It’s a question I get several times a year from anxious parents, either via a direct message, an email or even in line at the grocery store….
AV evasion with 64-bit Executables
Unpatches WebKit Vulnerablity in iOS/macOS
by Jon Clay •
Nearly 50,000 IPs Compromised in Worm-like TeamTNT Attack and Misconfigurations are the Biggest Threat to Cloud Security
by Mina Naiim •
We focus on the behavior of the DarkSide variant that targets Linux. We discuss how it targets virtual machine-related files on VMware ESXI servers, parses its embedded configuration, kills virtual machines (VMs), encrypts files on the infected machine…
by Ken Kartsen •
May 2021 has been an extraordinary month in the cybersecurity world, with the DoD releasing its DoD Zero Trust Reference…
The post Why May 2021 Represents a New Chapter in the “Book of Cybersecurity Secrets” appeared first on McAfee Blogs.
by Roy Kamp •
A Survey of Bluetooth Vulnerabilities
Google Chrome Update
Attacks on PDF …
by Philippe Lin •
5G acts as a catalyst for change for industrial environments. One part of its deployment is the 4G/5G campus network for some organizations. In our research we delve into the security risks and implications of this technology.
by Aaron Ansari •
Open source code is in the vast majority of commercial softwares today. Learn best practices to mitigate the unique risks that accompany its use.
by Google •
Posted by Jon Markoff and Sean Smith, Android Security and Privacy Team Integrating security into your app development lifecycle can save a lot of time, money, and risk. That’s why we’ve launched Security by Design on Google Play Academy to help develo…
by Jamie Cromer •
The security industry is engulfed in the most asymmetric cyberwarfare we have ever seen. The outcome of an Attacker’s mission…
The post Cyber Cyber, Burning Bright: Can XDR Frame Thy Fearful Asymmetry? appeared first on McAfee Blogs.
by Baker Nanduru •
As people turn to the Internet for news and answers to tough questions, it only makes sense that it would…
The post Private browsing vs VPN – Which one is more private? appeared first on McAfee Blog.
Uncovering Shenenigans in an IP Address Block via Hurricane Electic’s BGP Toolkit
by Kaylin Trychon •
Research Team: Salman Qazi, Yoongu Kim, Nicolas Boichat, Eric Shiu & Mattias Nissler Today, we are sharing details around our discovery of Half-Double, a new Rowhammer technique that capitalizes on the worsening physics of some of the newer DR…
by Jesse Netz •
In response to the latest MITRE Engenuity ATT&CK® Evaluation 3, McAfee noted five capabilities that are must-haves for Sec Ops and displayed in the evaluation. This blog will speak to the alert actionability capability which…
The post Alert Actionability In Plain English From a Practitioner appeared first on McAfee Blogs.
In previous posts we have explored what differential privacy is, how it works, and how to answer questions about data in ways that protect privacy. All of the algorithms we’ve discussed have been demonstrated via mathematical proof to be effective for …
by Brand Post •
In this fourth episode of our 5-episode podcast, The C-level Strategic Guide for CIAM Investment, we will explore phase 3 on the CIAM Maturity Curve: Intelligent. To move from phase 2 (automated) to phase 3 (intelligent) involves a number of importa…
by Gary •
Anyone seeking information security standards or guidance is spoilt for choice e.g.:ISO27k – produced by a large international committee of subject matter experts and national representatives NIST SP 800 series – well researched, well w…
Apple Patches 0-Days
On the frontline: revealing the personal and professional challenges facing SecOps teams. New research shows that security teams are struggling with overwhelming workloads, and organizations are lacking the solution.
by Magno Logan •
We have found and confirmed close to 50,000 IPs compromised by this attack perpetrated by TeamTNT across multiple clusters. Several IPs were repeatedly exploited during the timeframe of the episode, occurring between March and May.
by Rick Grinnell •
Over the past 14 months, organizations have had to navigate the abrupt discontinuity caused by COVID-19 and the ensuing regulations. Today, sports fans are returning to arenas and students are back in schools, but most office workers are still on wo…
by Scott Howitt •
by Lynda Grindstaff •
In Part 1 of our Through Your Mind’s Eye series, we explored how our brains don’t give each decision we…
The post Through Your Mind’s Eye: How to Address Biases in Cybersecurity – Part 2 appeared first on McAfee Blogs.
by Toni Birdsong •
Summer is here, which means more sun and more fun for everyone. It also means more streaming, gaming, and downloading. This seasonal reality reminds…
The post At Home or On-the-Go: Boost Your Internet Safety this Summer appeared first on McAfee Blogs.
by Gary •
Today I’ve slogged my way through a stack of ~50 ISO/IEC JTC1/SC27 emails, updating a few ISO27001security.compages here and there on ongoing standards activities. The most significant thing to report is that the project to revise the 3rd (2013) e…
Serverless Phishing Campaign
Locking Kernel32.dll As Anti-Debugging Technique
by Vishnu Varadaraj •
When we think of tipping, many don’t see it as anything beyond a display of gratitude. However, Twitter’s latest feature is prompting its users to rethink this sentiment. It hasn’t been long since Twitter…
The post Keep the Change: 3 Tips for Using the Twitter Tip Jar appeared first on McAfee Blogs.
My background is as a developer and a security professional, so when I had to learn system design I approached it from that perspective. While I was familiar with many of these concepts, I decided that I had to learn it in depth and in earnest. Now tha…
New YouTube Video Series: Everything you ever wanted to know about DNS and more
And Ransomware Just Got a Bit Meaner
by Roy Kamp •
May 2021 Forensic Contest: Answers and Analysis
CIS Controls V8
Dell iDRAC 9 Security Update
by Lynda Grindstaff •
Cybersecurity and biases are not topics typically discussed together. However, we all have biases that shape who we are and,…
The post Through Your Mind’s Eye: What Biases Are Impacting Your Security Posture? appeared first on McAfee Blogs.
by Carlos Diaz •
In our last blog about defense capabilities, we outlined the five efficacy objectives of Security Operations, that are most important…
The post Miles Wide & Feet Deep Visibility of Carbanak+FIN7 appeared first on McAfee Blogs.
by Vishnu Varadaraj •
Personal devices and the information they carry are incredibly valuable to their owners. It is only natural to want to protect…
The post Less Is More: Why One Antivirus Software Is All You Need appeared first on McAfee Blogs.
The Foundation for Interoperable and Portable Security Automation is Revealed in NISTâs OSCAL Project
by Michaela Iorga •
Today’s blog is from Michaela Iorga, Senior Technical Lead of the Computer Security Division (CSD) in the Information Technology Laboratory at NIST. Michaela’s team at NIST is working with the industry to develop the Open Security Controls Assessment L…
by CIO Security •
The SolarWinds breach represents a tectonic shift in threat actor tactics, suggesting this kind of attack vector will be replicated. Not only were the attacker’s sophistication and technical proficiency high — allowing them to stay in stealth mode — …
New Pulse Secure VPN Advisory
Android Stalkerware …
by Jean Treadwell •
Today’s technology allows you to complete various tasks at the touch of a button wherever you go. As a result, you place trust in online services that make…
The post Elevate Your Financial Security: How to Safely Bank Online appeared first on McAfee Blogs.
by Peter Wayner •
Famous mock musician David St. Hubbins once said, “There’s a fine line between stupid and clever.” On one side of the line is an endless celebration of genius. On the other: failure and ignominy.The tech industry has no choice but to embrace innovat…