Leveraging McAfee Endpoint Security to Protect Against Emotet and Other Malware
Customers often ask us how to implement the suggestions provided in our blogs and threat advisories to better protect their environments. The goal of this blog is to do just that. By showing you how to better use our products, you’ll be able to protect against Emotet and other malware. Emotet is a Trojan downloader […] more…What kids get up to online
Today’s children navigate the Internet better than adults. They are not afraid to try out new technology, and are quick to grasp new trends and sometimes invent their own. New social networks, mobile games, music, and gadgets are all part and parcel of their daily lives. But just because they feel at home online does […] more…MuddyWater Resurfaces, Uses Multi-Stage Backdoor POWERSTATS V3 and New Post-Exploitation Tools
By Daniel Lunghi and Jaromir Horejsi We found new campaigns that appear to wear the badge of MuddyWater. Analysis of these campaigns revealed the use of new tools and payloads, which indicates that the well-known threat actor group is continuously developing their schemes. We also unearthed and detailed our other findings on MuddyWater, such as […] more…VirusTotal += Segasec URL scanner
We have added Segasec to the assortment of URL scanners on VirusTotal. You can find the results when scanning a URL at https://www.virustotal.com/gui/home/url In their own words: Segasec is a Tel-Aviv based cyber-security startup providing end-to-end digital threat protection against consumer phishing attacks that originate in your blind spot – beyond the enterprise perimeter. Segasec’s […] more…GandCrab ransomware crooks to shut up shop
GandCrab’s creators are giving themselves a “well-deserved retirement” after extorting (they say) $2 billion. more…Zebrocy’s Multilanguage Malware Salad
Zebrocy is Russian speaking APT that presents a strange set of stripes. To keep things simple, there are three things to know about Zebrocy Zebrocy is an active sub-group of victim profiling and access specialists Zebrocy maintains a lineage back through 2013, sharing malware artefacts and similarities with BlackEnergy The past five years of Zebrocy […] more…CVE-2019-0725: An Analysis of Its Exploitability
by: John Simpson (Vulnerability Researcher) May’s Patch Tuesday saw what is likely to be one of the most prominent vulnerabilities this year with the “wormable” Windows Terminal Services vulnerability (CVE-2019-0708). However, there’s another remote code execution (RCE) vulnerability that would be hard to ignore: CVE-2019-0725, an RCE vulnerability in Windows Dynamic Host Configuration Protocol (DHCP) […] more…CVE-2019-11815: A Cautionary Tale About CVSS Scores
by John Simpson Vulnerabilities in the Linux kernel are not uncommon. There are roughly 26 million lines of code, with 3,385,121 lines added and 2,512,040 lines removed in 2018 alone. The sheer complexity of that much code means that vulnerabilities are bound to exist. However, what is not at all common is the existence of […] more…New Mirai Variant Uses Multiple Exploits to Target Routers and Other Devices
By: Augusto Remillano II and Jakub Urbanec We discovered a new variant of Mirai (detected as Backdoor.Linux.MIRAI.VWIPT) that uses a total of 13 different exploits, almost all of which have been used in previous Mirai-related attacks. Typical of Mirai variants, it has backdoor and distributed denial-of-service (DDoS) capabilities. However, this case stands out as the […] more…IT threat evolution Q1 2019. Statistics
These statistics are based on detection verdicts of Kaspersky Lab products received from users who consented to provide statistical data. Quarterly figures According to Kaspersky Security Network, Kaspersky Lab solutions blocked 843,096,461 attacks launched from online resources in 203 countries across the globe. 113,640,221 unique URLs were recognized as malicious by Web Anti-Virus components. Attempted […] more…Don’t Let Airbnb Scams Stop Your Summer Travel Plans
With summertime just around the corner, many people are planning vacations to enjoy some much-needed R&R or quality time with family and friends. Airbnb offers users a great alternative to a traditional hotel experience when they are looking to book their summer getaways. However, it appears that cybercriminals have used the popularity of the platform […] more…RDP Stands for “Really DO Patch!” – Understanding the Wormable RDP Vulnerability CVE-2019-0708
During Microsoft’s May Patch Tuesday cycle, a security advisory was released for a vulnerability in the Remote Desktop Protocol (RDP). What was unique in this particular patch cycle was that Microsoft produced a fix for Windows XP and several other operating systems, which have not been supported for security updates in years. So why the […] more…How to Get the Best Layered and Integrated Endpoint Protection
Security teams have historically been challenged by the choice of separate next-gen endpoint security technologies or a more integrated solution with a unified management console that can automate key capabilities. At this point it’s not really a choice at all – the threat landscape requires you to have both. The best layered and integrated defenses […] more…Why AI Innovation Must Reflect Our Values in Its Infancy
In my last blog, I explained that while AI possesses the mechanics of humanness, we need to train the technology to make the leap from mimicking humanness with logic, rational and analytics to emulating humanness with common sense. If we evolve AI to make this leap the impact will be monumental, but it will require […] more…Celebrating Mother’s Day: How McAfee Supports Expecting & Working Mothers
Mother. It’s one of the best, hardest, most rewarding, challenging and unpredictable jobs a woman can have. As we approach Mother’s Day in the U.S, I’m reminded of the immense happiness motherhood brings me. I’m also reminded of my own mother. As a child, I distinctly remember watching her getting ready for work. I remember […] more…We Are Ready on Day One for Our Linux Customers
Our customers look to McAfee to ensure that their enterprises are protected from the changing threat landscape. That’s why we’ve worked with Red Hat, the world’s leading provider of open source solutions for Linux, to ensure that we were part of the entire process leading up to today’s announcement of Red Hat Enterprise Linux 8 […] more…More information
- Defakto Raises $30 Million for Non-Human IAM Platform
- Loop of Confidence
- Need a fix? Steal patient data
- Resolved: eDDS/PeDDS Upgrade
- Jawbone accounts compromised by hackers – personal info accessed, passwords disabled
- So-called CNN emails on U.S. bombing Syria lead to exploit kit
- FBI hacks into hundreds of infected US servers (and disinfects them)
- Do not share the link that crashes iPhones and Mac browsers
- Google revs up Chrome, crushes bugs
- Five Steps to Security Automation