McAfee Enhances Product Portfolio, Unveils New Security Operations Centers
Since emerging from Intel as a standalone cybersecurity company in April 2017, McAfee has consistently made multiple new product announcements simultaneously. It has continued that model this week with a new version of the Enterprise Security Manager (ESM 11), and enhancements to Behavioral Analytics, Investigator, Advanced Threat Defense, and Active Response. Significantly, it has also […] more…Canadian Firm Linked to Cambridge Analytica Exposed Source Code
Source code belonging to Canada-based digital advertising and software development company AggregateIQ has been found by researchers on an unprotected domain. The exposed files appear to confirm reports of a connection between AggregateIQ and Cambridge Analytica, the controversial firm caught in the recent Facebook data scandal. On March 20, Chris Vickery of cyber risk company […] more…McAfee Safe Connect, Two Gold Award Winners of 2018 Info Security PG’s Global Excellence Awards®
On February 28th, Info Security Products Guide Global Excellence Awards presented their 2018 award winners. We are humbled to have received two golds in the Product or Service Excellence of the Year — Security Information and Website & Web Application Security for McAfee Safe Connect. Product Overview: McAfee Safe Connect is a VPN (Virtual Private Network) that helps users […] more…McAfee Safe Connect RT2Win Sweepstakes Terms and Conditions
Just a few weeks back, Info Security Products Guide awarded McAfee Safe Connect with two Gold-Level Global Excellence Awards for Product or Service Excellence of the Year – Security Information and Website & Web Application Security! To celebrate, we’re treating you to a #RT2Win Sweepstakes on the @McAfee_Home Twitter handle. Ten [10] lucky winners of […] more…Ukrainian Suspected of Leading Carbanak Gang Arrested in Spain
A Ukrainian national suspected of being the leader of a gang that used Carbanak malware to steal a significant amount of money from banks worldwide has been arrested in Spain, Europol and the Spanish government announced on Monday. According to authorities, the man is believed to be the mastermind of an operation that resulted in […] more…Former Barclays CISO to Head WEF’s Global Center for Cybersecurity
Troels Oerting to Head the Global Centre for Cybersecurity The 48th annual meeting of the World Economic Forum (WEF) at Davos, Switzerland, in January announced the formation of a new Global Centre for Cybersecurity. Today it announced that Troels Oerting will be its first Head, assuming the role on April 2, 2018. Oerting has been […] more…Watering Hole Attack Exploits North Korea’s Flash Flaw
An attack leveraging the compromised website of a Hong Kong telecommunications company is using a recently patched Flash vulnerability that has been exploited by North Korea since mid-November 2017, Morphisec warns. The targeted vulnerability, CVE-2018-4878, first became public in early February, after South Korea’s Internet & Security Agency (KISA) issued an alert on it being […] more…Pentagon Looks to Counter Ever-stealthier Warfare
The US military has for years enjoyed a broad technological edge over its adversaries, dominating foes with superior communications and cyber capabilities. Now, thanks to rapid advances by Russia and China, the gap has shrunk, and the Pentagon is looking at how a future conflict with a “near-peer” competitor might play out. Air Force Secretary […] more…Energy Sector Most Impacted by ICS Flaws, Attacks: Study
The energy sector was targeted by cyberattacks more than any other industry, and many of the vulnerabilities disclosed last year impacted products used in this sector, according to a report published on Monday by Kaspersky Lab. The security firm has analyzed a total of 322 flaws disclosed in 2017 by ICS-CERT, vendors and its own […] more…IETF Approves TLS 1.3
The Internet Engineering Task Force (IETF) last week announced the approval of version 1.3 of the Transport Layer Security (TLS) traffic encryption protocol. The Internet standards organization has been analyzing proposals for TLS 1.3 since April 2014 and it took 28 drafts to get it to its current form. TLS is designed to allow client […] more…Don’t Get Duped: How to Spot 2018’s Top Tax Scams
It’s the most vulnerable time of the year. Tax time is when cyber criminals pull out their best scams and manage to swindle consumers — smart consumers — out of millions of dollars. According to the Internal Revenue Service (IRS), crooks are getting creative and putting new twists on old scams using email, phishing and malware, […] more…Ransomware Hits City of Atlanta
A ransomware attack — possibly a variant of SamSam — has affected some customer-facing applications and some internal services at the City of Atlanta. The FBI and incident response teams from Microsoft and Cisco are investigating. The city’s police department, water services and airport are not affected. The attack was detected early on Thursday morning. […] more…Pwner of a Lonely Heart: The Sad Reality of Romance Scams
Valentine’s Day is a special holiday, but for victims of romance scams it is a tragic reminder, not only of love lost, but financial loss as well. According to the FBI Internet Crime Complaint Center (IC3), romance scams accounted for $230 million in losses in 2016. Men and women may jokingly refer to their significant […] more…TrickBot Gets Computer Locking Capabilities
A recently observed variant of the TrickBot banking Trojan has added a new module that can lock a victim’s computer for extortion purposes, Webroot reports. First observed in late 2016 and said to be the work of cybercriminals behind the notorious Dyre Trojan, TrickBot has seen numerous updates that expanded not only its capabilities, but […] more…You Can DDoS an Organization for Just $10 per Hour: Cybercrime Report
The cost of having an organization targeted by a distributed denial of service (DDoS) attack for an hour is as low as $10, cybersecurity firm Armor says. The low cost of launching such attacks results from the proliferation of cybercrime-as-a-service, one of the most profitable business models adopted by cybercriminals over the past years. It […] more…GitHub Security Alerts Lead to Fewer Vulnerable Code Libraries
GitHub says the introduction of security alerts last year has led to a significantly smaller number of vulnerable code libraries on the platform. The code hosting service announced in mid-November 2017 the introduction of a new security feature designed to warn developers if the software libraries used by their projects contain any known vulnerabilities. The […] more…More information
- CircleCI – code-building service suffers total credential compromise
- German city embeds traffic lights in sidewalks to protect texters
- Microsoft: Latest ‘Shadow Brokers’ Exploits Already Patched
- The EFF calls out Microsoft for disregarding user choice and privacy in Windows 10
- Remote Spectre Attack Allows Data Theft Over Network
- September Patch Tuesday: Browser, Exchange, Office Bugs Dominate
- Resolved: Penn State Beaver: Local connectivity degradation
- The Chinese Underground, Part 3: Virtual Assets Theft
- ‘SegmentSmack’ Flaw in Linux Kernel Allows Remote DoS Attacks
- Discussing IT Security Spending Feels Like Electing a President