Analyzing Operation GhostSecret: Attack Seeks to Steal Data Worldwide
McAfee Advanced Threat Research analysts have uncovered a global data reconnaissance campaign assaulting a wide number of industries including critical infrastructure, entertainment, finance, health care, and telecommunications. This campaign, dubbed Operation GhostSecret, leverages multiple implants, tools, and malware variants associated with the state-sponsored cyber group Hidden Cobra. The infrastructure currently remains active. In this post, […] more…Security Calling: Celebrate National Telephone Day by Securing Your Mobile Devices
April 25 – otherwise known as National Telephone Day – rolls around once a year to remind us of the sheer technologic prowess and influence of the phone. What first started as an industrial revolution invention from Alexander Graham Bell, the phone has undergone quite a remarkable evolution over its nearly 150 years of existence. […] more…McAfee vNSP and AWS Are Winning Combination for Enterprise and Federal Customers
Fun Facts: ECS stood up and managed the first security operations center at the White House. Today, ECS manages the world’s largest McAfee installation—employing just about every solution we make—for the U.S. Army. ECS is more than a McAfee Platinum Partner: they’ve built their entire security solution around McAfee products. The company’s unique offering to […] more…Perspectives On Securing Our Election Systems
I had the pleasure of sitting on a panel at CyberScoop’s CyberTalks event this week, which coincides this year with the RSA 2018 Conference in San Francisco. Our discussion focused on the need to protect election systems from would-be hackers seeking to change results, sow discord in our election processes, and undermine confidence in our […] more…Despite Decline in Use of Adobe Flash, Vulnerabilities Will Continue to Cause Concern
This post was researched and written with the assistance of Tim Hux, Abhishek Karnik, Asheer Malhotra, and Steve Povolny McAfee Advanced Threat Research team analysts have studied Adobe Flash Player for years because it is a popular target for attacks. As always, we advise customers to remain current with McAfee’s latest DAT versions. In this […] more…Device Vulnerabilities in the Connected Home: Uncovering Remote Code Execution and More
by Dove Chiu, Kenney Lu, and Tim Yeh (Threats Analysts) If there is anything to be learned from the massive attacks that have been seen on connected devices, it is that the internet of things (IoT) is riddled with vulnerabilities. We have seen this time and again with how botnets are created from system weaknesses […] more…RSA Influencers Identify Cybersecurity’s Top Issues
More interest, more news, and more money are swirling through the cybersecurity industry than perhaps ever before. Data breaches make headlines, shape elections, and lead to Congressional hearings. Artificial intelligence tools wow the public and stretch the limits of the imagination. And the 40,000 RSA Conference attendees pouring into San Francisco are not impressed. Cybersecurity […] more…A Guide to McAfee at RSA 2018
As the RSA Conference convenes more than 40,000 April 16-19 at Moscone Center in San Francisco, cybersecurity has perhaps never been so vital, diverse, and wide-ranging. To help make sense of that, McAfee speakers at RSA will look back at influences that shaped this world, ahead to new innovations and management approaches, and deeply into […] more…Facebook’s Sandberg Says Other Cases of Data Misuse Possible
Facebook was aware more than two years ago of Cambridge Analytica’s harvesting of the personal profiles of up to 87 million users and cannot rule out other cases of abuse of user data, chief operating officer Sheryl Sandberg said. Sandberg, who joined Facebook in 2008 from Google, has been largely silent since the privacy scandal […] more…RSA to Acquire Behavioral Analytics Firm Fortscale
RSA on Thursday announced that it has entered an agreement to acquire Fortscale, a company that provides behavioral analytics solutions. Financial terms of the deal have not been disclosed. Fortscale’s technology is designed to identify threats using a combination of predictive, big data analytics and machine learning. It automatically identifies deviations from normal behavior and […] more…Researchers Link New Android Backdoor to North Korean Hackers
The recently discovered KevDroid Android backdoor is tied to the North Korean hacking group APT37, Palo Alto Networks researchers say. Also tracked as Reaper, Group 123, Red Eyes, and ScarCruft, the threat group was observed earlier this year to be using a Flash Player zero-day vulnerability and has been expanding the scope and sophistication of […] more…Necurs Botnet to Erupt This Month?
The Necurs Botnet Has a Modular Architecture, Which Allows it to Remain Agile and Switch the Distribution Type Based on historical patterns and recent activity, including what I consider three small-volume test attacks in the past month, it’s looking extremely likely that another major Necurs malware outbreak is looming just around the corner. I feel […] more…Critical Flaws Expose Natus Medical Devices to Remote Attacks
Researchers at Cisco Talos have identified several critical vulnerabilities that expose Natus medical devices to remote hacker attacks. The vendor has released firmware updates that patch the flaws. The vulnerabilities allow remote code execution and denial-of-service (DoS) attacks and they impact the Natus NeuroWorks software, which is used by the company’s Xltek electroencephalography (EEG) equipment […] more…New Strain of ATM Jackpotting Malware Discovered
A new type of ATM jackpotting malware has been discovered. Dubbed ATMJackpot, the malware appears to be still under development, and to have originated in Hong Kong. There are no current details of any deployment or use. ATMJackpot was discovered and analyzed by Netskope Threat Research Labs. It has a smaller footprint than earlier strains […] more…VirusTotal Launches New Android Sandbox
Google-owned VirusTotal announced on Thursday the launch of a new Android sandbox designed to provide detailed information on potential threats targeting the mobile operating system. The new sandbox, named VirusTotal Droidy, is designed to replace a system introduced back in 2013. Droidy can help researchers obtain information on network communications and SMS-related activities, file system […] more…Best Buy Hit by [24]7.ai Payment Card Breach
After Delta Air Lines and Sears Holdings, Best Buy has also come forward to warn customers that their payment card information may have been compromised as a result of a breach suffered by online services provider [24]7.ai. Similar to Delta and Sears, Best Buy contracted [24]7.ai for online chat/support services. The retailer says it will […] more…More information
- Google Researchers Find Serious Flaws in Galaxy S6 Edge
- Microsoft pegs savings from Edge, Office 365 search as high as $43M
- Spike in Company Compromises Correlates With Lockdowns
- Popular Android Apps Leak User Data via Third-Party SDKs
- You’ll still be able to hack Linksys WRT routers with open source firmware despite new FCC rules
- Firefox 27 is out – Tuesday’s second non-Patch-Tuesday update
- S3 Ep39: Paying the date, #SocialMediaDay tips, and a special splintersode [Podcast]
- National Crime Agency snares teens who used Lizard Squad DDoS tool
- Philips Working on Patches for Vulnerabilities Found in Medical Products
- Several Vulnerabilities Patched in ‘MDT AutoSave’ Industrial Automation Product