Business, Consumer, Executive Perspectives, McAfee Labs

NoMoreRansom – One year on!

One year on. It is fair to say that the No More Ransom project not only exceeded our expectations, but simply blew these initial expectations out of the water. A collaboration between six partners (McAfee, EC3, Dutch Police, Kaspersky Lab, AWS and Barracuda) has now grown to include more than 100 partners across the public and private sector. We often hear people talk about Public-Private Partnerships, but here is a true example of that commitment in action.

Business

Show me the money – Financial Services Need to Rethink Security

Financial institutions are under attack. As gatekeepers to consumers’ and enterprises’ most personal and private information, this industry serves as one of the most lucrative avenues for cybercriminals to pursue. In response, financial services organizations have developed unsustainable security infrastructures that are characterized by a huge proliferation of tools to address “the next big thing” …

Business, Executive Perspectives, McAfee Labs

Is WannaCry Really Ransomware?

Ransomware follows a relatively simple model: data is encrypted, the victim pays, data is decrypted. At least that is what those who create ransomware want you to believe. This was also our assumption when we began our analysis of WannaCry—that those behind the campaign would decrypt victims’ data once they received payment. However, for a campaign with incredibly effective propagation techniques, reasonable key and data management, and a working anonymous communication fabric with Bitcoin payments, we found a major flaw: The WannaCry attackers appear to be unable to determine which users have paid the ransom and they cannot decrypt on a per-user basis.

Executive Perspectives, McAfee Labs, Neutralize Threats, Technical How To

An Analysis of the WannaCry Ransomware Outbreak

Charles McFarland was a coauthor of this blog. Over the course of Friday, May 12 we received multiple reports of organizations across multiple verticals being victim to a ransomware attack. By Friday afternoon, McAfee’s Global Threat Intelligence system was updated to identify all known WannaCry samples and the company had delivered DAT signature updates to …

Business, McAfee Labs

CHIPSEC Support Against Vault 7 Disclosure Scanning

Following recent WikiLeaks Vault 7 disclosures, including details regarding firmware vulnerabilities, there has been significant concern regarding the integrity of devices and operating systems used within society. As part of our commitment to provide technology that can preserve the integrity of devices we rely upon, we have developed a simple module for the CHIPSEC framework …

Executive Perspectives

The 5G reality

Mobile World Congress has come and gone. With over 100,000 attendees at the show, people gathered around the impressive booths to get a glimpse at what the world’s biggest mobile brands had to offer in 2017. There was definitely a theme of nostalgia at play with the highly anticipated return of the classic Nokia 3310 …

Cloud Security

Cloud Ubiquity – it’s coming, but not yet!

Brace yourself, adoption of cloud computing is on its way with 93% of organizations using cloud services today.  Just don’t ask when ubiquity will occur!  One year later, and the question about the number of months until IT budgets are 80% in the cloud is down from 16 months to ‘only’ 15.  Technically speaking, ubiquity …

McAfee Labs

Spotlight on Shamoon

Our analysis this month has pointed to Shamoon emerging in the Middle East. We have recently seen a number of similarities that we had highlighted in our earlier blogs (on mcafee.com). The campaign continues to target organizations in the Middle East from a variety of verticals. Reports suggest that a further 15 disk-wiping Shamoon incidents …

Cloud Security

STAR- A Window to the Cloud

We are all going to live in the cloud.   Well that is what every study, and forecast tells us.  From our clash of clans villages, to our connected cars we can expect all of our data to be hosted in an unmarked data center in a town that we have never heard of.   Perhaps this …

McAfee Labs

Shamoon Rebooted in Middle East, Part 2

Last week we provided some initial analysis on recent attacks targeting organizations in the Middle East.  The attack has hallmarks of the Shamoon campaign of 2012. We now have additional data related to the components used within the new campaign, which has three distinct components: dropper, wiper, and wiper driver. The language of these three …

McAfee Labs

Shamoon Rebooted?

We have recently received notifications and samples from impacted organizations in the Middle East that have hallmarks of the Shamoon campaign from 2012. The main component of these attacks was the usage of a wiper component that, once activated, destroyed the hard disks of infected machines. The initial infection vector for the recent attacks is …

Business, Español

La “Segunda Economía” El Pronóstico para la Ciberseguridad del Sistema de la Salud

Steve Grobman, Vicepresidente de Intel Security, señala que para ganar la ventaja en la seguridad cibernética es necesario extender nuestro pensamiento más allá de la economía física de dinero, bienes y servicios a una Segunda Economía definida por las monedas de confianza, tiempo y dinero. Al igual que en otras industrias, la atención de la …

Cloud Security

Fight Against Ransomware Takes to the Cloud

“How many visitors do you expect to access the No More Ransom Portal?” This was the simple question asked prior to this law enforcement (Europol’s European Cybercrime Centre, Dutch Police) and private industry (Kaspersky Lab, Intel Security) portal going live, which I didn’t have a clue how to answer. What do YOU think? How many …

McAfee Labs

‘Wildfire’ Ransomware Extinguished by Tool From NoMoreRansom; Unlock Files for Free

Intel Security and Kaspersky Lab, partners in the project NoMoreRansom, are pleased to announce today the availability of a decryption tool for victims of the Wildfire variant of ransomware. This tool is available following successful collaboration with the Dutch police and the European Cybercrime Centre. This strong public-private partnership has led to the seizure of …

McAfee Labs

Intel Security Teams With Industry, Law Enforcement to Thwart ‘Shade’ Ransomware

Intel Security, Europol, Kaspersky Lab, and Dutch police have taken down the Shade ransomware botnet and captured encryption keys to unlock victims’ systems. Although we talk a great deal of the value of public-private partnerships in the fight against cybercrime, few events in the cybersecurity field are more inspiring than seeing such collaboration in action and …