Chinese Woman Sentenced to 8 Months for Trespass at Trump Resort: Report
A Chinese woman who stirred fears of espionage when she entered President Donald Trump’s Mar-a-Lago resort carrying multiple mobile phones and a malware-spiked thumb drive was sentenced to eight months in prison Monday, US media reported. read more more…Mac Backdoor Linked to Lazarus Targets Korean Users
By Gabrielle Joyce Mabutas Criminal interest in MacOS continues to grow, with malware authors churning out more threats that target users of the popular OS. Case in point: A new variant of a Mac backdoor (detected by Trend Micro as Backdoor.MacOS.NUKESPED.A) attributed to the cybercriminal group Lazarus, which was observed targeting Korean users with a […] more…Wikipedia co-founder offers a Facebook/Twitter wannabe
Tired of being a tracked, ad-bedeviled product sold by social media companies? The cost to immediately join a network with no tracking/ads: $12.99/month. more…DDoS attacks in Q3 2019
News overview This past quarter we observed a new DDoS attack that confirmed our earlier hypothesis regarding attacks through the Memcached protocol. As we surmised, the attackers attempted to use another, rather exotic protocol to amplify DDoS attacks. Experts at Akamai Technologies recently registered an attack on one of their clients that was carried out […] more…Veterans Day U.S. – A McAfee MoM’s Reflection
By: Deb, Executive Assistant, Plano TX Veterans Day U.S. – A McAfee MoM’s Reflection On Monday, November 11, the U.S. celebrates Veterans Day. We at McAfee U.S. are able to spend this holiday paying tribute to coworkers, friends and family members who have served our country in the various branches of military service. Being able […] more…Buran Ransomware; the Evolution of VegaLocker
McAfee’s Advanced Threat Research Team observed how a new ransomware family named ‘Buran’ appeared in May 2019. Buran works as a RaaS model like other ransomware families such as REVil, GandCrab (now defunct), Phobos, etc. The author(s) take 25% of the income earned by affiliates, instead of the 30% – 40%, numbers from notorious malware […] more…The cake is a lie! Uncovering the secret world of malware-like cheats in video games
In 2018, the video game industry became one of the most lucrative in the world, generating $43.4 billion in revenue within the United States alone. When we consider that video game licenses are only a fraction of the total market, it becomes clear just how important the industry is compared to the movie and music […] more…IoT roundup: Carriers expand NB-IoT footprints, Congress eyes security bill, and ‘IT asbestos’ looms
The major U.S. mobile carriers are eager participants in the rise of IoT, and it’s tough to argue that they don’t have a major role to play – the ability to connect largely anywhere, coupled with the ability to handle high-throughput applications, means that cellular data can be an attractive option for the connectivity piece […] more…Test your YARA rules against a collection of goodware before releasing them in production
The rising tide of malware threats has created an arms race in security tool accumulation, this has led to alarm fatigue in terms of noisy alerts and false positives. The last thing you need is more false alarms coming from buggy or suboptimal YARA rules, be it the ones you use in VT Hunting or […] more…Using Expert Rules in ENS 10.5.3 to Prevent Malicious Exploits
Expert Rules are text-based custom rules that can be created in the Exploit Prevention policy in ENS Threat Prevention 10.5.3+. Expert Rules provide additional parameters and allow much more flexibility than the custom rules that can be created in the Access Protection policy. It also allows system administration to control / monitor an endpoint system […] more…Cyberattack Causes Serious Disruptions at German Automation Firm Pilz
Automation tools manufacturer Pilz has been hit by a cyberattack that took down almost its entire infrastructure. Pilz is a major automation technology supplier based in Ostfildern, Germany. It offers machine and process automation and safety products, consultancy, engineering and training, and has branches all around the globe. read more more…VirusTotal multisandbox += VenusEye
VirusTotal multisandbox project welcomes VenusEye. The VenusEye sandbox is currently contributing reports on PE Executables, documents and javascript. In their own words: VenusEye Sandbox, as a core component product of VenusEye Threat Intelligence Center, is a cloud-based sandbox service focused on analyzing malwares and discovering potential vulnerabilities. The sandbox service takes multiple(~100) types of files […] more…Defining Cloud Security – Is It the Endpoint, Your Data, or the Environment?
You’ve heard it once; you’ve heard it a hundred times – “secure the cloud.” But what does that phrase mean? On the surface, it’s easy to assume this phrase means using cloud-enabled security products. However, it’s much more than that. Cloud security is about securing the cloud itself through a combination of procedures, policies, and technologies […] more…A glimpse into the present state of security in robotics
Download full report (PDF) The world of today continues its progress toward higher digitalization and mobility. From developments in the Internet of Things (IoT) through augmented reality to Industry 4.0, whichrely on stronger automation and use of robots, all of these bring more efficiency to production processes and improves user experience across the globe. According […] more…CVE-2019-16928: Exploiting an Exim Vulnerability via EHLO Strings
by Ashish Verma In September, security researchers from the QAX-A-Team discovered the existence of CVE-2019-16928, a vulnerability involving the mail transfer agent Exim. Exim accounts for over 50% of publicly reachable mail servers on the internet. What makes the bug particularly noteworthy is that threat actors could exploit it to perform denial of service (DoS) […] more…FIN6 Compromised E-commerce Platform via Magecart to Inject Credit Card Skimmers Into Thousands of Online Shops
We discovered that the online credit card skimming attack known as Magecart or E-Skimming was actively operating on 3,126 online shops. Our data shows that the attack started on September 7, 2019. All of the impacted online shops are hosted on the cloud platform of the e-commerce service provider “Volusion,” one of the top e-commerce […] more…More information
- Have You Talked to Your Kids About a Career in Cybersecurity?
- AWS: No Significant Issues at Other Alleged Targets of Capital One Hacker
- Over 100 GE Healthcare Devices Affected by Critical Vulnerability
- Passwordstate Users Told to Reset All Passwords Following Cyberattack
- Microsoft Windows CVE-2017-11832 Information Disclosure Vulnerability
- We’ve got stalkers in our pockets
- US, UK Sanction More Members of Trickbot Russian Cybercrime Group
- UK Spy Agency Decrypts Some Secrets With New Exhibition
- Broadcom Completes Acquisition of Symantec Enterprise Unit for $10.7 Billion
- Apocalypse Ransomware Leverages RDP for Infection