McAfee Security Certification Program Today, McAfee is excited to announce the addition of two new exams and certifications to our McAfee Security Certification Program. We launched the program back in January with two initial assessments, promising to add to our curriculum as time went on. The two new certifications, McAfee Certified Product Specialist – Network ...
Read Blog
What is the biggest threat to your company’s network? Look in the mirror. A huge percentage of recent high profile attacks, including those perpetrated on Epsilon, RSA, the Oak Ridge Laboratories in Tennessee, and the Gmail accounts of government officials—not to mention Operation SHADY Rat—are suspected to be based on spearphishing, a devious social engineering ...
Read Blog
Recently Dmitri Alperovitch, McAfee’s VP of Threat Research, published a blog about Operation Shady RAT. In the blog and corresponding whitepaper he details an investigation of targeted intrusions into over 70 global companies, governments, and non-profit organizations over the last five years that appear to be sourced from a single actor or group. The targeted ...
Read Blog
Last week, we hosted our monthly #SecChat on Stealth Crimeware. When it comes to building malware, cyber criminals are getting smarter – employing stealth techniques with malware able to self-replicate and evade detection for long periods of time. It can be costly for enterprises to remediate the damage done to infected machines and networks. During ...
Read Blog
If we look at the evolution of hacking, certain techniques never go out of style, but we’re at the beginning of a big shift in terms of the targets.  The threat landscape has evolved beyond PCs, tablets, and smartphones to a whole new battleground: connected devices all around us. According to Ericsson, there will be ...
Read Blog
Decades ago when the early communications networks were formed, scientists rallied around the joy of sending data at light speed and happily connected once-disparate networks together to create the early stages of the "Internet."  This capability eventually enabled conversations, money transfers, massive data sharing, and the confluence of convenience and efficiencies unlike any the world ...
Read Blog
I had the privilege of speaking before the House Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies at a hearing titled “Examining the Cyber Threat to Critical Infrastructure and the American Economy.” I was pleased to have the opportunity to provide McAfee’s perspective on the threats that face our nation’s infrastructure, as well as provide ...
Read Blog
Following on from my post “10 Things You Don’t Want To Know About Bitlocker”, “TPM Undressed” and “Firewire Attacks Revisited” it recently came to my attention that Passware, Inc. A feisty California company has released a version of their forensic software which will decrypt Bitlocker and TrueCrypt protected hard disks via the classic Firewire vulnerabilities. ...
Read Blog

TPM "Undressed…"

By on
Recently it was announced with much fanfare that the now-ubiquitous "TPM" chip found in most modern computers had been hacked. This obviously unnerved a lot of people, especially those hanging the safety of their secrets on free solutions like Microsoft Bitlocker which use the TPM to provide convenience to their users. The attack, invented about ...
Read Blog
Recently a slew of news sites announced a newly discovered vulnerability (care of the German Security firm SySS) on a range of supposedly "secure" consumer USB sticks. With the right tools and know-how, these models from SanDisk, Kingston and Verbatim were apparently easy to defeat and retrieve the data from without knowing the user’s password. ...
Read Blog