observed being used as a Sofacy backdoor in 2015. However, the collection of cases where this tool has been used mean that we consider it a subset of activity in its own right. On the basis of this threat actor’s past behaviour, we predicted last […] more…Game of Threats
Introduction While the way we consume TV content is rapidly changing, the content itself remains in high demand, and users resort to any means available to get at it – including illegal and non-ethical ones like the use of pirated stuff. The world is embracing the idea of paying for entertainment more and more with […] more…APT review of the year
What were the most interesting developments in terms of APT activity throughout the year and what can we learn from them? Not an easy question to answer; everybody has partial visibility and it’s never possible to really understand the motivations of some attacks or the developments behind them. Still, with the benefit of hindsight, let’s […] more…Trojan watch
We continue to research how proliferation of IoT devices affects the daily lives of users and their information security. In our previous study, we touched upon ways of intercepting authentication data using single-board microcomputers. This time, we turned out attention to wearable devices: smartwatches and fitness trackers. Or more precisely, the accelerometers and gyroscopes inside […] more…IoT Devices: The Gift that Keeps on Giving… to Hackers
McAfee Advanced Threat Research on Most Hackable Gifts You’ve probably noticed the recent increase in Internet connected drones, digital assistants, toys, appliances and other devices hitting the market and maybe even showing up in your own home. The sale of these “Internet-of-Things” (IoT) devices is expected to reach 600 million units this year[1] and, unfortunately, […] more…Supporting Our Military Veterans at McAfee
By Dawson McPherson, Talent & Communications Coordinator Over the past week, McAfee employees around the world paused to recognize and honor all the brave military men and women who have served their countries. From a veterans appreciation ceremony at our Plano, Texas office, to a display of red poppies in observation of Remembrance Day at […] more…Dnsmasq: A Reality Check and Remediation Practices
Dnsmasq is the de-facto tool for meeting the DNS/DHCP requirements of small servers and embedded devices. Recently, Google Security researchers identified seven vulnerabilities that can allow a remote attacker to execute code on, leak information from, or crash a device running a Dnsmasq version earlier than 2.78, if configured with certain options. Based on Censys and Shodan data, […] more…Are Your Online Mainframes Exposing You to Business Process Compromise?
by Roel Reyes (Senior Threat Researcher) Legacy mainframes are still used by enterprises to handle big data transactions across a range of industries, from financial institutions, telecoms, and internet service providers (ISPs) to airlines and government agencies. Why are they still in use? As the saying goes: “if it ain’t broke, don’t fix it”. But […] more…Acoustic attack lets hackers control smartphone sensor
A newfound vulnerability in smartphones could let hackers remotely control the devices. With the acoustic injection attack, “attackers that deliver high intensity acoustic interference in close proximity” can interfere with a device accelerometer and get the sensor to send “attacker – chosen” data to the smartphone’s processor, say researchers from the University of Michigan and University […] more…Critical flaw lets hackers take control of Samsung SmartCam cameras
The popular Samsung SmartCam security cameras contain a critical remote code execution vulnerability that could allow hackers to gain root access and take full control of them. The vulnerability was discovered by researchers from the hacking collective the Exploiteers (formerly GTVHacker), who have found vulnerabilities in the Samsung SmartCam devices in the past. The flaw […] more…How to Secure the Future of the Internet of Things
The world of security for the Internet of Things just became more complex. IoT devices are no longer a potential threat to their owners; now they pose a significant threat to everything connected to the Internet. The old IoT security problem For the past year, the cybersecurity and IoT communities have been at odds regarding […] more…More information
- AutoNation Says CDK Global Ransomware Attack Impacted Earnings
- Why Website Reinfections Happen
- Is the US about to get a nationwide, privately owned, biometrics system?
- Crypto Payment Platform BitPay Introduces Settlement in Stablecoins
- LockerGoga Ransomware Family Used in Targeted Attacks
- Microsoft Windows Shell CVE-2017-8727 Remote Code Execution Vulnerability
- Saudi Aramco Facing $50M Cyber Extortion Over Leaked Data
- IoT Home Router Botnet Leveraged in Large DDoS Attack
- Microsoft Intune can now block unauthorized BYOD hardware
- ‘Bridge the Gap’ shows were next-gen collaboration systems should go