Critical Flaw in WAGO PLC Exposes Organizations to Attacks
Programmable logic controllers (PLCs) from Germany-based industrial automation company WAGO are affected by a potentially serious vulnerability that could give a remote attacker access to an organization’s entire network. read more more…What I’m Thankful for This Year: Combining Passion & Career
By Philip, Program Manager, People First Office Back in April, I started my new role at McAfee as the Program Manager of our newly-created PeopleFirst Office. It was an exciting yet daunting time as we had launched McAfee as an independent cybersecurity company, just a week prior to my first day. In the office, the […] more…Mitigating CVE-2017-5689, an Intel Management Engine Vulnerability
by Vít Šembera (Threat Researcher) Intel recently released a security advisory detailing several security flaws in its Management Engine (ME). The advisory provides critical ME, Trusted Execution Technology (TXT), and Server Platform Services (SPS) firmware updates for versions 8.X-11.X covering multiple CVE IDs, with CVSS scores between 6.7 and 8.2. But there is also another notable […] more…qkG Filecoder: Self-Replicating, Document-Encrypting Ransomware
by Jaromir Horejsi (Threat Researcher) We encountered a few interesting samples of a file-encoding ransomware variant implemented entirely in VBA macros called qkG (detected by Trend Micro as RANSOM_CRYPTOQKG.A). It’s a classic macro malware infecting Microsoft Word’s Normal template (normal.dot template) upon which all new, blank Word documents are based. Further scrutiny into qkG also […] more…October macOS Patch Fixes FAT/USB Vulnerability
October’s macOS security update contained a fix for a vulnerability that Trend Micro privately disclosed to Apple earlier this year. The vulnerability (designated as CVE-2017-13811), was in the fsck_msdos system tool. This tool checks for and fixes errors in devices formatted with the FAT filesystem, and is automatically invoked by macOS when a device using FAT (such as a […] more…When it Comes to Malware, Actions Can Speak Louder than Words
At some point as a child, a parent likely told you, “actions speak louder than words.” It’s a good life lesson—and it can hold just as true when fighting malware. Cybercriminals have become extremely skilled at disguising the true nature of malware attacks. The best way to protect your users is to employ a layered […] more…Grabos Malware Discovered On 144 Trojanized Android Apps
Cybercriminals have been practically relentless in their attacks against the Android OS, and McAfee’s own Mobile Research team has discovered yet another attempt at infecting Android devices. Named Grabos, the malware was first discovered by the team in the Android application “Aristotle Music audio player 2017,” which claimed to be a free audio player on […] more…#WorldKindnessDay: How to Help Kids Tap into their Superpower of Being Kind
“There is no small act of kindness. Every compassionate act makes large the world.” —Mary Anne Radmacher, American writer, and artist With so many tragedies in the news, World Kindness Day, Nov. 13, could not come at a better time. But can one day — or month — put a dent in the accumulation […] more…The Clock Is Ticking: Can You Find and Kill Advanced Malware Before it Kills Your Endpoints?
Your company’s computer system has been compromised by disguised malware. There is no greater feeling of dread for a security professional. This may put your mind at ease: Through automation, McAfee’s endpoint and sandbox tools can round up the malware, detonate it in a safe place, identify any compromised areas, and prepare them for you […] more…REDBALDKNIGHT/BRONZE BUTLER’s Daserf Backdoor Now Using Steganography
by Joey Chen and MingYen Hsieh (Threat Analysts) REDBALDKNIGHT, also known as BRONZE BUTLER and Tick, is a cyberespionage group known to target Japanese organizations such as government agencies (including defense) as well as those in biotechnology, electronics manufacturing, and industrial chemistry. Their campaigns employ the Daserf backdoor (detected by Trend Micro as BKDR_DASERF, otherwise […] more…REDBALDKNIGHT/BRONZE BULTER’s Daserf Backdoor Now Using Steganography
by Joey Chen and MingYen Hsieh (Threat Analysts) REDBALDKNIGHT, also known as BRONZE BUTLER and Tick, is a cyberespionage group known to target Japanese organizations such as government agencies (including defense) as well as those in biotechnology, electronics manufacturing, and industrial chemistry. Their campaigns employ the Daserf backdoor (detected by Trend Micro as BKDR_DASERF, otherwise […] more…DigiCert’s acquisition of Symantec’s security business is good news for customers
Last week DigiCert announced it had closed on the billion-dollar acquisition of Symantec’s security business previously announced in August of this year. The deal adds to DigiCert’s capable team some of the industry’s best talent and resources in the area of SSL/TLS certificates and related PKI solutions. As the world becomes more cloud and IoT-centric, […] more…Self-Signed Certificates Can Be Secure, So Why Ban Them?
In many organizations the use of self-signed certificates is forbidden by policy. Organizations may ban the use of self-signed certificates for several reasons: It is trivially easy to generate a certificate’s key pair without reasonable entropy, to fail protect the private key of the key pair appropriately to its use, to poorly validate the certificate […] more…Massive Malaysian Data Breach Compromises Over 46 Million Phone Numbers
There are data breaches that impact an entire customer group, or even a certain state. And then there are data breaches that impact practically everyone in a nation. This actually happened this week, as practically every citizen of Malaysia, a country that boasts a population of some 31.2 million, was impacted by a cyberattack. A […] more…10 Ways to Bring your Incident Response Back from the Grave
It’s Día de Los Muertos—but that’s no excuse for your security threat processes to move like the walking dead. As hundreds of thousands of people around the globe take time to remember their ancestors today, we urge you to look back through your incident history. But don’t stop there, think about how you can improve […] more…Expiro Malware Is Back and Even Harder to Remove
File infector malware adds malicious code to current files. This makes removal tricky because deleting infections results in the loss of legitimate files. Although file infectors were more popular in the 1990s and early 2000s, they still pose a significant threat. The complex disinfection process is usually leveraged by malware authors to ensure systems stay […] more…More information
- Intel’s Tower Semiconductor acquisition fails, as China witholds OK
- Germany says Russia probably behind cyber attack on Bundestag
- Mass-Produced ATM Skimmers, Rogue PoS Terminals via 3D Printing?
- Lip reading: biometrics you can reset just like passwords
- Apple offers iOS 5.1.1 update, fixes some serious vulnerabilities
- Sega embraces legal console game modding with new Genesis PC emulation hub
- Symantec Launches Tailored Threat Intelligence Service
- Know Your Audience When Speaking to Security Practitioners
- Kadotettujen kännyköiden maa
- Moving to Hybrid Cloud: Top 5 Considerations