The New Security Experience
Everyone has their limits — limited budget, limited staffing and time — but we seldom take into account the basic limitations imposed on us by something we can hardly control: our minds. But understanding limits helps us work with them, not against them. Following years of hard work and focus, we have now begun to […] more…Women in the McAfee Channel
At McAfee, we work hard to advocate and empower women in what remains a male-dominated industry. Women currently make up less than 20 percent of U.S. tech jobs, despite making up more than half of the U.S. workforce, according to recent data compiled by virtual event solutions company, Evia. Considering the great talent and diversity […] more…3 Ways to Strengthen Your Family Bond this Summer (Without Ditching Your Devices)
My parents recently went through a health crisis that required me to travel to be with them for several weeks. During that time, I started using FaceTime on my iPhone to daily connect with my teenage daughter back home. Until this life event, I wasn’t one to video chat. However, the live video technology of […] more…Europol Signs Cybersecurity Agreement With EU Agencies, WEF
Europol this week signed two memorandums of understanding related to cybersecurity cooperation – one with the World Economic Forum (WEF) and one with the European Union Agency for Network and Information Security (ENISA), the European Defence Agency (EDA), and the EU’s Computer Emergency Response Team (CERT-EU). read more more…Spam and phishing in Q1 2018
Quarterly highlights Data leaks Early 2018 will be remembered for a series of data leak scandals. The most high-profile saw Facebook CEO Mark Zuckerberg grilled by US Congress, with many public figures supporting the Delete Facebook campaign. As a result, Zuckerberg promised to get tough and make it more difficult to harvest data from third-party […] more…Vega Stealer Malware Swoops Financial Data Straight from Chrome and Firefox Browsers
Many internet users today store financial and personal data within a browser so that it auto-populates anytime they encounter a fill form. That way, they can save themselves the time they would normally spend typing their information into a website when wishing to make a purchase or take an action online. It’s convenient and easy, […] more…Roaming Mantis dabbles in mining and phishing multilingually
In April 2018, Kaspersky Lab published a blogpost titled ‘Roaming Mantis uses DNS hijacking to infect Android smartphones’. Roaming Mantis uses Android malware which is designed to spread via DNS hijacking and targets Android devices. This activity is located mostly in Asia (South Korea, Bangladesh and Japan) based on our telemetry data. Potential victims were […] more…IT threat evolution Q1 2018
Targeted attacks and malware campaigns Skygofree: sophisticated mobile surveillance In January, we uncovered a sophisticated mobile implant that provides attackers with remote control of infected Android devices. The malware, called Skygofree (after one of the domains it uses), is a targeted cyber-surveillance tool that has been in development since 2014. The malware is spread by […] more…Facebook Messenger Malware FacexWorm Steals Passwords and Mines for Cryptocurrency
Facebook Messenger, a feature included within the popular social media network, has grown to become a widely-used platform for friends and loved ones to instantly communicate with one another. According to Kim Komando, over 1.2 billion people use Facebook Messenger today. And now cybercriminals are using it to communicate their latest phishing scheme to innocent […] more…Maikspy Spyware Poses as Adult Game, Targets Windows and Android Users
By Ecular Xu and Grey Guo We discovered a malware family called Maikspy — a multi-platform spyware that can steal users’ private data. The spyware targets Windows and Android users, and first posed as an adult game named after a popular U.S.-based adult film actress. Maikspy, which is an alias that combines the name of […] more…Securing Your Devices from Mobile Malware
As the world has gone mobile, so too have the cybercriminals. With users now spending an average of four hours a day on multiple mobile devices that store mountains of sensitive information, it’s no wonder that mobile malware has become one of the most effective ways to capture our money and data. That’s probably why […] more…PCI for SMB: Requirement 3 & 4 – Secure Cardholder Data
This is the third post in a series of articles on understanding the Payment Card Industry Data Security Standard – PCI DSS. We want to show how PCI DSS affects small, medium, and large businesses that are going through the compliance process using the PCI SAQ’s (Self Assessment Questionnaires). In the previous articles we have […] more…Cloud is Ubiquitous and Untrusted
At the end of 2017, McAfee surveyed 1,400 IT professionals for our annual Cloud Adoption and Security research study. As we release the resulting research and report at the 2018 RSA Conference, the message we learned this year was clear: there is no longer a need to ask whether companies are in the cloud, it’s […] more…Cloud Protection Moves Into a New Phase
It’s RSA Conference season and a great time to talk about containers and security. No, not traditional shipping containers. Containers have become developers’ preferred deployment model for modern cloud applications, helping organizations accelerate innovation and differentiate themselves in the marketplace. This is part of the natural progression of the datacenter, moving from the physical, on-premise […] more…RSA Influencers Identify Cybersecurity’s Top Issues
More interest, more news, and more money are swirling through the cybersecurity industry than perhaps ever before. Data breaches make headlines, shape elections, and lead to Congressional hearings. Artificial intelligence tools wow the public and stretch the limits of the imagination. And the 40,000 RSA Conference attendees pouring into San Francisco are not impressed. Cybersecurity […] more…Identifying insights that lead to decisions
The first in a series of three blogs by Grant and Jason on the process of identifying actionable insights. A couple of weeks ago we discussed the process security operations teams go through to separate the signal from the noise. We reviewed the steps that McAfee has undertaken in designing its Security Fusion Centers to […] more…More information
- Court told Dotcom case is ‘simple fraud’
- Cisco fixes serious denial-of-service flaws
- NetCAT Attack: Hackers Can Remotely Steal Data From Servers With Intel CPUs
- Italy Sets Up Cybersecurity Agency After Russia Warnings
- WebRAT Web Server Upgrade
- Fix your DNS servers or risk aiding DDoS attacks
- Google Warns Users of Recent State-sponsored Attacks
- IWD: biometrics, machine learning, privacy and being a woman in tech – Naked Security Podcast
- Windows by the numbers: Real gains or just an illusion?
- Axonius Uses Existing Tools to Find, Secure Devices