McAfee Helps You Commit to the Cloud with Confidence
Hybrid environments—whether they are private clouds bridging to public clouds or traditional data centers bridging to public clouds—have become the de facto service architecture for most enterprises. We all want the agility, cost benefits, and competitive advantages associated with the hybrid cloud, but we often hit a wall when it comes to key aspects of […] more…McAfee Security Innovation Alliance 2017 DevCon Awards
Innovation and enthusiasm fuel the McAfee Security Innovation Alliance program, and we are excited to see that our partners are actively pursuing opportunities to integrate their products with our technologies to extend our open, connected ecosystem. Every year at the McAfee Security Innovation Alliance Developers Conference (SIA DEVCON)—which, this year is taking takes place in […] more…Stefan’s Tale: A 17-Year Journey to McAfee
By Stefan, Senior Security Consultant in Melbourne, Australia. When I was younger, I wanted to be a policeman and help stop bad guys. As I got older, my dream career evolved into wearing a different kind of shield to stop a different type of bad guy. And in a 17-year tale spanning continents, I finally […] more…iXintpwn/YJSNPI Abuses iOS’s Config Profile, can Crash Devices
by Hara Hiroaki, Higashi Yuka, Ju Zhu, and Moony Li While iOS devices generally see relatively fewer threats because of the platform’s walled garden approach in terms of how apps are installed, it’s not entirely unbreachable. We saw a number of threats that successfully scaled the walls in 2016, from those that abused enterprise certificates to […] more…The Crisis of Connected Cars: When Vulnerabilities Affect the CAN Standard
In many instances, researchers and engineers have found ways to hack into modern, internet-capable cars, as has been documented and reported several times. One famous example is the Chrysler Jeep hack that researchers Charlie Miller and Chris Valasek discovered. This hack and those that have come before it have mostly been reliant on specific vulnerabilities […] more…Beware the next wave of cyber threats: IoT ransomware
Ransomware has become one of the most serious cyber threats plaguing organizations. Today, all of us – from home users to corporations and government organizations – are trying to protect ourselves from encryption viruses. But we are ignoring the beginning of the next wave of ransomware attacks – aimed at encrypting IoT devices. These attacks […] more…Analyzing the Fileless, Code-injecting SOREBRECT Ransomware
by Buddy Tancio (Threats Analyst) Fileless threats and ransomware aren’t new, but a malware that incorporates a combination of their characteristics can be dangerous. Take for instance the fileless, code-injecting ransomware we’ve uncovered—SOREBRECT, which Trend Micro detects as RANSOM_SOREBRECT.A and RANSOM_SOREBRECT.B. We first encountered SOREBRECT during our monitoring in the beginning of second quarter this […] more…Exploring the Online Economy that Fuels Fake News
By Lion Gu, Vladimir Kropotov, and Fyodor Yarochkin (Senior Threat Researchers) “Fake news” was relatively unheard of last year—until the U.S. election campaign period started, during which an explosion of misinformation campaigns trended. But despite its seemingly rampant spread, fake news is just one facet of public opinion manipulation and cyber propaganda that we see […] more…Why This California State Agency Compares McAfee ENS to a New Car
“If you think of endpoint protection as a car,” says Security Engineer Jeff Bowen at the California Department of Water Resources (DWR), “with McAfee ENS, we now have the latest model, with the best instrumentation, nicest features, and all the bells and whistles.” His CISO agrees. “With McAfee ENS, we remediate faster, have less business […] more…What Interests Children Online
Today’s children and teenagers are integrated into cyberspace so tightly that discussions on the outright prohibition of using devices with Internet connectivity are nonsensical. It is more reasonable to teach children how to behave themselves correctly online and lend support by protecting them against undesirable content. To solve these problems, many parents use dedicated software […] more…A Rising Trend: How Attackers are Using LNK Files to Download Malware
PowerShell is a versatile command-line and shell scripting language from Microsoft that can integrate and interact with a wide array of technologies. It runs discreetly in the background, and can be used to obtain system information without an executable file. All told, it makes an attractive tool for threat actors. There were a few notable instances […] more…No, Windows XP didn’t fuel WannaCry
The global WannaCry attack that started 10 days ago touched just a handful of Windows XP PCs, a security expert said Monday, contradicting the narrative that the aged OS was largely responsible for the ransomware’s crippling impact. “There were no real WannaCry infections of Windows XP,” said Costin Raiu, director of Kaspersky Lab’s global research […] more…Banned Chinese Qvod Lives on in Malicious Fakes
Qvod used to be a popular video player and developer in China. Due to piracy allegations and a threatened fine, the company went out of business in 2014. In spite of this, we have recently seen a number of malicious fake versions of Qvod. One common feature of these malicious apps is to disguise their […] more…App Alert: What Parents Need to Know about Popular New App ‘Yellow’
The Yellow app icon Go pick up your child’s phone. Is there an app icon that is a solid, yellow square? While that little yellow square may look harmless, the app is growing in popularity among teens and already causing concern. Yellow is the new app that’s being called the ‘Tinder for teens,’ because it’s […] more…Penquin’s Moonlit Maze
Download full report (PDF) Download Appendix B (PDF) Download YARA rules Back to the Future – SAS 2016 As Thomas Rid left the SAS 2016 stage, he left us with a claim that turned the heads of the elite researchers who filled the detective-themed Tenerife conference hall. His investigation had turned up multiple sources involved […] more…Ransomware Families Use NSIS Installers to Avoid Detection, Analysis
Malware families are constantly seeking new ways to hide their code, thwart replication, and avoid detection. A recent trend for the delivery of ransomware is the use of the Nullsoft Scriptable Install System (NSIS) with an encrypted payload. The list of the most common families using this technique is diverse and includes Cerber, Locky, Teerac, Crysis, […] more…More information
- Microsoft Patches Windows Zero-Day Exploited by Russian Hackers
- Structured light promises path to faster, more secure communications
- Russian Authorities Arrest Head of International Cybercrime Group
- Cry Ransomware Uses Google Maps to Find Victim Locations
- Intel acquires Canadian IT security firm PasswordBox
- Passwords have a decade of life left in them, survey shows
- FBI To Charge Teenager Hackers From Scattered Spider Who Hacked Hundreds Of Organizations
- Microsoft pushes Copilot directly into Excel cells
- Glasses-free 3D projector
- Yelp settles US FTC charges of violating child privacy