McAfee – McAfee Blogs https://www.mcafee.com/blogs Securing Tomorrow. Today. Tue, 19 May 2020 21:34:59 +0000 en-US hourly 1 https://wordpress.org/?v=5.4.1 https://www.mcafee.com/wp-content/uploads/2018/11/cropped-favicon-32x32.png McAfee – McAfee Blogs https://www.mcafee.com/blogs 32 32 What is disk cleanup and does it remove viruses? https://www.mcafee.com/blogs/consumer/what-is-disk-cleanup-and-does-it-remove-viruses/ https://www.mcafee.com/blogs/consumer/what-is-disk-cleanup-and-does-it-remove-viruses/#respond Tue, 19 May 2020 17:27:47 +0000 /blogs/?p=101265

What is Disk Cleanup and does it remove viruses? It happens. You’re in the middle of a computing task, and your screen blinks. The blue screen (Stop Error) is shown with the message that your PC ran into an error and needs to restart. These hiccups occur when your computer’s software, firmware, or drivers crash […]

The post What is disk cleanup and does it remove viruses? appeared first on McAfee Blogs.

]]>

What is Disk Cleanup and does it remove viruses?

It happens. You’re in the middle of a computing task, and your screen blinks. The blue screen (Stop Error) is shown with the message that your PC ran into an error and needs to restart. These hiccups occur when your computer’s software, firmware, or drivers crash due to faulty or incompatible hardware or software.

If you’re like most people, you want a computer that’s nimble enough to keep up with your life. When your computer is bogged down with outdated files, you aren’t able to work at an efficient pace.

While a new computer or external drive may give you more file storage space, there’s a faster way to gain usable storage space without straining your budget. This option is called disk cleanup, and all Windows computers come with a version of it that you can use to reclaim hard disk space gratis. Here are some things that you need to know about Microsoft’s disk cleanup tool.

What is Disk Cleanup?

Disk cleanup is a maintenance utility that was developed by Microsoft for its Windows operating system. The utility scans your computer’s hard drive for files that you no longer need such as temporary files, cached webpages, and rejected items that end up in your system’s Recycle Bin. Unless you remove those files, they add up over time and begin taking a lot of space on your computer.

The utility displays the identified files and the amount of storage space that each of them uses within your hard drive. You decide which items to delete by the importance that you place on the files and the amount of hard drive space that you’ll be able to recover. In Windows 10, you can reach this utility by going to your start menu and scrolling to Windows Administrative Tools to click the disk cleanup button.

Windows also has the feature Quick Clean which lets you clean up the junk temporary files from your Windows desktop safely and quickly. It also cleans additional junk files, which the Disk Cleanup Utility does not.

What are System updates?

System updates such as major OS releases, monthly patches and emergency updates have become standard for today’s computers. Most operating systems are set to download the latest updates automatically. However, on Windows devices, the previous version of an operating system isn’t always deleted when the latest version replaces it. After years of updates, you’ll often have several versions of the OS on your computer.

The disk cleanup utility allows you to remove backup shadow copies from your computer. Programs that you download to open or edit a document take up storage space on your computer’s hard drive long after you’ve completed your project. Disk cleanup allows you to locate those programs, see how much storage space they use, and remove them to free up hard disk space. You’ll find these features by selecting the “more options” tab within the disk cleanup menu.

What is Storage Sense?

Microsoft Windows 10 comes with an upgraded disk cleanup function that’s called Storage Sense. With Storage Sense, you can set your system to automatically clean up unwanted files by setting the tab to the “on” position. You choose to allow Storage Sense to remove temporary files that your programs no longer use, files in the Download folder that haven’t changed in 30 days, and files that have been sitting in your Recycle Bin for over 30 days. You can reach Storage Sense by going to the Settings menu, clicking on the Systems button, and selecting the Storage option.

What Are the Benefits of Disk Cleanup?

While you can search for temporary files yourself and delete them manually, you save time by using the Windows disk cleanup tool. You can search your entire hard disk for specific files within a matter of seconds with the disk cleanup utility. The tool also gives you greater control over which files to delete and those to keep. When outdated application files are removed from your system, it runs more smoothly and has fewer crashes.

Does Disk Cleanup Remove Viruses?

One of the most common ways that viruses enter computer systems is through downloads. A user lands on an untrusted website and clicks on a button to get a free download. The download contains a virus that goes undetected. If the application remains untouched for longer than 30 days, you can run the disk cleanup utility to find the offending download and remove it quickly. While you shouldn’t use disk cleanup as a replacement for a robust antivirus product, the tool can work in conjunction with a trusted antivirus solution to better safeguard your computer’s system, files, and data.

The Wrap Up

Whether you use your computer to work from home or to manage your household, you’ll want it to function as it should. This includes the flexibility to download a program for a short-term project or quickly process spreadsheets to share with coworkers on an online portal. These operations are greatly impaired when your hard disk is full of unnecessary files and bloatware. Using the Windows disk cleanup tool allows you to remove these files that could contain malware and increase the capacity and safety of your computing environment.

The post What is disk cleanup and does it remove viruses? appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/what-is-disk-cleanup-and-does-it-remove-viruses/feed/ 0
My email has been hacked! What should I do next? https://www.mcafee.com/blogs/consumer/my-email-has-been-hacked-what-should-i-do-next/ https://www.mcafee.com/blogs/consumer/my-email-has-been-hacked-what-should-i-do-next/#respond Tue, 19 May 2020 17:01:21 +0000 /blogs/?p=101260 chat etiquette

Signs Your Email Was Hacked With the advent of #Staysafe and #Shelterinplace, the increase of personal email com-munication has skyrocketed. This increase has allowed clever hackers to worm their way into installing viruses via attachments as well as other common techniques. You Know You’ve Been Hacked When… Your Contacts are Receiving Messages Not Sent By […]

The post My email has been hacked! What should I do next? appeared first on McAfee Blogs.

]]>
chat etiquette

Signs Your Email Was Hacked

With the advent of #Staysafe and #Shelterinplace, the increase of personal email com-munication has skyrocketed. This increase has allowed clever hackers to worm their way into installing viruses via attachments as well as other common techniques.

You Know You’ve Been Hacked When…

Your Contacts are Receiving Messages Not Sent By You

Messages that seem to come from you to friends or business contacts must alert you to a severe problem on your computer. Friends may have the confidence to let you know about these emails, but business contacts or professional associates may not. Hackers can install malware on their computers through email attachments, and the intruder can find a password with an amazingly small amount of effort.

Your Online Password Stops Working

As a regular visitor to your favorite sites, you know the password that each one requires. While you may accidentally strike a wrong key and create a typo, the chances of doing it twice seem highly unlikely. Since you know that the password appears not to work, you may need to consider the possibility that someone has hacked your email.

Once inside your computer, hackers have almost a free reign to look for your pass-words. Many people create a list of passwords for convenience, but the benefit to a hacker who finds such a file can reach significant proportions.

Slow and Erratic Computer Performance

Unpredictable conduct by your computer can mean that a virus may have infected it. The sluggishness that replaces the usual prompt response that you expect tells you that you have a problem. Spyware, a malicious type of software, can track your online activity, tamper with your files, and even steal your private information.

When you consider the burden that spyware can place on your system, you can under-stand the reason for its lackluster speed. While you probably did not notice anything wrong when you downloaded a picture from a website or clicked on an attachment in an email, a virus could have accompanied it. Until you remove the virus, you may feel as though you have someone watching you, and you do.

Watching for Ransomware

A particularly insidious form of malicious software comes with an ability to make you pay for the privilege of controlling your computer. Ransomware can enter your system through emails, and you allow it to do so when you click on an attractive attachment from an unknown sender. Ransomware can lock your files and make them inaccessible. The troublemakers who put it there demand a fee to release its grip on your system.

Maybe more dangerous than other malicious invasions of your computer, ransomware carries a penalty that can completely deny you access to your files and cost you money to get it back. As a caution that reminds you of the hazard of opening attachments that can cause damage to your computer and your finances, an email that installs ransom-ware deserves attention immediately.

What Should I Do if My Email is Hacked?

Change your password

This is the first thing you must do to ensure that the hacker can’t get back into your ac-count. Your new password must be complex and unrelated to previous passwords. Al-ways use 8-10 characters with a mix of upper and lower case characters as well as numbers and symbols.

Reach out to your email contacts immediately

A big part of the hacker’s strategy is to ‘get their claws’ into your address book to hook others as well. Send a message to all of your email contacts as soon as possible. Let them know they should avoid opening any emails (most likely loaded with malware) that have come from you.

Change your security question

If you have security questions associated with your email account, be sure to change them too. Make them unpredictable and niche.

Enable Multi-Factor Authentication

Yes, multi-factor authentication adds another step to your login, but it also adds another layer of protection. Enabling this will mean that in addition to your password, you will need a unique one-time use code to log in. This is usually sent to your mobile phone.

Scan your computer for malware and viruses

This is an essential step. Comprehensive security software will provide you with a digital shield for your online life. McAfee Total Protection lets you protect all your devices – including your smartphone – from viruses and malware. It also contains a password manager to help you remember and generate unique passwords for all your accounts.

Change any other accounts with the same password

This is time-consuming but a worthwhile effort. Ensure that you change any other ac-counts that use the same username and password as your compromised email. Hackers love when we use the same logins for multiple accounts.

Stay protected

While email can pose potential security risks, antivirus software protects your computer system from potential damage. Programs that run efficiently in the background detect and eliminate threats. Awareness and preparedness can help you thwart attempts to hack private information and let you maintain a secure environment online.

The post My email has been hacked! What should I do next? appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/my-email-has-been-hacked-what-should-i-do-next/feed/ 0
Good Malware Protection Doesn’t Need to Slow You Down! https://www.mcafee.com/blogs/consumer/good-malware-protection-doesnt-need-to-slow-you-down/ https://www.mcafee.com/blogs/consumer/good-malware-protection-doesnt-need-to-slow-you-down/#respond Mon, 18 May 2020 16:25:07 +0000 /blogs/?p=101204

Good malware protection doesn’t need to slow you down! “Security software slows down my PC.” This is a comment that is often heard when talking about malware protection on computers and laptops. While this may be true for many security products, even including the security software that is built into the Windows operating system, this […]

The post Good Malware Protection Doesn’t Need to Slow You Down! appeared first on McAfee Blogs.

]]>

Good malware protection doesn’t need to slow you down!

“Security software slows down my PC.” This is a comment that is often heard when talking about malware protection on computers and laptops. While this may be true for many security products, even including the security software that is built into the Windows operating system, this is not the case with McAfee security. As a matter of fact, independent tests since 2016 have proven that McAfee is not only good at catching malware, it’s also one of the lightest security products available today.

What is malware protection?

Security software continuously keeps an eye on all the data that comes in and goes out of your PC. It does this in order to verify that there are no security threats to your personal data, privacy and identity while you are, for example, shopping online, checking your social media or working remotely.

Because security software is always active and protecting in the background many users have the idea that malware protection necessarily slows down the performance of their PCs. This idea however is likely based on experiences from long ago as certain security products did indeed have serious impacts on the user experience.

Measuring PC Performance

To measure how much impact malware protection nowadays has on PC performance, some independent test labs include performance impact benchmarks in their security product tests. The most well-known of these test labs are AV-TEST, which is based in Germany, and Austria based AV-Comparatives. These independent labs are among the most reputable and well-known anti-malware test labs in the world.

In their tests both labs look at ~20 security brands, including McAfee, and the test results show that McAfee Total Protection is one of the lightest security products available today.

Let’s have a closer look at what AV-TEST and AV-Comparatives have to say.

AV-TEST

Every two months AV-TEST publishes the results of its on-going tests of 20 security products. As part of these tests the lab continuously evaluates the latest versions of all products using their default settings and measures the average impact of the product on computer speed in daily use.

A security product can achieve a maximum of 6 points depending on the test results. McAfee has consistently received the highest score in all performance tests since May 2018:

AV-Test PC Performance

Because of these excellent test results McAfee Total Protection was awarded the ‘2019 Performance Award’ by AV-TEST in March 2020.

Best Performance 2019AV-TEST Award

Below is what AV-TEST states about the award and about McAfee Total Protection:

Only products that make a high-performance finish in the AV-TEST labs throughout the test period of an entire year can claim this proof of absolute peak performance. With the AV-TEST Awards, a security product proves not only its technical superiority. Above all, it proves that it is documented as being the best the market currently has to offer in the fight against cyber-attacks.

With ‘Total Protection’, McAfee succeeded at fielding a top product in 2019 which was able to meet the high standards of the AV-TEST Institute. In the consumer field, McAfee receives recognition for best performance and is thus given the Best Performance 2019 Award by the AV-TEST Institute. 

With ‘Total Protection’, McAfee proves that good malware defense does not have to sacrifice system performance, says Andreas Marx, CEO of AV-TEST. Hardly any other software was able to achieve such stellar results in the category of performance in the annual test. Which is why McAfee receives the Performance Award for consumer software.

The announcement of the award can be seen on the AV-TEST website here.

AV-Comparatives

Every year in April and October AV-Comparatives publishes their Performance Test Report. For this report the lab looks at 17 security products including McAfee Total Protection and evaluates how much impact these have on PC performance.

The test lab uses low-end computers as these are most widely used and more at risk of suffering from resource consumption and thus performance impact. The tests also mimic daily usage as much as possible and focus on activities such as copying files, installing and uninstalling applications, launching applications, downloading files and browsing websites.

Based on the results on these tests the products are then evaluated and graded in award levels ranging from ADVANCED+ (the highest ranking) to STANDARD (the lowest ranking).

McAfee has achieved the ADVANCED+ ranking continuously since October 2016:

AV-Comparatives Performance Impact Scores

As a result, McAfee received the Silver Award in the category ‘Overall Performance (Low System-Impact)’ in February 2020 for demonstrating a lower impact on system performance than other products throughout 2019.

And in 2020 we are off to a good start again!

On May 8th AV-Comparatives published April 2020 Performance Test Report and McAfee Total Protection is again awarded with the highest possible rating: ADVANCED+.

With this result McAfee continues to show less impact on PC Performance than most other security products and is one of the lightest security products on the market: 

 

McAfee continues to show less impact on PC Performance than most other security products. Summary

Even though good malware protection is continuously monitoring all activity on your PC and laptop for cyber threats, this doesn’t have to mean that it also slows down the performance of your devices.

As we have seen in the test results of two of the world’s most reputable anti-malware test labs AV-TEST and AV-Comparatives, McAfee Total Protection has been achieving stellar test results in performance tests since October 2016 which also resulted in McAfee being awarded by both test labs with performance awards in 2019.

And with an excellent start in the 2020 test reports we believe that it is fair to say that good malware protection doesn’t need to slow you down and McAfee Total Protection is one of the lightest security products currently available.

 

 

The post Good Malware Protection Doesn’t Need to Slow You Down! appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/good-malware-protection-doesnt-need-to-slow-you-down/feed/ 0
McAfee Recognized on CRN’s 2020 Women of the Channel https://www.mcafee.com/blogs/enterprise/mcafee-recognized-on-crns-2020-women-of-the-channel/ https://www.mcafee.com/blogs/enterprise/mcafee-recognized-on-crns-2020-women-of-the-channel/#respond Tue, 12 May 2020 17:15:18 +0000 /blogs/?p=100907

Every year CRN recognizes the women who are leading the channel and their unique strengths, vision, and achievements. This prestigious, annual list acknowledges channel leaders who are blazing a trail for future generations. These women are from all areas of the IT ecosystem, including technology vendors, distributors, solution providers, and other IT organizations. This year, […]

The post McAfee Recognized on CRN’s 2020 Women of the Channel appeared first on McAfee Blogs.

]]>

Every year CRN recognizes the women who are leading the channel and their unique strengths, vision, and achievements. This prestigious, annual list acknowledges channel leaders who are blazing a trail for future generations. These women are from all areas of the IT ecosystem, including technology vendors, distributors, solution providers, and other IT organizations.

This year, we’re proud to recognize the six outstanding individuals who have been selected by CRN to be part of the 2020 Women of the Channel (WOTC) list. Each is recognized for her outstanding leadership, vision and unique role in driving channel growth and innovation.

If that weren’t exciting enough, we’re thrilled to share that Chari Rhoades received the honor of being named to CRN’s WOTC Power 100 List. The Power 100 List is a subset of the 900+ women recognized and highlights the women who are leading their organization from a variety of backgrounds and experiences. See below to learn more about each McAfee honoree.

Chari Rhoades – Director, Channel Operations and Distribution – Americas

Chari Rhoades joined McAfee in 2013 and currently leads two teams. One team focuses on the growth and development of our distribution partners. The second team is responsible for the enablement and communications to the Americas’ partners. In 2019, Chari led her distribution team to focus on executing the plan to ensure new business growth via targeted campaigns, enablement activities and leveraging key distribution services resulting in a material contribution to bookings for the channel. Chari contributed to the development and launch of the McAfee Channel Promise that defines who the channel is to McAfee and its internal teams while articulating the value of the channel. She also led the development of an internal training to ensure McAfee’s own sellers understand the channel and how to engage the channel for mutual success.

Kristin Carnes – Director, Global Channel Programs and Operations

Kristin Carnes joined McAfee through the acquisition of Skyhigh Networks. As Director of Global Channel Programs and Operations she supports a robust partner community that represents sales for more than 90% of the McAfee Enterprise business. In 2019, she accelerated McAfee’s investment in the PRM platform which gives partners a more comprehensive, simple view of their business with McAfee. In addition, she launched a new rebate program that provides predictability and greater earning potential for partners.

Gabriela Ferado – Manager, Channel Sales

Gabriela Ferado has been with McAfee for eight years and started as a sales rep with the Latin America team before joining the Channel team where she has learned, grown, and found a passion to help partners be a multiplying force for the company. As a former teacher, sharing knowledge and enabling others is an integral part of what she does and thrives on. In 2019, as part of the Cloud Service Provider team, she extended McAfee’s channel efforts to Latin America which helped our teams understand the CSPs as another route to market

Judy Kent – Director, Global Channel Programs and Communications

Judy Kent joined McAfee through the acquisition of Skyhigh Networks bringing more than 25 years of channel marketing and sales experience. In her role leading the global partner incentive programs she has driven new business revenue through the channel and has trained thousands of partners in a pre-sales technical enablement global webinar series. In addition, in January 2020, she successfully launched a new 13 language McAfee Partner Portal. She was previously recognized on CRN’s list of Women in the Channel in 2015 and 2016, and was recognized on CRN’s list of Channel Chiefs in 2016 and 2018.

Sheri Leach – Senior Distribution Account Manager

Sheri Leach has more than 25 years of experience working with distribution partners and has spent the last 14 years growing Ingram Micro with their McAfee business. In 2019, Sheri played a key role in working with Ingram Micro and delivering a Business Intelligence program that helped achieve net new logos which was one of McAfee’s 2019 initiatives. In addition, she played an integral role in developing operational excellence and automation within Ingram Micro when McAfee implemented their CPQ enhancement. She was also tightly aligned with Ingram Micro’s marketing team on the creation of a “no touch” McAfee sales program via demand generation and product attachment. Finally, Sheri helped facilitate a creative finance program between Ingram Micro and McAfee to bring in deals that would not have been possible before.

Natalie Tomlin – Director, Channel Sales Cloud and Service Providers

Natalie Tomlin is a McAfee veteran who joined when the company was known as Network Associates more than 20 years ago. She has held roles in sales and channel sales and has been a Channel Director for the past four years. In 2019, Natalie developed strong business relationships with the top Cloud Service Providers as they helped their customers on their journey to the cloud as a de facto security provider, facilitated discussions for operational efficiencies so McAfee can transact with the CSPs in both public and gov cloud, and brought in incremental revenue from the channel.

This recognition is special and underscores the work that we’ve done as an organization to hire diverse talent, implement a return to workplace initiative to assist people who have paused their careers, and achieve gender pay parity across the company.

Please join me in congratulating these six outstanding women who are at the core of the McAfee Channel program. Their leadership and execution have been paramount to our success and will continue to help lead us onwards.

The post McAfee Recognized on CRN’s 2020 Women of the Channel appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/enterprise/mcafee-recognized-on-crns-2020-women-of-the-channel/feed/ 0
ST19: Unified Cloud Edge with Cindy Chen & Michael Schneider https://www.mcafee.com/blogs/other-blogs/podcast/st19-unified-cloud-edge-with-cindy-chen-michael-schneider/ https://www.mcafee.com/blogs/other-blogs/podcast/st19-unified-cloud-edge-with-cindy-chen-michael-schneider/#respond Tue, 12 May 2020 10:00:49 +0000 /blogs/?p=100866

In this episode, Senior Product Marketing Manager Cindy Chen and Senior Manager of Product Management Michael Schneider take us through the details of Unified Cloud Edge.

The post ST19: Unified Cloud Edge with Cindy Chen & Michael Schneider appeared first on McAfee Blogs.

]]>

In this episode, Senior Product Marketing Manager Cindy Chen and Senior Manager of Product Management Michael Schneider take us through the details of Unified Cloud Edge.

The post ST19: Unified Cloud Edge with Cindy Chen & Michael Schneider appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/podcast/st19-unified-cloud-edge-with-cindy-chen-michael-schneider/feed/ 0
ST18 Chinese Cyber Crime with Anne An & Patrick Flynn https://www.mcafee.com/blogs/other-blogs/podcast/st18-chinese-cyber-crime-with-anne-an-patrick-flynn/ https://www.mcafee.com/blogs/other-blogs/podcast/st18-chinese-cyber-crime-with-anne-an-patrick-flynn/#respond Mon, 11 May 2020 17:42:21 +0000 /blogs/?p=100863

The head of McAfee Advanced Programs Group, Patrick Flynn and Security Researcher Anne An discuss Chinese Cyber Crime trends and operations.

The post ST18 Chinese Cyber Crime with Anne An & Patrick Flynn appeared first on McAfee Blogs.

]]>

The head of McAfee Advanced Programs Group, Patrick Flynn and Security Researcher Anne An discuss Chinese Cyber Crime trends and operations.

The post ST18 Chinese Cyber Crime with Anne An & Patrick Flynn appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/podcast/st18-chinese-cyber-crime-with-anne-an-patrick-flynn/feed/ 0
Why Do I Need a Password Manager? https://www.mcafee.com/blogs/consumer/why-do-i-need-a-password-manager/ https://www.mcafee.com/blogs/consumer/why-do-i-need-a-password-manager/#respond Tue, 05 May 2020 16:05:37 +0000 /blogs/?p=100614

Whether you’re on the internet all day or sign on only occasionally, all of us have a lot of passwords to manage. What’s more, security experts recommend we use powerful and unique passwords for each online account to prevent serious crimes like identity theft. Fortunately, there’s an easy solve – a password manager. How can […]

The post Why Do I Need a Password Manager? appeared first on McAfee Blogs.

]]>

Whether you’re on the internet all day or sign on only occasionally, all of us have a lot of passwords to manage. What’s more, security experts recommend we use powerful and unique passwords for each online account to prevent serious crimes like identity theft. Fortunately, there’s an easy solve – a password manager.

How can you choose a safe password?

Today, hackers use sophisticated software that can decipher all but the most secure passwords. Your pet’s name or your child’s birthday, while personal, isn’t necessarily a stumbling block for hacking software these days. Randomly generated passwords using a long and unique string of characters are simply the only answer, and password managers use that technique.

Can you safely store passwords on your computer or mobile phone?

If you keep your passwords on your computer’s hard drive, they become an easy target for hackers or scammers who gain remote access to your computer. In fact, any time you share your computer all your private information becomes available, including that master list of passwords. Likewise, when you store the passwords to your accounts on your phone, they become accessible to anyone who gains access to that device, like thieves. Using a password manager allows you to store your passwords on secure servers, away from prying eyes, hackers, and thieves.

What does a password manager do?

Let’s face it, many of us have bad password habits. That’s where a password manager can help. This piece of software creates secure passwords, stores them, and automatically inputs them when you access your various online accounts.

That’s right, a password manager can create the long, complicated combinations of characters that make a truly secure password. And the best part is that it remembers them for you. The days of using the same password for every single account are over. With this piece of software, you only need to remember one password, the one for the password manager.

How does a password manager help you?

A simple password offers almost no protection, and studies show that many people choose their birthday or numbers in sequential order. Hackers bank on that behavior to allow them to gain access to your accounts with their sophisticated software. A password manager can thwart attempts to break into your bank account, email and social media sites that can catch you unaware otherwise. The combinations of capital and lowercase letters, symbols, numbers and punctuation marks that a password manager generates make it exponentially harder for hackers to steal your stuff.

Can you safely rely on a password manager?

You may be asking what if a hacker breaks into my password manager? It’s an unlikely scenario, but even if it were to happen, a password manager encrypts your data and makes it unreadable. There are also a few best practices you can follow to make your manager even more effective and reliable. First, while using a password manager ensures you only need to remember one password, you need to make sure that password is a strong one. That means you need to make it a random mix of capitals, lowercase letters, numbers and symbols. Also, make sure you turn off the autofill feature on your browser and copy and paste your passwords from your manager in manually.

Using a Password Manager Simplifies Password Security

A password manager is a convenient and highly effective product that addresses all the of issues we’ve discussed in this article. It provides a single location where you can manage and store all your online passwords securely. Choose a password manager that lets you instantly create secure and complex passwords to protect your online presence from trespassers. It should also provides a security-restricted site for your passwords and let you access them from any internet-connected device. By using a password manager, you maintain a more secure presence on the web, you protect your bank account, email and social media activities from intrusion by hackers. Best of all, you gain the peace of mind that comes from knowing your most valuable assets are being protected.

The post Why Do I Need a Password Manager? appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/why-do-i-need-a-password-manager/feed/ 0
Ransomware Attacks: Cybercriminals Pinpointing Healthcare Organizations https://www.mcafee.com/blogs/consumer/ransomware-attacks-cybercriminals-pinpointing-healthcare-organizations/ Wed, 29 Apr 2020 20:33:06 +0000 /blogs/?p=100238 Cybercriminals target healthcare

No One is Invisible to Ransomware Attacks: Cybercriminals Pinpointing Healthcare Organizations   In this challenging time, cybercriminals have their eyes on consumers and institutions alike. Malicious groups have increased their targeting of hospitals and healthcare entities to take advantage of deepening resource strain. Many of these groups are using ransomware attacks to compromise hospital systems, locking up patient records or vaccine research until a […]

The post Ransomware Attacks: Cybercriminals Pinpointing Healthcare Organizations appeared first on McAfee Blogs.

]]>
Cybercriminals target healthcare

No One is Invisible to Ransomware Attacks: Cybercriminals Pinpointing Healthcare Organizations 

 In this challenging time, cybercriminals have their eyes on consumers and institutions alike. Malicious groups have increased their targeting of hospitals and healthcare entities to take advantage of deepening resource strain. Many of these groups are using ransomware attacks to compromise hospital systems, locking up patient records or vaccine research until a hefty ransom is paid. The requested sum is usually a high value of Bitcoin or alternative cryptocurrencies, as these are typically more difficult to trace 

However, unlike with old tax paperwork or private family photos, the impact of losing or mass distributing patient records could literally mean life or death for those awaiting urgent care or diagnosisBad actors count on this urgency to guarantee that their ransom is met 

Be wary of old tactics with a new twist 

The tactics these cybercriminals use can be a combination of traditional phishing and vulnerability exploitationReportedly, the WHO has seen a twofold increase in phishing attacks by cybercriminals attempting to steal credentials. Some ransomware groups have stated they will avoid targeting hospitals given the current strain on healthcare systems. Still, claims from criminal organizations should be taken with a hefty grain of salt.  

Keep your security up to date 

In the meantime, McAfee Advanced Threat Research is closely monitoring new threats that aim to take advantage of the uncertainty surrounding the pandemic. The team has analyzed these threats based on geography, and will continue to report further findings. While these threats are not unexpected as cyber criminals always try to leverage large events to their advantage, it is disappointing to see at a time when the world needs to come together that there are those who have scant regard for the sense of community. 

Stay ahead of malicious threats 

Whether you’re a healthcare professionalfamily provideror both, here are some tips that can help you stay ahead of malicious tactics being used to attack individuals and healthcare institutions 

  • Secure your home network by checking your device passwords and Wi-Fi password. Make sure your system and software are all up to date, and take the time to perform pending updates.  
  • Avoid clicking on emails and texts from unknown senders. Be wary of any communication coming from “official” sources that encourage urgent actions on provided links or ask for your login credentials.  
  • Check in often with family and friends and be their technical advisor if needed to help steer them away from social engineering or spammy phishing. Consider using a free safe browser extension that can help steer you away from illegitimate sites.  
  • Be sure to set up robust security on devices that may now be seeing a lot more online time.  
  • Don’t forget your phone  stay protected from malicious apps and smishing/vishing attempts.

The post Ransomware Attacks: Cybercriminals Pinpointing Healthcare Organizations appeared first on McAfee Blogs.

]]>
Connect With Confidence: Benefits of Using a Personal VPN  https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/connect-with-confidence-benefits-of-using-a-personal-vpn/ Fri, 24 Apr 2020 19:40:00 +0000 /blogs/?p=100056

Protect your digital life  The recent surge in work from home is likely accompanied by a corresponding increase in corporate VPN (virtual private network) usage. More and more employees who would typically be connected at the office are using these protected networks to access confidential documents and sites. To some, these corporate VPNs are simply a tunnel into their work lives. But what about the benefits of a personal VPN? What is a VPN […]

The post Connect With Confidence: Benefits of Using a Personal VPN  appeared first on McAfee Blogs.

]]>

Protect your digital life 

The recent surge in work from home is likely accompanied by a corresponding increase in corporate VPN (virtual private network) usage. More and more employees who would typically be connected at the office are using these protected networks to access confidential documents and sites. To some, these corporate VPNs are simply a tunnel into their work lives. But what about the benefits of a personal VPN? What is a VPN exactly, and why use one 

Encrypt your data 

While a home network with a strong password can help set a good foundation for your digital safety, it is worth considering additional privacy fortifications as more devices connect (and perhaps stay connected for longer periods of time)Whether it’s kids taking their classes and gaming online or parents trying to run errands remotely, we want to help you protect your digital life. 

At their cores, a corporate VPN and personal VPN perform the same functions. They encrypt (or scramble) your data when you connect to the Internet and enable you to browse or bank in confidence with your credentials and history protected. Should there be any malicious actors attempting to intercept your web traffic, they would only be able to see garbled content thanks to your VPN’s encryption functionality.  

Need for VPN 

Constant online connection is becoming the new normal as we limit the time we spend outdoors. And, as the number of devices online increases, so does the number of threats.  

With many retailers reducing their physical footprints or even closing entirely, such services have shifted online – whether you prefer it or not. Learn how to navigate this changing digital landscape with the following VPN tips and tricks below.  

One classic cyberattack is the “maninthemiddle,” especially prevalent in places with public Wi-Fi connections such as cafes or open Wi-Fi connections at an apartment buildingMalicious actors take advantage of weak network security to intercept and read potentially sensitive information such as bank login credentials or even credit card information. strong VPN with bank-grade encryption can render this attack useless and help keep sensitive data away from prying eyes.  

Which VPN should I choose? 

Not all VPNs are created equal! Make sure that the service you select meets your needs:  

Browser vs Desktop/Mobile 

A browser-level VPN acts as an extension and will only help protect web traffic on the specific browser it is installed on. While this degree of privacy may work for some users, a device-level VPN such as McAfee® Safe Connect can generally help protect web traffic regardless of browser or application selected.  

Level of Security 

It is important to review each service’s privacy terms before you decide which one to use as your trusted gateway. Some VPN services, especially free ones, implement trackers that record your demographic, location, and system information. You can sometimes refer to third party security audits to help validate these privacy claims.  

Bandwidth 

Depending on how much you plan to use your VPN, you can consider searching for services that have either limited or unlimited data plans. If you plan to consume multimedia such as streaming video or uploading large files, an unlimited plan may work better for you.  

Variety of locations 

For general use, it is advisable to let your VPN connect to the nearest and fastest server location. But, having a diverse list of countries to choose from will allow you greater flexibility if the server is slow in one location.  

Ease of Use 

Ultimately, you should choose a VPN that’s easy to use and understand. We are all embarking on digital journeys from different places of technical comfort, but consider starting with products that offer a streamlined and simplified experience.  

If you’d like to learn more about VPNs, read more here, or dive into VPNs for Android and iOS

The post Connect With Confidence: Benefits of Using a Personal VPN  appeared first on McAfee Blogs.

]]>
Stay Ahead of Misinformation – 5 Ways to Combat Fake News https://www.mcafee.com/blogs/consumer/stay-ahead-of-misinformation-5-ways-to-combat-fake-news/ Fri, 24 Apr 2020 19:17:30 +0000 /blogs/?p=100050 fake news

Stay ahead of misinformation – 5 ways to combat fake news   Finding information in this increasingly digital world has never been easier. Our mobile phones dictate top headlines before we even get out of bed, and even our routers can perform complex searches via voice. We see the impact of this easy access on both our consumption and the sharing of information. Just as it’s easy for us to perform a quick search and send the relevant results to our social groups, it’s also simple for bad actors to create and […]

The post Stay Ahead of Misinformation – 5 Ways to Combat Fake News appeared first on McAfee Blogs.

]]>
fake news

Stay ahead of misinformation  5 ways to combat fake news 

 Finding information in this increasingly digital world has never been easier. Our mobile phones dictate top headlines before we even get out of bed, and even our routers can perform complex searches via voice. We see the impact of this easy access on both our consumption and the sharing of informationJust as it’s easy for us to perform a quick search and send the relevant results to our social groups, it’s also simple for bad actors to create and post fake news on seemingly legitimate platforms. In times of uncertainty, it is natural to go online in search of facts, or the latest update. Now is great time to brush up on your digital hygiene and best practices to stay ahead of evolving threats 

Fake news 

As we’ve learned this year, a lot can change very quickly. We all want to stay up to date on worldwide trends, announcements, or even the elections. This expanded focus on current events opens an opportunity for bad actors. Panic-inducing rumors can be labeled as sensational at best. However, there are malicious promises made via phishing scamthat attempt to hook worried and confused consumers into credit card fraud or other payment schemes. Sticking to legitimate news sources is one of the easiest ways to avoid such traps.  

Chain mail craze 

Not only should you validate your personal newsfeed, you should also hold your social networks to this sanitized standard. While well-intentioned, rumors and fake news often spread through the social grapevine e.g. “my friend saw this on WeChat” or “look at what someone sent me on Facebook.” These updates may feel more relatable since we’re hearing them from someone we know, but keep in mind that social media chain mail is often lacking in factual accuracy. By verifying what you’re see against legitimate information sources, you can help family and friends stay both diligent and in the know.  

Dear Sir/Madam” 

Phishing scams also come out in full force during moments of public panic. We’ve seen numerous spoofed emails and text messages that claim to be from local governments, hospitals, or even retailers encouraging targets to take action on urgent items. These notices range from falsified instructions for claiming relief checks to scheduling medical check-upsSome of these phishing emails may be easy to spot as fakes, but the sensitivity of the current environment may cloud our judgment. If you have any doubts about the legitimacy of these messages, you can always reach out to the known institution through official channels to verify.  

Charity imposters 

One of the great things about extraordinary moments like these is the outpouring of compassion and empathy from the global community. Sadlycybercriminals take advantage of this generosity as wellBad actors have stood up fake charity sites and platforms in the name of donating resources to underserved populations or supporting researchIn reality, these may be scams, and any donations received will never see the light of day. It is a best practice to always research charity organizations before you contribute – especially now. 

Protect yourself from misinformation 

Take a look at some tips and tools below that you can use to stay ahead of misinformation: 

  • Exercise caution when taking action on emails, texts, and phone calls from unfamiliar sources. Often these messages impersonate legitimate entities or people we may know – reach out to the sender directly if you have doubts. 
  • Use a free safe browsing extension like McAfee® WebAdvisor that integrates website reputation ratings that can help steer you away from illegitimate news sites. For Chrome users, WebAdvisor will even color-code links in your social media newsfeeds, so you’ll know which ones are safe to click. 
  • Avoid websites with suspicious URLs or designs that look hastily put together. Check to make sure the site has a secure connection and starts with “https” rather than “http.” 
  • Some identity theft protection services include social media monitoring to help make sure your accounts aren’t being used by bad actors to spread fake news. 
  • Parental controls can keep tabs on kids’ screen timehelping limit their time on certain apps or sites that may be more vulnerable to proliferating misinformation. 
  • Consider using a comprehensive security suite to ensure your devices and online accounts are protected. 

The post Stay Ahead of Misinformation – 5 Ways to Combat Fake News appeared first on McAfee Blogs.

]]>
Online shopping scams – 7 ways to fight them  https://www.mcafee.com/blogs/consumer/online-shopping-scams-7-ways-to-fight-them/ Fri, 24 Apr 2020 17:35:10 +0000 /blogs/?p=100046

 Be wary of online shopping scams – 7 ways to fight them    While some of us may be quite skilled at finding miscellaneous gadgets and great deals on apparel online, relying on e–commerce platforms for all of our basic household needs is a new challenge. Many of us preferred to shop at brick and mortar retail for certain purchases such as groceries or pharmaceuticals. Now that we’ve turned online for all our shopping needs, online […]

The post Online shopping scams – 7 ways to fight them  appeared first on McAfee Blogs.

]]>

 Be wary of online shopping scams – 7 ways to fight them 

 

While some of us may be quite skilled at finding miscellaneous gadgets and great deals on apparel onlinerelying on ecommerce platforms for all of our basic household needs is a new challenge. Many of us preferred to shop at brick and mortar retail for certain purchases such as groceries or pharmaceuticals. Now that we’ve turned online for all our shopping needs, online suppliers have struggled to meet the surge in demand for certain goodsopening a new space for third-party sellers and malicious actors to step in. Since the beginning of the year, the Federal Trade Commission (FTC) has already received over 8,400 complaints regarding consumer scamsand the total reported consumer loss weighs in at $5.85 million.  Here are some common scams to be on the lookout for.  

Fake Shopping Websites 

Cybercriminals are quick to take advantage of emerging trends or events.  We’ve already seen numerous fake shopping websites claiming to sell hot ticket items like cleaning supplies that may be sold out elsewhere. In reality, these credit card-collecting scams may deliver counterfeit goods or nothing at all. 

Investment Scams  

This same logic applies for investments as well. Scammers may be posing as budding companies attempting to raise capital to build medical equipment. Others may be advertising non-existent hedge funds with guarantees of high returns post-crisis. Regardless of the promised deliverable, be sure to conduct sufficient research prior to making major investment decisions.  

Miracle Cures 

As Time reports, some sites even promote remedies ranging from colloidal silver to cow manure.” Luckily, the FTC and Food and Drug Administration (FDA) have started cracking down on companies that issue unsupported claims about miracle cures and vaccines.  

Test Kits 

At the time of writing, the FDA has not approved the sale or distribution of any home testing kitsWhile some of these offers have come from legitimate companies that may have relationships with testing labs, most of these have since received and abided to cease and desist notices. Always reference official entities for guidance on testing, such as the CDC (Centers for Disease Control and Prevention) site here 

This doesn’t mean we should halt our online purchasing. If anything, some logistics companies are encouraging us to continue supporting our favorite small retailers through online purchases to keep them afloat in the uncertainty that lies ahead. With many new instances and flavors of cyberattacks popping up overnight, we can help you stay diligent and secure as you adapt to this shift online.

 Shop Safely Online 

Remember to follow the tips below to ensure your safe online shopping efforts are not in vain: 

  • Exercise caution when receiving promotional emails or texts from unknown sources, especially those that make claims too good to be true.  
  • Stay away from unfamiliar ecommerce websites, even if they’re referred by people you know. Some red flags could be nonsensical URLs, misspellings and unprofessional webpage designs. You can also use a free safe browsing extension to help steer you away from illegitimate sites.  
  •  Use a mobile security solution to help you stay secure on your mobile devices with automatic security scans.  
  • Use a VPN (virtual private network) like McAfee® Safe Connect when conducting sensitive transactions – the data encryption can help ensure your personal information stays protected from prying eyes listening in on your web traffic 
  • Consider using an identity theft protection service to help protect, detect, and correct potential breaches in personal information. 
  • Protect your purchases by looking for sites that begin with “https” instead of “http” – a good way to remember this is “S for secure.” 
  • Use a comprehensive security suite to ensure your devices and online accounts are protected.  

 

The post Online shopping scams – 7 ways to fight them  appeared first on McAfee Blogs.

]]>
How Do Hackers Hack Phones and How Can I Prevent It? https://www.mcafee.com/blogs/consumer/how-do-hackers-hack-phones-and-how-can-i-prevent-it/ https://www.mcafee.com/blogs/consumer/how-do-hackers-hack-phones-and-how-can-i-prevent-it/#comments Wed, 01 Apr 2020 14:00:54 +0000 /blogs/?p=99360 chat etiquette

The threat of having your phone hacked has become a common fear. The truth is that it is possible to hack any phone. With the advancement of technology, where discovery of knowledge and information advances the understanding of technology, hackers are able to hack even the most sophisticated phone software. But how?

The post How Do Hackers Hack Phones and How Can I Prevent It? appeared first on McAfee Blogs.

]]>
chat etiquette

The threat of having your phone hacked has become a common and rational fear. The cold hard truth is that it is now possible to hack any phone. With the advancement of technology, where discovery of knowledge and information advances the understanding of technology, hackers are able to hack even some of the most sophisticated phone software. But how?

Hacking Software

Did you know that hacking software for Android and other mobile devices exists? And did you know there are countless hacking software options online for free? Hacking software is a method used by hackers to get information from a phone. Check out our 2020 Mobile Threat Report to dig deeper.

The serious hackers can buy hacking software anywhere, such as a phone Spy App, which must be installed on the target phone. Not all hackers need to handle a phone physically in order to install hacking software, but in some cases they must.

Keylogging is an approach that involves downloading a spyware app to target the phone and take the phone’s data before encryption. This type of software can be utilized by accessing the phone physically.

Trojan is a type of malware that can be disguised in your phone to extract important data, such as credit card account details or personal information. To install Trojan Malware, hackers use techniques like phishing to influence you into the trap.

Phishing

Phishing is a method used by hackers where they impersonate a company or trusted individual in order to gain confidential data. Hackers use this method by sending official-looking codes, images, and messages, most commonly found in email and text messages. When this malicious content is clicked on, the URLs can hack your phone because the link has been infected with a hacking virus or software that can take your personal information.

Hacking Using a Phone Number

In order to be able to hack using only a phone number, you must know and understand the technicalities of phone hacking. SS7 signaling is the system used to connect cell phone networks to one another, but in order to use this system as a method of hacking phones, one must have access to it. Recording calls, forwarding calls, reading messages, and finding locations of a particular device can be done with access to the SS7 system. Although, due to the level of difficulty, it is unlikely that the average person would be able to hack a phone in this manner.

SIM Card Hacking

In August of 2019, the CEO of Twitter had his SIM card hacked by SIM card swapping using the phishing method. SIM card swapping is performed when the hacker contacts your phone provider, pretends to be you, and then asks for a replacement SIM card. Once the provider sends the new SIM to the hacker, the old SIM card will be deactivated, and your phone number will be stolen. This means the hacker has taken over your phone calls, messages, etc. This method of hacking is relatively easy if the hacker can convince the provider that they are you. Keeping personal details to yourself is an important part of ensuring that hackers cannot pretend to be you.

AdaptiveMobile Security discovered a new way hackers were getting into phones using the SIM card—a method they call Simjacker. This way of hacking is more complex than phishing as it targets a SIM card by sending a signal to the target device. If the message is opened and clicked on, hackers are able to spy on the hacked device and even find out the location of the device.

Bluetooth Hacking

Professional hackers can use special software products to search for vulnerable mobile devices with an operating Bluetooth connection. These types of hacks are done when a hacker is in range of your phone, usually in a populated area. When hackers are connected to your Bluetooth, they have access to all of the information available and the internet connection to access the web, but the data must be downloaded while the phone is within range.

Prevent you become a victim of phone hacking

There are many different ways a hacker can get into your phone and steal personal and critical information. Here are a few tips to ensure that you are not a victim of phone hacking:

1. Keep Your Phone in Your Possession

The easiest way for a hacker to steal your phone’s information is to gain access to it — therefore, it is always important to keep your phone in your possession. If you have been away from your phone around a group of strangers and are concerned about possible hacking, check your settings and look for strange apps.

2. Encrypt Your Device

Encrypting your cell phone can save you from being hacked and can protect your calls, messages, and critical information. To check if a device is encrypted: iPhone users can go into Touch ID & Passcode, scroll to the bottom, and enable Data protection. Android users have automatic encryption depending on the type of phone.

3. SIM Card Locking

Putting a passcode on your SIM card can protect it from being hacked. Setting this code can be done on an iPhone by going to Settings > Cellular > SIM PIN. Enter your existing PIN to enable the lock. Android users can go to Settings > Lock screen and Security > Other security settings > Set up SIM card lock. Here you can enable the option to lock your SIM card.

4. Turn Off WIFI and Bluetooth

It is fairly easy for hackers to connect to your phone using WIFI or Bluetooth, so turn them off when not needed because there is no warning when a hacker attacks you. If you fear being hacked in a public space, turning off your phone can block a hacker’s ability to hack you — this is an effective preventative method.

5. Use Security Protection

Protecting your device from spyware can be done for free and simply through A Mobile Security app on an iPhone and Android can help protect cell phones from hackers. McAfee Total Protection—helps protect against cyber threats and includes McAfee WebAdvisor — to help identify malicious websites you should watch out for.

Stay protected

Making a point to understand how hacking works can help you practice security in your every day life. Know how to be prepared for being hacked, so that when it happens you can be on top of how to handle it.

 

The post How Do Hackers Hack Phones and How Can I Prevent It? appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/how-do-hackers-hack-phones-and-how-can-i-prevent-it/feed/ 1
What is Data Privacy and How Can I Safeguard It? https://www.mcafee.com/blogs/consumer/what-is-data-privacy-and-how-can-i-safeguard-it/ https://www.mcafee.com/blogs/consumer/what-is-data-privacy-and-how-can-i-safeguard-it/#respond Wed, 01 Apr 2020 14:00:00 +0000 /blogs/?p=99362

There is certain information that is important to keep to yourself. If a stranger asks for your first name, you are likely to tell them. But if a stranger asks for your bank account number, you are unlikely to tell them. Data privacy works in the same way, if the piece of data or information is of high importance, it should be handled as such.

The post What is Data Privacy and How Can I Safeguard It? appeared first on McAfee Blogs.

]]>

There is certain information that is important to keep to yourself. If a stranger asks for your first name, you are likely to tell them. But if a stranger asks for your bank account number, you are unlikely to tell them. Data privacy works in the same way, if the piece of data or information is of high importance, it should be handled as such.

What data is considered private?

Technology has made it easy for data to be breached and get into the wrong hands. Data privacy is important for personal information and even more for special categories of personal data, that includes:

  • Social Security numbers
  • Medical records
  • Race and ethnic origin
  • Religious or philosophical beliefs
  • Political opinions
  • Trade union memberships
  • Biometric data used to identify an individual
  • Genetic data
  • Health data
  • Data related to sexual preferences, sex life, and/or sexual orientation

It’s important to keep even basic personal data protected in some way, including full names, addresses, and birthdates. Other data that should be protected includes, résumés, certificates, photos, employment records and social media account login credentials.

Why is data privacy important?

Someone who has access to any of your information could steal your identity, so keeping special categories of personal data and basic personal data private is important to keeping your identity safe. Identity theft is the deliberate use of someone else’s identity and is usually used for financial gain such as obtaining credit and other benefits.

Protect your identity

 Identity Theft Protection can help you keep tabs on your credit identity and personal information. An identity monitoring service should offer features such as, cyber monitoring on the Dark Web, credit monitoring, and Social Security number tracing.   

Data privacy regulations

Consumers should understand their rights to their own private and personal information. If they don’t, regulations such as the GDPR (General Data Protection Regulation) help data protection, privacy and address the transfer of personal data. GDPR is an updated European law that empowers people and gives them back their power over their data.

In response to the GDPR, California responded with the CCPA (California Consumer Privacy Act), an act that broadens  privacy rights by including data access rights and a limited private right of action, which went into effect in January of 2020. Residents of California have the CCPA to enhance their privacy rights and consumer protection.

Protect your data

Knowing your rights is key to understanding how your data can be protected, but there are simple practices to protect your privacy to avoid becoming a victim of identity theft.

Adopt good cyber practices

How many times have you searched for a product online and then seen ads for similar products? This happens because 3rd party apps ask invasive permissions to gain access to your data when you install them, acting as an extension of your friend. In the digital world we live in, it is important to adopt good cyber practices to help ensure your private information is kept safe. You can take control over your own security settings to limit what information is available to 3rd parties online.

Secure your WIFI network and other devices: Start by looking for WIFI gateway routers that offer integrated security to help secure your network. Criminals can easily access your WIFI network and devices on that network if it isn’t secure. Once accessed, they can steal your private personal information.

Share with care

Be careful not to share personal details and certain contact information that could land in the wrong hands because sharing personal information online can be detrimental to your privacy.

Keep your passwords safe: Keeping your passwords safe can ensure that only you have access to your personal and private information. It is also smart to never use the same password and to always use strong and unique passwords.

Looks sketchy? Don’t click: Hackers commonly use strange links, images, and messages to reach your personal data, so avoid clicking any links that could be infected.

Use security protection: Browsing with a security protection tool can help protect devices against malware and other forms of personal information attacks. McAfee Total Protection can protect devices against these threats and also includes McAfee WebAdvisor, which can help identify malicious websites.

Use a personal information protection tool: Personal monitoring, financial monitoring and recovery tools, such as McAfee Identity Theft Protection help keep identities personal and secure.

Stay protected

Making a point to understand data privacy and protection can help you practice security in your daily life. Know your rights when it comes to data privacy and stay up to date on mobile security threats.

The post What is Data Privacy and How Can I Safeguard It? appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/what-is-data-privacy-and-how-can-i-safeguard-it/feed/ 0
ST17: Secure Remote Working with Raj Samani & Mo Cashman https://www.mcafee.com/blogs/other-blogs/podcast/st17-secure-remote-working-with-raj-samani-mo-cashman/ https://www.mcafee.com/blogs/other-blogs/podcast/st17-secure-remote-working-with-raj-samani-mo-cashman/#respond Wed, 01 Apr 2020 00:24:04 +0000 /blogs/?p=99389

In this podcast, McAfee’s Principal Engineer Mo Cashman and Chief Scientist & McAfee Fellow Raj Samani cover how to stay safe while working remotely.

The post ST17: Secure Remote Working with Raj Samani & Mo Cashman appeared first on McAfee Blogs.

]]>

In this podcast, McAfee’s Principal Engineer Mo Cashman and Chief Scientist & McAfee Fellow Raj Samani cover how to stay safe while working remotely.

The post ST17: Secure Remote Working with Raj Samani & Mo Cashman appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/podcast/st17-secure-remote-working-with-raj-samani-mo-cashman/feed/ 0
10 McAfee Women Share Top Career Highlights https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/10-mcafee-women-share-top-career-highlights/ https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/10-mcafee-women-share-top-career-highlights/#respond Mon, 30 Mar 2020 16:35:05 +0000 /blogs/?p=99346

Looking to reach your career best? At McAfee, we invest in your growth and development to help you get there. In honor of Women’s History Month, we asked members of our McAfee Women in Security Community (WISE) to share their favorite experiences at past and present jobs, including what they love about working at McAfee. […]

The post 10 McAfee Women Share Top Career Highlights appeared first on McAfee Blogs.

]]>

Looking to reach your career best? At McAfee, we invest in your growth and development to help you get there. In honor of Women’s History Month, we asked members of our McAfee Women in Security Community (WISE) to share their favorite experiences at past and present jobs, including what they love about working at McAfee.

  1. Back in the mid-2000’s, I worked for a startup company in infrastructure services. One of the most exhilarating moments was winning a five-year $30 million-dollar services deal. This one deal enabled us to move into new emerging markets, develop our position and compete with bigger service providers. When we won, we couldn’t quite believe it—it was one of those surreal moments you never forget. When I look back now, I realize I was very fortunate to have a mentor and boss who demonstrated his trust in me (so early in my career!) to pursue a deal that was very high risk to the company.” —Mandy, Director, Sales
  2. My biggest career moment has been meeting the Minister of Veterans Affairs on Parliament Hill while the House of Commons was sitting and discussing how analytics could help veterans and PTSD. When I think about what I love about my job and what I do, I’m in sales and have always been in sales. I’m a ‘people person.’ I love networking and solving customer issues. I could argue I’ve been in sales since Girl Guide Cookies!” —Eliane, Director, Sales
  3. One of my favorite career highlights has definitely been being part of the WISE Board at McAfee. I get to work with smart, diverse, global women who truly want to help each other and make a difference. Also, the people (our internal teams and our customers) are truly the best. I love working with passionate caring people that want to make a difference and keep people safe!—Brenda, North America Consumer Sales & WISE Board Member
  4. My biggest career highlight is achieving the title of principal engineer in McAfee. I’m honored and humbled to be one of three women in PEs out of 7000+ people in McAfee. It allows me to have a broad vision of the company and a large platform to enable change and impact. I love my job because I am able to work on challenging projects and have a very supportive, diverse group that supports and empowers me to make an impact.” —Catherine, Principal Engineer & Senior Data Scientist
  5. My biggest career highlight was becoming a principal engineer! I have loved numbers since I was in kindergarten. One of my first school reports says ‘Sorcha is working her way through her math with obvious enjoyment.’ I love my data tools and I have one of the biggest and most interesting data sets in the world with Global Threat Intelligence data!—Sorcha, Principal Engineer, Lead Data Scientist
  6. My biggest career highlight was winning Worldwide Sales Director of the Year for FY 2017, hands down! My team won 5/6 awards at Club that year. Knowing we had a significant impact on McAfee and experiencing that level of success as a team was an amazing feeling. I still feel so incredibly proud to be part of this team. Every day is different and each day brings a new challenge to solve. Sales can be a roller coaster; staying focused on problem solving for the customer helps me stay connected to the purpose. When you consider what we are tasked with protecting, it’s impossible not to feel like we are doing something meaningful.” —Marty, VP Sales Enterprise East & Global WISE President
  7. My biggest career highlight was transitioning into my current role and finishing my first year in this position by presenting at MPOWER 2019. I love being a professional in cybersecurity and helping keep people safe is something I am very proud of. McAfee has also provided me with work life balance that ensures I have quality time with my family.” —Shelly, Professional Services Consultant
  8. I started with a simple job of web categorization and became a security researcher handling large and complex data and automation for my team. I love my job because I’ve been able to grow with it. I do a lot of research and analysis. It’s like putting pieces of a puzzle together, the kind of challenge I enjoy. At the beginning, I don’t know what the pieces are or what they mean—but as I do research, collect data, and put it all together, then it becomes something meaningful.—Kyoko, Security Researcher
  9. My biggest career highlight has been my seamless transition into my current role and being an active member of WISE, Toastmasters and Culture Club. I enjoy the opportunity to work with different people every single day. Looking at the big picture, connecting the dots and dealing with uncertainties while helping the team stay on track keeps me on my toes. McAfee has an amazing culture with extraordinary people and getting to know them every single day has been delightful.—Arathi, Technical Program Manager
  10. Solving specific customers’ problems and contributing to making sure McAfee is recognized as the cloud security thought leader feels great. It’s thrilling to use my whole self to help solve a global problem using strategic thinking, technical understanding and traditionally feminine skills I bring, like storytelling and compassionate communication.

The mission of protecting what matters is really meaningful to me. Second, I love my varied work—from storytelling and technical analysis (every architecture is a story) to influencing customer security executives and encouraging the next generation of security professionals. Third, PEOPLE. Thank you to all of my colleagues who encourage me, improve my results by challenging me and especially those who do both!—Brooke, Sr. Cloud Architect/Strategist


If you’re looking for a fulfilling career with a company dedicated to helping women thrive in the workplace, check out our openings!

The post 10 McAfee Women Share Top Career Highlights appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/10-mcafee-women-share-top-career-highlights/feed/ 0
How To Stop Phone Spoofing https://www.mcafee.com/blogs/consumer/how-to-stop-phone-spoofing/ https://www.mcafee.com/blogs/consumer/how-to-stop-phone-spoofing/#respond Wed, 18 Mar 2020 18:28:19 +0000 /blogs/?p=99166

How Does Phone Spoofing Work? Call spoofing is when the caller deliberately sends false information to change the caller ID. Most spoofing is done using a VoIP (Voice over Internet Protocol) service or IP phone that uses VoIP to transmit calls over the internet. VoIP users can usually choose their preferred number or name to […]

The post How To Stop Phone Spoofing appeared first on McAfee Blogs.

]]>

How Does Phone Spoofing Work?

Call spoofing is when the caller deliberately sends false information to change the caller ID. Most spoofing is done using a VoIP (Voice over Internet Protocol) service or IP phone that uses VoIP to transmit calls over the internet. VoIP users can usually choose their preferred number or name to be displayed on the caller ID when they set up their account.

Some providers even offer spoofing services that work like a prepaid calling card. Customers pay for a PIN code to use when calling their provider, allowing them to select both the destinations number they want to call, as well as the number they want to appear on the recipient’s caller ID.

What Are The Dangers of Phone Spoofing?

Scammers often use spoofing to try to trick people into handing over money, personal information, or both. They may pretend to be calling from a bank, a charity, or even a contest, offering a phony prize. These “vishing” attacks (or “voice phishing”), are quite common, and often target older people who are not as aware of this threat.

For instance, one common scam appears to come from the IRS. The caller tries to scare the receiver into thinking that that owe money for back taxes, or need to send over sensitive financial information right away. Another common scam is fake tech support, where the caller claims to be from a recognizable company, like Microsoft, claiming there is a problem with your computer and they need remote access to fix it.

There are also “SMiShing” attacks, or phishing via text message, in which you may receive a message that appears to come from a reputable person or company, encouraging you to click on a link. But once you do, it can download malware onto your device, sign you up for a premium service, or even steal your credentials for your online accounts.

Why Is Spoofing So Prevalent?

The convenience of sending digital voice signals over the internet has led to an explosion of spam and robocalls over the past few years. In fact, according to Hiya, a company that offers anti-spam phone solutions, spam calls grew to 54.6 billion in 2019, a 108% increase over the previous year.

Since robocalls use a computerized auto dialer to deliver pre-recorded messages, marketers and scammers can place many more calls than a live person ever could, often employing tricks such as making the call appear to come from the recipient’s own area code. This increases the chance that the recipient will answer the call, thinking it is from a local friend or business.

And because many of these calls are from scammers or shady marketing groups, just registering your number on the FTC’s official “National Do Not Call Registry” does little help. That’s because only real companies that follow the law respect the registry.

What Can I Do To Stop Spoofing Calls?

To really cut back on these calls, the first thing you should do is check to see if your phone carrier has a service or app that helps identity and filter out spam calls.

For instance, both AT&T and Verizon have apps that provide spam screening or fraud warnings, although they may cost you extra each month. T-Mobile warns customers if a call is likely a scam when it appears on your phone screen, and you can sign up for a scam blocking service for free.

There are also third-party apps such as RoboKiller and Nomorobo that you can download to help you screen calls, but you should be aware that you will be sharing private data with them.

Other Tips For Dealing With Unwanted Calls

  1. After registering for the Do Not Call Registry and checking out your carrier’s options, be very cautious when it comes to sharing your contact information. If an online form asks for your phone number but does not need it, leave that field blank. Also, avoid listing your personal phone number on your social media profiles.
  2. If you receive a call from an unrecognized number, do not answer it. You can always return the call later to see if it was a real person or company. If it was a scam call, you can choose to block the number in your phone, but that too can be frustrating since scammers change their numbers so often.
  3. You can report unwanted calls to the FTC.
  4. Read the privacy policy on every new service you sign up for to make sure that they will not share or sell your contact information.
  5. Be wary of entering contests and sweepstakes online, since they often share data with other companies.
  6. Stay up-to-date on the latest scams, so you know what to look out for, and install mobile security on your phone to help protect you from malware and other threats.

Looking for more mobile security tips and trends? Be sure to follow @McAfee Home on Twitter, and like us on Facebook.

The post How To Stop Phone Spoofing appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/how-to-stop-phone-spoofing/feed/ 0
ST16: Top 5 RSA Moments 2020 with Vittorio Viarengo & Naveen Palavalli https://www.mcafee.com/blogs/other-blogs/podcast/top-5-rsa-moments-2020-with-vittorio-viarengo-naveen-palavalli/ https://www.mcafee.com/blogs/other-blogs/podcast/top-5-rsa-moments-2020-with-vittorio-viarengo-naveen-palavalli/#respond Tue, 10 Mar 2020 19:28:02 +0000 /blogs/?p=99057

McAfee’s Interim Chief Marketing Officer Vittorio Viarengo and VP of Product & Solution Marketing Naveen Palavallil team up to discuss their favorite McAfee highlights of this year’s RSA Conference.

The post ST16: Top 5 RSA Moments 2020 with Vittorio Viarengo & Naveen Palavalli appeared first on McAfee Blogs.

]]>

McAfee’s Interim Chief Marketing Officer Vittorio Viarengo and VP of Product & Solution Marketing Naveen Palavallil team up to discuss their favorite McAfee highlights of this year’s RSA Conference.

The post ST16: Top 5 RSA Moments 2020 with Vittorio Viarengo & Naveen Palavalli appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/podcast/top-5-rsa-moments-2020-with-vittorio-viarengo-naveen-palavalli/feed/ 0
Do I Need to Hide My IP Address? https://www.mcafee.com/blogs/consumer/do-i-need-to-hide-my-ip-address/ https://www.mcafee.com/blogs/consumer/do-i-need-to-hide-my-ip-address/#comments Tue, 03 Mar 2020 20:26:09 +0000 /blogs/?p=98995

New threats to our online privacy emerge every day, from relatively benign tracking of our activities for marketing purposes, to more invasive measures that can put our security at risk. This has led some people to wonder whether they should take steps to hide their IP address. In truth, it depends on your online activities and what you want to keep private. We’ll look at a few examples, but first, let's get a better understanding of IP addresses.

The post Do I Need to Hide My IP Address? appeared first on McAfee Blogs.

]]>

What is an IP Address?

Think of this as your address on the internet — a location where you receive mail and other data such as webpages, images, and mesages. Your IP address is made up of a string of four groups of numbers, such as 192.172.33.1, which identifies both the network you are on and the device you are using. With these two pieces of information networks and websites can both route data to you and check that you have permission to access it.

Why Would I Want to Hide My IP Address?

Since your IP address is needed to surf around the web, it can act as a fingerprint of your online activities. Webpages may choose to store this information to learn more about you and your interests for marketing purposes. Your data can also be potentially sold to third parties without your consent, or used to spy on you if someone has malicious intent. An example of this would be so-called “spyware,” which can covertly log the sites you visit.

IP addresses are also used to restrict access to content, such as streaming services that are only available in certain locations. But hiding your IP address for this purpose is not something we advocate.

How Do I Hide My IP Address?

There are two main ways to hide your IP address: by using a virtual private network (VPN), or a proxy server. VPNs are the most common tools used by consumers to mask their IP addresses. This is a piece of software that allows you to create a secure connection to another server over the internet, so your data appears to come from the server you connect to. So, if you are in Los Angeles, for instance, the software can connect you to a server in London, hiding your actual location since your traffic appears to originate in London.

A proxy server is different in that it acts like a middleman between your device and the server you are trying to connect with. It receives a request from your device and then retrieves that information from the target server. The proxy can be either a computer or a piece of software that performs this function. It’s different from a VPN in that it doesn’t encrypt, or scramble, your information, making it less secure. That’s why we suggest that you use a VPN.

When Should I use a VPN?

There are a few scenarios when you may want to hide your IP address. The first is if you’re using public Wi-Fi, because your browsing activity might be accessible to anyone nearby. If you use a VPN, you can make a secure connection to the network and keep your activities private.

You may also choose to hide your IP address if you are concerned about your privacy on the web in general and want to make sure that there are no websites or cybercriminals tracking you.

Finally, users who want to connect with a private business or home network may also choose to use a VPN. Many businesses, for example, only allow their employees to connect to their internal network if their IP address is coming from an approved network. With a VPN, you can connect to the internal network from anywhere and you will be allowed access since it is coming from an approved IP address.

Other Ways to Protect Your Privacy

  • Check the privacy of all of your accounts to make sure they are on the strictest settings. On social media, make sure that only friends can see your information.
  • Turn off location services on websites and apps if you don’t need to use them. Unless you are using a service for mapping, or other location-critical functions, there is no reason to share your movements through the world.
  • Use complicated passwords and passphrases and keep them private. Password managers can help make this easier.
  • Install comprehensive security software on all of your devices. Try to choose a product that includes a VPN and identity theft protection.
  • When on a public Wi-Fi network, like in an airport or hotel, always use a VPN if you want to do banking and other sensitive activities securely.
  • Keep up-to-date on the latest threats, and how to avoid them.

Looking for more mobile security tips and trends? Be sure to follow @McAfee_Home on Twitter, and like us on Facebook.

 

The post Do I Need to Hide My IP Address? appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/do-i-need-to-hide-my-ip-address/feed/ 1
Burning Man Is Coming: How to Watch out for Ticket Scammers https://www.mcafee.com/blogs/consumer/consumer-threat-notices/music-festival-ticket-scams/ https://www.mcafee.com/blogs/consumer/consumer-threat-notices/music-festival-ticket-scams/#respond Wed, 26 Feb 2020 20:43:02 +0000 /blogs/?p=98968

As the winter months fade and spring begins to creep up, many millennials and Gen Zers set their sights on festival season. Whether they plan on attending Coachella, Stagecoach, Outside Lands, Lollapalooza, or Governor’s Ball, festivalgoers across the world anxiously begin to look for cheap or discounted tickets in the hope of enjoying these events […]

The post Burning Man Is Coming: How to Watch out for Ticket Scammers appeared first on McAfee Blogs.

]]>

As the winter months fade and spring begins to creep up, many millennials and Gen Zers set their sights on festival season. Whether they plan on attending Coachella, Stagecoach, Outside Lands, Lollapalooza, or Governor’s Ball, festivalgoers across the world anxiously begin to look for cheap or discounted tickets in the hope of enjoying these events as affordably as possible. This eagerness, however, provides scammers with an opportunity to scam attendees out of hundreds of dollars, as well as the experiences themselves. In fact, according to Threatpost, ticket scammers have recently set their sights on wishful Burning Man attendees.

How This Burning Man Scam Works

The dystopian, futuristic festival that is Burning Man takes place in late August through early September, attracting tens of thousands of people from around the world and all walks of life. While truly an immersive experience, the festival can be quite expensive. So, it’s no wonder that burners – the nickname given to festival attendees – would be eager to find the cheapest price for their tickets. With this scam in particular, fake Burning Man concert organizers are offering passes in what researchers say is a very convincing and sophisticated effort. These tricksters have set up a fake website that closely mimics the official Burning Man site to fool visitors into thinking it’s the real deal.

How to Stay Secure

Seasoned festivalgoers know that ticket scammers are out there. But as the traps become more sophisticated, it’s vital that they know how to spot “too good to be true” deals. To avoid being burned by tricksters, follow these tips:

  • Only buy tickets from reputable vendors. While purchasing a cheap ticket from a third-party vendor is tempting, buying a ticket from the actual festival site rather than one that offers a good deal is the way to go. If not, you risk not only losing money but also the festival experience.
  • Carefully inspect any site before entering payment details. Burning Man’s official website features event history, an invitation to collaborate, press releases, archives from past festivals, and more – so make sure to scan for a variety of pages to confirm that the site is the real deal. Adding to that, be sure to also inspect URLs for suspicious characters.
  • Use payment that’s protected. If for some reason you do fall victim to a scam, most credit card companies help you get your money back in event of fraud. Additionally, PayPal offers buyer protection when paying for “Goods or Services” that allows you to chargeback, just as long as you don’t pay as “friends and family,” which means no buyer protection.
  • Monitor your online accounts. You’re never too young to start monitoring your credit! Be sure to regularly inspect your account for suspicious activity. If you do suspect your data or account has been compromised, place a fraud alert on your credit.

To stay updated on all things McAfee and on top of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook. 

The post Burning Man Is Coming: How to Watch out for Ticket Scammers appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/consumer-threat-notices/music-festival-ticket-scams/feed/ 0
WhatsApp Users: Secure Your Desktop With These Tips https://www.mcafee.com/blogs/consumer/consumer-threat-notices/whatsapp-desktop-vulnerabilities/ https://www.mcafee.com/blogs/consumer/consumer-threat-notices/whatsapp-desktop-vulnerabilities/#comments Mon, 10 Feb 2020 22:46:07 +0000 /blogs/?p=98529

With over 500 million daily active users, WhatsApp is one of the world’s most popular messaging platforms. In an effort to provide even more ways to connect beyond iOS and Android, WhatsApp introduced a desktop version of the app in 2016, which allowed users to stay in touch from their home or work computer. However, […]

The post WhatsApp Users: Secure Your Desktop With These Tips appeared first on McAfee Blogs.

]]>

With over 500 million daily active users, WhatsApp is one of the world’s most popular messaging platforms. In an effort to provide even more ways to connect beyond iOS and Android, WhatsApp introduced a desktop version of the app in 2016, which allowed users to stay in touch from their home or work computer. However, a researcher from The Hacker News recently disclosed multiple vulnerabilities in WhatsApp which, if exploited, could allow remote attackers to compromise the security of billions of users.

How safe is WhatsApp?

According to researcher Gal Weizman, the flaws were found in WhatsApp Web, the browser version of the messaging platform. Weizman revealed that WhatsApp Web was vulnerable to an open-redirect flaw, which allows remote hackers to redirect victims to suspicious, arbitrary websites. If a hacker sent an unsuspecting victim a message containing one of these arbitrary links, they could then trigger cross-site scripting attacks. These attacks are often found in web applications and can be used by hackers to bypass access controls by injecting malicious code into trusted websites.

WhatsApp Web hack

If the victim clicks on the link in the message, the hacker could remotely gain access to all the files from their Windows or Mac computer, which increases the risk for identity theft. What’s more, the open-redirect flaw could have also been used to manipulate previews of the domain WhatsApp displays when links are sent through their platform. This provides hackers with another avenue to trick users into falling for phishing attacks.

 

How to stay safe

How can users continue to use messaging platforms like WhatsApp without putting themselves at risk of an attack? Follow these security tips for greater peace of mind:

  • Update, update, update. If you’re a WhatsApp Web user, be sure to update to the latest version to install the security patch for this flaw.
  • Think before you click. Be skeptical of ads shared on social media sites and messages sent to you through platforms like Facebook, Twitter, and WhatsApp. If you receive a suspicious message from an unknown sender, it’s best to avoid interacting with the message.
  • Hover over links to see and verify the URL. If someone you don’t know sends you a link, hover over the link without actually clicking on it. This will allow you to see a link preview. If the URL looks suspicious, don’t interact with it and delete the message altogether.

To stay updated on all things McAfee and on top of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post WhatsApp Users: Secure Your Desktop With These Tips appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/consumer-threat-notices/whatsapp-desktop-vulnerabilities/feed/ 2
How To Do A Virus Scan https://www.mcafee.com/blogs/consumer/consumer-threat-notices/how-to-run-a-virus-scan/ https://www.mcafee.com/blogs/consumer/consumer-threat-notices/how-to-run-a-virus-scan/#respond Fri, 07 Feb 2020 21:23:40 +0000 /blogs/?p=98494

Whether you think you might have a virus on your computer or devices, or just want to keep them running smoothly, it’s easy to do a virus scan. How you perform the virus scan depends on the software you have, so we’ll go through a few options below. But first, let’s cover a few telltale […]

The post How To Do A Virus Scan appeared first on McAfee Blogs.

]]>

Whether you think you might have a virus on your computer or devices, or just want to keep them running smoothly, it’s easy to do a virus scan. How you perform the virus scan depends on the software you have, so we’ll go through a few options below. But first, let’s cover a few telltale signs that you might may have a virus.

Do You Need A Virus Scan?

Is your computer or device acting sluggish, or having a hard time booting up? Have you noticed missing files or a lack of storage space? Have you noticed emails or messages sent from your account that you did not write? Perhaps you’ve noticed changes to your browser homepage or settings? Or maybe, you’re seeing unexpected pop-up windows, or experiencing crashes and other program errors. These are all signs that you may have a virus, but don’t get too worried yet, because many of these issues can be resolved with a virus scan.

What Does A Virus Scan Do, Exactly?

Each antivirus program works a little differently, but in general the software will look for known malware that meets a specific set of characteristics. It may also look for variants of these known threats that have a similar code base. Some antivirus software even checks for known, suspicious behavior. If the software comes across a dangerous program or piece of code, it removes it. In some cases, a dangerous program can be replaced with a clean one from the manufacturer.

How Do You Run A Scan?

On a Windows Computer:

If you are using the latest version of Windows, Windows 10, go into “Settings” and look for the “Updates & Security” tab. From there you can locate a “Scan Now” button.

Of course, many people have invested in more robust antivirus software that has a high accuracy rate and causes less drain on their system resources, such as McAfee Total Protection. To learn how to run a virus scan using your particular antivirus software, search the software’s “help” menu, or look online for exact instructions.

If you are using McAfee software, go here.

On a Mac Computer:

Computers running Mac software don’t have a built-in antivirus program, so you will have to download security software to do a virus scan. There are some free antivirus applications available online, but we always recommend investing in trusted software that can protect you from a variety of threats. Downloading free software can be risky, since cybercriminals know that this is a good way to spread malware.

Whichever program you choose, follow their step-by-step instructions on how to perform a virus scan, either by searching under “help”, or looking it up on their website.

On Smartphones & Tablets:

Yes, you can get the virus on your phone or tablet, although they are less common than on computers. However, the wider category of mobile malware is on the rise and your device can get infected if you download a risky app, click on an attachment in a text message, visit a dangerous webpage, or connect to another device that has malware on it.

Fortunately, you can protect your devices with mobile security software. It doesn’t usually come installed, so you will have to download an application and follow the instructions.

Because the Android platform is an open operating system, there are a number of antivirus products available for Android devices, allowing you to do a virus scan.

Apple devices are little different, however, because they have a closed operating system that doesn’t allow third parties to see their code. Although Apple has taken other security precautions to reduce malware risks, such as only allowing the installation of apps from Apple’s official app store, these measures aren’t the same as an antivirus program.

For more robust protection on your Apple devices, you can install mobile security software to protect the private data you have stored on your phone or tablet, such as contacts, photos, and messages.

All-In-One Protection:

If safeguarding all your computers and devices sounds overwhelming, you can opt for a comprehensive security product that protects computers, smartphones and devices from a central control center, making virus prevention a snap.

Why are virus scans so important?

New online threats emerge every day, putting our personal information, money, and devices at risk. In the first quarter of last year alone McAfee detected 504 new threats per minute, as cybercriminals adopted new tactics. That’s why it is essential to stay ahead of these threats by using security software that is constantly monitoring and checking for new known threats, while safeguarding all of your sensitive information. Virus scans are an essential part of this process when it comes to identifying and removing dangerous code.

How Often Should You Do A Virus Scan?

Most antivirus products are regularly scanning your computer or device in the background, so you will only need to start a manual scan if you notice something suspicious, like crashes or excessive pop-ups. You can also program regular scans on your schedule.

Preventing Viruses

Of course, the best protection is to avoid getting infected in the first place. Here are a few smart tips to avoid viruses and other malware:

  • Learn how to surf safe so you can avoid risky websites, links, and messages. This will go a long way in keeping you virus-free.
  • Never click on spammy emails or text messages. These include unsolicited advertisements and messages from people or companies you don’t know.
  • Keep the software on your computers and devices up to date. This way you are protected from known threats, such as viruses and other types of malware.
  • Invest in comprehensive security software that can protect all of your devices.
  • Stay informed on the latest threats, so you know what to look out for. The more you know about the latest scams, the easier they will be just spot, and avoid.

Looking for more mobile security tips and trends? Be sure to follow @McAfee Home on Twitter, and like us on Facebook.

The post How To Do A Virus Scan appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/consumer-threat-notices/how-to-run-a-virus-scan/feed/ 0
Election Website Security: Protect Your Vote in 2020 https://www.mcafee.com/blogs/consumer/election-website-security/ https://www.mcafee.com/blogs/consumer/election-website-security/#respond Tue, 04 Feb 2020 05:01:43 +0000 /blogs/?p=98296

The 2020 U.S. presidential primaries are right around the corner. As people gear up to cast their ballots for party candidates, they may not realize that website security shortcomings could leave the U.S. elections susceptible to digital disinformation campaigns or possibly worse seeking to influence and /or manipulate the democratic process. McAfee recently conducted a […]

The post Election Website Security: Protect Your Vote in 2020 appeared first on McAfee Blogs.

]]>

The 2020 U.S. presidential primaries are right around the corner. As people gear up to cast their ballots for party candidates, they may not realize that website security shortcomings could leave the U.S. elections susceptible to digital disinformation campaigns or possibly worse seeking to influence and /or manipulate the democratic process.

McAfee recently conducted a survey of county websites and county election administration websites in the 13 states projected as battleground or “tossup” states in the U.S. presidential elections in November. According to the survey results, the majority of these websites lacked official U.S. government .GOV website validation and HTTPS website security measures to prevent hackers from launching fake websites disguised as legitimate county government sites.

Got .GOV?

You might be wondering what the significance of a .gov website domain is. Well, a .gov website name requires that buyers submit evidence to the U.S. government that they truly are buying these names on behalf of legitimate local, county, or state government entities.

On the other hand, a website using a .COM, .NET, .ORG, or .US can be purchased by anyone with a credit card from any number of legitimate website domain vendors. The lack of a .GOV in a website name means that no controlling government authority has validated that the website is a legitimate government site.

HTTPS: browse the web securely

In the same vein as a .GOV web domain, HTTPS and a lock icon in the address of a website helps establish its validity. When a visitor sees these icons, it means that their browser has made a secure connection with the website, which means the website and the user can be confident of who they are sharing information with.

This means that any personal voter registration information that a user shares with the site cannot be intercepted and stolen by hackers while they are on the site. Additionally, HTTPS and a lock icon tell the user that they cannot be re-routed without their knowledge to a different site.

How this could impact elections

Hackers typically look to carry out their attacks with the least amount of effort and the fewest resources. Instead of hacking into local voting systems and changing vote counts, hackers could conduct a digital disinformation campaign to influence voter behavior during the elections. These attacks would seek to suppress or disrupt the voting process by setting up bogus websites with official sounding domains and related email addresses. From there, hackers could use those bogus email addresses to send mass email blasts intended to feed unsuspecting voter email recipients false information on when, where, and how to vote.

Example disinformation email:

On top of that, social media promotions could be used to lure voters to the fake websites and provide them with the same false information.

By telling voters that they should register to vote in the wrong places, or merely vote at the wrong times, the hackers could misdirect, confuse, and frustrate voters on election day. This could ultimately impact vote counts or at least undermine voter confidence in the electoral process.

Survey results

McAfee’s survey of the external security measures for county election websites included Arizona, Florida, Georgia, Iowa, Michigan, Minnesota, Nevada, New Hampshire, North Carolina, Ohio, Pennsylvania, Texas, and Wisconsin. Together, these states account for 201 of the 270 electoral votes required to win the U.S. presidential election.

Our research found that Minnesota and Texas ranked the lowest among the surveyed states in terms of .GOV county coverage with 4.6% and 5.1% coverage respectively. Arizona ranked the highest in .GOV county coverage with 66.7%. Yet, this still left a third of the state’s counties uncovered.

Texas ranked the lowest in terms of HTTPS protection with only 22.8% of its county websites protected. Arizona again led in county HTTPS protection with 80.0%, followed by Nevada (75.0%), Iowa (70.7%), Michigan (65.1%), and Wisconsin (63.9%). Again, these “leader” states still lacked HTTPS coverage for approximately a third of their counties.

Tips to help secure your vote

So, what can citizens do to help protect their votes and the electoral system overall leading up to the 2020 election? Check out these tips to securely cast your ballot:

  • Stay informed. Remind yourself to confirm the site you are visiting is a .GOV website and that HTTPS security protection is in place to ensure that the information accurate and is safe.
  • Look out for suspicious emails. Carefully scrutinize all election related emails. An attacker seeking to misinform can use phishing-techniques to accomplish their objective.  McAfee’s general warnings related to phishing emails (e.g. here), where an attacker can create emails that look as if they come from legitimate sources are applicable.
  • Go directly to the source. If in doubt, visit your state’s elections website to receive general election information on voter registration and contact information for your county’s election officials. Contact the local county officials to confirm any election instructions you receive via email, social media, or websites leading up to Election Day.
  • Keep it old school. Trust the official voting literature sent through the traditional mail first, as the U.S. Postal Service is the primary channel state and local governments use to send out voting information.

Stay up to date

To stay on top of McAfee news and the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Election Website Security: Protect Your Vote in 2020 appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/election-website-security/feed/ 0
Security Lessons From 2019’s Biggest Data Breaches https://www.mcafee.com/blogs/consumer/consumer-threat-notices/2019-data-breaches/ https://www.mcafee.com/blogs/consumer/consumer-threat-notices/2019-data-breaches/#respond Wed, 29 Jan 2020 22:44:36 +0000 /blogs/?p=98325

2019 already feels like it’s worlds away, but the data breaches many consumers faced last year are likely to have lasting effects. As we look back on 2019, it’s important to reflect on how our online security has been affected by various threats. With that said, let’s take a look at the biggest breaches of […]

The post Security Lessons From 2019’s Biggest Data Breaches appeared first on McAfee Blogs.

]]>

2019 already feels like it’s worlds away, but the data breaches many consumers faced last year are likely to have lasting effects. As we look back on 2019, it’s important to reflect on how our online security has been affected by various threats. With that said, let’s take a look at the biggest breaches of the year and how they’ve affected users everywhere.

Capital One breach

In late July, approximately 100 million Capital One users in the U.S. and 6 million in Canada were affected by a breach exposing about 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers, 80,000 bank account numbers, and more. As one of the 10 largest banks based on U.S. deposits, the financial organization was certainly poised as an ideal target for a hacker to carry out a large-scale attack. The alleged hacker claimed that the data was obtained through a firewall misconfiguration, allowing for command execution with a server that granted access to data in Capital One’s storage space.

Facebook breach

In early September, a security researcher found an online database exposing 419 million user phone numbers linked to Facebook accounts. The exposed server was left without password protection, so anyone with internet access could find the database. The breached records contained a user’s unique Facebook ID and the phone number associated with the account. In some instances, the records also revealed the user’s name, gender, and location by country.

Collection #1 breach

Last January, we met Collection #1, a monster data set that exposed 772,904,991 unique email addresses and over 21 million unique passwords. Security researcher Troy Hunt first discovered this data set on the popular cloud service MEGA, specifically uncovering a folder holding over 12,000 files. Due to the sheer volume of the breach, the data was likely comprised of multiple breaches. When the storage site was taken down, the folder was then transferred to a public hacking site, available for anyone to take for free.

Verifications.io breach

Less than two months after Collection #1, researchers discovered a 150-gigabyte database containing 809 million records exposed by the email validation firm Verifications.io. This company provides a service for email marketing firms to outsource the extensive work involved with validating mass amounts of emails. This service also helps email marketing firms avoid the risk of having their infrastructure blacklisted by spam filters. Therefore, Verifications.io was entrusted with a lot of data, creating an information-heavy database complete with names, email addresses, phone numbers, physical addresses, gender, date of birth, personal mortgage amounts, interest rates, and more.

Orvibo breach

In mid-June, Orvibo, a smart home platform designed to help users manage their smart appliances, left an Elasticsearch server (a highly scalable search and analytics engine that allows users to store, search, and analyze big volumes of data in real-time) online without password protection. The exposure left at least two billion log entries each containing customer data open to the public. This data included customer email addresses, the IP address of the smart home devices, Orvibo usernames, and hashed passwords, or, unreadable strings of characters that are designed to be impossible to convert back into the original password.

What Users Can Learn From Data Breaches

Data breaches serve as a reminder that users and companies alike should do everything in their power to keep personal information protected. As technology continues to become more advanced, online threats will also evolve to become more sophisticated. So now more than ever, it’s imperative that users prioritize the security of their digital presence, especially in the face of massive data leaks. If you think you might have been affected by a data breach or want to take the necessary precautions to safeguard your information, follow these tips to help you stay secure:

  • Research before you buy.Although you might be eager to get the latest new device, some are made more secure than others. Look for devices that make it easy to disable unnecessary features, update software, or change default passwords. If you already have an older device that lacks these features, consider upgrading.
  • Be vigilant when monitoring your personal and financial data. A good way to determine whether your data has been exposed or compromised is to closely monitor your online accounts. If you see anything fishy, take extra precautions by updating your privacy settings, changing your password, or using two-factor authentication.
  • Use strong, unique passwords. Make sure to use complex passwords for each of your accounts, and never reuse your credentials across different platforms. It’s also a good idea to update your passwords consistently to further protect your data.
  • Enable two-factor authentication. While a strong and unique password is a good first line of defense, enabling app-based two-factor authentication across your accounts will help your cause by providing an added layer of security.
  • Use a comprehensive security solution. Use a solution like McAfee Total Protection to help safeguard your devices and data from known vulnerabilities and emerging threats.

Stay Up to Date

To stay on top of McAfee news and the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Security Lessons From 2019’s Biggest Data Breaches appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/consumer-threat-notices/2019-data-breaches/feed/ 0
What You Need to Know About the FedEx SMiShing Scam https://www.mcafee.com/blogs/consumer/consumer-threat-notices/fedex-sms-phishing-scam/ https://www.mcafee.com/blogs/consumer/consumer-threat-notices/fedex-sms-phishing-scam/#comments Wed, 29 Jan 2020 00:59:53 +0000 /blogs/?p=98330

You receive a text message saying that you have a package out for delivery. While you might feel exhilarated at first, you should think twice before clicking on that link in the text. According to CNN, users across the U.S. are receiving phony text messages claiming to be from FedEx as part of a stealthy […]

The post What You Need to Know About the FedEx SMiShing Scam appeared first on McAfee Blogs.

]]>

You receive a text message saying that you have a package out for delivery. While you might feel exhilarated at first, you should think twice before clicking on that link in the text. According to CNN, users across the U.S. are receiving phony text messages claiming to be from FedEx as part of a stealthy SMS phishing (SMiShing) campaign.

How SMiShing Works

This SMiShing campaign uses text messages that show a supposed tracking code and a link to “set delivery preferences.” The link directs the recipient to a scammer-operated website disguised as a fake Amazon listing. The listing asks the user to take a customer satisfaction survey. After answering a couple of questions, the survey asks the user to enter personal information and a credit card number to claim a free gift, which still requires a small shipping and handling fee. But according to HowtoGeek.com, agreeing to pay the small shipping fee also signs the user up for a 14-day trial to the company that sells the scam products. After the trial period, the user will be billed $98.95 every month. What’s more, the text messages use the recipient’s real name, making this threat even stealthier.

How to Stay Protected

So, what can online shoppers do to defend themselves from this SMiShing scam? Check out the following tips to remain secure:

  • Be careful what you click on. Be sure to only click on links in text messages that are from a trusted source. If you don’t recognize the sender, or the SMS content doesn’t seem familiar, stay cautious and avoid interacting with the message.
  • Go directly to the source. FedEx stated that it would never send text messages or emails to customers that ask for money or personal information. When in doubt about a tracking number, go to the main website of the shipping company and search the tracking number yourself.
  • Enable the feature on your mobile device that blocks texts from the Internet. Many spammers send texts from an Internet service in an attempt to hide their identities. Combat this by using this feature to block texts sent from the Internet.
  • Use mobile security software. Make sure your mobile devices are prepared any threat coming their way. To do just that, cover these devices with a mobile security solution, such as McAfee Mobile Security.

To stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post What You Need to Know About the FedEx SMiShing Scam appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/consumer-threat-notices/fedex-sms-phishing-scam/feed/ 1
Take Action This Data Privacy Day https://www.mcafee.com/blogs/consumer/consumer-threat-notices/data-privacy-day-2020/ https://www.mcafee.com/blogs/consumer/consumer-threat-notices/data-privacy-day-2020/#respond Tue, 28 Jan 2020 14:00:26 +0000 /blogs/?p=98291

We all know that data breaches have been on the rise, and hackers are finding clever, new ways to access our devices and information. But sometimes it takes a little push to get us to take action when it comes to protecting our most sensitive information. That’s why this Data Privacy Day, on January 28th, […]

The post Take Action This Data Privacy Day appeared first on McAfee Blogs.

]]>

We all know that data breaches have been on the rise, and hackers are finding clever, new ways to access our devices and information. But sometimes it takes a little push to get us to take action when it comes to protecting our most sensitive information. That’s why this Data Privacy Day, on January 28th, we have the perfect opportunity to own our privacy by taking the time to safeguard data, and help others do the same.

After all, there are now roughly four billion consumers connected online, living various moments of truth that could potentially put them at risk. From sharing photos and socializing with friends, to completing bank transactions—people expect to do what they desire online whenever and wherever they want. But as the saying goes, “with great power comes great responsibility”, and it is imperative that consumers take accountability, not just by enjoying the advantages of connecting online, but by protecting their online identities, too.

Remember, your personal information and online presence are as valuable as money, and what you post online can last a lifetime. Data Privacy Day is a reminder for everybody to make sure that they are protecting what matters most to them: their personal data, as well as their families and friends.

So, let’s get started. Even if you have a large online footprint, protecting this information doesn’t have to be overwhelming.

Here are a few tips:

Update your privacy and security settings—Begin with the websites and applications that you use the most. Check to see if your accounts are marked as private, or if they are open to the public. Also, look to see if your data is being leaked to third parties. You want to select the most secure settings available, while still being able to use these tools correctly.  Here’s a guide from StaySafeOnline to help you get started.

Start the New Year with a new digital you— When opening new online accounts for sharing personal information such as your email address or date of birth, create a new digital persona that has alternative answers that only you would know. This will limit online tracking of your real personal information.

Lockdown your logins—At the same time, secure your logins by making sure that you are creating long and unique passphrases for all of your accounts. Use multi-factor identification, when available. This is a security protocol that takes more than just one step to validate your login, such as a password and a code sent to your mobile device, or a fingerprint. It is exponentially more secure than a simple password.

Spread the word and get involved— Once you have done your own privacy check, help others do the same. It’s important that we all feel empowered to protect our privacy, so share the safety tips in this article with your family, coworkers, and community. Here are some helpful resources to create privacy awareness where you live.

Protect your family and friends – If you are a parent, you can make a big difference by helping raise privacy-savvy kids. After all, today’s kids represent the future of online security. If they start building their digital footprints with solid safety habits, it makes all of us more secure.

Begin with this handy tip sheet.

Own your information—It’s time for everyone to feel empowered to own their information. While there will always be online threats, you can minimize any potential harm by committing yourself to the action steps we listed above. Once you have, spread the word by using the hashtag #privacyaware on Twitter, Instagram, or Facebook.

Let’s make this 12th annual international Data Privacy Day the most effective ever! Stay up to date with all the event happenings, here, and keep informed year-round on the latest threats and security tips.

The post Take Action This Data Privacy Day appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/consumer-threat-notices/data-privacy-day-2020/feed/ 0
What Is the CurveBall Bug? Here’s What You Need to Know  https://www.mcafee.com/blogs/consumer/what-is-the-curveball-bug/ https://www.mcafee.com/blogs/consumer/what-is-the-curveball-bug/#comments Fri, 17 Jan 2020 02:59:12 +0000 /blogs/?p=98176

Today, it was announced that researchers published proof of concept code (essentially, an exercise to determine if an idea is a reality) that exploits a recently patched vulnerability in the Microsoft Windows operating system (OS). The vulnerability, named CurveBall, impacts the components that handle the encryption and decryption mechanisms in the Windows OS, which inherently help protect sensitive information. How It Works  So how does this vulnerability work, exactly? For starters, unsafe sites or files can disguise themselves as legitimate ones.  When this vulnerability is exploited, CurveBall could allow […]

The post What Is the CurveBall Bug? Here’s What You Need to Know  appeared first on McAfee Blogs.

]]>

Today, it was announced that researchers published proof of concept code (essentially, an exercise to determine if an idea is a reality) that exploits a recently patched vulnerability in the Microsoft Windows operating system (OS). The vulnerability, named CurveBall, impacts the components that handle the encryption and decryption mechanisms in the Windows OS, which inherently help protect sensitive information.

How It Works 

So how does this vulnerability work, exactly? For starters, unsafe sites or files can disguise themselves as legitimate ones.  When this vulnerability is exploited, CurveBall could allow a hacker to launch man-in-the-middle attacks, which is when a hacker secretly relays and possibly alters the communications between two unsuspecting users. Additionally, a hacker could use the vulnerability to intercept and fake secure web (HTTPS) connections or fake signatures for files and emails. Essentially, this means a hacker could place harmful files or run undetected malware on a system.

What It Impacts 

There are still questions surrounding what exactly is impacted by CurveBall, and subsequently what could be affected by the new code. According to Microsoft, CurveBall impacts Windows 10, Windows Server 2019, and Windows Server 2016 OS versions. With three popular operating systems afflicted, and the possibility to bypass basic security safeguards, patching is more important than ever. For unpatched systems, malware that takes advantage of this vulnerability may go undetected and slip past security features.

How to Stay Protected 

Now, what should you do to protect yourself from the CurveBall vulnerability? At McAfee, we are in the process of deploying an update to keep our loyal users secure from this vulnerability. In the meantime, however, there are a few things you should do to do to protect yourself. Start by following these tips:

  • Update your Windows 10 OS to get the latest security patches.
  • Use caution when surfing the web.
  • Only open files and emails from trusted sources.
  • Update your browsers to the latest versions if available.
  • If you are an enterprise customer, please reference KB92329 for information on McAfee enterprise defense from this vulnerability.
  • Contact McAfee Support if you have any further questions or need assistance.

To stay on top of McAfee news and the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post What Is the CurveBall Bug? Here’s What You Need to Know  appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/what-is-the-curveball-bug/feed/ 3
How Frankfurt Stopped Emotet In Its Tracks https://www.mcafee.com/blogs/enterprise/how-frankfurt-stopped-emotet-in-its-tracks/ https://www.mcafee.com/blogs/enterprise/how-frankfurt-stopped-emotet-in-its-tracks/#respond Wed, 15 Jan 2020 16:00:07 +0000 /blogs/?p=98085

During a time when ransomware continues to bring governments around the world to a halt, one city has turned the tables, by bringing their government to a halt pre-emptively to prevent ransomware. According to ZDNet, in late December, Frankfurt, Germany—one of the world’s biggest financial hubs—reportedly shut down its IT network after its anti-malware platform […]

The post How Frankfurt Stopped Emotet In Its Tracks appeared first on McAfee Blogs.

]]>

During a time when ransomware continues to bring governments around the world to a halt, one city has turned the tables, by bringing their government to a halt pre-emptively to prevent ransomware.

According to ZDNet, in late December, Frankfurt, Germany—one of the world’s biggest financial hubs—reportedly shut down its IT network after its anti-malware platform identified an Emotet infection. The reported malware gained entry when an employee clicked on a malicious email that had been spoofed to look as though it came from a city authority.

Rather than risk further spread and subsequent, more damaging infection, government authorities made the difficult decision to halt the IT network until the Emotet threat was resolved. In so doing, all of the city’s IT functions were shut down for over 24 hours—including employee email, essential apps, and all services offered through the Frankfurt.de webpage. The move paid off, however—as IT department spokesman Gunter Marr told Journal Frankfurt, no lasting damage had occurred.

“In my opinion, Frankfurt made a very brave—probably not easy—decision to shut down the network to eradicate their Emotet infection,” said John Fokker, Head of Cyber Investigations for McAfee Advanced Threat Research. “Emotet infection is a precursor to Ryuk ransomware, so I think they dodged the proverbial bullet.”

The Emotet-Ransomware Connection

In many cases, the first sign of ransomware is the ransom demand itself, alerting you that you’ve been infected and asking you to pay up. The Emotet malware works a bit differently in that it is not, in itself, ransomware. Instead, it functions like the key to a door: Emotet infects the system, and once the system is “open,” access to the Emotet-infected network can be sold to ransomware groups and other cybercriminals, who may then utilize stolen credentials and simply “walk in.” In a recent campaign, once Emotet was downloaded, it in turn downloaded the Trickbot trojan from a remote host, which stole credentials and enabled a successful Ryuk ransomware infection.

However, the same multistep process that can deliver two paydays on a single deployment of ransomware is also its Achilles’ Heel. Since getting ransomware from an Emotet infection is generally a two or more-step process, if you can stop or eliminate Emotet at Step 1, the subsequent steps toward a ransomware infection cannot occur.

While Frankfurt’s Emotet infection and the subsequent shutdown led to more than a day’s loss in productivity, massive outages and major disruption, the city should be commended on its quick and level-headed response—had they attempted to preserve business operations or opted to take a wait-and-see approach, a potential ransomware infection could have cost them millions more in lost productivity and threat mitigation.

An Ounce of Prevention …

While Frankfurt was able to intercept the Emotet botnet in time, many others were not—another attack several days before, in a town just north of Frankfurt, resulted in massive disruption when the Emotet malware led to the successful deployment of Ryuk ransomware. In other words, the best and safest way to avoid a similar fate is to prevent an Emotet infection in the first place.

There are several steps you can take to keep Emotet from establishing a stronghold in your network:

  1. Educate Your Employees: The most important step is to educate your employees on how to identify phishing and social engineering attempts. Identify email security best practices, such as hovering over a link to identify the actual destination before clicking on a link, never giving account information over email, and mandating that all suspicious emails be immediately reported.
  2. Patch Vulnerabilities: The Trickbot trojan is frequently delivered as a secondary payload to Emotet. It depends on the Microsoft Windows EternalBlue vulnerability—patching this vulnerability is an important step to securing your network.
  3. Strengthen Your Logins: If Emotet does gain entrance, it can attempt to spread by guessing the login credentials of connected users. By mandating strong passwords and two-factor authentication, you can help limit the spread.
  4. Adopt Strong Anti-Malware Protection, And Ensure It’s Configured Properly: A timely alert from a capable anti-malware system enabled Frankfurt to stop Emotet. Adopting strong endpoint protection such as McAfee Endpoint Security (ENS) is one of the most important steps you can take to help prevent Emotet and other malware. Once it’s in place, you can maximize your protection by performing periodic maintenance and optimizing configurations.

Above all, don’t fall into the trap of thinking it couldn’t happen to you. According to the McAfee Labs Threats Report, ransomware grew by 118% in just the first quarter of 2019, and several new ransomware families were detected. If the spate of recent attacks is any indication, we may see similar trends in Q1 2020.

“The demand for access to large corporate or public sector networks is very high at the moment,” Fokker explained “Ransomware actors are constantly scanning, spearphishing, purchasing access gained from other malware infections, and obtaining log files from info-stealing malware to get a foothold into networks.”

“Every company or institution should be diligent and not ignore even the simplest breach—even if it happened more than a year ago,” Fokker said.

 

 

 

The post How Frankfurt Stopped Emotet In Its Tracks appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/enterprise/how-frankfurt-stopped-emotet-in-its-tracks/feed/ 0
The Top Technology Takeaways From CES 2020 https://www.mcafee.com/blogs/consumer/takeaways-from-ces-2020/ https://www.mcafee.com/blogs/consumer/takeaways-from-ces-2020/#comments Tue, 14 Jan 2020 22:04:55 +0000 /blogs/?p=98088

Another Consumer Electronics Show (CES) has come and gone. Every year, this trade show joins practically everyone in the consumer electronics industry to show off the latest and greatest cutting-edge innovations in technology. From bendable tablets to 8k TVs and futuristic cars inspired by the movie “Avatar,” CES 2020 did not disappoint. Here are a […]

The post The Top Technology Takeaways From CES 2020 appeared first on McAfee Blogs.

]]>

Another Consumer Electronics Show (CES) has come and gone. Every year, this trade show joins practically everyone in the consumer electronics industry to show off the latest and greatest cutting-edge innovations in technology. From bendable tablets to 8k TVs and futuristic cars inspired by the movie “Avatar,” CES 2020 did not disappoint. Here are a few of the key takeaways from this year’s show:

Smart home technology is driven by convenience

As usual, smart home technology made up a solid portion of the new gadgets introduced at CES. Netatmo introduced the Netatmo Smart Door Lock and Keys which use physical NFC (meaning near field communication, a technology that allows devices to communicate with each other) keys as well as digital keys for guests. In the same realm of home security, Danby’s smart mailbox called the Parcel Guard allows couriers to deliver packages directly into the anti-theft box using a code or smartphone app.

Devices integrated with Alexa technology

CES 2020 also introduced many devices integrated with Alexa technology. Kohler debuted its Moxie showerhead, complete with an Alexa-enabled waterproof Bluetooth speaker. Along with the showerhead, Alexa was also built into a Dux Swedish luxury bed to help improve users’ bedtime routines.

Smart appliances

CES is usually graced with a handful of smart appliances, and this year was no different. Bosch partnered with the recipe and meal-planning app Chefling to showcase its high-tech Home Connect Refrigerator, which uses cameras to track which food items users have stocked and suggests recipes based on that information.

Mind-reading wearables translate thoughts into digital commands

CES featured several products that let users control apps, games, and devices with their minds. Companies have developed devices that can record brain signals from sensors on the scalp or devices implanted within the brain and translate them into digital signals. For example, NextMind has created a headset that measures activity in the visual cortex and translates the user’s decision of where to focus his or her eyes into digital commands. This technology could replace remote controls, as users would be able to change channels, mute, or pause just by focusing on triangles next to each command.

Another company focused on the brain-computer interface is BrainCo. This company debuted their FocusOne headband at CES this year, complete with sensors on the forehead measuring the activity in the frontal cortex. This device is designed to measure focus by detecting the subtle electrical signals that your brain is producing. These headbands are designed to help kids learn how to focus their minds in class. BrainCo also has a prosthetic arm coming to market later this year which detects muscle signals and feeds them through an algorithm that can help it operate better over time. What’s more, this device will cost less than half of an average prosthetic.

Foldable screens are still a work-in-progress

This year’s event was colored with folding screens. However, most of these devices were prototypes without proposed ship dates. A likely reason for the lack of confidence in these devices by their manufacturers is that they are unsure if the screens will be durable enough to sell. Some of these work-in-progress devices include Dell’s Concept Ori, Intel’s Horseshoe Bend, and Lenovo’s ThinkPad X1 Fold. Nevertheless, folding devices provide a new opportunity for manufacturers to play around with device forms, such as a phone that turns into a tablet.

Cybersecurity’s role in evolving technology

As consumer technology continues to evolve, the importance of securing these newfangled devices becomes more and more apparent. According to panelists from the CES session Top Security Trends in Smart Cities, by making products “smarter,” we are also making them more susceptible to hacking. For example, The McAfee Advanced Threat Research (ATR) team recently uncovered security flaws in multiple IoT smart home devices. The first is the Chamberlain MyQ Hub, a “universal” garage door automation platform that can be hacked to cause a user’s garage door to open unintentionally. The second is the McLear NFC Ring, a household access control device used to interact with NFC-enabled door locks, which can be cloned to gain access to a user’s home.

Keep cybersecurity a top priority

Although CES 2020 has introduced many new devices aimed at making users’ lives easier, it’s important to keep a secure home as a top priority as gadgets are brought into their lives. As new McAfee research has revealed, the majority of Americans today (63%) believe that they as the consumer are responsible for their security. This could likely be attributed to more Americans becoming aware of online risks, as 48% think it’s likely to happen to them. To feel confident bringing new technology into their homes, users are encouraged to proactively integrate online security into everyday life.

Need for increased cybersecurity protection

As the sun sets on another fabulous CES, it’s clear that technological innovations won’t be slowing down any time soon. With all of these new advancements and greater connectivity comes the need for increased protection when connected to the internet. All in all, CES 2020 showed us that as technology continues to improve and develop, security will play an ever-increasing role in protecting consumers online

Stay up to date

To stay on top of McAfee news and the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

 

The post The Top Technology Takeaways From CES 2020 appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/takeaways-from-ces-2020/feed/ 1
Research Reveals Americans’ Perceptions of Device Security Amidst CES 2020 https://www.mcafee.com/blogs/consumer/perceptions-of-device-security-ces-2020/ https://www.mcafee.com/blogs/consumer/perceptions-of-device-security-ces-2020/#respond Thu, 09 Jan 2020 08:01:18 +0000 /blogs/?p=97977

From the Lifx Switch smart switch to the Charmin RollBot to Kohler Setra Alexa-connected faucets, CES 2020 has introduced new devices aimed at making consumers lives easier. With so much excitement and hype around these new gadgets, however, it can be challenging to make security a top priority. That’s why McAfee is urging users to […]

The post Research Reveals Americans’ Perceptions of Device Security Amidst CES 2020 appeared first on McAfee Blogs.

]]>

From the Lifx Switch smart switch to the Charmin RollBot to Kohler Setra Alexa-connected faucets, CES 2020 has introduced new devices aimed at making consumers lives easier. With so much excitement and hype around these new gadgets, however, it can be challenging to make security a top priority. That’s why McAfee is urging users to keep cybersecurity top-of-mind when bringing these new devices into their home so they can protect what matters.

New McAfee research reveals that consumer perceptions of security accountability have shifted in the last couple of years. For example, the majority of Americans today (63%) stated that they as the consumer are responsible for their security while last year only 42% of Americans felt that they are responsible. This shows that users are becoming increasingly aware of how to ensure that they are protecting their privacy and identity. This year-over-year increase could likely be attributed to more Americans becoming aware of online risks, as 48% think it’s likely to happen to them. Additionally, 65% are concerned about the security of connected devices installed in their homes, such as the Chamberlain MyQ Hub garage door opener and the McLear Smart Ring. While these devices are convenient, the McAfee Advanced Threat Research team recently revealed they contained security flaws that could allow a hacker to enter a victim’s home.

It’s important to recognize that security is a proactive effort that should be seamlessly integrated into everyday life. So, how can consumers take charge and feel confident bringing new technology into their homes while staying safe? Check out the following tips to keep in mind as our lives continue to be more connected:

  • The little things count. Hackers don’t have to be geniuses to steal your personal information. Minor habits like changing default passwords and using unique passwords can go a long way to prevent your personal information from being stolen.
  • Do your research. Look up products and their manufacturers before making a purchase. This could save you from buying a device with a known security vulnerability. If you find a manufacturer doesn’t have a history of taking security seriously, then it’s best to avoid it.
  • Use a comprehensive security solution. Use comprehensive security protection, like McAfee Total Protection, which can help protect devices against malware, phishing attacks, and other threats. It also includes McAfee WebAdvisor, which can help identify malicious websites.
  • Update, update, update. When applications on your devices need updating, be sure to do it as soon as possible. Most of these updates include security patches to vulnerabilities.

To stay on top of McAfee’s CES news and the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

Survey Methodology

McAfee commissioned 3Gem to conduct a survey of 1,000 adults in the US who regularly use electronic devices, such as phones and laptops.

The post Research Reveals Americans’ Perceptions of Device Security Amidst CES 2020 appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/perceptions-of-device-security-ces-2020/feed/ 0
Viva Las Vegas: Cash Out with the #McAfeeAtCES RT2Win Sweepstakes! https://www.mcafee.com/blogs/consumer/ces-2020-rt2win-sweepstakes/ https://www.mcafee.com/blogs/consumer/ces-2020-rt2win-sweepstakes/#respond Tue, 07 Jan 2020 15:55:59 +0000 /blogs/?p=97923

We’ve officially touched down in Las Vegas for CES 2020! If you aren’t familiar with CES, it is the global stage for innovators to showcase the next generation of consumer technologies, including IoT devices. Though these devices are convenient, they can also be cause for possible security concerns due to overlooked weaknesses. Check out the latest research […]

The post Viva Las Vegas: Cash Out with the #McAfeeAtCES RT2Win Sweepstakes! appeared first on McAfee Blogs.

]]>

We’ve officially touched down in Las Vegas for CES 2020!

If you aren’t familiar with CES, it is the global stage for innovators to showcase the next generation of consumer technologies, including IoT devices. Though these devices are convenient, they can also be cause for possible security concerns due to overlooked weaknesses. Check out the latest research from the McAfee Advanced Threat Research (ATR) team on device vulnerabilities for more information.

With the growing consumer technology landscape, we here at McAfee understand the importance of creating new solutions for those who want to live their connected lives with confidence.

In fact, to celebrate the latest innovations, we’re giving three [3] lucky people the chance to win an Amazon gift card. Not heading to CES this year Not heading to CES this year? No problem! Simply retweet one of our contest tweets with the required hashtag between January 7th – 9th for your chance to win. Follow the instructions below to enter, and good luck!


#RT2Win Sweepstakes Official Rules

  • To enter, go to https://twitter.com/McAfee_Home, and find the #RT2Win sweepstakes tweet.
  • There will be three [3] sweepstakes tweets will be released at the following schedule including the hashtags: #RT2Win, #Sweepstakes AND #McAfeeAtCES
    • Tuesday, January 7, 2020 at 7:00AM PST
    • Wednesday, January 8, 2020 at 7:00AM PST
    • Thursday, January 9, 2020 at 7:00AM PST
  • Retweet the sweepstakes tweet released on the above date before 11:59PM PST, from your own handle. The #RT2Win, #Sweepstakes AND #McAfeeAtCES hashtags must be included to be entered.
  • Sweepstakes will end on Thursday, January 9, 2020 at 11:59pm PT. All entries must be made before that date and time.
  • Winners will be notified on Wednesday, August 28, 2019 via Twitter direct message.
  • Limit one entry per person.
1. How to Win:

Retweet one of our contest tweets on @McAfee_Home that include “#RT2Win, #Sweepstakes, and #McAfeeAtCES” for a chance at an Amazon Gift card. Winners must be following @McAfee_Home for eligibility. One [1] winner will be selected per day, and notified by 10:00AM PT the following day, for a total of three [3] winners. Winners will be notified by direct message on Twitter. For full Sweepstakes details, please see the Terms and Conditions, below.

#McAfeeAtCES RT2Win CES Sweepstakes Terms and Conditions

2. How to Enter: 

No purchase necessary. A purchase will not increase your chances of winning. McAfee’s #RT2Win CES Sweepstakes will be conducted from January 7th through January 9th. All entries for each day of the #McAfeeAtCES RT2Win CES Sweepstakes must be received during the time allotted for the #RT2Win CES Sweepstakes. Pacific Daylight Time shall control the McAfee RT2Win CES Sweepstakes. The #McAfeeAtCES RT2Win Sweepstakes duration is as follows:

  • Begins: Tuesday, January 7, 2020 at 7:00am PST
  • Ends: Thursday, January 9, 2020 at 11:59 PST
    • Opportunity 1: Tuesday, January 7, 2020 at 7:00AM PST
    • Opportunity 2: Wednesday, January 8, 2020 at 7:00AM PST
    • Opportunity 3: Thursday, January 9, 2020 at 7:00AM PST
  • Winners will be announced: by 10:00AM PST the following day

For the #McAfeeAtCES RT2Win Sweepstakes, participants must complete the following steps during the time allotted for the #McAfeeAtCES RT2Win Sweepstakes:

  1. Find the sweepstakes tweet of the day posted on @McAfee_Home which will include the hashtags: #McAfeeAtCES, #RT2Win and #Sweepstakes.
  2. Retweet the sweepstakes tweet of the day and make sure it includes the #McAfeeAtCES, #RT2Win and #Sweepstakes hashtags.
    1. Note: Tweets that do not contain the #McAfeeAtCES, #RT2Win and #Sweepstakes hashtags will not be considered for entry.
  3. Limit one entry per person.

Three [3] winners will be chosen for the #McAfeeAtCES RT2Win CES Sweepstakes tweet from the viable pool of entries that retweeted and included #McAfeeCES Sweepstakes. McAfee and the McAfee social team will select winners at random from among the viable entries. The winners will be announced and privately messaged on January 10th on the @McAfee_Home Twitter handle. No other method of entry will be accepted besides Twitter. Only one entry per user is allowed, per Sweepstakes. SWEEPSTAKES IS IN NO WAY SPONSORED, ENDORSED, ADMINISTERED BY, OR ASSOCIATED WITH TWITTER, INC.

3. Eligibility: 

McAfee’s #RT2Win CES Sweepstakes is open to all legal residents of the 50 United States who are 18 years of age or older on the dates of the #McAfeeAtCES RT2Win CES Sweepstakes begins and live in a jurisdiction where this prize and #McAfeeAtCES RT2Win CES Sweepstakes are not prohibited. Employees of Sponsor and its subsidiaries, affiliates, prize suppliers, and advertising and promotional agencies, their immediate families (spouses, parents, children, and siblings and their spouses), and individuals living in the same household as such employees are ineligible.

4. Winner Selection:

Winners will be selected from the eligible entries received during the days of the #McAfeeAtCES RT2Win CES Sweepstakes periods. Sponsor will select the names of three [3] potential winners of the prizes in a random drawing from among all eligible

Submissions at the address listed below. The odds of winning depend on the number of eligible entries received. By participating, entrants agree to be bound by the Official #McAfeeAtCES RT2Win CES Sweepstakes Rules and the decisions of the coordinators, which shall be final and binding in all respects.

5. Winner Notification: 

Each winner will be notified via direct message (“DM”) on Twitter.com by January 10, 2020. Prize winners may be required to sign an Affidavit of Eligibility and Liability/Publicity Release (where permitted by law) to be returned within ten (10) days of written notification, or prize may be forfeited and an alternate winner selected. If a prize notification is returned as unclaimed or undeliverable to a potential winner if potential winner cannot be reached within twenty-four (24) hours from the first DM notification attempt, or if potential winner fails to return requisite document within the specified time period, or if a potential winner is not in compliance with these Official Rules, then such person shall be disqualified and, at Sponsor’s sole discretion, an alternate winner may be selected for the prize at issue based on the winner selection process described above.

6. Prizes: 

The prizes for the #McAfeeAtCES RT2Win CES Sweepstakes are two [2] $100 Amazon e-gift cards and a one [1] $200 Amazon e-gift card (approximate retail value “ARV” of the prize is $100 and $200 USD; the total ARV of all gift cards is $400 USD). Entrants agree that Sponsor has the sole right to determine the winners of the #McAfeeAtCES RT2Win CES Sweepstakes and all matters or disputes arising from the #McAfeeAtCES RT2Win CES Sweepstakes and that its determination is final and binding. There are no prize substitutions, transfers or cash equivalents permitted except at the sole discretion of Sponsor. Sponsor will not replace any lost or stolen prizes. Sponsor is not responsible for delays in prize delivery beyond its control. All other expenses and items not specifically mentioned in these Official Rules are not included and are the prize winners’ sole responsibility.

7. General Conditions: 

Entrants agree that by entering they agree to be bound by these rules. All federal, state, and local taxes, fees, and surcharges on prize packages are the sole responsibility of the prizewinner. Sponsor is not responsible for incorrect or inaccurate entry information, whether caused by any of the equipment or programming associated with or utilized in the #McAfeeAtCES RT2Win CES Sweepstakes, or by any technical or human error, which may occur in the processing of the #McAfeeAtCES RT2Win CES Sweepstakes entries. By entering, participants release and hold harmless Sponsor and its respective parents, subsidiaries, affiliates, directors, officers, employees, attorneys, agents, and representatives from any and all liability for any injuries, loss, claim, action, demand, or damage of any kind arising from or in connection with the #McAfeeAtCES RT2Win CES Sweepstakes, any prize won, any misuse or malfunction of any prize awarded, participation in any #McAfeeAtCES RT2Win CES Sweepstakes -related activity, or participation in the #McAfeeAtCES RT2Win CES Sweepstakes. Except for applicable manufacturer’s standard warranties, the prizes are awarded “AS IS” and WITHOUT WARRANTY OF ANY KIND, express or implied (including any implied warranty of merchantability or fitness for a particular purpose).

If participating in this Sweepstakes via your mobile device (which service may only be available via select devices and participating wireless carriers and is not required to enter), you may be charged for standard data use from your mobile device according to the terms in your wireless service provider’s data plan.  Normal airtime and carrier charges and other charges may apply to data use and will be billed on your wireless device bill or deducted from your pre-paid balance.  Wireless carrier rates vary, so you should contact your wireless carrier for information on your specific data plan.

8. Limitations of Liability; Releases:

By entering the Sweepstakes, you release Sponsor and all Released Parties from any liability whatsoever, and waive any and all causes of action, related to any claims, costs, injuries, losses, or damages of any kind arising out of or in connection with the Sweepstakes or delivery, misdelivery, acceptance, possession, use of or inability to use any prize (including claims, costs, injuries, losses and damages related to rights of publicity or privacy, defamation or portrayal in a false light, whether intentional or unintentional), whether under a theory of contract, tort (including negligence), warranty or other theory.

To the fullest extent permitted by applicable law, in no event will the sponsor or the released parties be liable for any special, indirect, incidental, or consequential damages, including loss of use, loss of profits or loss of data, whether in an action in contract, tort (including, negligence) or otherwise, arising out of or in any way connected to your participation in the sweepstakes or use or inability to use any equipment provided for use in the sweepstakes or any prize, even if a released party has been advised of the possibility of such damages.

  1. To the fullest extent permitted by applicable law, in no event will the aggregate liability of the released parties (jointly) arising out of or relating to your participation in the sweepstakes or use of or inability to use any equipment provided for use in the sweepstakes or any prize exceed $10. The limitations set forth in this section will not exclude or limit liability for personal injury or property damage caused by products rented from the sponsor, or for the released parties’ gross negligence, intentional misconduct, or for fraud.
  2. Use of Use of Winner’s Name, Likeness, etc.: Except where prohibited by law, entry into the Sweepstakes constitutes permission to use your name, hometown, aural and visual likeness and prize information for advertising, marketing, and promotional purposes without further permission or compensation (including in a public-facing winner list).  As a condition of being awarded any prize, except where prohibited by law, winner may be required to execute a consent to the use of their name, hometown, aural and visual likeness and prize information for advertising, marketing, and promotional purposes without further permission or compensation. By entering this Sweepstakes, you consent to being contacted by Sponsor for any purpose in connection with this Sweepstakes.

 9. Prize Forfeiture:

If winner cannot be notified, does not respond to notification, does not meet eligibility requirements, or otherwise does not comply with these prize #McAfeeAtCES RT2Win CES Sweepstakes rules, then the winner will forfeit the prize and an alternate winner will be selected from remaining eligible entry forms for each #McAfeeAtCES RT2Win CES Sweepstakes.

10. Dispute Resolution:

Entrants agree that Sponsor has the sole right to determine the winners of the #McAfeeAtCES RT2Win CES Sweepstakes and all matters or disputes arising from the #McAfeeAtCES RT2Win CES Sweepstakes and that its determination is final and binding. There are no prize substitutions, transfers or cash equivalents permitted except at the sole discretion of Sponsor.

11. Governing Law & Disputes:

Each entrant agrees that any disputes, claims, and causes of action arising out of or connected with this sweepstakes or any prize awarded will be resolved individually, without resort to any form of class action and these rules will be construed in accordance with the laws, jurisdiction, and venue of New York.

12. Privacy Policy: 

Personal information obtained in connection with this prize McAfee Day #RT2Win CES Sweepstakes will be handled in accordance policy set forth at https://www.mcafee.com/enterprise/en-us/about/legal/privacy.html

  1. Winner List; Rules Request: For a copy of the winner list, send a stamped, self-addressed, business-size envelope for arrival after January 10th 2020 and before January 10th 2021 to the address listed below, Attn: #RT2Win at CES Sweepstakes.  To obtain a copy of these Official Rules, visit this link or send a stamped, self-addressed business-size envelope to the address listed in below, Attn: Sarah Grayson. VT residents may omit return postage.
  2. Intellectual Property Notice: McAfee and the McAfee logo are registered trademarks of McAfee, LLC. The Sweepstakes and all accompanying materials are copyright © 2018 by McAfee, LLC.  All rights reserved.
  3. Sponsor: McAfee, LLC, Corporate Headquarters 2821 Mission College Blvd. Santa Clara, CA 95054 USA
  4. Administrator: LEWIS, 111 Sutter St., Suite 850, San Francisco, CA 94104

The post Viva Las Vegas: Cash Out with the #McAfeeAtCES RT2Win Sweepstakes! appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/ces-2020-rt2win-sweepstakes/feed/ 0
What You Need to Know About the Latest IoT Device Flaws https://www.mcafee.com/blogs/consumer/ces-2020-atr-iot-device-flaws/ https://www.mcafee.com/blogs/consumer/ces-2020-atr-iot-device-flaws/#respond Tue, 07 Jan 2020 05:01:58 +0000 /blogs/?p=97921

The McAfee Advanced Threat Research (ATR) team recently uncovered a security flaw in a popular connected garage door opener and a security design issue in an NFC (meaning near field communication, which is a technology that allows devices to communicate with each other) smart ring used to unlock doors. As we head into CES 2020, […]

The post What You Need to Know About the Latest IoT Device Flaws appeared first on McAfee Blogs.

]]>

The McAfee Advanced Threat Research (ATR) team recently uncovered a security flaw in a popular connected garage door opener and a security design issue in an NFC (meaning near field communication, which is a technology that allows devices to communicate with each other) smart ring used to unlock doors. As we head into CES 2020, the global stage where innovators showcase the next generation of consumer technologies, let’s take a look at these new security flaws and discover how users can connect securely and with confidence.

Review Chamberlain IoT device

The McAfee ATR team recently investigated the Chamberlain MyQ Hub, a “universal” garage door automation platform. The Hub acts as a new garage door opener, similar to the one that you would have in your car. However, the McAfee ATR team discovered an inherent flaw in the way the MyQ Hub communicates over radio frequency signals. It turns out that hackers can “jam” the radio frequency signals while the garage is being remotely closed. How? By jamming or blocking the code signal from ever making it to the Hub receiver, the remote sensor will never respond with the closed signal. This delivers an error message to the user, prompting them to attempt to close the door again through the app, which actually causes the garage door to open.

How can the Chamberlain IoT device be hacked?

Let’s break it down:

  • Many users enjoy using the MyQ Hub for the convenience of package delivery, ensuring that their packages are safe from porch pirates and placed directly in the garage by the carrier=.
  • However, an attacker could wait for a package delivery using the connected garage door opener. The hacker could then jam the MyQ signal once the carrier opens the door and prompt an error message for the user. If and when the user attempts to close the door, the door will open and grant the attacker access to the home.
  • An attacker could also wait and see when a homeowner physically leaves the premises to jam the MyQ signal and prompt the error message. This would potentially allow further access into the home.

Review McLear NFC Ring IoT device

The McAfee ATR team also discovered an insecure design with the McLear NFC Ring, a household access control device that can be used to interact with NFC-enabled door locks. Once the NFC Ring has been paired with an NFC-enabled door lock, the user can access their house by simply placing the NFC Ring within the NFC range of the door lock instead of using a traditional house key. However, due to an insecure design, hackers could easily clone the ring and gain access to a user’s home.

How can the McLear NFC Ring be hacked?

  • First, the attacker can do some basic research on the victim, such as finding a social media post about how excited they are to use their new McLear NFC Ring.
  • Now, say the attacker locates the victim in a public setting and asks them to take a picture of them on the attacker’s phone. The attacker’s phone, equipped with an app to read NFC tags, can record the relevant information without giving any signs of foul play.
  • The McLear NFC Ring is now compromised, and the information can be programmed on a standard writable card, which can be used to unlock smart home locks that partner with the product.

How to keep your IoT devices safe from hacking

In the era of IoT devices, the balance between cybersecurity and convenience is an important factor to get right. According to Steve Povolny, head of McAfee Advanced Threat Research, “the numerous benefits technology enhancements bring us are exciting and often highly valuable; but many people are unaware of the lengths hackers will go and the many ways new features can impact the security of a system.” To help safeguard your security while still enjoying the benefits of your connected devices, check out the following tips:

  • Practice proper online security habits. Fortunately, users have many tools at their disposal, even when cybersecurity concerns do manifest. Implement a strong password policy, put IoT devices on their own, separate network, utilize dual-factor authentication when possible, minimize redundant systems, and patch quickly when issues are found.
  • Do your research. Before purchasing a new IoT device, take the time to look into its security features. Users should ensure they are aware of the security risks associated with IoT products available on the market.

Stay up to date

To stay on top of McAfee’s CES news and the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post What You Need to Know About the Latest IoT Device Flaws appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/ces-2020-atr-iot-device-flaws/feed/ 0
Don’t RSVP to This Holiday Party: Protect Yourself From the Emotet Trojan https://www.mcafee.com/blogs/consumer/consumer-threat-notices/christmas-emotet-trojan/ https://www.mcafee.com/blogs/consumer/consumer-threat-notices/christmas-emotet-trojan/#respond Fri, 20 Dec 2019 17:45:14 +0000 /blogs/?p=97852

The holiday season is officially among us. From last-minute holiday shopping to attending countless parties, this time of year keeps users busy. The holiday season is an especially busy time for cybercriminals as well. According to Bleeping Computer, the cybercriminals behind the Emotet trojan have been targeting users with a new spam campaign that impersonates […]

The post Don’t RSVP to This Holiday Party: Protect Yourself From the Emotet Trojan appeared first on McAfee Blogs.

]]>

The holiday season is officially among us. From last-minute holiday shopping to attending countless parties, this time of year keeps users busy. The holiday season is an especially busy time for cybercriminals as well. According to Bleeping Computer, the cybercriminals behind the Emotet trojan have been targeting users with a new spam campaign that impersonates a Christmas party invitation.

How exactly have malicious actors been trying to put a damper on the holiday fun? They’ve crafted phony invites that include a subject line like “Christmas party next week.” Additionally, the invitation asks users to wear their ugliest Christmas sweaters and view an attached party menu. To further disguise this threat, the cybercriminals behind the attack have titled the attached documents “Christmas party.doc” or “Party menu.doc.” If a user opens one of these stealthy Word documents, they are prompted to ‘Enable Editing’ or ‘Enable Content’ to view it. However, if a user enables the content, the Emotet trojan will consequentially be installed. Once this is done, the victim’s device can be used for more malicious attacks such as sending further spam emails, downloading the TrickBot banking trojan to steal user data, and even a ransomware stocking stuffer.

So, what can users do to avoid this unwanted grinch from stealing their Christmas? Check out these tips to protect your security:

  • Click with caution. Only click on links from trusted sources. If you receive an email or text message from an unknown sender asking you to click on a suspicious link, stay cautious and avoid interacting with the message altogether.
  • Use comprehensive security. Whether you’re using a mobile app to check emails on your phone or browsing the internet on your desktop, it’s important to safeguard all of your devices with an extra layer of security. Use robust security software like McAfee Total Protection so you can connect with confidence.

To stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Don’t RSVP to This Holiday Party: Protect Yourself From the Emotet Trojan appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/consumer-threat-notices/christmas-emotet-trojan/feed/ 0
Here’s How the California Consumer Privacy Act Will Affect You https://www.mcafee.com/blogs/consumer/california-consumer-privacy-act-2020/ https://www.mcafee.com/blogs/consumer/california-consumer-privacy-act-2020/#comments Thu, 19 Dec 2019 17:41:38 +0000 /blogs/?p=97820

On May 25, 2018, the European Union implemented a new privacy legislature called the General Data Protection Regulation or GDPR. This regulation updated European law to give EU citizens more control over their data as a result of the hyper-connected world we live in today. Then last June, California responded with its own bill called […]

The post Here’s How the California Consumer Privacy Act Will Affect You appeared first on McAfee Blogs.

]]>

On May 25, 2018, the European Union implemented a new privacy legislature called the General Data Protection Regulation or GDPR. This regulation updated European law to give EU citizens more control over their data as a result of the hyper-connected world we live in today. Then last June, California responded with its own bill called the California Consumer Privacy Act (CCPA). This bill, which goes into effect January 2020, broadens the scope of privacy rights for Californians, including data access rights and a limited private right of action. Essentially, the CCPA gives users the right to know just how companies are making money off of their data.

What are users’ new rights under the CCPA? First, businesses are required to reveal the personal data that is collected, sold, or disclosed for their business purposes. This includes informing users what categories of data were collected and how their data will be used. Second, companies are unable to discriminate against a consumer who exercises their rights under the CCPA. Third, businesses must provide users access to their data. Fourth, companies are required to delete users’ data upon request (with some significant exceptions). This includes personal data that the company might have shared with a third party. Lastly, businesses must provide the user with the ability to opt-out of the sale of their data.

That all sounds beneficial for privacy-conscious consumers, but how exactly does the CCPA define personal information? The CCPA defines personal information as any information that identifies, relates to, describes, is capable of being associated with, or could be reasonably linked with a particular consumer or household. Some examples of this type of data include a real name, user name, email address, Social Security Number, passport number, property records, biometric data, and internet activity like browsing history or IP addresses.

So, how will the CCPA be rolled out and what happens if a business violates the CCPA? Parts of this regulation will go into effect on January 1, 2020, but most will be enforced starting on July 1, 2020. According to the California legislature, if a business violates the CCPA and fails to fix the violations within 30 days, they are liable for a civil penalty. A company may be charged a maximum penalty of $2,500 per violation, or $7,500 per each intentional violation of the law that is not fixed within 30 days. If a company suffers a data breach resulting in the theft of personal information, they may be ordered to pay damages to the impacted California residents.

While California is the first large state to implement these privacy regulations in the U.S., it certainly won’t be the last. Other states have begun drafting similar bills and similar regulations will likely come into effect over the next few years; Congress also has some significant bills under consideration. As this legislation is rolled out, consumers need to be aware of their new rights to help them better protect their privacy.

Stay on top of the latest consumer and security news by following @McAfee_Home on Twitter, and ‘Like’ us on Facebook.

The post Here’s How the California Consumer Privacy Act Will Affect You appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/california-consumer-privacy-act-2020/feed/ 2
750K Birth Certificate Applications Exposed Online: 5 Tips to Help You Stay Secure https://www.mcafee.com/blogs/consumer/consumer-threat-notices/750k-birth-certificate-applications-exposed/ https://www.mcafee.com/blogs/consumer/consumer-threat-notices/750k-birth-certificate-applications-exposed/#respond Thu, 12 Dec 2019 22:53:11 +0000 /blogs/?p=97788

Most people applying for birth certificates aren’t thinking that their private information will be made readily available to the public. But according to Tech Crunch, an online company that allows users to obtain a copy of their loved one’s birth and death certificates from U.S. state governments has exposed over 752,000 applications for copies of […]

The post 750K Birth Certificate Applications Exposed Online: 5 Tips to Help You Stay Secure appeared first on McAfee Blogs.

]]>

Most people applying for birth certificates aren’t thinking that their private information will be made readily available to the public. But according to Tech Crunch, an online company that allows users to obtain a copy of their loved one’s birth and death certificates from U.S. state governments has exposed over 752,000 applications for copies of birth certificates and 90,400 death certificate applications.

Although each application process differed by state, they all allowed customers to apply to their state’s record-keeping authority. The applications contained personally identifiable information such as the applicant’s name, date of birth, current home address, and more. What’s more, the applications stored in the online bucket dated back to late 2017 and were updated daily, creating a robust treasure trove for cybercriminals.

Due to the high amount of consumer data provided by people requesting copies of birth certificates or registering their newborn children, the exposure of these applications is a cybercriminal’s dream come true. If a criminal did get a hold of this information, the information would likely be posted for sale on the Dark Web. From there, other malicious actors could purchase the data and use it to impersonate others or commit identity theft.

Tech Crunch and the security researchers who discovered the exposed data attempted to inform the company responsible but have not yet received a response. So, in the meantime, here are some steps users can follow to help protect their personal information now and in the future:

  • Be vigilant when monitoring your personal and financial data. A good way to determine whether your data has been exposed or compromised is to closely monitor your online accounts. If you see anything fishy, take extra precautions by updating your privacy settings, changing your password, or using two-factor authentication.
  • Watch out for other cyberattacks. Be on high alert for malicious attacks where cybercriminals could use stolen credentials to exploit users, such as spear phishing.
  • Place a fraud alert. If you suspect that your data might have been compromised, place a fraud alert on your credit. This not only ensures that any new or recent requests undergo scrutiny, but also allows you to have extra copies of your credit report so you can check for suspicious activity.
  • Freeze your credit. Freezing your credit will make it impossible for criminals to take out loans or open up new accounts in your name. To do this effectively, you will need to freeze your credit at each of the three major credit-reporting agencies (Equifax, TransUnion, and Experian).
  • Consider using identity theft protection. A solution like McAfee Identify Theft Protection will help you to monitor your accounts, alert you of any suspicious activity, and help you to regain any losses in case something goes wrong.

To stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post 750K Birth Certificate Applications Exposed Online: 5 Tips to Help You Stay Secure appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/consumer-threat-notices/750k-birth-certificate-applications-exposed/feed/ 0
Attention Android Users: Is CallerSpy Malware Spying on You? https://www.mcafee.com/blogs/consumer/consumer-threat-notices/android-callerspy-malware/ https://www.mcafee.com/blogs/consumer/consumer-threat-notices/android-callerspy-malware/#comments Fri, 06 Dec 2019 23:02:12 +0000 /blogs/?p=97767

Meet CallerSpy malware, a new form of mobile malware designed to snoop on calls, texts, and other smartphone communications. This trojan malware is targeting Android users by tricking them into downloading a fake chat app called Apex App. However, despite being advertised as a chat application, CallerSpy doesn’t really contain any chat capabilities. In fact, […]

The post Attention Android Users: Is CallerSpy Malware Spying on You? appeared first on McAfee Blogs.

]]>

Meet CallerSpy malware, a new form of mobile malware designed to snoop on calls, texts, and other smartphone communications. This trojan malware is targeting Android users by tricking them into downloading a fake chat app called Apex App. However, despite being advertised as a chat application, CallerSpy doesn’t really contain any chat capabilities. In fact, researchers describe the app as “riddled with espionage features.”

How exactly does this spy begin its reconnaissance mission? According to ZDNet, once the fake app is downloaded and launched, it connects to a server that directs the malware to start snooping on the device. From collecting call logs, text messages, contacts, and device files to being able to activate the phone’s microphone and taking screenshots, CallerSpy does it all. Once this data has been stolen, it’s then periodically uploaded to the cybercrook. And since cybersecurity researchers have only recently uncovered this malware, it is still unknown what this stolen data is being used for. What’s clear is that CallerSpy is no misnomer and users need to be prepared.

So, what are some proactive steps users can take to avoid being spied on by CallerSpy? Follow these tips to avoid this malware’s prying eye:

  • Watch what you download. The best way to know if an app is malicious or not is to check for typos and grammatical errors in the description, look at the download statistics, and read what other users are saying.
  • Be selective about which sites you visit. Only use reputable, well-known, and trusted sites. One way to determine if a site is potentially malicious is by checking its URL. If the URL address contains multiple grammar or spelling errors and suspicious characters, avoid interacting with the site altogether.
  • Surf the web securely. You can use a tool like McAfee WebAdvisor, which will flag any sites that may be malicious without your knowing. The best part – it’s free!

And, as always, to stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Attention Android Users: Is CallerSpy Malware Spying on You? appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/consumer-threat-notices/android-callerspy-malware/feed/ 1
Here’s What You Need to Know About Your Data Privacy in 2020 https://www.mcafee.com/blogs/consumer/consumer-threat-notices/data-privacy-predictions-2020/ https://www.mcafee.com/blogs/consumer/consumer-threat-notices/data-privacy-predictions-2020/#respond Thu, 05 Dec 2019 05:01:51 +0000 /blogs/?p=97731

The end of 2019 is rapidly approaching, and with the coming of a new year comes the perfect opportunity to reflect on the past and plan for the months ahead. What will 2020 bring when it comes to cybersecurity and what can users do to ensure that they’re protected in the upcoming year? From new […]

The post Here’s What You Need to Know About Your Data Privacy in 2020 appeared first on McAfee Blogs.

]]>

The end of 2019 is rapidly approaching, and with the coming of a new year comes the perfect opportunity to reflect on the past and plan for the months ahead. What will 2020 bring when it comes to cybersecurity and what can users do to ensure that they’re protected in the upcoming year? From new data privacy laws to how organizations collect and store user data, the new year will certainly bring plenty of security implications for users. Let’s take a look at a few predictions we have for the year to come.

More Awareness, More Regulations

After a security breach is disclosed, users often learn what can go wrong with their data and may start to wonder what will happen if their information gets into the wrong hands. That’s why new privacy laws will likely be implemented to empower users to better protect and control their data. For example, the new California privacy law set to go into effect January 2020 will allow consumers to instruct companies to delete their personal information and to opt-out of having their private data shared. These new regulations will allow users to better control their data and who has access to it. However, more regulations also create a more complicated landscape for individuals to navigate. Consumers will likely see more “consent” requests attached to any online data collection. That said, it is important to pay close attention to what consumers are agreeing to when they click “consent.”

With these new privacy laws, the method and level of transparency that organizations use to collect and store user data will likely come under scrutiny, particularly as data breaches become public. For example, companies make billions of dollars annually by buying and selling personal information that isn’t theirs to sell. The more data a company has on a user, the more insight cybercriminals have to infiltrate their digital life and trick them into sharing more information. 

New Tricks for the New Year

As more data is collected from various breaches, cybercriminals will look to leverage this information as a way to better understand which users to target and how exactly to target them. With the help of social engineering and artificial intelligence, these crooks will up the ante and turn old cyber tricks into sophisticated, unfamiliar threats. Take call spoofing, for example. By taking advantage of a user’s private data and new technology, cybercriminals could implement a fake call that appears to be coming from the user’s friend or family member. Because users are more likely to pick up a call from someone they know or a number that shares their same area code, cybercriminals increase the chances that their malicious attacks will be successful.

Dark Web Draws in More Data

With the number of breached records growing every day, users need to be aware of how crooks are leveraging this information in the cybercriminal underground and on the Dark Web. According to the McAfee Advanced Threat Research (ATR) team, more than 2.2 billion stolen account credentials were made available on the cybercriminal underground throughout Q1 2019 alone. This growing trend of personal online accounts being brokered on the Dark Web and the increasingly sophisticated threats that have recently emerged means that the 2019 holiday season could be the most dangerous yet.

With these predictions for the cybersecurity landscape in 2020, what resolutions can users make to help ensure that their data is protected? Follow these security tips to help safeguard your personal information:

  • Never reuse passwords. With just one hack, cybercriminals can get their hands on thousands of passwords, which they can then use to try to access multiple accounts. Ensure that all of your passwords are complex and unique.
  • Go directly to the source. Instead of clicking on a link in an email, it’s always best to check directly with the source to verify an offer or shipment.
  • Browse with security protection. Use a comprehensive security solution, like McAfee Total Protection, which can help protect devices against malware, phishing attacks, and other threats. It includes McAfee WebAdvisor, which can help identify malicious websites.
  • Use a tool to help protect your personal information. A solution like McAfee Identity Theft Protection takes a proactive approach to help protect identities with personal and financial monitoring and recovery tools to help keep identities personal and secure.

And, as always, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post Here’s What You Need to Know About Your Data Privacy in 2020 appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/consumer-threat-notices/data-privacy-predictions-2020/feed/ 0
Threat Hunting or Efficiency: Pick Your EDR Path? https://www.mcafee.com/blogs/enterprise/endpoint-security/threat-hunting-or-efficiency-pick-your-edr-path/ https://www.mcafee.com/blogs/enterprise/endpoint-security/threat-hunting-or-efficiency-pick-your-edr-path/#comments Tue, 12 Nov 2019 15:00:53 +0000 https://securingtomorrow.mcafee.com/?p=97369

“Do You Want It Done Fast, Or Do You Want It Done Right?” “Yes.” “Help out more with our business objectives.” “Cover an increasing number of endpoints.” “Cut budgets.” “Make it all work without adding staff.” Cybersecurity teams face a lot of conflicting objectives—both within their teams and from upper management. But a May 2019 […]

The post Threat Hunting or Efficiency: Pick Your EDR Path? appeared first on McAfee Blogs.

]]>

“Do You Want It Done Fast, Or Do You Want It Done Right?” “Yes.”

“Help out more with our business objectives.” “Cover an increasing number of endpoints.” “Cut budgets.” “Make it all work without adding staff.”

Cybersecurity teams face a lot of conflicting objectives—both within their teams and from upper management. But a May 2019 commissioned study conducted by Forrester Consulting on behalf of McAfee really puts a fine point on it: When decision makers were asked which endpoint security goals and initiatives they’re prioritizing for the coming year, the top two responses were “improve security detection capabilities” (87%) and “increase efficiency in the SOC” (76%).

Unfortunately, traditional EDR solutions have made accomplishing both of these goals (and in some cases, even one or the other!) difficult, if not impossible. According to the study, gaps in EDR capabilities have created pain points for 83% of enterprises. For instance, while 40% of enterprises consider threat hunting a critical requirement, only 29% feel their current EDR solutions fully meet that need. On an even more basic level, 36% worry their EDR solution doesn’t surface every threat that breaks through—while an equal number of respondents say the alerts that are surfaced by their EDR are frequently not relevant or worth investigating.

These numbers clearly show there’s a lot of room for improvement, but at the same time, these two goals seem to be less than complementary. How would you choose to try and meet them?

Scenario 1: The Status Quo

Your team continues utilizing their traditional EDR solution on its own.

You lose points in efficiency out of the gate—according to Forrester, 31% of companies say that the systems are so complex, their junior staff lack the skillset to triage and investigate alerts without senior staff.

The number of alerts output by traditional EDR solutions will cost you efficiency in another way: another 31% of respondents say their teams struggle to keep up with the volume of alerts generated by their EDRs.

On the threat detection side, you’re not starting out with a perfect score, either: Again, keep in mind that more than a third of respondents believe that, even with this large volume of alerts, not everything is being caught.

As a baseline, let’s assume you’re starting out with a 7 in Threat Detection, and a 3.5 in Efficiency.
You’re still a long way from meeting your goals. Let’s look at our options.

Do you want to:

  • Add more staff members
  • Bolt on more software
  • Hire an MDR

Scenario 2: Add more staff members

With efficiency seeming such a far-off goal, your team decides to focus its efforts on threat detection. To help manage the number of alerts, you hire two new employees. You still have every bit as much noise coming from your EDR, and it still isn’t catching everything, but your team has marginally more ability to triage and respond to threats. You gain a point for threat detection, but a look at your department budget sheet shows your efficiency score is basically shot.

Final Score: 8 in Threat Detection, and a 2 in Efficiency.

Scenario 3: Bolting On More Software

Other businesses are taking a different tack. They’re keeping their traditional EDR solution, but they’re also bolting on more point solutions to help catch things that fall through the cracks. If you choose to go this route, your threat detection capabilities go up …. but between all the duplicate alerts, separate interfaces, and near complete lack of integration, your team is critically bogged down.  With junior staff able to triage just 31 percent of alerts on traditional EDR systems, senior analysts are having to manage all the alerts on all the interfaces on their own.

All this software isn’t cheap, and you’re losing time in both training in all of it, and in switching back and forth. Meanwhile, the solutions that were supposed to improve your threat detection capabilities are doing so … somewhat … but with things falling through the cracks amidst the chaos and analyst fatigue setting in, you wouldn’t know it.

Final Score: 7.5 in Threat Detection, 1.5 in Efficiency.

Scenario 4: Partnering with an MDR

You don’t want to hire any more staff—and even if you did, there aren’t many to hire. So instead you hire a Managed Detection and Response (MDR) provider to do what your EDR should be doing, but isn’t. You partner with the most reputable MDR you can find, and you’re confident that between what you’re doing and what they’re doing, there isn’t much getting past you. But you’re also paying twice to get a single set of capabilities.

Final Score: 9 in Threat Detection, 1 in Efficiency

Clearly, it’s time to try something new

  • I want to improve my efficiency with my current EDR!
  • I want to try something better.

Scenario 5: Improving efficiency with current EDR

How do you make a first-gen EDR more efficient? You don’t. In other words, if you want to get more out of an EDR that doesn’t utilize the latest technologies, the only adjustments you can make here have to come from your team. If you could get more threat detection mileage out of the same number of team members, your efficiency level would naturally rise.

Initial Score: 8 in Threat Detection, 4 in Efficiency

But as you soon find out, the mandatory late nights and your “you’d better step it up or else!” attitude aren’t exactly doing wonders for morale. With cybersecurity professionals in high demand everywhere, it isn’t long before you’re down at least one team member. Now you have 4 team members doing the number of 5. Which sounds decent ….

Intermediate Score: 6 in Threat Detection, 6 in Efficiency

… until an enterprising hacker takes note of your shorthandedness and targets you, hoping to use your situation to their advantage. Unfortunately, not only do you have a highly imperfect traditional EDR system and four employees trying to do the work of five … you have four disgruntled employees trying to do the work of five. According to IDC, in organizations that have experienced a breach in the last 12 months, those staff who are extremely satisfied are, on average, more likely to report fewer hours to identify the breach (11 hours) than those who are dissatisfied (23 hours). Guess which camp your team falls into?

Before long, your company is brought to its knees by a major attack. The press is all over it, and confidence in your company plummets. Your company’s reputation might recover … eventually … but things aren’t looking so good for you.

Final Score: Game Over.

Scenario 6: I want to try something better.

You’ve heard from your friends and colleagues about what doesn’t work. And, of course, you’ve read the horror stories. But you’re still left with two disparate goals. What if there was a way to increase threat detection capabilities without hiring more personnel, outsourcing what your EDR should be able to handle but isn’t, or creating a system with more bolts than Frankenstein’s monster?

According to Forrester, there is a way to bridge the goals of greater efficiency and better threat detection. With AI guided investigation, your junior analysts will be able to triage threats like your more seasoned analysts, freeing your senior analysts to focus on mission-critical tasks. And with less noise, your team will be free to focus on more of the right alerts.

Survey respondents backed this up: 35 percent believe AI-guided investigations will lead to fewer breaches, and 52 percent think they’ll lead to improved efficiency. Mission accomplished.

Final Score: You=1, Hackers=0.

To read more about how AI-guided investigation can help revolutionize your SOC, click here.

The post Threat Hunting or Efficiency: Pick Your EDR Path? appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/enterprise/endpoint-security/threat-hunting-or-efficiency-pick-your-edr-path/feed/ 1
Secure Your Black Friday & Cyber Monday Purchases https://www.mcafee.com/blogs/consumer/black-friday-cyber-monday-safe-online-shopping/ https://www.mcafee.com/blogs/consumer/black-friday-cyber-monday-safe-online-shopping/#respond Mon, 11 Nov 2019 14:00:57 +0000 https://securingtomorrow.mcafee.com/?p=97282

As we gear up to feast with family and friends this Thanksgiving, we also get our wallets ready for Black Friday and Cyber Monday. Black Friday and Cyber Monday have practically become holidays themselves, as each year they immediately shift our attention from turkey and pumpkin pie to holiday shopping. Let’s take a look at […]

The post Secure Your Black Friday & Cyber Monday Purchases appeared first on McAfee Blogs.

]]>

As we gear up to feast with family and friends this Thanksgiving, we also get our wallets ready for Black Friday and Cyber Monday. Black Friday and Cyber Monday have practically become holidays themselves, as each year they immediately shift our attention from turkey and pumpkin pie to holiday shopping. Let’s take a look at these two holidays, and how their popularity can impact users’ online security.

The Origins of the Holiday Shopping Phenomenon

You might be surprised to find out that the term “Black Friday” was first associated with a financial crisis, not sales shopping. According to The Telegraph, the U.S. gold market crashed on Friday, September 24, 1869, leaving Wall Street bankrupt. It wasn’t until the 1950s that Black Friday was used in association with holiday shopping when large crowds of tourists and shoppers flocked to Philadelphia for a big football game. Because of all the chaos, traffic jams, and shoplifting opportunities that arose, police officers were unable to take the day off, coining it Black Friday. It wasn’t until over 50 years later that Cyber Monday came to fruition when Shop.org coined the term as a way for online retailers to participate in the Black Friday shopping frenzy.

Growth Over the Years

Since the origination of these two massive shopping holidays, both have seen incredible growth. Global interest in Black Friday has risen year-over-year, with 117% average growth across the last five years. According to Forbes, last year’s Black Friday brought in $6.2 billion in online sales alone, while Cyber Monday brought in a record $7.9 billion.

While foot traffic seemed to decrease at brick-and-mortar stores during Cyber Week 2018, more shoppers turned their attention to the internet to participate in holiday bargain hunting. Throughout this week, sales derived from desktop devices came in at 47%, while mobile purchases made up 45% of revenue and tablet purchases made up 8% of revenue.

 

So, what does this mean for Black Friday and Cyber Monday shopping this holiday season? Adobe Analytics projects that Thanksgiving and Black Friday will bring in $12.3 billion in online sales and Cyber Monday will bring in $9.48 billion. If one thing’s for sure, this year’s Black Friday and Cyber Monday sales are shaping up to be the biggest ones yet for shoppers looking to snag some seasonal bargains. However, the uptick in online shopping activity provides cybercriminals with the perfect opportunity to wreak havoc on users’ holiday fun.

Holiday Bargain or Shopping Scam?

Inherently, Black Friday and Cyber Monday are pretty similar, with the main difference being where users choose to shop. While Black Friday sees a mix of online and in-store shoppers, most consumers will participate in Cyber Monday sales from their mobile phones or desktops at work. Plus, with mobile Cyber Week sales increasing year over year, it’s clear that users are gravitating towards the convenience of shopping on the go. However, the increase in mobile online shopping also creates an opportunity for cybercriminals to exploit. The latest McAfee Mobile Threat Report revealed a huge increase in device backdoors, fake apps, and banking trojans. With more and more users turning to their smartphones this holiday shopping season, they are in turn potentially subject to a wide variety of mobile cyberattacks.

Another threat to users’ holiday shopping sprees? Rushed purchases. Thanks to a later Thanksgiving, Cyber Monday falls on December 2nd, leaving users with one less shopping week between Turkey Day and Christmas. Because of this time crunch, many users are feeling pressured to get their holiday shopping done in time and might forego some basic cybersecurity practices to speed up the online shopping process. This includes not checking online retailer authenticity, falling for fake Black Friday deals, and hastily giving up more personal information than necessary, all in the interest of jumping on a sale before it’s too late.

How to Stay Secure This Holiday Season

In the blur of the holiday shopping frenzy, how can you help protect your personal information online? Before whipping out your credit card this Black Friday and Cyber Monday, check out these cybersecurity tips to ensure your holiday shopping spree goes off without a hitch:

  • Look for the lock icon. Secure websites will start with “https,” not just “http.” Double-check that you see the padlock icon right next to the web address in your browser. If you don’t, it’s best to avoid making purchases on that website.
  • If you can help it, shop on your desktop. Although shopping on a smartphone allows you to make purchases on the go, this opens you up to threats like mobile malware and fake shopping apps. Additionally, URLs are often shortened on mobile devices, making it easier for scammers to trick you with clone websites.
  • Ask the critics. Cybercriminals will often create fake websites to try and exploit users looking to get in on the Black Friday and Cyber Monday action. If you’re unsure about a product or retailer, read lots of reviews from trusted websites to help see if it’s legitimate.
  • Be on the lookout for suspicious websites. Misspellings and grammatical errors are often a sign that it’s a rip off of a legitimate site. If the site’s content looks a little rough around the edges, this is probably a sign that it was created by a cybercriminal.
  • Don’t be too optimistic. Beware of bogus Black Friday and Cyber Monday deals with fake “free” offers. If you spot an ad online that seems too good to be true, chances are it probably is.
  • Use a comprehensive security solution. Using a solution like McAfee LiveSafe can help your holiday shopping spree go smoothly by providing safe web browsing, virus protection, and more. Check out our own special Cyber Week Offer here.

Looking for more security tips and trends? Be sure to follow @McAfee Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post Secure Your Black Friday & Cyber Monday Purchases appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/black-friday-cyber-monday-safe-online-shopping/feed/ 0
Using Expert Rules in ENS to Prevent Malicious Exploits https://www.mcafee.com/blogs/other-blogs/mcafee-labs/using-expert-rules-in-ens-10-5-3-to-prevent-malicious-exploits/ https://www.mcafee.com/blogs/other-blogs/mcafee-labs/using-expert-rules-in-ens-10-5-3-to-prevent-malicious-exploits/#respond Fri, 25 Oct 2019 15:41:38 +0000 https://securingtomorrow.mcafee.com/?p=97184

Expert Rules are text-based custom rules that can be created in the Exploit Prevention policy in ENS Threat Prevention 10.5.3+. Expert Rules provide additional parameters and allow much more flexibility than the custom rules that can be created in the Access Protection policy. It also allows system administration to control / monitor an endpoint system […]

The post Using Expert Rules in ENS to Prevent Malicious Exploits appeared first on McAfee Blogs.

]]>

Expert Rules are text-based custom rules that can be created in the Exploit Prevention policy in ENS Threat Prevention 10.5.3+. Expert Rules provide additional parameters and allow much more flexibility than the custom rules that can be created in the Access Protection policy. It also allows system administration to control / monitor an endpoint system at a very granular level. Expert rules do not rely on User-Mode hooking; hence they have very minimal impact on a system’s performance. This blog is created as a basic guide to show our customers how to create them and which threats they can help block. Further detailed information can be found in the conclusion.

How Expert Rules work

The following sections show how to add Expert rules via EPO and ENS.

Adding an Expert Rule from EPO

1. Select System Tree | Subgroup (e.g.: ens_10.6.0) | Assigned Policies | Product (Endpoint Security Threat Prevention) | Exploit Prevention (My Default)

2. Navigate to Signatures and click on Add Expert Rule.

3. In the Rules section, complete the fields.

a. Select the severity and action for the rule. The severity provides information only; it has no select on the rule action.

b. Select the type of rule to create. The Rule content field is populated with the template for the selected type.

c. Change the template code to specify the behavior of the rule.

When you select a new class type, the code in the Rule content field is replaced with the corresponding template code. Endpoint Security assigns the ID number automatically, starting with 20000. Endpoint Security does not limit the number of Expert Rules you can create.

4. Save the rule, then save the settings.

5. Enforce the policy to a client system.

6. Validate the new Expert Rule on the client system.

Adding an Expert Rule directly at the Endpoint:

If we need to add an expert rule from EPO it will be pushed to all endpoints of an entire EPO “WORKGROUP”. There could be situations where expert rules are required to be applied in one/two systems or ENS systems which are not managed by EPO (non-corporate environment where ENS is installed from a standalone setup); in those cases, the expert rule must be added directly at the endpoint. Expert rules can be written and applied directly at the Endpoint system using McAfee Endpoint Security UI. Steps are below:

1. Open McAfee Endpoint Security. Go to Settings.

2. Go to Threat Prevention | Show Advanced.

3. Scroll Down to Expert Rule Section and then click on Add Expert Rule.

4. The expert rule compiler should pop up where an end user can directly write and compile expert rules and, upon compilation, enforce the rules to the system.

If there is no syntax error in the expert rule it can be applied in the system by clicking on the Enforce button. In case there is a syntax error, the details can be found in log file  %ProgramData%\McAfee\Endpoint Security\Logs\ExploitPrevention_Debug.log

Testing the Rules

When new rules are created, they should first be tested in ‘Report’ mode so that the detections can be observed. When enough confidence in the rule has been gained, it can be turned to ‘Block’ mode.

Expert Rule Examples:

 

Basic Rule:

The following rule will detect an instance of cmd.exe creating any file at c:\temp. Please note that cmd.exe might be run by any user and from any part of the system.

Rule {

Process {

Include OBJECT_NAME { -v “cmd.exe” }

}

Target {

Match FILE {

Include OBJECT_NAME { -v “c:\\temp\\**” }

Include -access “CREATE”

}

}

}

 

Rules which target specific malicious behavior:

The following rules can be created to help block specific malicious activity which is performed by various malware families and attack techniques.

 

Expert Rule to Block Remote Process Injection [MITRE Technique Process Injection T1055]:

Rule {

Process {

Include OBJECT_NAME { -v “**” }

Exclude OBJECT_NAME { -v “SYSTEM” }

Exclude OBJECT_NAME { -v “%windir%\\System32\\WBEM\\WMIPRVSE.EXE” }

Exclude OBJECT_NAME { -v “%windir%\\System32\\CSRSS.EXE” }

Exclude OBJECT_NAME { -v “%windir%\\System32\\WERFAULT.EXE” }

Exclude OBJECT_NAME { -v “%windir%\\System32\\SERVICES.EXE” }

Exclude OBJECT_NAME { -v “*\\GOOGLE\\CHROME\\APPLICATION\\CHROME.EXE” }

}

Target {

Match THREAD {

Include OBJECT_NAME { -v “**” }

Exclude OBJECT_NAME { -v “**\\MEMCOMPRESSION” }

Exclude OBJECT_NAME { -v “%windir%\\System32\\WERFAULT.EXE” }

Include -access “WRITE”

}

}

}

 

Expert Rule which prevents powershell.exe and powershell_ise.exe process from dumping credentials by accessing lsass.exe memory [ MITRE Technique Credential Dumping T1003 ]:

Rule {

Process {

Include OBJECT_NAME {  -v “powershell.exe”  }

Include OBJECT_NAME {  -v “powershell_ise.exe”  }

Exclude VTP_PRIVILEGES -type BITMASK { -v 0x8 }

}

Target {

Match PROCESS {

Include OBJECT_NAME {   -v  “lsass.exe”  }

Include -nt_access “!0x10”

Exclude -nt_access “!0x400”

}

}

}

 

Expert Rule which prevents creation of a suspicious task (PowerShell script or batch file) using “SchTasks.exe” utility [MITRE Technique Scheduled Task T1053]:

Rule {

Process {

Include OBJECT_NAME { -v  “SchTasks.exe” }

Include PROCESS_CMD_LINE { -v “*/Create*” }

}

Target {

Match PROCESS {

Include PROCESS_CMD_LINE { -v “**.bat**” }

}

Match PROCESS {

Include PROCESS_CMD_LINE { -v “**.ps1**” }

}

}

}

 

Expert Rule to prevent Start Up Entry Creation [ MITRE Technique Persistence T1060]:

Adversaries can use several techniques to maintain persistence through system reboots. One of the most popular techniques is creating entries in the Start Up folder. The following expert rule will prevent any process from creating files in the Start Up folder. Recently, the internet has witnessed a full-fledged exploit of a decade old WinRAR vulnerability (CVE-2018-20251) which can be exploited by dropping files in the Start Up directory. The following expert rule will also block such an attempt.

Rule {

Process {

Include OBJECT_NAME { -v ** }

}

Target {

Match FILE {

Include OBJECT_NAME { -v “**\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\**” }

Include -access “CREATE WRITE”

}

}

}

 

Expert Rule which blocks JavaScript Execution within Adobe Reader:

Exploiting a client-side software vulnerability to gain an initial foothold in a network is not new [MITRE Technique T1203]. Adobe Reader is a very popular target because, like any other browser, it supports JavaScript which makes exploitation much easier. The following expert rule can be deployed in any network to prevent Adobe Reader from executing any kind of JavaScript.

Rule {

Process {

Include OBJECT_NAME { -v “AcroRd32.exe”}

}

Target {

Match SECTION {

Include OBJECT_NAME { -v “EScript.api” }

}

}

}

The table below shows how the above four Expert Rules line up in the Mitre Att&ck matrix.

Conclusion

There are many more rules which can be created within Exploit Prevention (part of McAfee’s ENS Threat Prevention) and they can be customized depending on the customer’s environment and requirements. For example, the Expert Rule which blocks JavaScript Execution within Adobe Reader will be of no use if an organization does not use “Adobe Reader” software. To fully utilize this feature, we recommend our customers read the following guides:

https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/27000/PD27227/en_US/ens_1053_rg_ExpertRules_0-00_en-us.pdf

https://kc.mcafee.com/corporate/index?page=content&id=KB89677

 

Disclaimer: The expert rules used here as examples can cause a significant number of False Positives in some environments, hence we recommend those rules to be explicitly applied only in an environment where better visibility of above (or similar) events at granular level is required.

Acknowledgement:

The author would like to thank following colleagues for their help and inputs authoring this blog.

  • Oliver Devane
  • Abhishek Karnik
  • Cedric Cochin

The post Using Expert Rules in ENS to Prevent Malicious Exploits appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/using-expert-rules-in-ens-10-5-3-to-prevent-malicious-exploits/feed/ 0
Increasing Value with Security Integration https://www.mcafee.com/blogs/enterprise/increasing-value-with-security-integration/ https://www.mcafee.com/blogs/enterprise/increasing-value-with-security-integration/#respond Tue, 22 Oct 2019 15:00:35 +0000 https://securingtomorrow.mcafee.com/?p=97140

What would your security team do with an extra 62 days? According to a recent study by IDC, that’s the amount of time the average-sized security team can expect to regain by addressing a lack of security management integration. With just 12 percent of respondents currently using an end-to-end management suite—and with 14 percent completely […]

The post Increasing Value with Security Integration appeared first on McAfee Blogs.

]]>

What would your security team do with an extra 62 days?

According to a recent study by IDC, that’s the amount of time the average-sized security team can expect to regain by addressing a lack of security management integration. With just 12 percent of respondents currently using an end-to-end management suite—and with 14 percent completely reliant on ad hoc “solutions”—there’s plenty of room for improvement.

The study, “Security Integration and Automation: The Keys to Unlocking Security Value,” found that businesses who addressed lack of integration saw three main business benefits: Efficiency, Cost Reduction and Improved Staff Retention. If your business chose to do the same, which goal would your team spend its 62 days working toward?

Increasing Efficiency

When asked what concerns limited their ability to improve IT security capabilities, 44% reported security was too busy with routine operations, and 37 percent cited high levels of demand for new business services.

If these teams had an extra 62 days, it could afford them the free time needed to improve their security posture—and one place that a lot of companies currently fall short is in the cloud, where a majority of new business services live.

According to IDC, enterprises are expected to spend $1.7 trillion on digital transformation by the end of this year. And our 2019 Cloud Adoption and Risk Report found that 83% of respondents worldwide stored sensitive data in the cloud. The number of files on the cloud that are eventually shared has risen to nearly half, but unfortunately, there isn’t always a lot visibility or control over where that data winds up. 14% of those files go to personal email addresses, removing them from the oversight of corporate cybersecurity. Even worse, another 12% of the files shared are accessible to “anyone with a link.”

These numbers are only rising—over the past two years, they’ve gone up 12% and 23% respectively. A recent report by Gartner puts a fine point on it: “Through 2025, 90% of the organizations that fail to control public cloud use will inappropriately share sensitive data”—a figure which could risk your company’s compliance status, reputation, or even overall well-being. Clearly, any portion of that 62 days dedicated to preventing such data loss would be time well spent.

Decreasing Costs

According to a Cybersecurity Ventures report, there will be an estimated 3.5 million unfilled cybersecurity jobs by 2021. Odds are, your own cybersecurity team is feeling this crunch. In our “Hacking the Skills Shortage” report, we found that businesses are having to respond to in-house talent shortages by expanding their outsourcing of cybersecurity.

More than 60% of survey respondents work at organizations that outsource at least some cybersecurity work. With an extra 62 days a year, some of these capabilities could be brought back in-house, which would help meet cost-cutting goals or free up resources that could be reallocated elsewhere. For a team struggling to meet demands that outpace their current bandwidth, having this 62 days would be like receiving an extra 9.5 manhours of work a week. This “free” higher production reduces your company’s labor cost—and could make a substantial difference during cybersecurity labor shortages, when extra manpower can be basically unavailable at any price.

Employee Retention

What else could your team do with 62 extra days a year? Nothing at all.

More specifically, this time could be allocated across your team as a way to ease burnout, incentivize hard work, and help increase retention.

According to our “Winning the Game” report, only 35% of survey respondents say they’re “extremely satisfied” in their current cybersecurity job, and a full 89% would consider leaving their roles if offered the right type of incentive.

What are the “right types of incentives?” 32% said that shorter/flexible hours would make them consider leaving. Another 28% said lower workload would lure them away, and an additional 18 percent said an easier, more predictable workload could make them switch.

Assuming an average security staff of between 5 and 6 team members, 62 days would allow you to give each employee several extra days off a year. Alternately, by distributing existing workload through this allotted time, your team could work at a pace other than “breakneck.”

While the extra time you’d gain could certainly allow for less work, it could also allow for more interesting work. In the same survey, 30% of employees mentioned that an opportunity to work with exciting technologies like AI/automation could lead them to consider working elsewhere. If your team falls into this camp, an extra 62 days could allow the time necessary to explore these options (which in turn, could have business benefits of their own.)

Once these benefits are realized, what are the ultimate outcomes expected to be? According to IDC, 36% said faster response times, 35% said more effective response, and 29% said better threat intel sharing. Given these findings, it’s no wonder that the share of end-to-end suite users who feel their security is ahead of their peers outnumber their ad-hoc equivalents 4:1. Where does your business stand?

To read the full “Security Integration and Automation: The Keys to Unlocking Security Value” study, click here.

The post Increasing Value with Security Integration appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/enterprise/increasing-value-with-security-integration/feed/ 0
Are Cybersecurity Robots Coming For Your Job? https://www.mcafee.com/blogs/enterprise/are-cybersecurity-robots-coming-for-your-job/ https://www.mcafee.com/blogs/enterprise/are-cybersecurity-robots-coming-for-your-job/#respond Wed, 09 Oct 2019 15:30:56 +0000 https://securingtomorrow.mcafee.com/?p=97035

“14 Jobs That Will Soon Be Obsolete.” “Can A Robot Do Your Job?” “These Seven Careers Will Fall Victim to Automation.” For each incremental advance in automation technology, it seems there’s an accompanying piece of alarmist clickbait, warning of a future in which robots will be able to do everything we can, only better, cheaper, […]

The post Are Cybersecurity Robots Coming For Your Job? appeared first on McAfee Blogs.

]]>

“14 Jobs That Will Soon Be Obsolete.” “Can A Robot Do Your Job?” “These Seven Careers Will Fall Victim to Automation.” For each incremental advance in automation technology, it seems there’s an accompanying piece of alarmist clickbait, warning of a future in which robots will be able to do everything we can, only better, cheaper, and for longer. Proponents of AI and automation view this as the harbinger of a golden age, ushering in a future free from all the paper-pushing, the drudgery, the mundane and repetitive things we have to do in our lives. We will work shorter hours, focus on more meaningful work, and actually spend our leisure time on, well, leisure.

But while it’s one thing to enjoy having a robot zipping across the floor picking up your 3-year-old’s wayward Cheerios, it’s quite another to imagine automation coming to our workplace. For those of us in cybersecurity, however, it has become a foregone conclusion: Now that criminals have begun adopting automation and AI as part of their attack strategies, it’s become something of an arms race, with businesses and individuals racing to stay one step ahead of increasingly sophisticated bad actors that human analysts will no longer be able to fend off on their own.

Spurred by growth in both the number of companies deploying automation and the sophistication of threats, automated processes are closing in on and even surpassing human analysts in some tasks—which is making some cybersecurity professionals uneasy. “When robots are better threat hunters, will there still be a place for me? What if someday, they can do everything I can do, and more?”

According to the “2019 SANS Automation and Integration Survey,” however, human-powered SecOps aren’t going away anytime soon. “Automation doesn’t appear to negatively affect staffing,” the authors concluded, after surveying more than 200 cybersecurity professionals from companies of all sizes over a wide cross-section of industries. What they found, in fact, suggested the opposite: Companies with medium or greater levels of automation actually have higher staffing levels than companies with little automation. When asked directly about whether they anticipated job elimination due to automation, most of those surveyed said they felt there would be no change in staffing levels. “Respondents do not appear concerned about automation taking away jobs,” the paper concludes.

There are many reasons for this, but perhaps the most basic is that, in order to see any sort of loss in the number of cybersecurity jobs, we’d first need to get to parity—and we’re currently about 3 million short of that.

Phrased another way, automation could theoretically eliminate three million jobs before a single analyst had to contemplate a career change. That’s an oversimplification, to be sure, but it’s also one that presupposes AI and automation will live up to all of its promises—and as we’ve seen with a number of “revolutionary” cybersecurity technologies, many fall short of the hype, at least in the early days.

Automation currently faces some fundamental shortcomings. First, it cannot deploy itself: Experts are needed to tailor the solution to the business’ needs and ensure it is set up and functioning correctly. And once they’re in place, the systems cannot reliably cover all the security needs of an enterprise—due to a lack of human judgment, automated systems surface a great many false positives, and failing to put an analyst in charge of filtering and investigating these these would create a huge burden on the IT staff responsible for remediation.

There’s also the issue of false negatives. AI is great at spotting what it’s programmed to spot; it is vastly more unreliable at catching threats it hasn’t been specifically instructed to look for. Machine learning is beginning to overcome this hurdle, but the operative word here is still “machine”—when significant threats are surfaced, the AI has no way of knowing what this means for the business it’s working for, as it lacks both the context to fully realize what a threat means to its parent company, and the ability to take into consideration everything a person would. Humans will still be needed at the helm to analyze risks and potential breaches, and make intuition-driven, business-critical decisions.

As effective as these automated systems are, once they’ve been programmed, their education begins to become obsolete almost immediately as new types of attack are created and deployed. Automated systems cannot continue to learn and evolve effectively without the guiding hand of humans. Humans are also needed as a check on this learning, to test and attempt to penetrate the defenses the system has developed.

Then there are the things that can never be automated: hiring and training people; selecting vendors; any task that requires creativity or “thinking outside the box”; making presentations and eliciting buy-in from the board of directors and upper management—and, of course, compliance. No automated system, no matter how sophisticated, is going to know when new laws, company regulations, and rules are passed, and no system will be able to adjust to such changes without human intervention. Even if the work of compliance could be completely automated, the responsibility for compliance cannot be outsourced, and rare would be the individual who could sleep easy letting a machine handle such tasks singlehandedly.

But for the sake of argument, let’s assume for a moment we could fully automate the SOC. While the loss of jobs is certainly a serious matter, we’d soon find the stakes to be much higher than even that. Hackers have already demonstrated an ability to hack into automated systems. If they were able to retrain your AI to ignore critical threats, and there was no human present to realize what was happening and respond swiftly and appropriately, sensitive data could be compromised enterprise-wide—or worse.

In short, automation won’t eliminate the demand for human cybersecurity expertise, at least in the short- to medium-term. But it will certainly redefine roles. According to SANS, implementation of effective automation often requires an initial surge in staff to get the kinks worked out—but it is almost invariably accompanied by a redirection, not reduction, of the existing workforce. Once in place, the automated systems will have two functions. By allowing analysts to shift their focus to more critical cybersecurity functions, improving efficiency, reducing incident response time, and reducing fatigue, they function as a tool for cybersecurity professionals to increase their effectiveness.

But their most valuable role may be as a partner. Automation may be powerful, but automation closely directed and honed by humans is more powerful. Rather than taking the place of humans, robots will take their place alongside humans. Automation, then, should be thought of as a way not to replace SecOps teams, but rather to complement and complete them in a way that will allow them to handle both the monotonous and mundane (yet necessary) tasks in the SOC, and also attend to the true mission-critical tasks rapidly and without distraction.

For more on misconceptions surrounding automation, read the 2019 SANS Automation Survey

The post Are Cybersecurity Robots Coming For Your Job? appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/enterprise/are-cybersecurity-robots-coming-for-your-job/feed/ 0
McAfee Receives the 2019 Security Excellence Award From IoT Evolution https://www.mcafee.com/blogs/consumer/2019-security-excellence-award/ https://www.mcafee.com/blogs/consumer/2019-security-excellence-award/#respond Mon, 30 Sep 2019 16:00:48 +0000 https://securingtomorrow.mcafee.com/?p=96949

If you’re like most users, you’ve probably adopted several smart devices into your home over the last few years. Whether it be voice assistants, smart TVs, thermostats, or gaming systems, IoT devices help make our lives easier. But with greater connectivity also comes greater exposure to online threats. However, that doesn’t mean users should avoid […]

The post McAfee Receives the 2019 Security Excellence Award From IoT Evolution appeared first on McAfee Blogs.

]]>

If you’re like most users, you’ve probably adopted several smart devices into your home over the last few years. Whether it be voice assistants, smart TVs, thermostats, or gaming systems, IoT devices help make our lives easier. But with greater connectivity also comes greater exposure to online threats. However, that doesn’t mean users should avoid using IoT technology altogether. With the help of smart security, users can feel safe and protected as they bring new gadgets into their lives. Solutions like McAfee Secure Home Platform, which is now the winner of the IoT Security Excellence Award, can help users connect with confidence.

Here at McAfee, we know smart security is more important now than ever before. That’s why we work tirelessly to ensure that our solutions provide consumers with the best protection possible. For example, McAfee Secure Home Platform provides automatic protection for the entire home network by automatically securing connected devices through a router with McAfee protection. It’s through the proactive evolution of our products that McAfee Secure Home Platform has received this 2019 IoT Security Excellence Award from IoT Evolution World, the leading publication covering IoT technologies.

The IoT Security Excellence Award celebrates the most innovative products and solutions in the world of IoT. It honors technology empowered by the new availability of information being deduced, inferred, and directly gathered from sensors, systems, and anything else that is supporting better business and personal decisions. Winners of this award are recognized for their innovation in gathering and managing information from connected devices that often are not associated with IoT.

“We are thrilled that McAfee Secure Home Platform has been recognized by IoT Evolution World as a recipient of the 2019 IoT Evolution Security Excellence Award. We continue to prioritize creating solutions that lead with ease of use and first-class protection, in order for consumers to best protect every connected device in their homes.” – Gary Davis, Chief Consumer Security Evangelist at McAfee.

As long as technology continues to evolve, so will the threat landscape. This is what drives us to keep developing leading solutions that help you and your loved ones connect with confidence. Solutions like McAfee Secure Home Platform are leading the charge in providing top home network security while still empowering users to enjoy their smart devices.

To stay updated on the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post McAfee Receives the 2019 Security Excellence Award From IoT Evolution appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/2019-security-excellence-award/feed/ 0
The Seven Main Phishing Lures of Cybercriminals https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/the-seven-main-phishing-lures-of-cybercriminals/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/the-seven-main-phishing-lures-of-cybercriminals/#respond Tue, 24 Sep 2019 23:16:05 +0000 https://securingtomorrow.mcafee.com/?p=96823

One of the oldest tricks in the cybercrime playbook is phishing. It first hit the digital scene in 1995, at a time when millions flocked to America Online (AOL) every day. And if we know one thing about cybercriminals, it’s that they tend to follow the masses. In earlier iterations, phishing attempts were easy to […]

The post The Seven Main Phishing Lures of Cybercriminals appeared first on McAfee Blogs.

]]>

One of the oldest tricks in the cybercrime playbook is phishing. It first hit the digital scene in 1995, at a time when millions flocked to America Online (AOL) every day. And if we know one thing about cybercriminals, it’s that they tend to follow the masses. In earlier iterations, phishing attempts were easy to spot due to link misspellings, odd link redirects, and other giveaways. However, today’s phishing tricks have become personalized, advanced, and shrouded in new disguises. So, let’s take a look at some of the different types, real-world examples and how you can recognize a phishing lure.

Be Wary of Suspicious Emails

Every day, users get sent thousands of emails. Some are important, but most are just plain junk. These emails often get filtered to a spam folder, where phishing emails are often trapped. But sometimes they slip through the digital cracks, into a main inbox. These messages typically have urgent requests that require the user to input sensitive information or fill out a form through an external link. These phishing emails can take on many personas, such as banking institutions, popular services, and universities. As such, always remember to stay vigilant and double-check the source before giving away any information.

Link Look-A-Likes

A sort of sibling to email phishing, link manipulation is when a cybercriminal sends users a link to malicious website under the ruse of an urgent request or deadline. After clicking on the deceptive link, the user is brought to the cybercriminal’s fake website rather than a real or verified link and asked to input or verify personal details. This exact scenario happened last year when several universities and businesses fell for a campaign disguised as a package delivery issue from FedEx. This scheme is a reminder that anyone can fall for a cybercriminals trap, which is why users always have to careful when clicking, as well as ensure the validity of the claim and source of the link. To check the validity, it’s always a good idea to contact the source directly to see if the notice or request is legitimate.

Gone Whaling

Corporate executives have always been high-level targets for cybercriminals. That’s why C-suite members have a special name for when cybercriminals try to phish them – whaling. What sounds like a silly name is anything but. In this sophisticated, as well as personalized attack, a cybercriminal attempts to manipulate the target to obtain money, trade secrets, or employee information. In recent years, organizations have become smarter and in turn, whaling has slowed down. Before the slowdown, however, many companies were hit with data breaches due to cybercriminals impersonating C-suite members and asking lower-level employees for company information. To avoid this pesky phishing attempt, train C-suite members to be able to identify phishing, as well as encourage unique, strong passwords on all devices and accounts.

Spear Target Acquired

 Just as email spam and link manipulation are phishing siblings, so too are whaling and spear-phishing. While whaling attacks target the C-suite of a specific organization, spear-phishing rather targets lower-level employees of a specific organization. Just as selective and sophisticated as whaling, spear-phishing targets members of a specific organization to gain access to critical information, like staff credentials, intellectual property, customer data, and more. Spear-phishing attacks tend to be more lucrative than a run-of-the-mill phishing attack, which is why cybercriminals will often spend more time crafting and obtaining personal information from these specific targets. To avoid falling for this phishing scheme, employees must have proper security training so they know how to spot a phishing lure when they see one.

Spoofed Content

With so many things to click on a website, it’s easy to see why cybercriminals would take advantage of that fact. Content spoofing is based on exactly that notion – a cybercriminal alters a section of content on a page of a reliable website to redirect an unsuspecting user to an illegitimate website where they are then asked to enter personal details. The best way to steer clear of this phishing scheme is to check that the URL matches the primary domain name.

Phishing in a Search Engine Pond

 When users search for something online, they expect reliable resources. But sometimes, phishing sites can sneak their way into legitimate results. This tactic is called search engine phishing and involves search engines being manipulated into showing malicious results. Users are attracted to these sites by discount offers for products or services. However, when the user goes to buy said product or service, their personal details are collected by the deceptive site. To stay secure, watch out for potentially sketchy ads in particular and when in doubt always navigate to the official site first.

Who’s That Caller?

With new technologies come new avenues for cybercriminals to try and obtain personal data. Vishing, or voice phishing, is one of those new avenues. In a vishing attempt, cybercriminals contact users by phone and ask the user to dial a number to receive identifiable bank account or personal information through the phone by using a fake caller ID. For example, just last year, a security researcher received a call from their financial institution saying that their card had been compromised. Instead of offering a replacement card, the bank suggested simply blocking any future geographic-specific transactions. Sensing something was up, the researcher hung up and dialed his bank – they had no record of the call or the fraudulent card transactions. This scenario, as sophisticated as it sounds, reminds users to always double-check directly with businesses before sharing any personal information.

As you can see, phishing comes in all shapes and sizes. This blog only scratches the surface of all the ways cybercriminals lure unsuspecting users into phishing traps. The best way to stay protected is to invest in comprehensive security and stay updated on new phishing scams.

Looking for more security tips and trends? Be sure to follow @McAfee Home on Twitter, and like us on Facebook.

The post The Seven Main Phishing Lures of Cybercriminals appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/the-seven-main-phishing-lures-of-cybercriminals/feed/ 0
Solving the Gamer’s Dilemma: Security vs. Performance https://www.mcafee.com/blogs/consumer/solving-the-gamers-dilemma/ https://www.mcafee.com/blogs/consumer/solving-the-gamers-dilemma/#respond Tue, 17 Sep 2019 17:30:59 +0000 https://securingtomorrow.mcafee.com/?p=96748

As of last year, 2.2 billion1 people consider themselves gamers across the globe. Of that 2.2 billion, over 50% – 1.22 billion2 – play their game of choice on a PC. The sheer number of PC gamers throughout the world, however, has sparked the interest of cybercriminals and cyberthreats targeting gamers have spiked. Threats including malware, […]

The post Solving the Gamer’s Dilemma: Security vs. Performance appeared first on McAfee Blogs.

]]>

As of last year, 2.2 billion1 people consider themselves gamers across the globe. Of that 2.2 billion, over 50% – 1.22 billion2 – play their game of choice on a PC. The sheer number of PC gamers throughout the world, however, has sparked the interest of cybercriminals and cyberthreats targeting gamers have spiked. Threats including malware, potentially unwanted programs (PUPs), phishing, account takeovers (ATO), and more have slowly started to permeate gamers’ domains at an alarming level.

PC gamers often adopt lesser security protocols, as they’re concerned about the potential negative impact on in-game performance. At the same time, they are the most connected, online users, meaning their exposure to threats is generally higher. While they recognize and understand the importance of having cybersecurity, they do not want to sacrifice performance for security. The gamer’s dilemma – security versus performance – is the crux as to why gamers put security second, even though the average gamer has experienced almost five cyberattacks.

There’s good news though – McAfee Gamer Security is here to counter the notion that antivirus slows gamers down. This brand-new security solution from McAfee provides gamers with the security they need without sacrificing performance or creating in-game slowdowns, such as drops in frames per second (FPS) and lag. Built from the ground up, this solution delivers performance optimization by monitoring key system metrics coupled with the ability to manually kill resource hogs on-the-fly, while automatically prioritizing resources and pausing background services. McAfee Gamer Security also features cloud-based MicroAV, which offloads detection from the system to the cloud for all the protection gamers could want or need, without the “bloat” that usually accompanies security software.

While McAfee Gamer Security is now available for purchase, in spring 2019 McAfee surveyed users that participated in beta testing. Here’s how they responded to a few questions we asked:

Overall, what impact, if any, did you feel in your gaming experience?

“I believe I had [experienced] a positive impact of the software during my overall use of the program because it increased the speed of my game as well as gave me peace of mind that I…[stayed] protected during my gameplay.”

What one benefit would make you talk about McAfee Gamer Security to your friends? What is the primary reason for your choice? 

“Good security which doesn’t slow down my system; Normally, antiviruses…hog background resources [and] you trade performance for security. McAfee Gamer Security offers the best of both worlds, without contradicting each other.”

Overall, how useful or not useful has Gamer Security been?                      

“Every couple [of] hours or so while gaming, I…used the software to check up on my RAM/GPU/CPU performance and make sure my system isn’t bottlenecking, there aren’t any irregularities, etc. I also really like that I can experience a boost in my gameplay without having to take the risk of overclocking my components.”

In addition to using a security solution like McAfee Gamer Security, here are some other general tips to help you stay secure while playing your favorite video game:

  1. Ensure all applications, hardware and software are up-to-date. Cybercriminals can take advantage of software, hardware, and application vulnerabilities to spread cyberthreats, such as malware. Keep your devices and applications updated with the latest security patches and fixes to help combat this threat.
  2. Periodically visit your device to add/remove programs. Some apps on your device may be vampirically siphoning in-game performance. Remove apps that you do not need or no longer use.
  3. Create strong, unique passwords. Over 55% of gamers re-use the same password across accounts for online gaming services. And while it might be easier to remember the same password, reusing credentials across multiple accounts could put the hundreds, or even thousands, of invested hours in leveling up characters and gathering rare items at risk in the event one account is breached. Be sure to construct a complex password that is difficult to guess.

And, as always, stay on top of the latest consumer and gaming security threats with @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

Footnotes

  1. Number of active video gamers worldwide from 2014 to 2021 (in millions), Statista, 2019
  2. Number of active PC gamers worldwide from 2014 to 2021 (in millions), Statista, 2019

The post Solving the Gamer’s Dilemma: Security vs. Performance appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/solving-the-gamers-dilemma/feed/ 0
Cybercrime’s Most Wanted: Four Mobile Threats that Might Surprise You https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/four-surprising-mobile-threats/ https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/four-surprising-mobile-threats/#respond Tue, 03 Sep 2019 18:17:39 +0000 https://securingtomorrow.mcafee.com/?p=96590

It’s hard to imagine a world without cellphones. Whether it be a smartphone or a flip phone, these devices have truly shaped the late 20th century and will continue to do so for the foreseeable future. But while users have become accustomed to having almost everything they could ever want at fingertips length, cybercriminals were […]

The post Cybercrime’s Most Wanted: Four Mobile Threats that Might Surprise You appeared first on McAfee Blogs.

]]>

It’s hard to imagine a world without cellphones. Whether it be a smartphone or a flip phone, these devices have truly shaped the late 20th century and will continue to do so for the foreseeable future. But while users have become accustomed to having almost everything they could ever want at fingertips length, cybercriminals were busy setting up shop. To trick unsuspecting users, cybercriminals have set up crafty mobile threats – some that users may not even be fully aware of. These sneaky cyberthreats include SMSishing, fake networks, malicious apps, and grayware, which have all grown in sophistication over time. This means users need to be equipped with the know-how to navigate the choppy waters that come with these smartphone-related cyberthreats. Let’s get started.

Watch out for SMSishing Hooks

If you use email, then you are probably familiar with what phishing is. And while phishing is commonly executed through email and malicious links, there is a form of phishing that specifically targets mobile devices called SMSishing. This growing threat allows cybercriminals to utilize messaging apps to send unsuspecting users a SMSishing message. These messages serve one purpose – to obtain personal information, such as logins and financial information. With that information, cybercriminals could impersonate the user to access banking records or steal their identity.

While this threat was once a rarity, it’s rise in popularity is two-fold. The first aspect being that users have been educated to distrust email messages and the second being the rise in mobile phone usage throughout the world. Although this threat shows no sign of slowing down, there are ways to avoid a cybercriminal’s SMSishing hooks. Get started with these tips:

  1. Always double-check the message’s source. If you receive a text from your bank or credit card company, call the organization directly to ensure the message is legit.
  2. Delete potential SMSishing Do not reply to or click on any links within a suspected malicious text, as that could lead to more SMSishing attempts bombarding your phone.
  3. Invest in comprehensive mobile security. Adding an extra level of security can not only help protect your device but can also notify you when a threat arises.

Public Wi-Fi Woes  

Public and free Wi-Fi is practically everywhere nowadays, with some destinations even having city-wide Wi-Fi set up. But that Wi-Fi users are connecting their mobile device to may not be the most secure, given cybercriminals can exploit weaknesses in these networks to intercept messages, login credentials, or other personal information. Beyond exploiting weaknesses, some cybercriminals take it a step further and create fake networks with generic names that trick unsuspecting users into connecting their devices. These networks are called “evil-twin” networks. For help in spotting these imposters, there are few tricks the savvy user can deploy to prevent an evil twin network from wreaking havoc on their mobile device:

  1. Look for password-protected networks. As strange as it sounds, if you purposely enter the incorrect password but are still allowed access, the network is most likely a fraud.
  2. Pay attention to page load times. If the network you are using is very slow, it is more likely a cybercriminal is using an unreliable mobile hotspot to connect your mobile device to the web.
  3. Use a virtual private network or VPN. While you’re on-the-go and using public Wi-Fi, add an extra layer of security in the event you accidentally connect to a malicious network. VPNs can encrypt your online activity and keep it away from prying eyes. 

Malicious Apps: Fake It till They Make It

Fake apps have become a rampant problem for Android and iPhone users alike. This is mainly in part due to malicious apps hiding in plain sight on legitimate sources, such as the Google Play Store and Apple’s App Store. After users download a faulty app, cybercriminals deploy malware that operates in the background of mobile devices which makes it difficult for users to realize anything is wrong. And while users think they’ve just downloaded another run-of-the-mill app, the malware is hard at work obtaining personal data.

In order to keep sensitive information out of the hands of cybercriminals, here are a few things users can look for when they need to determine whether an app is fact or fiction:

  1. Check for typos and poor grammar. Always check the app developer name, product title, and description for typos and grammatical errors. Often, malicious developers will spoof real developer IDs, even just by a single letter or number, to seem legitimate.
  2. Examine the download statistics. If you’re attempting to download a popular app, but it has a surprisingly low number of downloads, that is a good indicator that an app is most likely fake.
  3. Read the reviews. With malicious apps, user reviews are your friend. By reading a few, you can receive vital information that can help you determine whether the app is fake or not.

The Sly Operation of Grayware

With so many types of malware out in the world, it’s hard to keep track of them all. But there is one in particular that mobile device users need to be keenly aware of called grayware. As a coverall term for software or code that sits between normal and malicious, grayware comes in many forms, such as adware, spyware or madware. While adware and spyware can sometimes operate simultaneously on infected computers, madware — or adware on mobile devices — infiltrates smartphones by hiding within rogue apps. Once a mobile device is infected with madware from a malicious app, ads can infiltrate almost every aspect on a user’s phone. Madware isn’t just annoying; it also is a security and privacy risk, as some threats will try to obtain users’ data. To avoid the annoyance, as well as the cybersecurity risks of grayware, users can prepare their devices with these cautionary steps:

  1. Be sure to update your device. Grayware looks for vulnerabilities that can be exploited, so be sure to always keep your device’s software up-to-date.
  2. Beware of rogue apps. As mentioned in the previous section, fake apps are now a part of owning a smartphone. Use the tips in the above section to ensure you keep malicious apps off of your device that may contain grayware.
  3. Consider a comprehensive mobile security system. By adding an extra level of security, you can help protect your devices from threats, both old and new.

Can’t get enough mobile security tips and trends? Follow @McAfee_Home on Twitter, and like us on Facebook.

The post Cybercrime’s Most Wanted: Four Mobile Threats that Might Surprise You appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/four-surprising-mobile-threats/feed/ 0
Analyst Fatigue: The Best Never Rest https://www.mcafee.com/blogs/enterprise/endpoint-security/analyst-fatigue-the-best-never-rest/ https://www.mcafee.com/blogs/enterprise/endpoint-security/analyst-fatigue-the-best-never-rest/#respond Mon, 26 Aug 2019 15:00:48 +0000 https://securingtomorrow.mcafee.com/?p=96470

They may not be saying so, but your senior analysts are exhausted. Each day, more and more devices connect to their enterprise networks, creating an ever-growing avenue for OS exploits and phishing attacks. Meanwhile, the number of threats—some of which are powerful enough to hobble entire cities—is rising even faster. While most companies have a […]

The post Analyst Fatigue: The Best Never Rest appeared first on McAfee Blogs.

]]>

They may not be saying so, but your senior analysts are exhausted.

Each day, more and more devices connect to their enterprise networks, creating an ever-growing avenue for OS exploits and phishing attacks. Meanwhile, the number of threats—some of which are powerful enough to hobble entire cities—is rising even faster.

While most companies have a capable cadre of junior analysts, most of today’s EDR (Endpoint Detection and Response) systems leave them hamstrung. The startlingly complex nature of typical EDR software necessitates years of experience to successfully operate—meaning that no matter how willing the more “green” analysts are to help, they just don’t yet have the necessary skillset to effectively triage threats.

What’s worse, while these “solutions” require your top performers, they don’t always offer top performance in return. While your most experienced analysts should be addressing major threats, a lot of times they’re stuck wading through a panoply of false positives—issues that either aren’t threats, or aren’t worth investigating. And while they’re tied up with that, they must also confront the instances of false negatives: threats that slip through the cracks, potentially avoiding detection while those best suited to address them are busy attempting to work through the noise. This problem has gotten so bad that some IT departments are deploying MDR systems on top of their EDR packages—increasing the complexity of your company’s endpoint protection and further increasing employee stress levels.

Hoping to both measure the true impact of “analyst fatigue” on SOCs and to identify possible solutions, a commissioned study was conducted by Forrester Consulting on behalf of McAfee in March 2019 to see what effects current EDRs were having on businesses, and try to recognize the potential for solutions. Forrester surveyed security technology decision-makers, from the managers facing threats head-on to those in the C-suite viewing security solutions at the macro level in relation to his or her firm’s financial needs and level of risk tolerance. Respondents were from the US, UK, Germany or France, and worked in a variety of industries at companies ranging in size from 1,000 to over 50,000 employees.

When asked about their endpoint security goals, respondents’ top three answers—to improve security detection capabilities (87%), increase efficiency in the SOC (76%) and close the skills gap in the SecOps team (72%)—all pointed to limitations in many current EDRs.  Further inquiry revealed that while 43% of security decision makers consider automated detection a critical requirement, only 30% feel their current solution(s) completely meet their needs in this area.

While the issues uncovered were myriad, the results also suggested that a single solution could ameliorate a variety of these problems.  The introduction of EDR programs incorporating Guided Investigation could increase efficiency by allowing junior analysts to assist in threat identification, thereby freeing up more seasoned analysts to address detected threats and focus on only the most complex issues, leading to an increase in detection capabilities. Meanwhile, the hands-on experience that junior analysts would get addressing real-life EDR threats would increase both their personal efficiency and their skill level, helping to eliminate the skills gaps present in some departments.

To learn more about the problems and possibilities in the current EDR landscape, you can read the full “Empower Security Analysts Through Guided EDR Investigation” study by clicking here.

The post Analyst Fatigue: The Best Never Rest appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/enterprise/endpoint-security/analyst-fatigue-the-best-never-rest/feed/ 0
Beware of Back-To-School Scams https://www.mcafee.com/blogs/consumer/beware-of-back-to-school-scams/ https://www.mcafee.com/blogs/consumer/beware-of-back-to-school-scams/#respond Mon, 26 Aug 2019 10:00:48 +0000 https://securingtomorrow.mcafee.com/?p=96123

These days it seems that there is a scam for every season, and back-to-school is no different. From phony financial aid, to debt scams, and phishing emails designed to steal your identity information, there are a lot of threats to study up on. Of course, many of these scams are just different twists on the […]

The post Beware of Back-To-School Scams appeared first on McAfee Blogs.

]]>

These days it seems that there is a scam for every season, and back-to-school is no different. From phony financial aid, to debt scams, and phishing emails designed to steal your identity information, there are a lot of threats to study up on.

Of course, many of these scams are just different twists on the threats we see year-round. For instance, debt collection, tax, and imposter scams, were named some of the top frauds of 2018 by the Federal Trade Commission, costing U.S. consumers over $1.48 billion. And many of the same techniques are being directed at students, graduates, and their parents.

Here’s what to watch out for:

Identity Theft— While you might think that identity theft would only be a risk to older students applying for aid, in fact over a million children were victims of identity theft in 2017, with two thirds of them under the age of eight. This is because children’s identities can be more valuable to cyber thieves as their Social Security numbers have never been used before, so they have clean credit reports that are rarely checked.

Some savvy scammers have even started to ask parents for their child’s identity information when applying for common back-to-school activities, such as joining a sports league or after school class.

Phony Tuition Fees—“Don’t lose your spot!” This is the call to action scammers are using to trick students and parents into paying a made-up tuition fee. You may receive an official looking email, or receive a call directly from scammers, hoping to take advantage of the stress that many people feel around getting into the school of their choice. Some victims of this scam have already paid tuition, but are confused by last-minute requests for a fee to save their spot.

Financial Aid Fraud—Education has become incredibly expensive in recent years, and scammers know it. That’s why they put up ads for phony financial aid, and send phishing emails, hoping to lure applicants with the promise of guaranteed assistance, or time sensitive opportunities.

Many pose as financial aid services that charge an “advance fee” to help students apply for loans. When you fill out an application the fraudsters potentially get both your money (for the “service”) and your identity information. This can lead to identity theft, costing victims an enormous amount of time and money.

Student Loan Forgiveness—We’ve seen a proliferation of social media ads and emails offering to help student borrowers reduce, or even completely forgive, their loan debt. Some of these offers are from legitimate companies that lend advice on complicated financial matters, but others are scams, charging exorbitant fees with the promise of renegotiating your debt. Just remember, debt relief companies are not permitted to negotiate federal student loans.

Phony Student Taxes—Another common scam that targets students are phony messages and phone calls from the IRS, claiming that the victim needs to immediately pay a “federal student tax”, or face arrest. Of course, this tax does not exist.

Shopping Scams—From books, clothes, and supplies, to dorm accessories, the start of the school year often means the start of an online shopping frenzy. That’s when students and parents are susceptible to phishing emails that offer “student discounts” on popular items, or claim that they “missed a delivery” and need to click on an attachment. Links in these emails often lead to phony websites that collect their payment information, or malware. The same is true for offers of cheap or “free” downloads on normally expensive textbooks.

Here are some tips to avoid these sneaky school-related scams:

  • Be suspicious of any school programs that ask for more information than they need, like your child’s Social Security number just to join a club.
  • Only shop on reputable e-commerce sites for back to school supplies. Buy textbooks from recommended providers, and avoid any “free” digital downloads. Consider installing a web advisor to steer you away from risky websites.
  • When seeking financial aid, ask a school adviser for a list of reputable sources. Avoid any offers that sound too good to be true, like “guaranteed” or zero interest loans. Remember that it does not cost money to simply apply for financial aid.
  • If you receive any threatening emails or phone calls about loans or fees, do not respond. Instead, contact your loan provider directly to check on the status of your account.
  • Avoid using unsecured public Wi-Fi on campus, since it’s easy for a hacker to intercept the information that you are sending over the network. Only connect to secure networks that require a password.
  • Install comprehensive security software all of your computers and devices. Look for software that protects you from malware, phishing attempts, and risky websites, as well as providing identity protection.

Looking for more mobile security tips and trends? Be sure to follow @McAfee Home on Twitter, and like us on Facebook.

The post Beware of Back-To-School Scams appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/beware-of-back-to-school-scams/feed/ 0
19 Cloud Security Best Practices for 2019 https://www.mcafee.com/blogs/enterprise/cloud-security/top-19-cloud-security-best-practices/ https://www.mcafee.com/blogs/enterprise/cloud-security/top-19-cloud-security-best-practices/#respond Thu, 22 Aug 2019 16:33:56 +0000 http://blogs.mcafee.com/?p=12476

Now well into its second decade of commercial availability, cloud computing has become near-ubiquitous, with roughly 95 percent of businesses reporting that they have a cloud strategy. While cloud providers are more secure than ever before, there are still risks to using any cloud service. Fortunately, they can be largely mitigated by following these cloud […]

The post 19 Cloud Security Best Practices for 2019 appeared first on McAfee Blogs.

]]>

Now well into its second decade of commercial availability, cloud computing has become near-ubiquitous, with roughly 95 percent of businesses reporting that they have a cloud strategy. While cloud providers are more secure than ever before, there are still risks to using any cloud service. Fortunately, they can be largely mitigated by following these cloud security best practices:

Protect Your Cloud Data

  1. Determine which data is the most sensitive. While applying the highest level of protection across the board would naturally be overkill, failing to protect the data that is sensitive puts your enterprise at risk of intellectual property loss or regulatory penalties. Therefore, the first priority should be to gain an understanding of what to protect through data discovery and classification, which is typically performed by a data classification engine. Aim for a comprehensive solution that locates and protects sensitive content on your network, endpoints, databases and in the cloud, while giving you the appropriate level of flexibility for your organization.
  2. How is this data being accessed and stored? While it’s true that sensitive data can be stored safely in the cloud, it certainly isn’t a foregone conclusion. According to the McAfee 2019 Cloud Adoption and Risk Report, 21 percent of all files in the cloud contain sensitive data—a sharp increase from the year before1. While much of this data lives in well-established enterprise cloud services such as Box, Salesforce and Office365, it’s important to realize that none of these services guarantees 100 percent safety. That’s why it’s important to examine the permissions and access context associated with data in your cloud environment and adjust appropriately. In some cases, you may need to remove or quarantine sensitive data already stored in the cloud.
  3. Who should be able to share it, and how? Sharing of sensitive data in the cloud has increased by more than 50% year over year.1 Regardless of how powerful your threat mitigation strategy is, the risks are far too high to take a reactive approach: access control policies should be established and enforced before data ever enters the cloud. Just as the number of employees who need the ability to edit a document is much smaller than the number who may need to view it, it is very likely that not everyone who needs to be able to access certain data needs the ability to share Defining groups and setting up privileges so that sharing is only enabled for those who require it can drastically limit the amount of data being shared externally.
  4. Don’t rely on cloud service encryption. Comprehensive encryption at the file level should be the basis of all your cloud security efforts. While the encryption offered within cloud services can safeguard your data from outside parties, it necessarily gives the cloud service provider access to your encryption keys. To fully control access, you’ll want to deploy stringent encryption solutions, using your own keys, before uploading data to the cloud.

Minimize Internal Cloud Security Threats  

  1. Bring employee cloud usage out of the shadows. Just because you have a corporate cloud security strategy in place doesn’t mean that your employees aren’t utilizing the cloud on their own terms. From cloud storage accounts like Dropbox to online file conversion services, most people don’t consult with IT before accessing the cloud. To measure the potential risk of employee cloud use, you should first check your web proxy, firewall and SIEM logs to get a complete picture of which cloud services are being utilized, and then conduct an assessment of their value to the employee/organization versus their risk when deployed wholly or partially in the cloud. Also, keep in mind that shadow usage doesn’t just refer to known endpoints accessing unknown or unauthorized services—you’ll also need a strategy to stop data from moving from trusted cloud services to unmanaged devices you’re unaware of. Because cloud services can provide access from any device connected to the internet, unmanaged endpoints such as personal mobile devices create a hole in your security strategy. You can restrict downloads to unauthorized devices by making device security verification a prerequisite to downloading files.
  2. Create a “safe” list. While most of your employees are utilizing cloud services for above-the-board purposes, some of them will inadvertently find and use dubious cloud services. Of the 1,935 cloud services in use at the average organization, 173 of them rank as high-risk services.1 By knowing which services are being used at your company, you’ll be able to set policies 1.) Outlining what sorts of data are allowed in the cloud, 2.) Establishing a “safe” list of cloud applications that employees can utilize, and 3.) Explaining the cloud security best practices, precautions and tools required for secure utilization of these applications.
  3. Endpoints play a role, too. Most users access the cloud through web browsers, so deploying strong client security tools and ensuring that browsers are up-to-date and protected from browser exploits is a crucial component of cloud security. To fully protect your end-user devices, utilize advanced endpoint security such as firewall solutions, particularly if using IaaS or PaaS models.
  4. Look to the future. New cloud applications come online frequently, and the risk of cloud services evolves rapidly, making manual cloud security policies difficult to create and keep up to date. While you can’t predict every cloud service that will be accessed, you can automatically update web access policies with information about the risk profile of a cloud service in order to block access or present a warning message. Accomplish this through integration of closed-loop remediation (which enforces policies based on a service-wide risk rating or distinct cloud service attributes) with your secure web gateway or firewall. The system will automatically update and enforce policies without disrupting the existing environment.
  5. Guard against careless and malicious users. With organizations experiencing an average of 14.8 insider threat incidents per month—and 94.3 percent experiencing an average of at least one a month—it isn’t a matter of if you will encounter this sort of threat; it’s a matter of when. Threats of this nature include both unintentional exposure—such as accidentally disseminating a document containing sensitive data—as well as true malicious behavior, such as a salesperson downloading their full contact list before leaving to join a competitor. Careless employees and third-party attackers can both exhibit behavior suggesting malicious use of cloud data. Solutions leveraging both machine learning and behavioral analytics can monitor for anomalies and mitigate both internal and external data loss.
  6. Trust. But verify. Additional verification should be required for anyone using a new device to access sensitive data in the cloud. One suggestion is to automatically require two-factor authentication for any high-risk cloud access scenarios. Specialized cloud security solutions can introduce the requirement for users to authenticate with an additional identity factor in real time, leveraging existing identity providers and identity factors (such as a hard token, a mobile phone soft token, or text message) already familiar to end users.

Develop Strong Partnerships with Reputable Cloud Providers

  1. Regulatory compliance is still key. Regardless of how many essential business functions are shifted to the cloud, an enterprise can never outsource responsibility for compliance. Whether you’re required to comply with the California Consumer Privacy Act, PCI DSS, GDPR, HIPAA or other regulatory policies, you’ll want to choose a cloud architecture platform that will allow you to meet any regulatory standards that apply to your industry. From there, you’ll need to understand which aspects of compliance your provider will take care of, and which will remain under your purview. While many cloud service providers are certified for myriad industry and governmental regulations, it’s still your responsibility to build compliant applications and services on the cloud, and to maintain that compliance going forward. It’s important to note that previous contractual obligations or legal barriers may prohibit the use of cloud services on the grounds that doing so constitutes relinquishing control of that data.
  2. But brand compliance is important, too. Moving to the cloud doesn’t have to mean sacrificing your branding strategy. Develop a comprehensive plan to manage identities and authorizations with cloud services. Software services that comply with SAML, OpenID or other federation standards make it possible for you to extend your corporate identity management tools into the cloud.
  3. Look for trustworthy providers. Cloud service providers committed to accountability, transparency and meeting established standards will generally display certifications such as SAS 70 Type II or ISO 27001. Cloud service providers should make readily accessible documentation and reports, such as audit results and certifications, complete with details relevant to the assessment process. Audits should be independently conducted and based on existing standards. It is the responsibility of the cloud provider to continuously maintain certifications and to notify clients of any changes in status, but it’s the customer’s responsibility to understand the scope of standards used—some widely used standards do not assess security controls, and some auditing firms and auditors are more reliable than others.
  4. How are they protecting you? No cloud service provider offers 100 percent security. Over the past several years, many high profile CSPs have been targeted by hackers, including AWS, Azure, Google Drive, Apple iCloud, Dropbox, and others. It’s important to examine the provider’s data protection strategies and multitenant architecture, if relevant—if the provider’s own hardware or operating system are compromised, everything hosted within them is automatically at risk. For that reason, it’s important to use security tools and examine prior audits to find potential security gaps (and if the provider uses their own third-party providers, cloud security best practices suggest you examine their certifications and audits as well.) From there, you’ll be able to determine what security issues must be addressed on your end. For example, fewer than 1 in 10 providers encrypt data stored at rest, and even fewer support the ability for a customer to encrypt data using their own encryption keys.1 Finding providers that both offer comprehensive protection as well as the ability for users to bridge any gaps is crucial to maintaining a strong cloud security posture.
  5. Investigate cloud provider contracts and SLAs carefully. The cloud services contract is your only guarantee of service, and your primary recourse should something go wrong—so it is essential to fully review and understand all terms and conditions of your agreement, including any annexes, schedules and appendices. For example, a contract can make the difference between a company who takes responsibility for your data, and a company that takes ownership of your data. (Only 37.3 % of providers specify that customer data is owned by the customer. The rest either don’t legally specify who owns the data, creating a legal grey area—or, more egregiously, claim ownership of all uploaded data.1) Does the service offer visibility into security events and responses? Is it willing to provide monitoring tools or hooks into your corporate monitoring tools? Does it provide monthly reports on security events and responses? And what happens to your data if you terminate the service? (Keep in mind that only 13.3 percent of cloud providers delete user data immediately upon account termination. The rest keep data for up to a year, with some specifying they have a right to keep it indefinitely.) If you find parts of the contract objectionable, you can try to negotiate—but in the case where you’re told that certain terms are non-negotiable, it is up to you to determine whether the risk presented by accepting the terms as-is is an acceptable one to your business. If not, you’ll need to find alternate means of managing the risk, such as encryption or monitoring, or find another provider.
  6. What happens if something goes wrong? Since no two cloud service providers offer the same set of security controls—and again, no cloud provider delivers 100 percent security—developing an Incident Response (IR) plan is critical. Make sure the provider includes you and considers you a partner in creating such plans. Establish communication paths, roles and responsibilities with regard to an incident, and to run through the response and hand-offs ahead of time. SLAs should spell out the details of the data the cloud provider will provide in the case of an incident, how data will be handled during incidents to maintain availability, and guarantee the support necessary to effectively execute the enterprise IR plan at each stage. While continuous monitoring will offer the best chance at early detection, full-scale testing should be performed on at least an annual basis, with additional testing coinciding with major changes to the architecture.
  7. Protect your IaaS environments. When using IaaS environments such as AWS or Azure, you retain responsibility for the security of operating systems, applications, and network traffic. Advanced anti-malware technology should be applied to the OS and virtual network to protect your infrastructure. Deploy application whitelisting and memory exploit prevention for single-purpose workloads and machine learning-based protection for file stores and general-purpose workloads.
  8. Neutralize and remove malware from the cloud.Malware can infect cloud workloads through shared folders that sync automatically with cloud storage services, spreading malware from an infected user device to another user’s device. Use a cloud security solution program to scan the files you’ve stored in the cloud to avoid malware, ransomware or data theft attacks. If malware is detected on a workload host or in a cloud application, it can be quarantined or removed, safeguarding sensitive data from compromise and preventing corruption of data by ransomware.
  9. Audit your IaaS configurations regularly.  The many critical settings in IaaS environments such as AWS or Azure can create exploitable weaknesses if misconfigured. Organizations have, on average, at least 14 misconfigured IaaS instances running at any given time, resulting in an average of nearly 2,300 misconfiguration incidents per month. Worse, greater than 1 in 20 AWS S3 buckets in use are misconfigured to be publicly readable.1 To avoid such potential for data loss, you’ll need to audit your configurations for identity and access management, network configuration, and encryption. McAfee offers a free Cloud Audit to help get you started.

 

  1. McAfee 2019 Cloud Adoption and Risk Report

 

The post 19 Cloud Security Best Practices for 2019 appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/enterprise/cloud-security/top-19-cloud-security-best-practices/feed/ 0
Chris Young and Ken McCray Recognized on CRN’s 2019 Top 100 Executives List https://www.mcafee.com/blogs/enterprise/chris-young-and-ken-mccray-recognized-on-crns-2019-top-100-executives-list/ https://www.mcafee.com/blogs/enterprise/chris-young-and-ken-mccray-recognized-on-crns-2019-top-100-executives-list/#respond Tue, 20 Aug 2019 19:07:13 +0000 https://securingtomorrow.mcafee.com/?p=96458

CRN, a brand of The Channel Company, recently recognized McAfee CEO Chris Young and Head of Channel Sales Operations for the Americas Ken McCray in its list of Top 100 Executives of 2019. This annual list honors technology executives who lead, influence, innovate and disrupt the IT channel. Over the past year, Young led McAfee […]

The post Chris Young and Ken McCray Recognized on CRN’s 2019 Top 100 Executives List appeared first on McAfee Blogs.

]]>

CRN, a brand of The Channel Company, recently recognized McAfee CEO Chris Young and Head of Channel Sales Operations for the Americas Ken McCray in its list of Top 100 Executives of 2019. This annual list honors technology executives who lead, influence, innovate and disrupt the IT channel.

Over the past year, Young led McAfee into the EDR space, directed the introduction of McAfee’s cloud and unified data protection offerings, and forged a partnership with Samsung to safeguard the Galaxy S10 mobile device. According to CRN, these accomplishments earned Young the number-three spot in CRN’s list of 25 Most Innovative Executives—a subset of the Top 100 list that recognizes executives “who are always two steps ahead of the competition.” Young is no stranger to the Top 100 Executives list: He also earned a place on last year’s list, when his post-spinout acquisitions led to him being named one of the Top 25 Disruptors of 2018.

Based on his work overseeing the launch of McAfee’s alternative route to market channel initiative, Ken McCray was also recognized as one of this year’s Top 100 Executives. The initiative, which has driven incremental bookings as Managed Security Partners and cloud service providers bring new customers on board, earned McCray a spot on the Top 25 IT Channel Sales Leaders of 2019. This has been an accolade-filled year for McCray: In February, he was named one of the 50 Most Influential Channel Chiefs for 2019, based on his division’s double-digit growth and the relationships he built with key cloud service providers.

The Top 100 Executives being recognized drive cultural transformation, revenue growth, and technological innovation across the IT channel. In doing so, they help solution providers and technology suppliers survive—and thrive—in today’s always-on, always-connected global marketplace.

“The IT channel is rapidly growing, and navigating this fast-paced market often challenges solution providers and technology suppliers alike,” said Bob Skelley, CEO of The Channel Company. “The technology executives on CRN’s 2019 Top 100 Executives list understand the IT channel’s potential. They provide strategic and visionary leadership and unparalleled guidance to keep the IT channel moving in the right direction—regardless of the challenges that come their way.”

We at McAfee are proud of the recognition Young and McCray have received, and look forward to seeing our company continue to thrive under their leadership.

The Top 100 Executives list is featured in the August 2019 issue of CRN Magazine and online at www.CRN.com/Top100.

The post Chris Young and Ken McCray Recognized on CRN’s 2019 Top 100 Executives List appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/enterprise/chris-young-and-ken-mccray-recognized-on-crns-2019-top-100-executives-list/feed/ 0
The Cybersecurity Playbook: Why I Wrote a Cybersecurity Book https://www.mcafee.com/blogs/other-blogs/executive-perspectives/the-cybersecurity-playbook-why-i-wrote-a-cybersecurity-book/ https://www.mcafee.com/blogs/other-blogs/executive-perspectives/the-cybersecurity-playbook-why-i-wrote-a-cybersecurity-book/#respond Tue, 20 Aug 2019 16:40:13 +0000 https://securingtomorrow.mcafee.com/?p=96461

This blog was written by Allison Cerra, McAfee’s former CMO. I ruined Easter Sunday 2017 for McAfee employees the world over. That was the day our company’s page on a prominent social media platform was defaced—less than two weeks after McAfee had spun out of Intel to create one of the world’s largest pure-play cybersecurity […]

The post The Cybersecurity Playbook: Why I Wrote a Cybersecurity Book appeared first on McAfee Blogs.

]]>

This blog was written by Allison Cerra, McAfee’s former CMO.

I ruined Easter Sunday 2017 for McAfee employees the world over. That was the day our company’s page on a prominent social media platform was defaced—less than two weeks after McAfee had spun out of Intel to create one of the world’s largest pure-play cybersecurity companies. The hack would have been embarrassing for any company; it was humiliating for a cybersecurity company. And, while I could point the finger of blame in any number of directions, the sobering reality is that the hack happened on my watch, since, as the CMO of McAfee, it was my team’s responsibility to do everything in our power to safeguard the image of our company on that social media platform. We had failed to do so.

Personal accountability is an uncomfortable thing. Defensive behavior comes much more naturally to many of us, including me. But, without accountability, change is hindered. And, when you find yourself in the crosshairs of a hacker, change—and change quickly—you must.

I didn’t intend to ruin that Easter Sunday for my colleagues. There was nothing I wanted less than to call my CEO and peers and spoil their holiday with the news. And, I didn’t relish having to notify all our employees of the same the following Monday. It wasn’t that I was legally obligated to let anyone know of the hack; after all, McAfee’s systems were never in jeopardy. But our brand reputation took a hit that day, and our employees deserved to know that their CMO had let her guard down just long enough for an opportunistic hacker to strike.

I tell you this story not out of self-flagellation or so that you can feel, “Hey, better her than me!” I share this story because it’s a microcosm of why I wrote a book, The Cybersecurity Playbook: How Every Leader and Employee Can Contribute to a Culture of Security.

I’m not alone in having experienced an unfortunate hack that may have been prevented had my team and I been more diligent in practicing habits to minimize it. Every day, organizations are attacked the world over. And, behind every hack, there’s a story. There’s hindsight of what might have been done to avoid it. While the attack on that Easter Sunday was humbling, the way in which my McAfee teammates responded, and the lessons we learned, were inspirational.

I realized in the aftermath that there’s a real need for a playbook that gives every employee—from the frontline worker to the board director—a prescription for strong cybersecurity hygiene. I realized that everyone can play an indispensable role in protecting her organization from attack. And, I grasped that common sense is not always common practice.

There’s no shortage of cybersecurity books available for your consumption from reputable, talented authors with a variety of experiences. You’ll find some from journalists, who have dissected some of the most legendary breaches in history. You’ll find others from luminaries, who speak with authority as being venerable forefathers of the industry. And you’ll find more still from technical experts, who decipher the intricate elements of cybersecurity in significant detail.

But, you won’t find many from marketers. So why trust this marketer with a topic of such gravity? Because this marketer not only works for a company that has its origins in cybersecurity but found herself on her heels that fateful Easter Sunday. I know what it’s like to have to respond—and respond fast—when time is not on your side and your reputation is in the hands of a hacker. And, while McAfee certainly had a playbook to act accordingly, I realized that every company should have the same.

So, whether you’re in marketing, human resources, product development, IT or finance—or a board member, CEO, manager or individual contributor—this book gives you a playbook to incorporate cybersecurity habits in your routine. I’m not so naïve as to believe that cybersecurity will become everyone’s primary job. But, I know that cybersecurity is now too important to be left exclusively in the hands of IT. And, I am idealistic to envision a workplace where sound cybersecurity practice becomes so routine, that all employees regularly do their part to collectively improve the defenses of their organization. I hope this book empowers action; your organization needs you in this fight.

Allison Cerra’s book, The Cybersecurity Playbook: How Every Leader and Employee Can Contribute to a Culture of Security, is scheduled to be released September 12, 2019 and can be preordered at amazon.com.

The post The Cybersecurity Playbook: Why I Wrote a Cybersecurity Book appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/executive-perspectives/the-cybersecurity-playbook-why-i-wrote-a-cybersecurity-book/feed/ 0
Backpacks Ready, Pencils Up – It’s Time for a Back-to-School #RT2Win https://www.mcafee.com/blogs/consumer/back-to-school-rt2win-2019/ https://www.mcafee.com/blogs/consumer/back-to-school-rt2win-2019/#respond Tue, 13 Aug 2019 19:00:04 +0000 https://securingtomorrow.mcafee.com/?p=96302 It’s time to unpack the suitcases and pack up those backpacks! With the summer season quickly coming to an end, it’s time to get those college cybersecurity priorities in order so you can have the best school year yet. As students across the country get ready to embark on—or return to—their college adventure, many are […]

The post Backpacks Ready, Pencils Up – It’s Time for a Back-to-School #RT2Win appeared first on McAfee Blogs.

]]>
It’s time to unpack the suitcases and pack up those backpacks! With the summer season quickly coming to an end, it’s time to get those college cybersecurity priorities in order so you can have the best school year yet. As students across the country get ready to embark on—or return to—their college adventure, many are not proactively protecting their data according. A recent survey from McAfee. found that only 19% of students take extra steps to protect their academic records, which is surprising considering 80% of students have either been a victim of a cyberattack or know someone who has been impacted. In fact, in the first few months of 2019, publicly disclosed cyberattacks targeting the education sector increased by 50%, including financial aid schemes and identity theft.

From data breaches to phishing and ransomware attacks, hitting the books is stressful enough without the added pressure of ensuring your devises and data are secure too. But you’re in luck! Avoid being the cybersecurity class clown and head back to school in style with our A+ worthy Back-to-School RT2Win sweepstakes!

Three [3] lucky winners of the sweepstakes drawing will receive a McAfee Back-to-School Essentials Backpack complete with vital tech and cybersecurity supplies like Beats Headphones, UE BOOM Waterproof Bluetooth Speaker, Fujifilm Instax Mini 9 Instant Camera, DLINK router with McAfee Secure Home Platform, Anker PowerCore Portable Charger and so much more! ($750 value, full details below in Section 6. PRIZES). The best part? Entering is a breeze! Follow the instructions below to enter and good luck!

#RT2Win Sweepstakes Official Rules

  • To enter, go to https://twitter.com/McAfee_Home, and find the #RT2Win sweepstakes tweet.
  • The sweepstakes tweet will be released on Tuesday, August 13, 2019, at 12:00pm PT. This tweet will include the hashtags: #ProtectWhatMatters, #RT2Win AND #Sweepstakes.
  • Retweet the sweepstakes tweet released on the above date, from your own handle. The #ProtectWhatMatters, #RT2Win AND #Sweepstakes hashtags must be included to be entered.
  • Sweepstakes will end on Monday, August 26, 2019 at 11:59pm PT. All entries must be made before that date and time.
  • Winners will be notified on Wednesday, August 28, 2019, via Twitter direct message.
  • Limit one entry per person.

1. How to Win:

Retweet one of our contest tweets on @McAfee_Home that include “#ProtectWhatMatters, #RT2Win AND #Sweepstakes” for a chance to win a McAfee Back-to-School Essential Backpack (for full prize details please see “Prizes” section below). Three [3] total winners will be selected and announced on August 28, 2019. Winners will be notified by direct message on Twitter. For full Sweepstakes details, please see the Terms and Conditions, below.

#RT2Win Sweepstakes Terms and Conditions

2. How to Enter: 

No purchase necessary. A purchase will not increase your chances of winning. McAfee Back-to-School #RT2Win Sweepstakes will be conducted from August 13, 2019 through August 27, 2019. All entries for each day of the McAfee Back-to-School #RT2Win Sweepstakes must be received during the time allotted for the McAfee Back-to-School #RT2Win Sweepstakes. Pacific Daylight Time shall control the McAfee Back-to-School #RT2Win Sweepstakes, duration is as follows:

  • Begins Tuesday, August 13 at 12:00pm PST
  • Ends: Monday, August 26, 2019 at 11:59pm PST
  • Three [3] winners will be announced: Wednesday, August 28, 2019

For the McAfee Back-to-School #RT2Win Sweepstakes, participants must complete the following steps during the time allotted for the McAfee Back-to-School Sweepstakes:

  1. Find the sweepstakes tweet of the day posted on @McAfee_Home which will include the hashtags: #ProtectWhatMatters, #RT2Win and #Sweepstakes
  2. Retweet the sweepstakes tweet of the day and make sure it includes the #ProtectWhatMatters, #RT2Win, and hashtags.
  3. Note: Tweets that do not contain the #ProtectWhatMatters, #RT2Win, and #Sweepstakes hashtags will not be considered for entry.
  4. Limit one entry per person.

Three [3] winners will be chosen for the McAfee Back-to-School #RT2Win Sweepstakes tweet from the viable pool of entries that retweeted and included #ProtectWhatMatters, #RT2Win and #Sweepstakes. McAfee and the McAfee social team will choose winners from all the viable entries. The winners will be announced and privately messaged on Wednesday, August 28, 2019 on the @McAfee_Home Twitter handle. No other method of entry will be accepted besides Twitter. Only one entry per user is allowed, per Sweepstakes.  

3. Eligibility: 

McAfee Back-to-School #RT2Win Sweepstakes is open to all legal residents of the 50 United States who are 18 years of age or older on the dates of the McAfee Back-to-School #RT2Win Sweepstakes begins and live in a jurisdiction where this prize and McAfee Back-to-School #RT2Win Sweepstakes not prohibited. Employees of Sponsor and its subsidiaries, affiliates, prize suppliers, and advertising and promotional agencies, their immediate families (spouses, parents, children, and siblings and their spouses), and individuals living in the same household as such employees are ineligible.

4. Winner Selection:

Winners will be selected at random from all eligible retweets received during the McAfee Back-to-School #RT2Win Sweepstakes drawing entry period. Sponsor will select the names of three [3] potential winners of the prizes in a random drawing from among all eligible submissions at the address listed below. The odds of winning depend on the number of eligible entries received. By participating, entrants agree to be bound by the Official McAfee Back-to-School #RT2Win Sweepstakes Rules and the decisions of the coordinators, which shall be final and binding in all respects.

5. Winner Notification: 

Each winner will be notified via direct message (“DM”) on Twitter.com by August 28, 2019. Prize winners may be required to sign an Affidavit of Eligibility and Liability/Publicity Release (where permitted by law) to be returned within ten (10) days of written notification, or prize may be forfeited, and an alternate winner selected. If a prize notification is returned as unclaimed or undeliverable to a potential winner, if potential winner cannot be reached within twenty-four (24) hours from the first DM notification attempt, or if potential winner fails to return requisite document within the specified time period, or if a potential winner is not in compliance with these Official Rules, then such person shall be disqualified and, at Sponsor’s sole discretion, an alternate winner may be selected for the prize at issue based on the winner selection process described above. 

6. Prizes: 

McAFEE BACK-TO-SCHOOL ESSENTIAL BACKPACK (3)

  • Approximate ARV for Prize: $750
    • McAfee Backpack
    • McAfee Water Bottle
    • McAfee Notebook
    • D-Link Ethernet Wireless Router with McAfee Secure Home
    • McAfee Total Protection, 5 devices, 1-year subscription
    • Beats EP On-Ear Headphones
    • Ultimate Ears BOOM Portable Waterproof Bluetooth Speaker
    • Fujifilm Instax Mini 9 Instant Camera with Mini Film Twin Pack
    • Tile Mate – Anything Finder
    • Anker PowerCore 10000, Portable Charger

Limit one (1) prize per person/household. Prizes are non-transferable, and no cash equivalent or substitution of prize is offered.

The prize for the McAfee Back-To-School #RT2Win Sweepstakes is a ONE (1) Back-to-School Essential Backpack, complete with the above supplies, for each of the three (3) entrants. Entrants agree that Sponsor has the sole right to determine the winners of the McAfee Back-to-School #RT2Win Sweepstakes and all matters or disputes arising from the McAfee Back-to-School #RT2Win Sweepstakes and that its determination is final and binding. There are no prize substitutions, transfers or cash equivalents permitted except at the sole discretion of Sponsor. Sponsor will not replace any lost or stolen prizes. Sponsor is not responsible for delays in prize delivery beyond its control. All other expenses and items not specifically mentioned in these Official Rules are not included and are the prize winners’ sole responsibility.

7. General Conditions: 

Entrants agree that by entering they agree to be bound by these rules. All federal, state, and local taxes, fees, and surcharges on prize packages are the sole responsibility of the prizewinner. Sponsor is not responsible for incorrect or inaccurate entry information, whether caused by any of the equipment or programming associated with or utilized in the McAfee Back-to-School #RT2Win Sweepstakes, or by any technical or human error, which may occur in the processing of the McAfee Back-to-School #RT2Win Sweepstakes. entries. By entering, participants release and hold harmless Sponsor and its respective parents, subsidiaries, affiliates, directors, officers, employees, attorneys, agents, and representatives from any and all liability for any injuries, loss, claim, action, demand, or damage of any kind arising from or in connection with the McAfee Back-to-School #RT2Win Sweepstakes, any prize won, any misuse or malfunction of any prize awarded, participation in any McAfee Back-to-School #RT2Win Sweepstakes-related activity, or participation in the McAfee Back-to-School #RT2Win Sweepstakes. Except for applicable manufacturer’s standard warranties, the prizes are awarded “AS IS” and WITHOUT WARRANTY OF ANY KIND, express or implied (including any implied warranty of merchantability or fitness for a particular purpose).

8. Limitations of Liability; Releases:

By entering the Sweepstakes, you release Sponsor and all Released Parties from any liability whatsoever, and waive any and all causes of action, related to any claims, costs, injuries, losses, or damages of any kind arising out of or in connection with the Sweepstakes or delivery, misdelivery, acceptance, possession, use of or inability to use any prize (including claims, costs, injuries, losses and damages related to rights of publicity or privacy, defamation or portrayal in a false light, whether intentional or unintentional), whether under a theory of contract, tort (including negligence), warranty or other theory.

To the fullest extent permitted by applicable law, in no event will the sponsor or the released parties be liable for any special, indirect, incidental, or consequential damages, including loss of use, loss of profits or loss of data, whether in an action in contract, tort (including, negligence) or otherwise, arising out of or in any way connected to your participation in the sweepstakes or use or inability to use any equipment provided for use in the sweepstakes or any prize, even if a released party has been advised of the possibility of such damages.

  1. To the fullest extent permitted by applicable law, in no event will the aggregate liability of the released parties (jointly) arising out of or relating to your participation in the sweepstakes or use of or inability to use any equipment provided for use in the sweepstakes or any prize exceed $10. The limitations set forth in this section will not exclude or limit liability for personal injury or property damage caused by products rented from the sponsor, or for the released parties’ gross negligence, intentional misconduct, or for fraud.
  2. Use of Winner’s Name, Likeness, etc.: Except where prohibited by law, entry into the Sweepstakes constitutes permission to use your name, hometown, aural and visual likeness and prize information for advertising, marketing, and promotional purposes without further permission or compensation (including in a public-facing winner list).  As a condition of being awarded any prize, except where prohibited by law, winner may be required to execute a consent to the use of their name, hometown, aural and visual likeness and prize information for advertising, marketing, and promotional purposes without further permission or compensation. By entering this Sweepstakes, you consent to being contacted by Sponsor for any purpose in connection with this Sweepstakes.

9. Prize Forfeiture:

If winner cannot be notified, does not respond to notification, does not meet eligibility requirements, or otherwise does not comply with the prize McAfee Back-to-School #RT2Win Sweepstakes rules, then the winner will forfeit the prize and an alternate winner will be selected from remaining eligible entry forms for each McAfee Back-to-School #RT2Win Sweepstakes.

10. Dispute Resolution:

Entrants agree that Sponsor has the sole right to determine the winners of the McAfee Back-to-School #RT2Win Sweepstakes and all matters or disputes arising from the McAfee Back-to-School #RT2Win Sweepstakes and that its determination is final and binding. There are no prize substitutions, transfers or cash equivalents permitted except at the sole discretion of Sponsor.

11. Governing Law & Disputes:

Each entrant agrees that any disputes, claims, and causes of action arising out of or connected with this sweepstakes or any prize awarded will be resolved individually, without resort to any form of class action and these rules will be construed in accordance with the laws, jurisdiction, and venue of New York.

12. Privacy Policy: 

Personal information obtained in connection with this prize McAfee Back-to-School #RT2Win Sweepstakes will be handled in accordance policy set forth at https://www.mcafee.com/enterprise/en-us/about/privacy.html.

  1. Winner List; Rules Request: For a copy of the winner list, send a stamped, self-addressed, business-size envelope for arrival after August 13,2019 before August 27, 2019 to the address listed below, Attn: #RT2Win at CES Sweepstakes.  To obtain a copy of these Official Rules, visit this link or send a stamped, self-addressed business-size envelope to the address listed in below, Attn: Sarah Grayson. VT residents may omit return postage.
  2. Intellectual Property Notice: McAfee and the McAfee logo are registered trademarks of McAfee, LLC. The Sweepstakes and all accompanying materials are copyright © 2019 by McAfee, LLC.  All rights reserved.
  3. Sponsor: McAfee, LLC, Corporate Headquarters 2821 Mission College Blvd. Santa Clara, CA 95054 USA
  4. Administrator: LEWIS, 111 Sutter St., Suite 850, San Francisco, CA 94104

The post Backpacks Ready, Pencils Up – It’s Time for a Back-to-School #RT2Win appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/back-to-school-rt2win-2019/feed/ 0
Examining the Link Between TLD Prices and Abuse https://www.mcafee.com/blogs/other-blogs/mcafee-labs/examining-the-link-between-tld-prices-and-abuse/ https://www.mcafee.com/blogs/other-blogs/mcafee-labs/examining-the-link-between-tld-prices-and-abuse/#respond Fri, 26 Jul 2019 14:14:40 +0000 https://securingtomorrow.mcafee.com/?p=96078

This blog was written by Charlie Feng. Briefing Over the years, McAfee researchers have observed that certain new top-level Domains (TLDs) are more likely to be abused by cyber criminals for malicious activities than others. Our investigations reveal a negative relationship between the likelihood for abuse and registration price of some TLDs, as reported by […]

The post Examining the Link Between TLD Prices and Abuse appeared first on McAfee Blogs.

]]>

This blog was written by Charlie Feng.

Briefing

Over the years, McAfee researchers have observed that certain new top-level Domains (TLDs) are more likely to be abused by cyber criminals for malicious activities than others. Our investigations reveal a negative relationship between the likelihood for abuse and registration price of some TLDs, as reported by the McAfee URL and email intelligence team. This means that new TLDs are more likely to be picked up by cyber criminals if their registration prices are low.

What is a Top-level Domain?

According to Wikipedia, a top-level domain (TLD) is one of the domains at the highest level in the hierarchical Domain Name System of the Internet. It is the last part of the domain name, e.g. the TLD for www.google.com would be ‘com’.

There are two major types of TLD; country code TLD and generic TLD. The first type of TLD utilizes country codes directly, e.g. co.uk for the United Kingdom, and domains resolving to this type of TLD often have a strong tendency of serving those countries. Generic TLDs typically serve more general content and they form the basis of this study as they represent most of the domains we have observed recently.

TLD Registration Price

As noted by a previous article published by McAfee that bad hackers hack to make financial gains[1], there is no doubt that when cyber criminals plan to conduct malicious activities they will choose the method with the lowest cost to maximize their potential profits.

Below is a list of badly abused TLDs received from the McAfee URL and email intelligence team. Referencing domain.com, we found the one-year registration prices (domains created for malware attacks usually have a short lifespan as they are event-driven; normally they are taken off after the attack is stopped so they are registered for only one year, which is the minimal registration period required by many domain registration platforms, and that is why registration price is chosen for this study) for these abused TLDs are relatively low (under $20 for the first year) in comparison to other generic TLDs on the same list, which suggests that cost is a deciding factor.

To investigate that there is a possible relationship between TLD registration price and abuse rate, we investigated TLDs from different registration price ranges, from $1 to $270, and the results can be seen in the diagram below.   The ‘abuse rate’ mentioned in the diagram is the number of domains under a specific TLD that are marked as either Medium or High Risk by McAfee which are normally blocked at endpoints, divided by the total count of the domains under the same TLD logged in McAfee’s URL database.

We can see that, as TLD registration price goes down, especially when it dips below $20, the abuse rate soars up. This seems to suggest a correlation between price and abuse. Looking at the diagram, although the trend is clear, there are several anomalies. To the left of the diagram we have ‘.BEST’, while to the right we have ‘.HOST’, ‘.LINK’ and ‘.SALE’ for outliers.

A reason for ‘.BEST’ being an outlier could be because, firstly, we do not have many domains under this TLD, so it is possible that the result is skewed due to insufficient samples and, secondly, its lexical feature makes it a really good TLD for marketing domains, especially ones driven by spam activities, even though the registration price is on the higher side.   For the other outliers the reasoning is not so clear. It may be that their lexical features skew them closer to the legitimate side of things in comparison to the rest of the badly abused TLDs. Nonetheless, they still have abuse rates greater than 20%, so they are still badly abused if you compare them to the ones to the left of the diagram.

Side research

While conducting the above study we also considered the percentage of domains under these badly abused TLDs that are ranked among the highest trafficked websites, as reported by services such as Amazon Alexa. A study on the below six TLDs, which our email intelligence team report as being highly associated with spam activities, was carried out.

It can be seen from the chart above that for the domains under these six sample TLDs, the average percentage of Alexa top 1 million websites is below 1%, which reinforces the fact that these TLDs do not typically serve much legitimate content.  Organizations may want to evaluate these findings and based on their risk appetite undertake further scrutiny on the domain of inbound and outbound traffic.  The level of scrutiny undertaken on the originating source very rarely considers the price of registering a domain, and whilst such an approach may not be sufficient to warrant such analysis for many organizations, those with a low risk appetite may want to consider such action.

Advice to our customers

Different customers of McAfee’s have different security policies towards their endpoints which in turn supports their overall risk appeitite.. In regards to the graph depicted above different approaches might be taken on these TLDs that tend to be considered ‘too risky’. if enterprise customers would like to avail of this function, it can be easily achieved by adding a local rule in the McAfee Web Gateway Configuration Panel.

At the same time, for other organizations with a higher risk appetite, such aggressive approach might not be needed. Whatever the final action might be however, it is always good to review the security policies from time to time for your organization and consider what kind of policies would suit your business the best.

Meanwhile, to our Web Advisor customers, we would like to suggest that whenever you receive any URLs that resolve to the risky TLDs mentioned above, if it has a Unverified / Medium / High Risk reputation and/or it does not have any categories in McAfee’s database (which can be double checked at https://trustedsource.org), then please be wary of clicking on those URLs as they may pose a greater security risk to you.

Reference:

[1]. https://securingtomorrow.mcafee.com/consumer/identity-protection/are-all-hackers-bad/

The post Examining the Link Between TLD Prices and Abuse appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/examining-the-link-between-tld-prices-and-abuse/feed/ 0
Gartner’s Top 10 Security Projects: The Cloud Perspective https://www.mcafee.com/blogs/enterprise/cloud-security/gartners-top-10-security-projects-the-cloud-perspective/ https://www.mcafee.com/blogs/enterprise/cloud-security/gartners-top-10-security-projects-the-cloud-perspective/#respond Mon, 22 Jul 2019 19:44:44 +0000 /blogs/?p=99416

Gartner’s list of the top 10 security projects for 2019 serves as a helpful tool for IT leaders to prioritize their investments. Unsurprisingly, the cloud plays a prominent role on the list, both directly with projects dedicated to cloud security and tangentially with areas that involve cloud risks or technologies. Risks to data in the […]

The post Gartner’s Top 10 Security Projects: The Cloud Perspective appeared first on McAfee Blogs.

]]>

Gartner’s list of the top 10 security projects for 2019 serves as a helpful tool for IT leaders to prioritize their investments. Unsurprisingly, the cloud plays a prominent role on the list, both directly with projects dedicated to cloud security and tangentially with areas that involve cloud risks or technologies.

Risks to data in the cloud encompass a wide variety of attack vectors, including the security of users, data, and infrastructure. The average enterprise uses thousands of cloud applications and creates billions of cloud data transactions every month. An effective cloud security program requires prioritizing protection for the most sensitive data from the most common and highest cost attacks.

Top 10 Security Projects for 2019:

  1. Privileged access management (PAM)
  2. CARTA-inspired vulnerability management
  3. Detection and response
  4. Cloud access security broker (CASB)
  5. Cloud security posture management (CSPM)
  6. Business email compromise
  7. Dark data discovery
  8. Security incident report
  9. Container security
  10. Security rating services (SRS)

Cloud Adoption & Risk Report

 

In this report, we analyzed data from billions of anonymized real-world cloud events to show how businesses are achieving growth with the cloud.

Download Now

In this post, we will outline how Gartner’s top security priorities map to cloud security requirements as a guide for organizations planning their cloud security strategy for the next 12 months.

Privileged Access Management (PAM)

Whether compromised through a stolen password or abused by a disgruntled employee, administrator permissions pose outsized risks within corporate environments.

From Gartner: A Privileged access management (PAM) project will highlight necessary controls to apply to protect these accounts, which should be prioritized via a risk-based approach.

With corporate cloud services becoming leading sources of enterprise data, companies investing in using the cloud should prioritize privileged account security projects. Research from McAfee has found that cloud privileged user threats occur monthly at 58.2% of organizations, with organizations experiencing an average of 4.3 incidents each month.

Cloud services create new challenges for securing threats from privileged accounts. Cloud administrator accounts can be accessed on the open internet from anywhere in the world. Companies do not always monitor cloud administrator activity logs, leaving a blind spot to high risk activity.

Projects to secure cloud administrator accounts should implement protections including multi-factor authentication, device and geography-based access control, and activity monitoring to detect behavior indicative of a privileged account threat.

Detection and Response

The number of stolen credentials for sale on the Darknet and zero-day vulnerabilities brought to light should leave security teams skeptical of strategies that do not account for the possibility of a compromise. Agility and defense in depth are just as important as prevention. Cloud services create new challenges but also opportunities for detecting and mitigating security incidents.

Gartner’s project criteria asks, “How is data gathered and stored to support detection and response capabilities? Does the technology have a wide variety of detection and response features, or the ability to utilize indicators of compromise (IOCs)?”

Organizations typically use hundreds of cloud services, making monitoring each individual service impossible. Instead, security teams should plan to monitor all cloud traffic from a centralized security point. The priority should be high-risk behavior within enterprise cloud services, but it is also important to detect the use of inherently problematic cloud services, like anonymous file-sharing tools.

Behavioral monitoring in the cloud does provide several benefits for detection that allow security teams to identify threats faster and more accurately. Cloud security systems have the unique ability to consolidate usage data from thousands of services and billions of transactions from users across the globe in an enterprise environment, receiving enough usage data to set baselines for machine learning algorithms. Each cloud transaction contains rich usage data including the user, device type, location, and more, providing many factors to cross-reference to identify anomalous usage. With these capabilities, cloud detection and response projects can leverage machine learning and AI at a level of scale and accuracy that was not possible with security tools limited to the corporate network.

Security Rating Services (SRS)

Cloud adoption has ushered in thousands of new vendors for every company. A handful are evaluated by the security team, but the vast majority are chosen by line of business workers based on useful features and convenience.

Gartner identified this trend in emphasizing the importance of security rating: “As digital ecosystems increase in complexity, so do security risks. Leverage security rating services to provide real-time, low-cost continuous and independent scoring for your overall digital ecosystem.”

The average employee does not consider the security capabilities of a cloud service before signing up for a free account or purchasing a subscription for their team. And IT security teams cannot individually evaluate the more than 25,000 cloud services in use today.

The wide variance in cloud applications’ security capabilities highlights the need for a cloud security rating service. For example, only 8.1 percent of cloud providers today encrypt data at rest, and only 18.1 percent support multi factor authentication. The McAfee CloudTrust program rates cloud services on over 50 security attributes, giving organizations a comprehensive view of their risk from cloud service providers.

Cloud Security Posture Management (CSPM)

Gartner had previously predicted that 95% of cloud breaches will be attributed to customer error, so it’s not surprising to see them prioritize tools to audit cloud security configurations. Almost all enterprise cloud services provide robust security features, but the onus typically falls on the customer to implement these capabilities.

Configuring security settings across dozens or hundreds of cloud environments creates room for error that can lead to large-scale data breaches. For example, the average company has at least 14 misconfigured IaaS instances running at any given time, resulting in an average of 2,269 misconfiguration incidents per month. Notably, 5.5 percent of all AWS S3 buckets in use are misconfigured to be publicly readable.

With a cloud security posture management project, security teams should look to conduct a configuration audit and implement a tool that automates detection of violations. Organizations that use multiple IaaS cloud services should seek to implement security from a single tool to ensure consistency of security policies.

Cloud Access Security Broker (CASB)

Gartner has perennially listed CASB as a top security technology, and implementing this dedicated cloud security platform is the most comprehensive cloud security project for enterprise strategically using cloud services.

Gartner summarizes, “In organizations that have adopted multiple software as a service (SaaS) applications, cloud access security brokers (CASBs) provide SRM leaders a control point for visibility and policy-based management across multiple cloud-based services.” Gartner goes on to say that leading CASB providers also extend controls to IaaS and fulfill the needs of CSPM tools.

With a CASB, organizations receive a single platform for managing all elements of cloud risk, including all of the capabilities necessary to complete the aforementioned cloud security projects.

A CASB is a necessary technology for organizations strategically using cloud services. Leveraging the cloud is essential for modern organizations to stay competitive. The benefits of using cloud services include:

  • More efficient collaboration
  • Improved employee productivity
  • Business growth
  • Faster time to market
  • Higher employee satisfaction
  • Ability to launch new products
  • Expansion to new products

Security does not have to be compromised when moving to the cloud. Over 50 percent of companies say security is improved in the cloud versus on-premises environments. Effective cloud security requires taking a new security approach centered around data, wherever it travels. By using cloud-native security tools like a CASB, companies can unlock the business and security benefits of cloud services.

The post Gartner’s Top 10 Security Projects: The Cloud Perspective appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/enterprise/cloud-security/gartners-top-10-security-projects-the-cloud-perspective/feed/ 0
Expanding Our Vision to Expand the Cybersecurity Workforce https://www.mcafee.com/blogs/other-blogs/executive-perspectives/expanding-our-vision-to-expand-the-cybersecurity-workforce/ https://www.mcafee.com/blogs/other-blogs/executive-perspectives/expanding-our-vision-to-expand-the-cybersecurity-workforce/#respond Wed, 19 Jun 2019 15:00:58 +0000 https://securingtomorrow.mcafee.com/?p=95640

This blog was written by Candace Worley, McAfee’s former Vice President and Chief Technical Strategist. I recently had the opportunity to testify before Congress on how the United States can grow and diversify the cyber talent pipeline. It’s great that members of Congress have this issue on their radar, but at the same time, it’s […]

The post Expanding Our Vision to Expand the Cybersecurity Workforce appeared first on McAfee Blogs.

]]>

This blog was written by Candace Worley, McAfee’s former Vice President and Chief Technical Strategist.

I recently had the opportunity to testify before Congress on how the United States can grow and diversify the cyber talent pipeline. It’s great that members of Congress have this issue on their radar, but at the same time, it’s concerning that we’re still having these discussions. A recent (ISC) Study puts the global cybersecurity workforce shortage at 2.93 million. Solving this problem is challenging, but I offered some recommendations to the House Homeland Security Committee’s Subcommittee on Cybersecurity, Infrastructure Protection and Innovation.

Increase the NSF CyberCorps Scholarships for Service Program

The National Science Foundation (NSF) together with the Department of Homeland Security (DHS) designed a program to attract more college students to cybersecurity, and it’s working. Ten to 12 juniors and seniors at each of the approximately 70 participating institutions across the country receive free tuition for up to two years plus annual stipends. Once they’ve completed their cybersecurity coursework and an internship, they go to work for the federal government for the same amount of time they’ve been in the program. Afterwards, they’re free to remain federal employees or move elsewhere, yet fortunately, a good number of them choose to stay.

Congress needs to increase the funding for this program (which has been flat since 2017) from $55 million to at least $200 million. Today the scholarships are available at 70 land grant colleges. The program needs to be opened up to more universities and colleges across the country.

Expand CyberCorps Scholarships to Community Colleges

Community colleges attract a wide array of students – a fact that is good for the cybersecurity profession. Some community college attendees are recent high school graduates, but many are more mature, working adults or returning students looking for a career change or skills training. A strong security operation requires differing levels of skills, so having a flexible scholarship program at a community college could not only benefit graduates but also provide the profession with necessary skills.

Furthermore, not everyone in cybersecurity needs a four-year degree. In fact, they don’t need to have a traditional degree at all. Certificate programs provide valuable training, and as employers, we should change our hiring requirements to reflect that reality.

Foster Diversity of Thinking, Recruiting and Hiring

Cybersecurity is one of the greatest technical challenges of our time, and we need to be as creative as possible to meet it. In addition to continually advancing technology, we need to identify people from diverse backgrounds – and not just in the standard sense of the term. We need to diversify the talent pool in terms of race, ethnicity, gender and age, all of which lead to creating an inclusive team that will deliver better results. However, we also should seek out gamers, veterans, people working on technical certificates, and retirees from computing and other fields such as psychology, liberal arts as well as engineering. There is no one background required to be a cybersecurity professional. We absolutely need people with deep technical skills, but we also need teams with diverse perspectives, capabilities and levels of professional maturity.

Public-Private Sector Cross Pollination

We also must develop creative approaches to enabling the public and private sectors to share talent, particularly during significant cybersecurity events. We should design a mechanism for cyber professionals – particularly analysts or those who are training to become analysts – to move back and forth between the public and private sector so that government organizations would have a continual refresh of expertise. This type of cross-pollination would help everyone share best practices on technology, business processes and people management.

One way to accomplish this would be for DHS to partner with companies and other organizations such as universities to staff a cadre of cybersecurity professionals – operators, analysts and researchers – who are credentialed to move freely between public and private sector service. These professionals, particularly those in the private sector, could be on call to help an impacted entity and the government respond to a major attack in a timely way. Much like the National Guard, a flexible staffing approach to closing the skills gap could become a model of excellence.

We’re Walking the Talk

McAfee is proud to support the community to establish programs that provide skills to help build the STEM pipeline, fill related job openings, and close gender and diversity gaps. These programs include an Online Safety Program, onsite training programs and internships for high school students. Our employees also volunteer in schools help educate students on both cybersecurity risks and opportunities. Through volunteer-run programs across the globe, McAfee has educated more than 500,000 children to date.

As part of the McAfee’s new pilot Achievement & Excellence in STEM Scholarship program, we’ll make three awards of $10,000 for the 2019-2020 school year. Twelve students from each of the three partner schools will be invited to apply, in coordination with each partner institution’s respective college advisor. Target students are college-bound, high school seniors with demonstrated passion for STEM fields, who are seeking a future in a STEM-related path. This type of a program can easily be replicated by other companies and used to support the growth and expansion of the workforce.

We’re Supporting Diversity

While we recognize there is still more to do in fostering diversity, we’re proud to describe the strides we’re making at McAfee. We believe we have a responsibility to our employees, customers and communities to ensure our workplace reflects the world in which we live. Having a diverse, inclusive workforce is the right thing to do, and after we became an independent, standalone cybersecurity company in 2017, we made and have kept this a priority.

 The steps we’re taking include:

  • Achieving pay parity between women and men employees in April 2019, making us the first pureplay cybersecurity company to do so.
  • In 2018, 27.1% of all global hires were female and 13% of all U.S. hires were underrepresented minorities.
  • In June 2018, we launched our “Return to Workplace” program for men and women who have paused their career to raise children, care for loved ones or serve their country. The 12-week program offers the opportunity to reenter the tech space with the support and resources needed to successfully relaunch careers.
  • Last year, we established the Diversity & Culture Council, a volunteer-led global initiative focused on creating an infrastructure for the development and maintenance of an integrated strategy for diversity and workplace culture.
  • McAfee CEO Chris Young joined CEO Action for Diversity Inclusion, the largest group of CEOs and presidents committed to act on driving an inclusive workforce. By taking part in CEO Action, Young personally commits to advancing diversity and inclusion with the coalition’s three-pronged approach of fostering safe workplaces.

Looking to the Future

While I’d love to see a future where fewer cybersecurity professionals were needed, I know that for the foreseeable future, we’ll not only need great technology but also talented people. With that reality, we in the industry need to expand our vision and definition of what constitutes cybersecurity talent. The workforce shortage is such that we have to do expand our concepts and hiring requirements. In addition, the discipline itself will benefit from a population that brings more experiences, skills and diversity to bear on a field that is constantly changing.

The post Expanding Our Vision to Expand the Cybersecurity Workforce appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/executive-perspectives/expanding-our-vision-to-expand-the-cybersecurity-workforce/feed/ 0
Have Fun in the Sun this Summer with the Summer Safety #RT2Win Sweepstakes! https://www.mcafee.com/blogs/consumer/fun-in-the-sun-rt2win-sweepstakes/ https://www.mcafee.com/blogs/consumer/fun-in-the-sun-rt2win-sweepstakes/#respond Mon, 10 Jun 2019 18:59:12 +0000 https://securingtomorrow.mcafee.com/?p=95551

The school year has come to an end, and with it comes the start of summer! For many, this time of year brings excitement and anticipation to jet-set off to their favorite destinations and spend some quality time with family. But while many are soaking up the sun or sharing fun photos online, cybercriminals also […]

The post Have Fun in the Sun this Summer with the Summer Safety #RT2Win Sweepstakes! appeared first on McAfee Blogs.

]]>

The school year has come to an end, and with it comes the start of summer! For many, this time of year brings excitement and anticipation to jet-set off to their favorite destinations and spend some quality time with family. But while many are soaking up the sun or sharing fun photos online, cybercriminals also trying to target those not taking the proper precautions to protect their data.

In fact, according to recent research by McAfee, only 40% of people are concerned about their personal photos being hacked, and 3x more concerned about their Social Security number being hacked than their photos. Whether booking travel deals or sharing photos on social media, device security should be top of mind to keep information secure this summer.

Whether you’re laying by the pool or dipping your toes in the sand, we want to help you leave your cybersecurity woes behind with our Summer Safety #RT2Win sweepstakes! Two [2] lucky winners of the sweepstakes drawing will receive a $500 Amazon gift card. The best part? Entering is a breeze! Follow the instructions below to enter and good luck!

#RT2Win Sweepstakes Official Rules

  • To enter, follow @McAfee_Home on Twitter and find the #RT2Win sweepstakes tweet.
  • The sweepstakes tweet will be released on Monday, June 10, 2019, at 12:00pm PST. This tweet will include the hashtags: #ProtectWhatMatters, #RT2Win AND #Sweepstakes.
  • Retweet the sweepstakes tweet released on the above date, from your own handle. The #ProtectWhatMatters, #RT2Win AND #Sweepstakes hashtags must be included in order to be entered.
  • Make sure you’re following @McAfee_Home on Twitter! You must follow for your entry to count.
  • Sweepstakes will end on Sunday, June 23, 2019 at 11:59pm PST. All entries must be made before that date and time.
  • Winners will be notified on Tuesday, June 25, 2019 via Twitter direct message.
  • Limit one entry per person.

1. How to Win:

Retweet one of our contest tweets on @McAfee_Home that include “#ProtectWhatMatters, #RT2Win, AND #Sweepstakes” for a chance to win a $500 Amazon gift card (for full prize details please see “Prizes” section below). Two [2] total winners will be selected and announced on June 25, 2019. Winners will be notified by direct message on Twitter. For full Sweepstakes details, please see the Terms and Conditions, below.

#RT2Win Sweepstakes Terms and Conditions

2. How to Enter: 

No purchase necessary. A purchase will not increase your chances of winning. McAfee Summer Safety #RT2Win Sweepstakes will be conducted from June 10, 2019 through June 23, 2019. All entries for each day of the McAfee Summer Safety Cybersecurity #RT2Win Sweepstakes must be received during the time allotted for the McAfee Summer Safety #RT2Win Sweepstakes. Pacific Daylight Time shall control the McAfee Summer Safety Shopping #RT2Win Sweepstakes, duration is as follows:

  • Begins: Monday, June 10, 2019­­ at 12:00pm PST
  • Ends: Sunday, June 23, 2019 at 11:59pm PST
  • Two [2] winners will be announced: Tuesday, June 25, 2019

For the McAfee Summer Safety #RT2Win Sweepstakes, participants must complete the following steps during the time allotted for the McAfee Summer Safety #RT2Win Sweepstakes:

  1. Follow @McAfee_Home on Twitter.
  2. Find the sweepstakes tweet of the day posted on @McAfee_Home which will include the hashtags: #ProtectWhatMatters, #RT2Win and #Sweepstakes.
  3. Retweet the sweepstakes tweet of the day and make sure it includes the #ProtectWhatMatters, #RT2Win, and hashtags.
  4. Note: Tweets that do not contain the #ProtectWhatMatters, #RT2Win, and #Sweepstakes hashtags will not be considered for entry.
  5. Limit one entry per person.

Two [2] winners will be chosen for the McAfee Summer Safety #RT2Win Sweepstakes tweet from the viable pool of entries that retweeted and included #ProtectWhatMatters, #RT2Win and #Sweepstakes. McAfee and the McAfee social team will choose winners from all the viable entries. The winners will be announced and privately messaged on Tuesday, June 25, 2019 on the @McAfee_Home Twitter handle. No other method of entry will be accepted besides Twitter. Only one entry per user is allowed, per Sweepstakes.

3. Eligibility: 

McAfee Summer Safety #RT2Win Sweepstakes is open to all legal residents of the 50 United States who are 18 years of age or older on the dates of the McAfee Summer Safety #RT2Win Sweepstakes begins and live in a jurisdiction where this prize and McAfee Summer Safety #RT2Win Sweepstakes not prohibited. Employees of Sponsor and its subsidiaries, affiliates, prize suppliers, and advertising and promotional agencies, their immediate families (spouses, parents, children, and siblings and their spouses), and individuals living in the same household as such employees are ineligible.

4. Winner Selection:

Winners will be selected at random from all eligible retweets received during the McAfee Summer Safety #RT2Win Sweepstakes drawing entry period. Sponsor will select the names of two [2] potential winners of the prizes in a random drawing from among all eligible submissions at the address listed below. The odds of winning depend on the number of eligible entries received. By participating, entrants agree to be bound by the Official McAfee Summer Safety #RT2Win Sweepstakes Rules and the decisions of the coordinators, which shall be final and binding in all respects.

5. Winner Notification: 

Each winner will be notified via direct message (“DM”) on Twitter.com by June 25, 2019. Prize winners may be required to sign an Affidavit of Eligibility and Liability/Publicity Release (where permitted by law) to be returned within ten (10) days of written notification, or prize may be forfeited, and an alternate winner selected. If a prize notification is returned as unclaimed or undeliverable to a potential winner, if potential winner cannot be reached within twenty four (24) hours from the first DM notification attempt, or if potential winner fails to return requisite document within the specified time period, or if a potential winner is not in compliance with these Official Rules, then such person shall be disqualified and, at Sponsor’s sole discretion, an alternate winner may be selected for the prize at issue based on the winner selection process described above.

6. Prizes: 

The prize for the McAfee Summer Safety #RT2Win Sweepstakes is a $500 Amazon gift card for each of the two [2] entrants/winners. Entrants agree that Sponsor has the sole right to determine the winners of the McAfee Summer Safety #RT2Win Sweepstakes and all matters or disputes arising from the McAfee Summer Safety #RT2Win Sweepstakes and that its determination is final and binding. There are no prize substitutions, transfers or cash equivalents permitted except at the sole discretion of Sponsor. Sponsor will not replace any lost or stolen prizes. Sponsor is not responsible for delays in prize delivery beyond its control. All other expenses and items not specifically mentioned in these Official Rules are not included and are the prize winners’ sole responsibility.

Limit one (1) prize per person/household. Prizes are non-transferable, and no cash equivalent or substitution of prize is offered. The McAfee Summer Safety #RT2Win Sweepstakes has no affiliation with Amazon.

7. General Conditions: 

Entrants agree that by entering they agree to be bound by these rules. All federal, state, and local taxes, fees, and surcharges on prize packages are the sole responsibility of the prizewinner. Sponsor is not responsible for incorrect or inaccurate entry information, whether caused by any of the equipment or programming associated with or utilized in the McAfee Summer Safety #RT2Win Sweepstakes, or by any technical or human error, which may occur in the processing of the McAfee Summer Safety #RT2Win Sweepstakes. entries. By entering, participants release and hold harmless Sponsor and its respective parents, subsidiaries, affiliates, directors, officers, employees, attorneys, agents, and representatives from any and all liability for any injuries, loss, claim, action, demand, or damage of any kind arising from or in connection with the McAfee Summer Safety #RT2Win Sweepstakes, any prize won, any misuse or malfunction of any prize awarded, participation in any McAfee Summer Safety #RT2Win Sweepstakes -related activity, or participation in the McAfee Summer Safety #RT2Win Sweepstakes. Except for applicable manufacturer’s standard warranties, the prizes are awarded “AS IS” and WITHOUT WARRANTY OF ANY KIND, express or implied (including any implied warranty of merchantability or fitness for a particular purpose).

8. Limitations of Liability; Releases:

By entering the Sweepstakes, you release Sponsor and all Released Parties from any liability whatsoever, and waive any and all causes of action, related to any claims, costs, injuries, losses, or damages of any kind arising out of or in connection with the Sweepstakes or delivery, misdelivery, acceptance, possession, use of or inability to use any prize (including claims, costs, injuries, losses and damages related to rights of publicity or privacy, defamation or portrayal in a false light, whether intentional or unintentional), whether under a theory of contract, tort (including negligence), warranty or other theory.

To the fullest extent permitted by applicable law, in no event will the sponsor or the released parties be liable for any special, indirect, incidental, or consequential damages, including loss of use, loss of profits or loss of data, whether in an action in contract, tort (including, negligence) or otherwise, arising out of or in any way connected to your participation in the sweepstakes or use or inability to use any equipment provided for use in the sweepstakes or any prize, even if a released party has been advised of the possibility of such damages.

  1. To the fullest extent permitted by applicable law, in no event will the aggregate liability of the released parties (jointly) arising out of or relating to your participation in the sweepstakes or use of or inability to use any equipment provided for use in the sweepstakes or any prize exceed $10. The limitations set forth in this section will not exclude or limit liability for personal injury or property damage caused by products rented from the sponsor, or for the released parties’ gross negligence, intentional misconduct, or for fraud.
  2. Use of Winner’s Name, Likeness, etc.: Except where prohibited by law, entry into the Sweepstakes constitutes permission to use your name, hometown, aural and visual likeness and prize information for advertising, marketing, and promotional purposes without further permission or compensation (including in a public-facing winner list).  As a condition of being awarded any prize, except where prohibited by law, winner may be required to execute a consent to the use of their name, hometown, aural and visual likeness and prize information for advertising, marketing, and promotional purposes without further permission or compensation. By entering this Sweepstakes, you consent to being contacted by Sponsor for any purpose in connection with this Sweepstakes.

9. Prize Forfeiture:

If winner cannot be notified, does not respond to notification, does not meet eligibility requirements, or otherwise does not comply with the prize McAfee Summer Safety #RT2Win Sweepstakes rules, then the winner will forfeit the prize and an alternate winner will be selected from remaining eligible entry forms for each McAfee Summer Safety #RT2Win Sweepstakes.

10. Dispute Resolution:

Entrants agree that Sponsor has the sole right to determine the winners of the McAfee Summer Safety #RT2Win Sweepstakes and all matters or disputes arising from the McAfee Summer Safety #RT2Win Sweepstakes and that its determination is final and binding. There are no prize substitutions, transfers or cash equivalents permitted except at the sole discretion of Sponsor.

11. Governing Law & Disputes:

Each entrant agrees that any disputes, claims, and causes of action arising out of or connected with this sweepstakes or any prize awarded will be resolved individually, without resort to any form of class action and these rules will be construed in accordance with the laws, jurisdiction, and venue of the State of New York, U.S.A.

12. Privacy Policy: 

Personal information obtained in connection with this prize McAfee Summer Safety #RT2Win Sweepstakes will be handled in accordance policy set forth at https://www.mcafee.com/enterprise/en-us/about/legal/privacy.html.

  1. Winner List; Rules Request: For a copy of the winner list, send a stamped, self-addressed, business-size envelope for arrival after June 10,2019 before June 23, 2019 to the address listed below, Attn: #RT2Win at Summer Safety Sweepstakes. To obtain a copy of these Official Rules, visit this link or send a stamped, self-addressed business-size envelope to the address listed in below, Attn: Sarah Grayson. VT residents may omit return postage.
  2. Intellectual Property Notice: McAfee and the McAfee logo are registered trademarks of McAfee, LLC. The Sweepstakes and all accompanying materials are copyright © 2019 by McAfee, LLC.  All rights reserved.
  3. Sponsor: McAfee, LLC, Corporate Headquarters 2821 Mission College Blvd. Santa Clara, CA 95054 USA
  4. Administrator: LEWIS Pulse, 111 Sutter St., Suiter 850, San Francisco, CA 94104

The post Have Fun in the Sun this Summer with the Summer Safety #RT2Win Sweepstakes! appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/fun-in-the-sun-rt2win-sweepstakes/feed/ 0
How McAfee’s Mentorship Program Helped Me Shine in My Career Journey https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/how-mcafees-mentorship-program-helped-me-shine-in-my-career-journey/ https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/how-mcafees-mentorship-program-helped-me-shine-in-my-career-journey/#respond Wed, 29 May 2019 23:14:49 +0000 https://securingtomorrow.mcafee.com/?p=95425

By: Anshu, Software Engineer “The mind is not a vessel that needs filling, but wood that needs igniting.”—Mestrius Plutarchus A mentor isn’t someone who answers your questions, but someone who helps you ask the right ones. After joining the McAfee WISE mentorship program as a mentee, I understood the essence of these words. WISE is […]

The post How McAfee’s Mentorship Program Helped Me Shine in My Career Journey appeared first on McAfee Blogs.

]]>

By: Anshu, Software Engineer

“The mind is not a vessel that needs filling, but wood that needs igniting.”—Mestrius Plutarchus

A mentor isn’t someone who answers your questions, but someone who helps you ask the right ones. After joining the McAfee WISE mentorship program as a mentee, I understood the essence of these words.

WISE is a community committed to providing opportunities for growth and success, increasing engagement, and empowering women at McAfee. Each year, WISE helps women network and find opportunities for their career development.

Joining the McAfee WISE Mentorship Program

The WISE Mentorship Program was introduced to address how women have been underrepresented in the tech sector, especially in cybersecurity.  It’s believed that mentoring can address and improve job satisfaction and retention, which is how the program found its way to India and I learned about it. As an employee at McAfee for over five years, I had the opportunity to learn a lot of new things, but networking was a skillset I needed to hone. I thought this might be my chance to develop my skills, so I enrolled as a mentee.

I was partnered with “Chandramouli” also known as “Mouli” who happened to be the executive sponsor for the WISE India Chapter, as well as one of our IT leaders.

The Mentor-Mentee Relationship

My sessions with Mouli were informal conversations rather than formal sync-ups. We not only discussed the industry and women in tech—but also our personal stories, the books we read and are inspired by. We discovered a common love for badminton, so we started sharing analogies of how we would handle situations at work compared to game and life scenarios.

And the lessons learned were humbling. You win, you lose, you conquer. This thought shifted my perspective to think about how I would react if it was a badminton match. Would I accept defeat even if the opponent was on game point? Would I play differently even if I knew the match was lost? I realized I would fight and fiercely compete. This simple shift started to make me think on my toes daily.

Like many people, I had a fair idea of how I wanted my career to shape up, but with the help of a mentor, I began to steer faster toward my goal. In just one session, we were able to identify areas that were slowing down my development.

Developing My Skills

We noticed that networking was one of my key improvement areas, so we decided to tackle this with baby steps. He assigned small but achievable tasks to me—tasks as simple as creating a LinkedIn profile and connecting with former and current co-workers.

What happened after that was truly amazing. People from all walks of life in the industry, from my school, college, and more, started connecting with me, and it was then when I realized I had made an impression. Now I find it easier to initiate conversations, knowing that people are ready to help and talk about things we mutually love. As small as these strides might be, they helped me not just move ahead, but also provided me with measurable momentum.

Being able to discuss and question the status quo and engage with someone who is more experienced, knows the art of the game, and is a fierce champion for WISE is something I look forward to every month. Thanks to McAfee for giving each one of us this opportunity to help further our careers and to help us dream big.

Interested in joining our team? We’re hiring! Apply now.

For more stories like this, follow @LifeAtMcAfee on Instagram and on Twitter @McAfee to see what working at McAfee is all about.

The post How McAfee’s Mentorship Program Helped Me Shine in My Career Journey appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/how-mcafees-mentorship-program-helped-me-shine-in-my-career-journey/feed/ 0
Why AI Innovation Must Reflect Our Values in Its Infancy https://www.mcafee.com/blogs/other-blogs/executive-perspectives/why-ai-innovation-must-reflect-our-values-in-its-infancy/ https://www.mcafee.com/blogs/other-blogs/executive-perspectives/why-ai-innovation-must-reflect-our-values-in-its-infancy/#respond Mon, 20 May 2019 15:00:09 +0000 https://securingtomorrow.mcafee.com/?p=95165

This blog was written by Candace Worley, McAfee’s former Vice President and Chief Technical Strategist. In my last blog, I explained that while AI possesses the mechanics of humanness, we need to train the technology to make the leap from mimicking humanness with logic, rational and analytics to emulating humanness with common sense. If we […]

The post Why AI Innovation Must Reflect Our Values in Its Infancy appeared first on McAfee Blogs.

]]>

This blog was written by Candace Worley, McAfee’s former Vice President and Chief Technical Strategist.

In my last blog, I explained that while AI possesses the mechanics of humanness, we need to train the technology to make the leap from mimicking humanness with logic, rational and analytics to emulating humanness with common sense. If we evolve AI to make this leap the impact will be monumental, but it will require our global community to take a more disciplined approach to pervasive AI proliferation. Historically, our enthusiasm for and consumption of new technology has outpaced society’s ability to evolve legal, political, social, and ethical norms.

I spend most of my time thinking about AI in the context of how it will change the way we live. How it will change the way we interact, impact our social systems, and influence our morality.  These technologies will permeate society and the ubiquity of their usage in the future will have far reaching implications. We are already seeing evidence of how it changes how we live and interact with the world around us.

Think Google. It excites our curiosity and puts information at our fingertips. What is tripe – should I order it off the menu? Why do some frogs squirt blood from their eyes? What does exculpatory mean?

AI is weaving the digital world into the fabric of our lives and making information instantaneously available with our fingertips.

AI-enabled technology is also capable of anticipating our needs. Think Alexa. As a security professional I am a hold out on this technology but the allure of it is indisputable. It makes the digital world accessible with a voice command. It understands more than we may want it to – Did someone tell Alexa to order coffee pods and toilet tissue and if not – how did Alexa know to order toilet tissue? Maybe somethings I just don’t want to know.

I also find it a bit creepy when my phone assumes (and gets it right) that I am going straight home from the grocery store letting me know, unsolicited, that it will take 28 minutes with traffic. How does it know I am going home? I could be going to the gym. It’s annoying that it knows I have no intention of working out. A human would at least have the decency to give me the travel time to both, allowing me to maintain the illusion that the gym was an equal possibility.

On a more serious note, AI-enabled technology will also impact our social, political and legal systems. As we incorporate it into more products and systems, issues related to privacy, morality and ethics will need to be addressed.

These questions are being asked now, but in anticipation of AI becoming embedded in everything we interact with it is critical that we begin to evolve our societal structures to address both the opportunities and the threats that will come with it.

The opportunities associated with AI are exciting.  AI shows incredible promise in the medical world. It is already being used in some areas. There are already tools in use that leverage machine learning to help doctors identify disease related patterns in imaging. Research is under way using AI to help deal with cancer.

For example, in May 2018, The Guardian reported that skin cancer research using a convolutional neural network (CNN – based on AI) detected skin cancer 95% of the time compared to human dermatologists who detected it 86.6% of the time. Additionally, facial recognition in concert with AI may someday be commonplace in diagnosing rare genetic disorders, that today, may take months or years to diagnose.

But what happens when the diagnosis made by a machine is wrong? Who is liable legally? Do AI-based medical devices also need malpractice insurance?

The same types of questions arise with autonomous vehicles. Today it is always assumed a human is behind the wheel in control of the vehicle. Our laws are predicated on this assumption.

How must laws change to account for vehicles that do not have a human driver? Who is liable? How does our road system and infrastructure need to change?

The recent Uber accident case in Arizona determined that Uber was not liable for the death of a pedestrian killed by one of its autonomous vehicles. However, the safety driver who was watching TV rather than the road, may be charged with manslaughter. How does this change when the car’s occupants are no longer safety drivers but simply passengers in fully autonomous vehicles. How will laws need to evolve at that point for cars and other types of AI-based “active and unaided” technology?

There are also risks to be considered in adopting pervasive AI. Legal and political safeguards need to be considered, either in the form of global guidelines or laws. Machines do not have a moral compass. Given that the definition of morality may differ depending on where you live, it will be extremely difficult to train morality into AI models.

Today most AI models lack the ability to determine right from wrong, ill intent from good intent, morally acceptable outcomes from morally irreprehensible outcomes. AI does not understand if the person asking the questions, providing it data or giving it direction has malicious intent.

We may find ourselves on a moral precipice with AI. The safeguards or laws I mention above need to be considered before AI becomes more ubiquitous than it already is.  AI will enable human kind to move forward in ways previously unimagined. It will also provide a powerful conduit through which humankind’s greatest shortcomings may be amplified.

The implications of technology that can profile entire segments of a population with little effort is disconcerting in a world where genocide has been a tragic reality, where civil obedience is coerced using social media, and where trust is undermined by those that use mis-information to sew political and societal discontent.

There is no doubt that AI will make this a better world. It gives us hope on so many fronts where technological impasses have impeded progress. Science may advance more rapidly, medical research progress beyond current roadblocks and daunting societal challenges around transportation and energy conservation may be solved.  It is another tool in our technological arsenal and the odds are overwhelmingly in favor of it improving the global human condition.

But realizing its advantages while mitigating its risks will require commitment and hard work from many conscientious minds from different quarters of our society. We as the technology community have an obligation to engage key stakeholders across the legal, political, social and scientific community to ensure that as a society we define the moral guardrails for AI before it becomes capable of defining them, for or in spite of, us.

Like all technology before it, AI’s social impacts must be anticipated and balanced against the values we hold dear.  Like parents raising a child, we need to establish and insist that the technology reflect our values now while its growth is still in its infancy.

The post Why AI Innovation Must Reflect Our Values in Its Infancy appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/executive-perspectives/why-ai-innovation-must-reflect-our-values-in-its-infancy/feed/ 0
I am an AI Neophyte https://www.mcafee.com/blogs/other-blogs/executive-perspectives/i-am-an-ai-neophyte/ https://www.mcafee.com/blogs/other-blogs/executive-perspectives/i-am-an-ai-neophyte/#respond Mon, 13 May 2019 13:00:23 +0000 https://securingtomorrow.mcafee.com/?p=95162

This blog was written by Candace Worley, McAfee’s former Vice President and Chief Technical Strategist. I am an Artificial Intelligence (AI) neophyte. I’m not a data scientist or a computer scientist or even a mathematician. But I am fascinated by AI’s possibilities, enamored with its promise and at times terrified of its potential consequences. I […]

The post I am an AI Neophyte appeared first on McAfee Blogs.

]]>

This blog was written by Candace Worley, McAfee’s former Vice President and Chief Technical Strategist.

I am an Artificial Intelligence (AI) neophyte. I’m not a data scientist or a computer scientist or even a mathematician. But I am fascinated by AI’s possibilities, enamored with its promise and at times terrified of its potential consequences.

I have the good fortune to work in the company of amazing data scientists that seek to harness AI’s possibilities. I wonder at their ability to make artificial intelligence systems “almost” human. And I use that term very intentionally.

I mean “almost” human, for to date, AI systems lack the fundamentals of humanness. They possess the mechanics of humanness, qualities like logic, rationale, and analytics, but that is far from what makes us human. Their most human trait is one we prefer they not inherit –  a propensity to perpetuate bias.  To be human is to have consciousness. To be sentient. To have common sense. And to be able to use these qualities and the life experience that informs them to interpret successfully not just the black and white of our world but the millions of shades of grey.

While data scientists are grappling with many technical challenges associated with AI there are a couple I find particularly interesting. The first is bias and the second is lack of common sense.

AI’s propensity to bias is a monster of our own making. Since AI is largely a slave to the data it is given to learn from, its outputs will reflect all aspects of that data, bias included. We have already seen situations where applications leveraging AI have perpetuated human bias unintentionally but with disturbing consequences.

For example, many states have started to use risk assessment tools that leverage AI to predict probable rates of recidivism for criminal defendants. These tools produce a score that is then used by a judge for determining a defendant’s sentencing. The problem is not the tool itself but the data that is used to train it. There is evidence that there has historically been significant racial bias in our judicial systems, so when that data is used to train AI, the resulting output is equally biased.

A report by ProPublica in 2016 found that algorithmic assessment tools are likely to falsely flag African American defendants as future criminals at nearly twice the rate as white defendants*. For any of you who saw the Tom Cruise movie, Minority Report, it is disturbing to consider the similarities between the fictional technology used in the movie to predict future criminal behavior and this real life application of AI.

The second challenge is how to train artificial intelligence to be as good at interpreting nuance as humans are. It is straight forward to train AI how to do something like identifying an image as a Hippopotamus. You provide it with hundreds or thousands of images or descriptions of a hippo and eventually it gets it right most if not all the time.

The accuracy percentage is likely to go down for things that are perhaps more difficult to distinguish—such as a picture of a field of sheep versus a picture of popcorn on a green blanket—but  with enough training even this is a challenge that can be overcome.

The interesting thing is that the challenge is not limited to things that lack distinguishing characteristics. In fact, the things that are so obvious that they never get stated or documented, can be equally difficult for AI to process.

For example, we humans know that a hippopotamus cannot ride a bicycle. We inherently know that if someone says “Jimmy played with his boat in the swimming pool” that, except in very rare instances likely involving eccentric billionaires, the boat was a toy boat and not a full-size catamaran.

No one told us these things – it’s just common sense. The common sense aspects of interpreting these situations could be lost on AI. The technology also lacks the ability to infer emotion or intent from data. If we see someone buying flowers we can mentally infer why – a romantic dinner or somebody’s in the doghouse. We can not only guess why they are buying flowers, but when I say somebody’s in the dog house you know exactly what I mean. It’s not that they are literally in the dog house, but someone did something stupid and the flowers are an attempt at atonement.

That leap is too big for AI today. When you add to the mix cultural differences it exponentially increases the complexity. If a British person says put something in the boot it is likely going to be groceries. If it is an American it will likely be a foot. Teaching AI common sense is a difficult task and one that will take significant research and effort on the part of experts in the field.

But the leap from logic, rationale and analytics to common sense is a leap we need AI to make for it to truly become the tool we need it to be, in cybersecurity and in every other field of human endeavor.

In my next blog, I’ll discuss the importance of ensuring that this profoundly impactful technology reflects our human values in its infancy, before it starts influencing and shaping them itself.

*ProPublica, Machine Bias, May 23, 2016

The post I am an AI Neophyte appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/executive-perspectives/i-am-an-ai-neophyte/feed/ 0
We Are Ready on Day One for Our Linux Customers https://www.mcafee.com/blogs/enterprise/endpoint-security/we-are-ready-on-day-one-for-our-linux-customers/ https://www.mcafee.com/blogs/enterprise/endpoint-security/we-are-ready-on-day-one-for-our-linux-customers/#respond Tue, 07 May 2019 16:14:50 +0000 https://securingtomorrow.mcafee.com/?p=95185

Our customers look to McAfee to ensure that their enterprises are protected from the changing threat landscape. That’s why we’ve worked with Red Hat, the world’s leading provider of open source solutions for Linux, to ensure that we were part of the entire process leading up to today’s announcement of Red Hat Enterprise Linux 8 […]

The post We Are Ready on Day One for Our Linux Customers appeared first on McAfee Blogs.

]]>

Our customers look to McAfee to ensure that their enterprises are protected from the changing threat landscape. That’s why we’ve worked with Red Hat, the world’s leading provider of open source solutions for Linux, to ensure that we were part of the entire process leading up to today’s announcement of Red Hat Enterprise Linux 8 (RHEL8). We’ve been working extensively with Red Hat throughout the pre-release process to ensure that you get the threat protection you desire on the day the new operating system is released.

If you’re already one of our McAfee Endpoint Security for Linux customers, this means you can take advantage of vast hardware and virtualization support as well as cloud integration support on whether you’re using on-prem ePO or McAfee MVISION.

McAfee Endpoint Security for Linux 10.6.2 now provides zero-day support for RHEL8. Red Hat Enterprise Linux is a significant proportion of the install base among our customers. It’s important that we provide timely and crucial support for the latest release of RHEL8 so our customers can take advantage of the improvements and efficiencies available on the platform.

McAfee Endpoint Security for Linux 10.6 provides three important features that benefit our customers:

  • Support for Docker containers
  • CPU throttling
  • Centralized management capabilities of native firewall

Container adoption has been rising steadily among our customer base. By supporting McAfee Endpoint Security for Linux on docker containers, our customers can be confident that their container deployments are protected with the same solution that they currently deploy on their servers.

CPU throttling limits the consumption of CPU resources, allowing our customers to efficiently manage when an on-demand scan deploys, thus enhancing the usability of the solution in a low-resource environment.

Centralizing and simplifying management capabilities of native functionality, such as the firewall, through a familiar interface allows administrators to quickly react and enforce firewall policies, reducing the time to deploy and gain operational efficiency.

To learn more about McAfee Endpoint Security, visit our website.

The post We Are Ready on Day One for Our Linux Customers appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/enterprise/endpoint-security/we-are-ready-on-day-one-for-our-linux-customers/feed/ 0
Employees Share Stories Working in Award–Winning Cork Office https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/employees-share-stories-working-in-award-winning-cork-office/ https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/employees-share-stories-working-in-award-winning-cork-office/#respond Thu, 18 Apr 2019 14:49:10 +0000 https://securingtomorrow.mcafee.com/?p=94919

“The culture at McAfee is easy going, fun, dynamic and everyone is friendly.”—Deirdre, Project Manager The McAfee office in Cork was once again named among companies recognized in Ireland’s Great Place to Work awards. Our Cork location has much to offer—from a supportive working environment to career growth opportunities, the opportunities are abundant. Hear from […]

The post Employees Share Stories Working in Award–Winning Cork Office appeared first on McAfee Blogs.

]]>

“The culture at McAfee is easy going, fun, dynamic and everyone is friendly.”—Deirdre, Project Manager

The McAfee office in Cork was once again named among companies recognized in Ireland’s Great Place to Work awards. Our Cork location has much to offer—from a supportive working environment to career growth opportunities, the opportunities are abundant.

Hear from three McAfee employees, Deirdre, Ranjit and Oliver, as they share their personal stories of working in the Cork, Ireland office.

Want to join in on the fun? We’re hiring in Cork! Apply now.

For more stories like this, follow @LifeAtMcAfee on Instagram and on Twitter @McAfee to see what working at McAfee is all about.

The post Employees Share Stories Working in Award–Winning Cork Office appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/employees-share-stories-working-in-award-winning-cork-office/feed/ 0
ST03: Cloud Technology Trends with Wayne Anderson and Dan Flaherty https://www.mcafee.com/blogs/other-blogs/podcast/st03-cloud-technology-trends-with-wayne-anderson-and-dan-flaherty/ https://www.mcafee.com/blogs/other-blogs/podcast/st03-cloud-technology-trends-with-wayne-anderson-and-dan-flaherty/#respond Tue, 02 Apr 2019 20:38:15 +0000 https://securingtomorrow.mcafee.com/?p=94827

In this episode, we’ll hear from Wayne Anderson, Enterprise Security Architect at McAfee and Dan Flaherty from the cloud security product team speak on a wide range of topics from upcoming technology trends in the market, to adversarial machine learning, cloud models for security, and a look back at the RSA conference.

The post ST03: Cloud Technology Trends with Wayne Anderson and Dan Flaherty appeared first on McAfee Blogs.

]]>

In this episode, we’ll hear from Wayne Anderson, Enterprise Security Architect at McAfee and Dan Flaherty from the cloud security product team speak on a wide range of topics from upcoming technology trends in the market, to adversarial machine learning, cloud models for security, and a look back at the RSA conference.

The post ST03: Cloud Technology Trends with Wayne Anderson and Dan Flaherty appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/podcast/st03-cloud-technology-trends-with-wayne-anderson-and-dan-flaherty/feed/ 0
Return to Workplace: Ready to Relaunch Your Career https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/return-to-workplace-ready-to-relaunch-your-career/ https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/return-to-workplace-ready-to-relaunch-your-career/#comments Thu, 21 Mar 2019 13:58:59 +0000 https://securingtomorrow.mcafee.com/?p=94674

By: Sheetal, Application Developer & Majy, IT Support McAfee offers a new program that offers professionals who dedicated extended time to their families the chance to reignite their passion for the technology industry and relaunch their careers. Sometimes, it’s necessary to put your career on hold to raise kids, care for loved ones or serve […]

The post Return to Workplace: Ready to Relaunch Your Career appeared first on McAfee Blogs.

]]>

By: Sheetal, Application Developer & Majy, IT Support

McAfee offers a new program that offers professionals who dedicated extended time to their families the chance to reignite their passion for the technology industry and relaunch their careers.

Sometimes, it’s necessary to put your career on hold to raise kids, care for loved ones or serve your country. For many, it can be daunting to reenter the workplace after time away. That’s why McAfee designed its Return to Workplace program.

Launched in India in 2018, the 12-week Return to Work program offers training, support and resources for those who are looking to reenter the technology field and put their careers back on track.

Read Sheetal’s and Majy’s stories about how McAfee’s Return to Workplace program helped them build the skills they needed to reenter the workforce and come back strong.

Sheetal’s Return to Workplace Journey – Application Developer

To pursue my love for technology, I moved to Bangalore to complete my engineering degree in computer science, and I found rewarding work as a Quality Auditor. In 2015, I added another momentous title to my resume—mom. I gave birth to my first child and took my maternity leave; however, family circumstances extended my break.

Returning to Tech

Three years later, I was finally ready to get back to work, and I anxiously began my job hunt. It wasn’t as easy as I thought it would be, and I had a few concerns to say the least. Not only did I fear I’d be behind in the fast-paced technology industry, I also feared I wouldn’t find a supportive workplace as a single mom.

All Thanks to McAfee

As a single mother, McAfee allowed me to balance both my career and my family by giving me flexible work hours, technical mentoring, soft skills training, sessions with the HR team and several other resources to sharpen my professional skills. It helped me build my confidence over time, and today, I am working as a part of the application development team, assuring that the business works efficiently as possible.

McAfee has offered not only me, but a number of other wonderful women, a second chance to resume their careers at their own pace, without having to give up time with their families and children.

Majy’s Story – IT Support

Passionate about technology, I pursued my education in engineering at Calicut University and began my career soon after as a software engineer. I loved my career and the people I worked with—it’s what got me out of bed and excited about each day. Eventually, my reasons to start the day shifted when my husband and I were blessed with our first child. I decided it was time to put a hold on my career, to be there for my son and spend quality time at home during those early development years.

Facing Fears About Getting Back to Work

My son was growing up right before my eyes, and as he became more independent, I considered returning to my career. Even though I was eager to get back to work, I feared I wouldn’t find a company that allowed me to manage both a fulfilling career and raising a child at home—or if my skills would still be relevant.

 

Discovering McAfee Was the Best Thing Ever

McAfee’s Return to Workplace initiative completely blew me away. With the working environment that McAfee offered me, which was flexible and encouraging, I absolutely could not miss this opportunity. McAfee offered me several avenues to learn and brush up on my technical skills. They even provided me with a technical mentor! Having access to my mentor created a safe environment where I could ask my technical queries without feeling the pressure of asking the wrong question. In addition to this, the host of online courses I could leverage was an advantage for me. Ultimately, McAfee provided me with an environment where I could learn and grow without feeling intimidated. This was empowering and gave me the push I needed to successfully complete the program. McAfee was my natural first choice for returning to work and I couldn’t have been happier to accept a full-time position.

For more stories like this, follow @LifeAtMcAfee  on Instagram and on Twitter @McAfee to see what working at McAfee is all about.

Ready to relaunch your career? Get the resources you need at McAfee. Apply here.

The post Return to Workplace: Ready to Relaunch Your Career appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/return-to-workplace-ready-to-relaunch-your-career/feed/ 2
McAfee Employees Strike Their #BalanceForBetter Pose This International Women’s Day https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/mcafee-employees-strike-their-balanceforbetter-pose-this-international-womens-day/ https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/mcafee-employees-strike-their-balanceforbetter-pose-this-international-womens-day/#respond Wed, 06 Mar 2019 15:08:44 +0000 https://securingtomorrow.mcafee.com/?p=94403

By Karla, Digital Media Specialist During the month of March, we are thrilled to support International Women’s Day, on March 8, and Women’s History Month. At McAfee, we recognize the importance of an inclusive and diverse culture and as part of this year’s International Women’s Day call to action, we’ve asked team members from across […]

The post McAfee Employees Strike Their #BalanceForBetter Pose This International Women’s Day appeared first on McAfee Blogs.

]]>

By Karla, Digital Media Specialist

During the month of March, we are thrilled to support International Women’s Day, on March 8, and Women’s History Month. At McAfee, we recognize the importance of an inclusive and diverse culture and as part of this year’s International Women’s Day call to action, we’ve asked team members from across the globe to share how they #BalanceForBetter at McAfee.

Check out some of these great moments and be sure to share your own #BalanceForBetter stories in the comments below!

 

Silvia – Software Sales Account Representative (Chile)

“I always wanted to work for a company that would support me in my role as a woman, a mother, a professional and an athlete. I found that place. McAfee allows me to be me and encourages me to do what I need to do to #BalanceForBetter.”

 

 

 

Priya – Customer Success Manager (India)

“At McAfee, I feel like I can grow my career and be an independent career-focused woman while still being a doting and caring mother and spouse. McAfee helped create the right balance between my family, future and career. #BalanceForBetter”

 

 

 

 

Steve – Head of Advanced Threat Research (U.S.)

“I wish I could say we had gender balance in Advanced Threat Research of 50/50 men and women. I wish we could say this at the industry level in general. However, there’s no time better than the present to change this.

What #BalanceForBetter means to me is engaging early by hosting lab days at McAfee or visiting schools. At McAfee, we have a chance to spark interest, demonstrate inclusiveness and promote real change in the gender gap across the IT industry. Without more women in tech, I truly feel like we are missing out on a unique and diverse perspective. As a father of two young girls with the potential to be anything, I know it’s time we change the status quo.”

 

 

Gurjeet – Engineering Manager (Canada)

“McAfee is like my second family. We celebrate each other’s achievements, encourage one another to give our best and are wonderful friends who always cheer each other up during difficult times.

Here, I can be my personal best every day at the office while doing all the things I cherish with my real family, like hiking, running, traveling and exploring the beautiful world.”

 

 

Paula – Head of Consumer ORD (Brazil)

“The consumer online business is a heavily results-driven organization that demands strong planning and speedy execution, so every minute counts! I #BalanceForBetter by creating clear business objectives that help me to prioritize my tasks and meetings – guaranteeing my weekdays are as productive as possible. This balance ensures that my mornings are spent in the gym and my evenings with family and friends, which ultimately gives me the energy and joy needed to execute my work each day.”

 

 

Laura – Marketing Communications Manager (Mexico)

“After working in marketing for more than 20 years in tech, I certainly believe that technology helps you find a balance of work and play – not having to choose between one or the other. I #BalanceForBetter at McAfee to define the best version of myself.”

 

 

 

Charan Jeet – MSSP Solutions Architect (Australia)

“McAfee’s flexible and supportive work culture plays a vital role. It encourages equal opportunity to every individual/employee irrespective of gender or background. It has helped me keep myself actively engaged in the activities I love, helping me #BalanceForBetter.”

 

 

 

Sonia – Talent Acquisition Partner (Argentina)

“We all live in the same world, but each person lives and experiences life through a different lens. Learning how to accept and sympathize with these different points of view is what makes the world a better place. As a recruiter, I enjoy communicating with diverse people to help them reach their full potential in all aspects of their work lives and personal lives. #BalanceForBetter”

 

 

 

Laura – Program Manager (Ireland)

“At McAfee, we are tipping the scales in terms of championing equality in the workplace. From our investment in gender pay parity to living the McAfee values and creating a better workplace where we are encouraged to be our full authentic selves. For me, that’s #BalanceforBetter.”

 

 

 

 

Andrea – Program Manager (Argentina)

“At McAfee, I #BalanceForBetter by leveraging my skills as a Program Manager to collaborate with teams around the globe. As a working mom at McAfee, I am offered a great work-life balance and I can #BalanceForBetter by devoting time to another one of my passions – playing soccer with my boys! This healthy mix helps me stay happy and well.”

 

 

 

McAfee is an inclusive employer and is proud to support inclusion and diversity. Interested in joining our teams? We’re hiring! Apply now.

For more stories like this, follow @LifeAtMcAfee on Instagram and on Twitter @McAfee to see what working at McAfee is all about.

 

The post McAfee Employees Strike Their #BalanceForBetter Pose This International Women’s Day appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/mcafee-employees-strike-their-balanceforbetter-pose-this-international-womens-day/feed/ 0
JAVA-VBS Joint Exercise Delivers RAT https://www.mcafee.com/blogs/other-blogs/mcafee-labs/java-vbs-joint-exercise-delivers-rat/ https://www.mcafee.com/blogs/other-blogs/mcafee-labs/java-vbs-joint-exercise-delivers-rat/#respond Fri, 01 Mar 2019 16:00:15 +0000 https://securingtomorrow.mcafee.com/?p=94312

The Adwind remote administration tool (RAT) is a Java-based backdoor Trojan that targets various platforms supporting Java files. For an infection to occur, the user must typically execute the malware by double-clicking on the .jar file that usually arrives as an email attachment. Generally, infection begins if the user has the Java Runtime Environment installed. […]

The post JAVA-VBS Joint Exercise Delivers RAT appeared first on McAfee Blogs.

]]>

The Adwind remote administration tool (RAT) is a Java-based backdoor Trojan that targets various platforms supporting Java files. For an infection to occur, the user must typically execute the malware by double-clicking on the .jar file that usually arrives as an email attachment. Generally, infection begins if the user has the Java Runtime Environment installed. Once the malicious .jar file runs successfully on the target system, the malware silently installs itself and connects to a remote server through a preconfigured port. This allows it to receive commands from the remote attacker and perform further malicious activities. Recently, McAfee labs has seen a surge in a variant which comes as a JAR attachment via a spam email and uses the famous Houdini VBS worm to infect user.

Infection chain:

The malware’s spreading mechanism is the same as in previous versions. It arrives in a spam email with a .jar attachment. The contents of the email are carefully crafted to lure victims using social engineering techniques. We can summarise the whole infection chain as shown in the below snippet:

 

The spam email may look like this:

The parent JAR file:

To keep things simple, we just called the attached .jar file as a parent jar file and named it Sample.jar. Generally, Adwind comes in an obfuscated form to hide its malicious intent. Its payload and configuration file (which serves as an installation file) are encrypted with the DES, RC4, or RC6 cipher, depending on the variant. The Adwind backdoor will decrypt itself on the fly during execution. In this variant we can see the contents of Manifest.MF. It has main class bogjbycqdq.Mawbkhvaype.

Mawbkhvaype.class

The main task of this class is to check for a resource file available in the Jar bundle. Here, resource mzesvhbami is a vbs file. Mawbkhvaye.class will check for mzesvhbami in the resource section and later drop bymqzbfsrg.vbs in the user’s Home directory before executing it with the help of wscript.

Bymqzbfsrg.vbs

It has a huge chunk of obfuscated base64 encoded data present. The below snippet shows the partial part of Bymqzbfsrg.vbs script.

Once deobfuscated and decoded, the base64 encoded data converts to ntfsmgr.jar and is dropped in %appdata%/Roaming. The below snippet shows the conversion of base64 encoded data into Jar file:

Decoded to JAR file (ntfsmgr.jar)

Ntfsmgr.jar

Here, important files present in ntfsmgr.jar are drop.box, mega.download and sky.drive which will be used later for creating the configuration file for the malware.

Final Payload:

Ntfsmgr.jar has operational.Jrat as the main class. The purpose of operational.Jrat is to drop another .jar file into the %TEMP% folder with random file name [underscore] [dot] [random numbers] [dot] class, e.g. _0.1234567897654265678.class, which will be the actual payload and later will perform malicious activities on the user’s system. The below snippet shows the routine present in operational.Jrat for creation of the final payload in %TEMP% location.

The contents of Manifest.MF looks somewhat similar to ntfsmgr.jar. All the other files in the final Java archive will be decrypted on the fly and will infect the system. After Adwind successfully infects a system, we have seen it log keystrokes, modify and delete files, download and execute further malware, take screenshots, access the system’s camera, take control of the mouse and keyboard, update itself, and more. We are not going to dig into this threat in this direction now but you can read more about Adwind here and here. In this blog we will now discuss another part of the story, Bymqzbfsrg.vbs

Working of Bymqzbfsrg.vbs

After successful execution, Bymqzbfsrg.vbs drops ntfsmgr.jar and sKXoevtgAv.vbs in %appdata%/Roaming.

Bymqzbfsrg.vbs dynamically executes a method naira inside the script by using ExecuteGlobal, as seen in the below snippet.:

Dynamic execution of the script looks like this:

The below snippet shows the script for dropping sKXoevtgAv.vbs in %appdata%Roaming.

Here we see the script for dropping ntfsmgr in %appdata%Roaming.

At the time of execution, sKXoevtgAv.vbs decodes itself to Houdini vbs worm which is the final payload. The first few lines of the script are as follows:

The attacker may perform many malicious activities on the victim’s machine, including::

  • Downloading and executing files on the victim’s machine
  • Running command instructions
  • Updating or uninstalling a copy of itself
  • Downloading and uploading files
  • Deleting a file or folder
  • Terminating certain process

Enumerating files and folders on the victim’s machine

Additional Points:

  1. For persistence it creates a run entry.

When the ntfsmgtr.jar runs, it adds itself into the start-up so that it will be run whenever the system starts.

  1. It checks for installed anti-malware products on the system.

  1. If available, it copies the installed Java Runtime files to a temporary directory within the victim’s home directory, otherwise it downloads from the web and copies in the same directory.

Conclusion:

In past, we have seen threat actors using two similar functioning malware families in a single infection. Usually, threat actors chose this path for higher probability of successful infection.

The hashes used in the analysis:

Sample.jar: 07cb6297b47c007aab43311fcfa9976158b4149961911f42d96783afc517226a

Ntfsmgr.jar: ee868807a4261a418e02b0fb1de7ee7a8900acfb66855ce46628eb5ab9b1d029

McAfee advises users to keep their antimalware signatures up to date at all times. McAfee products detect the malicious jar files as Adwind-FDVH.jar! [Partial hash] and Adwind-FDVJ.jar! [Partial Hash], with DAT Versions 9137 and later.

The post JAVA-VBS Joint Exercise Delivers RAT appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/java-vbs-joint-exercise-delivers-rat/feed/ 0
Kicking Off MWC 2019 with Insights on Mobile Security and Growing Partnerships https://www.mcafee.com/blogs/consumer/mwc-2019-kickoff/ https://www.mcafee.com/blogs/consumer/mwc-2019-kickoff/#respond Mon, 25 Feb 2019 08:00:24 +0000 https://securingtomorrow.mcafee.com/?p=94251

We’ve touched down in Barcelona for Mobile World Congress 2019 (MWC), which is looking to stretch the limits of mobile technology with new advancements made possible by the likes of IoT and 5G. This year, we are excited to announce the unveiling of our 2019 Mobile Threat Report, our extended partnership with Samsung to protect […]

The post Kicking Off MWC 2019 with Insights on Mobile Security and Growing Partnerships appeared first on McAfee Blogs.

]]>

We’ve touched down in Barcelona for Mobile World Congress 2019 (MWC), which is looking to stretch the limits of mobile technology with new advancements made possible by the likes of IoT and 5G. This year, we are excited to announce the unveiling of our 2019 Mobile Threat Report, our extended partnership with Samsung to protect Galaxy S10 smartphones, and our strengthened partnership with Türk Telekom to provide a security solution to protect families online.

Mobile Connectivity and the Evolving Threat Landscape

These days, it’s a rare occurrence to enter a home that isn’t utilizing smart technology. Devices like smart TVs, voice assistants, and security cameras make our lives more convenient and connected. However, as consumers adopt this technology into their everyday lives, cybercriminals find new ways to exploit these devices for malicious activity. With an evolving threat landscape, cybercriminals are shifting their tactics in response to changes in the market. As we revealed in our latest Mobile Threat Report, malicious actors look for ways to maximize their profit, primarily through gaining control of trusted IoT devices like voice assistants. There are over 25 million voice assistants in use across the globe and many of these devices are connected to other things like thermostats, door locks, and smart plugs. With this increase in connectivity, cybercriminals have more opportunities to exploit users’ devices for malicious purposes. Additionally, cybercriminals are leveraging users’ reliance on their mobile phones to mine for cryptocurrency without the device owner’s knowledge. According to our Mobile Threat Report, cybersecurity researchers found more than 600 malicious cryptocurrency apps spread across 20 different app stores. In order to protect users during this time of rapid IoT and mobile growth, we here at McAfee are pushing to deliver solutions for relevant, real-world security challenges with the help of our partners.

Growing Partnerships to Protect What Matters

Some cybersecurity challenges we are working to overcome include threats like mobile malware and unsecured Wi-Fi. This year, we’ve extended our long-standing partnership with Samsung to help secure consumers from cyberthreats on Samsung Galaxy S10 smartphones. McAfee is also supporting Samsung Secure Wi-Fi service by providing backend infrastructure to protect consumers from risky Wi-Fi. In addition to mobile, this partnership also expands to help protect Samsung smart TVs, PCs, and laptops.

We’ve also strengthened our partnership with Türk Telekom, Turkey’s largest fixed broadband ISP. Last year, we announced this partnership to deliver cross-device security protection. This year, we’re providing a security solution to help parents protect their family’s digital lives. Powered by McAfee Safe Family, Türk Telekom’s fixed and mobile broadband customers will have the option to benefit from robust parental controls. These controls will allow parents to better manage their children’s online experience and give them greater peace of mind.

We’re excited to see what’s to come for the rest of MWC, and how these announcements will help improve consumers’ digital experiences. It is our hope that by continuing to extend our relationships with technology innovators, we can help champion built-in security across devices and networks.

To stay on top of McAfee’s MWC news and the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Kicking Off MWC 2019 with Insights on Mobile Security and Growing Partnerships appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/mwc-2019-kickoff/feed/ 0
MalBus: Popular South Korean Bus App Series in Google Play Found Dropping Malware After 5 Years of Development https://www.mcafee.com/blogs/other-blogs/mcafee-labs/malbus-popular-south-korean-bus-app-series-in-google-play-found-dropping-malware-after-5-years-of-development/ https://www.mcafee.com/blogs/other-blogs/mcafee-labs/malbus-popular-south-korean-bus-app-series-in-google-play-found-dropping-malware-after-5-years-of-development/#respond Mon, 04 Feb 2019 18:00:12 +0000 https://securingtomorrow.mcafee.com/?p=94034

McAfee’s Mobile Research team recently learned of a new malicious Android application masquerading as a plugin for a transportation application series developed by a South Korean developer. The series provides a range of information for each region of South Korea, such as bus stop locations, bus arrival times and so on. There are a total […]

The post MalBus: Popular South Korean Bus App Series in Google Play Found Dropping Malware After 5 Years of Development appeared first on McAfee Blogs.

]]>

McAfee’s Mobile Research team recently learned of a new malicious Android application masquerading as a plugin for a transportation application series developed by a South Korean developer. The series provides a range of information for each region of South Korea, such as bus stop locations, bus arrival times and so on. There are a total of four apps in the series, with three of them available from Google Play since 2013 and the other from around 2017. Currently, all four apps have been removed from Google Play while the fake plugin itself was never uploaded to the store. While analyzing the fake plugin, we were looking for initial downloaders and additional payloads – we discovered one specific version of each app in the series (uploaded at the same date) which was dropping malware onto the devices on which they were installed, explaining their removal from Google Play after 5 years of development.

Figure 1. Cached Google Play page of Daegu Bus application, one of the apps in series

When the malicious transportation app is installed, it downloads an additional payload from hacked web servers which includes the fake plugin we originally acquired. After the fake plugin is downloaded and installed, it does something completely different – it acts as a plugin of the transportation application and installs a trojan on the device, trying to phish users to input their Google account password and completely take control of the device. What is interesting is that the malware uses the native library to take over the device and also deletes the library to hide from detection. It uses names of popular South Korean services like Naver, KakaoTalk, Daum and SKT. According to our telemetry data, the number of infected devices was quite low, suggesting that the final payload was installed to only a small group of targets.

The Campaign

The following diagram explains the overall flow from malware distribution to device infection.

Figure 2. Device infection process

When the malicious version of the transportation app is installed, it checks whether the fake plugin is already installed and, if not, downloads from the server and installs it. After that, it downloads and executes an additional native trojan binary which is similar to the trojan which is dropped by the fake plugin. After everything is done, it connects with the C2 servers and handles received commands.

Initial Downloader

The following table shows information about the malicious version of each transportation app in the series. As the Google Play number of install stats shows, these apps have been downloaded on many devices.

Unlike the clean version of the app, the malicious version contains a native library named “libAudio3.0.so”.

Figure 3. Transportation app version with malicious native library embedded

In the BaseMainActivity class of the app, it loads the malicious library and calls startUpdate() and updateApplication().

Figure 4. Malicious library being loaded and executed in the app

startUpdate() checks whether the app is correctly installed by checking for the existence of a specific flag file named “background.png” and whether the fake plugin is installed already. If the device is not already infected, the fake plugin is downloaded from a hacked web server and installed after displaying a toast message to the victim. updateApplication() downloads a native binary from the same hacked server and dynamically loads it. The downloaded file (saved as libSound1.1.so) is then deleted after being loaded into memory and, finally, it executes an exported function which acts as a trojan. As previously explained, this file is similar to the file dropped by the fake plugin which is discussed later in this post.

Figure 5 Additional payload download servers

Fake Plugin

The fake plugin is downloaded from a hacked web server with file extension “.mov” to look like a media file. When it is installed and executed, it displays a toast message saying the plugin was successfully installed (in Korean) and calls a native function named playMovie(). The icon for the fake plugin soon disappears from the screen. The native function implemented in LibMovie.so, which is stored inside the asset folder, drops a malicious trojan to the current running app’s directory masquerading as libpng.2.1.so file. The dropped trojan is originally embedded in the LibMovie.so xor’ed, which is decoded at runtime. After giving permissions, the address of the exported function “Libfunc” in the dropped trojan is dynamically retrieved using dlsym(). The dropped binary in the filesystem is deleted to avoid detection and finally Libfunc is executed.

Figure 6 Toast message when malware is installed

In the other forked process, it tries to access the “naver.property” file on an installed SD Card, if there is one, and if it succeeds, it tries starting “.KaKaoTalk” activity which displays a Google phishing page (more on that in the next section) . The overall flow of the dropper is explained in the following diagram:

Figure 7. Execution flow of the dropper

Following is a snippet of a manifest file showing that “.KaKaoTalk” activity is exported.

Figure 8. Android Manifest defining “.KaKaoTalk” activity as exported

Phishing in JavaScript

KakaoTalk class opens a local HTML file, javapage.html, with the user’s email address registered on the infected device automatically set to log into their account.

Figure 9. KakaoTalk class loads malicious local html file

The victim’s email address is set to the local page through a JavaScript function setEmailAddress after the page is finished loading. A fake Korean Google login website is displayed:

Figure 10. The malicious JavaScript shows crafted Google login page with user account

We found the following attempts of exploitation of Google legitimate services by the malware author:

  • Steal victim’s Google account and password
  • Request password recovery for a specific account
  • Set recovery email address when creating new Google account

An interesting element of the phishing attack is that the malware authors tried to set their own email as the recovery address on Google’s legitimate services. For example, when a user clicks on the new Google account creation link in the phishing page, the crafted link is opened with the malware author’s email address as a parameter of RecoveryEmailAddress.

Figure 11. The crafted JavaScript attempts to set recovery email address for new Google account creation.

Fortunately for end users, none of the above malicious attempts are successful. The parameter with the malware author’s email address is simply ignored at the account creation stage.

Trojan

In addition to the Google phishing page, when “Libfunc” function of the trojan (dropped by the fake plugin or downloaded from the server) is executed, the mobile phone is totally compromised. It receives commands from the following hardcoded list of C2 servers. The main functionality of the trojan is implemented in a function called “doMainProc()”. Please note that there are a few variants of the trojanwith different functionality but, overall, they are pretty much the same.

Figure 12. Hardcoded list of C2 servers

The geolocation of hardcoded C2 servers lookslike the following:

Figure 13. Location of C2 Servers

Inside doMainProc(), the trojan receives commands from the C2 server and calls appropriate handlers. Part of the switch block below gives us an idea of what type of commands this trojan supports.

Figure 14. Subset of command handlers implemented in the dropped trojan.

As you can see, it has all the functionality that a normal trojan has. Downloading, uploading and deleting files on the device, leaking information to a remote server and so on. The following table explains supported C2 commands:

Figure 15. C2 Commands

Before entering the command handling loop, the trojan does some initialization, like sending device information files to the server and checking the UID of the device. Only after the UID checking returns a 1 does it enter the loop.

Figure 16 Servers connected before entering command loop

Among these commands, directory indexing in particular is important. The directory structure is saved in a file named “kakao.property” and while indexing the given path in the user device, it checks the file with specific keywords and if it matches, uploads the file to the remote upload server. These keywords are Korean and its translated English version is as per the following table:

Figure 17 Search file keywords

By looking at the keywords we can anticipate that the malware authors were looking for files related to the military, politics and so on. These files are uploaded to a separate server.

Figure 18 Keyword matching file upload server

Conclusion

Applications can easily trick users into installing them before then leaking sensitive information. Also, it is not uncommon to see malware sneaking onto the official Google Play store, making it hard for users to protect their devices. This malware has not been written for ordinary phishing attempts, but rather very targeted attacks, searching the victim’s devices for files related to the military and politics, likely trying to leak confidential information. Users should always install applications that they can fully trust even though they are downloaded from trusted sources.

McAfee Mobile Security detects this threat as Android/MalBus and alerts mobile users if it is present, while protecting them from any data loss. For more information about McAfee Mobile Security, visit https://www.mcafeemobilesecurity.com.

Hashes (SHA-256)

Initial Downloader (APK)
• 19162b063503105fdc1899f8f653b42d1ff4fcfcdf261f04467fad5f563c0270
• bed3e665d2b5fd53aab19b8a62035a5d9b169817adca8dfb158e3baf71140ceb
• 3252fbcee2d1aff76a9f18b858231adb741d4dc07e803f640dcbbab96db240f9
• e71dc11e8609f6fd84b7af78486b05a6f7a2c75ed49a46026e463e9f86877801

Fake Plugin (APK)
• ecb6603a8cd1354c9be236a3c3e7bf498576ee71f7c5d0a810cb77e1138139ec
• b8b5d82eb25815dd3685630af9e9b0938bccecb3a89ce0ad94324b12d25983f0

Trojan (additional payload)
• b9d9b2e39247744723f72f63888deb191eafa3ffa137a903a474eda5c0c335cf
• 12518eaa24d405debd014863112a3c00a652f3416df27c424310520a8f55b2ec
• 91f8c1f11227ee1d71f096fd97501c17a1361d71b81c3e16bcdabad52bfa5d9f
• 20e6391cf3598a517467cfbc5d327a7bb1248313983cba2b56fd01f8e88bb6b9

The post MalBus: Popular South Korean Bus App Series in Google Play Found Dropping Malware After 5 Years of Development appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/malbus-popular-south-korean-bus-app-series-in-google-play-found-dropping-malware-after-5-years-of-development/feed/ 0
McAfee Honors Dr. Martin Luther King Jr. Day https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/mcafee-honors-dr-martin-luther-king-jr-day/ https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/mcafee-honors-dr-martin-luther-king-jr-day/#respond Thu, 17 Jan 2019 18:01:26 +0000 https://securingtomorrow.mcafee.com/?p=93844

On Monday, January 21, McAfee will join millions across the globe to recognize the life and legacy of Dr. Martin Luther King Jr. To honor the achievements of Dr. King, our McAfee African-Heritage Community (MAHC) members recently shared memorable lines from King’s iconic “I Have a Dream” speech that he delivered at the Lincoln Memorial […]

The post McAfee Honors Dr. Martin Luther King Jr. Day appeared first on McAfee Blogs.

]]>

On Monday, January 21, McAfee will join millions across the globe to recognize the life and legacy of Dr. Martin Luther King Jr.

To honor the achievements of Dr. King, our McAfee African-Heritage Community (MAHC) members recently shared memorable lines from King’s iconic “I Have a Dream” speech that he delivered at the Lincoln Memorial on August 28, 1963. The MAHC is an employee-led group that is committed to delivering education, cultural awareness, mentoring programs, community involvement and advancing diversity and inclusion within McAfee’s culture.

Watch the video here:

King shared his important message during the March on Washington for Jobs and Freedom. To provide you with the full meaning and context of King’s powerful speech, you can read the original speech in its entirety here.

McAfee is an inclusive employer and is proud to support inclusion and diversity. Interested in joining our teams? We’re hiring! Apply now.

For more stories like this, follow @LifeAtMcAfee on Instagram and on Twitter @McAfee to see what working at McAfee is all about.

The post McAfee Honors Dr. Martin Luther King Jr. Day appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/mcafee-honors-dr-martin-luther-king-jr-day/feed/ 0
Meet McAfee WebAdvisor’s New Cryptojacking Blocker https://www.mcafee.com/blogs/consumer/webadvisor-cryptojacking-blocker/ https://www.mcafee.com/blogs/consumer/webadvisor-cryptojacking-blocker/#respond Wed, 09 Jan 2019 11:00:46 +0000 https://securingtomorrow.mcafee.com/?p=93626

totalBy now, you’ve probably heard of cryptocurrency, but you may not know exactly what it is. To put it simply, cryptocurrencies are virtual currencies that have actual monetary value in today’s world. They are limited entries of transactions into a single database, or public ledger, that can’t be changed without fulfilling certain conditions. These transactions […]

The post Meet McAfee WebAdvisor’s New Cryptojacking Blocker appeared first on McAfee Blogs.

]]>

totalBy now, you’ve probably heard of cryptocurrency, but you may not know exactly what it is. To put it simply, cryptocurrencies are virtual currencies that have actual monetary value in today’s world. They are limited entries of transactions into a single database, or public ledger, that can’t be changed without fulfilling certain conditions. These transactions are verified and added to the public ledger through cryptocurrency mining. Cryptocurrency miners try to make money by compiling these transactions into blocks and solving complicated mathematical problems to compete with other miners for the cryptocurrency. While this process of mining for cryptocurrencies can be lucrative, it requires large amounts of computing power.

Unfortunately, the need for massive amounts of hardware has provoked cybercriminals to participate in cryptojacking, a method of using malware to exploit victims’ computers to mine for cryptocurrencies. Cybercrooks spread cryptojacking malware through sketchy mobile apps, flawed software, and malware-infected ads. They can even cryptojack your device during a browsing session while you’re perusing a website that appears completely harmless. Once a user’s device becomes infected, the malware drains the device’s CPU, causing the user’s computer fan to be loud while the malware mines for cryptocurrencies in the background. Unfortunately, symptoms of cryptojacking are usually pretty subtle, with poor device performance being one of the few signs of its presence.

Thankfully, McAfee WebAdvisor is here to help. This security solution, which helps block users from malware and phishing attempts, now includes Cryptojacking Blocker. This enhancement is a Windows-based browser add-on available for Google Chrome that helps stop malicious websites from mining for cryptocurrency. So far, our direct and retail McAfee WebAdvisor customers have already started receiving the update that adds Cryptojacking Blocker to their product, and the customers who have WebAdvisor through other partners should begin to see this update roll out during Q1. The same thing goes for those who own McAfee LiveSafe and McAfee Total Protection. Additionally, we’re aiming to add support for Firefox in the coming months. And if you don’t already have WebAdvisor, you can download it for free on our website, with Cryptojacking Blocker included in your download.

In addition to using a security solution like McAfee WebAdvisor, here are some other general tips to help you stay safe online:

  • Create a strong, unique password. Although it may be easier to remember, reusing passwords across multiple accounts puts all of your data at risk even if just one of your accounts is breached. Choosing a complex password for each individual online account will act as a stronger first line of defense. You can also use a password manager so all of your credentials are consolidated into one place.
  • Be careful where you click. If you come across a website that seems sketchy or notice that the URL address looks odd, avoid interacting with the site entirely. Stick to browsing websites you know are reputable.
  • Update, update, update! Cybercriminals can take advantage of old software to spread cryptojacking malware. Keeping your software updated with the latest patches and security fixes can help you combat this threat.

And, as always, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post Meet McAfee WebAdvisor’s New Cryptojacking Blocker appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/webadvisor-cryptojacking-blocker/feed/ 0
Cash Out with Our CES 2019 #RT2Win Sweepstakes! https://www.mcafee.com/blogs/consumer/ces-2019-rt2win-sweepstakes/ https://www.mcafee.com/blogs/consumer/ces-2019-rt2win-sweepstakes/#respond Tue, 08 Jan 2019 18:00:20 +0000 https://securingtomorrow.mcafee.com/?p=93634

We’ve officially touched down in Las Vegas for CES 2019! If you aren’t familiar with CES, it is the global stage for innovators to showcase the next generation of consumer technologies. With the growing consumer technology landscape, we understand the importance of creating new solutions for those who want to live their connected lives with […]

The post Cash Out with Our CES 2019 #RT2Win Sweepstakes! appeared first on McAfee Blogs.

]]>

We’ve officially touched down in Las Vegas for CES 2019!

If you aren’t familiar with CES, it is the global stage for innovators to showcase the next generation of consumer technologies. With the growing consumer technology landscape, we understand the importance of creating new solutions for those who want to live their connected lives with confidence. That’s why we’ve made some exciting new additions to our security lineup and employed multiple partnerships with other innovators like Google and Verizon to help protect users’ online safety. Check out all the details, here.

To celebrate the latest innovations, we’re giving two [2] lucky people the chance to win a $500 Amazon gift card. Not heading to CES this year? No problem! Simply retweet one of our official contest tweets with the required hashtags between January 8th – 11th for your chance to win. Follow the instructions below to enter, and good luck!

#RT2Win Sweepstakes Official Rules

  • To enter, follow @McAfee_Home on Twitter and find the #RT2Win sweepstakes tweet.
  • The sweepstakes tweet will be released on Tuesday, January 8, 2019 at 8:00 a.m. PT. This tweet will include the hashtags: #McAfeeAtCES, #RT2Win, AND #Sweepstakes.
  • Retweet the sweepstakes tweet released on the above date from your own handle. The #McAfeeAtCES, #RT2Win AND #Sweepstakes hashtags must be included to be entered.
  • Make sure you’re following @McAfee_Home on Twitter! You must follow for your entry to count.
  • Sweepstakes will end on Friday, January 11, 2019 at 11:59 p.m. PST. All entries must be made before that date and time.
  • Winners will be notified on Monday, January 14, 2019 via Twitter direct message.
  • Limit one entry per person.
1. How To Win

Retweet one of our contest tweets on @McAfee_Home that include “#McAfeeAtCES, #RT2Win, AND #Sweepstakes” for a chance to win a $500 Amazon gift card (for full prize details please see “Prizes” section below). Two [2] total winners will be selected and announced on January 14, 2019. Winners will be notified by direct message on Twitter. For full Sweepstakes details, please see the Terms and Conditions, below.

#RT2Win Sweepstakes Terms and Conditions

2. How to Enter: 

No purchase necessary. A purchase will not increase your chances of winning. McAfee CES 2019 #RT2Win Sweepstakes will be conducted from January 8, 2019 through January 11, 2019. All entries for each day of the McAfee CES 2019 #RT2Win Sweepstakes must be received during the time allotted for the McAfee CES 2019 #RT2Win Sweepstakes. Pacific Daylight Time shall control the McAfee CES 2019 #RT2Win Sweepstakes, duration is as follows:

  • Begins: Tuesday, January 8, 2019­­ at 8:00 a.m. PST
  • Ends: Friday, January 11, 2019 at 11:59 p.m. PST
  • Two [2] winners will be announced: Monday, January 14, 2019

For the McAfee CES 2019 #RT2Win Sweepstakes, participants must complete the following steps during the time allotted for the McAfee CES 2019 #RT2Win Sweepstakes:

  1. Follow @McAfee_Home on Twitter.
  2. Find the sweepstakes tweet of the day posted on @McAfee_Home which will include the hashtags: #McAfeeAtCES, #RT2Win and #Sweepstakes.
  3. Retweet the sweepstakes tweet of the day and make sure it includes the #McAfeeAtCES, #RT2Win, and hashtags.
  4. Note: Tweets that do not contain the #McAfeeAtCES, #RT2Win, and #Sweepstakes hashtags will not be considered for entry.
  5. Limit one entry per person.

Two [2] winners will be chosen for the McAfee CES 2019 #RT2Win Sweepstakes tweet from the viable pool of entries that retweeted and included #McAfeeAtCES, #RT2Win and #Sweepstakes. McAfee and the McAfee social team will choose winners from all the viable entries. The winners will be announced and privately messaged on Monday, January 14, 2019 on the @McAfee_Home Twitter handle. No other method of entry will be accepted besides Twitter. Only one entry per user is allowed, per Sweepstakes.   

3. Eligibility:

McAfee CES 2019 #RT2Win Sweepstakes is open to all legal residents of the 50 United States who are 18 years of age or older on the dates of the McAfee CES 2019 #RT2Win Sweepstakes begins and live in a jurisdiction where this prize and McAfee CES 2019 #RT2Win Sweepstakes not prohibited. Employees of Sponsor and its subsidiaries, affiliates, prize suppliers, and advertising and promotional agencies, their immediate families (spouses, parents, children, and siblings and their spouses), and individuals living in the same household as such employees are ineligible.

4. Winner Selection:

Winners will be selected at random from all eligible retweets received during the McAfee CES 2019 #RT2Win Sweepstakes drawing entry period. Sponsor will select the names of two [2] potential winners of the prizes in a random drawing from among all eligible submissions at the address listed below. The odds of winning depend on the number of eligible entries received. By participating, entrants agree to be bound by the Official McAfee CES 2019 #RT2Win Sweepstakes Rules and the decisions of the coordinators, which shall be final and binding in all respects.

5. Winner Notification: 

Each winner will be notified via direct message (“DM”) on Twitter.com by January 14, 2019. Prize winners may be required to sign an Affidavit of Eligibility and Liability/Publicity Release (where permitted by law) to be returned within ten (10) days of written notification, or prize may be forfeited, and an alternate winner selected. If a prize notification is returned as unclaimed or undeliverable to a potential winner, if potential winner cannot be reached within twenty four (24) hours from the first DM notification attempt, or if potential winner fails to return requisite document within the specified time period, or if a potential winner is not in compliance with these Official Rules, then such person shall be disqualified and, at Sponsor’s sole discretion, an alternate winner may be selected for the prize at issue based on the winner selection process described above.

6. Prizes: 

The prize for the McAfee CES 2019 #RT2Win Sweepstakes is a $500 Amazon gift card for each of the two [2] entrants/winners. Entrants agree that Sponsor has the sole right to determine the winners of the McAfee CES 2019 #RT2Win Sweepstakes and all matters or disputes arising from the McAfee CES 2019 #RT2Win Sweepstakes and that its determination is final and binding. There are no prize substitutions, transfers or cash equivalents permitted except at the sole discretion of Sponsor. Sponsor will not replace any lost or stolen prizes. Sponsor is not responsible for delays in prize delivery beyond its control. All other expenses and items not specifically mentioned in these Official Rules are not included and are the prize winners’ sole responsibility.

Limit one (1) prize per person/household. Prizes are non-transferable, and no cash equivalent or substitution of prize is offered. The McAfee CES 2019 #RT2Win Sweepstakes has no affiliation with Amazon.

7. General Conditions: 

Entrants agree that by entering they agree to be bound by these rules. All federal, state, and local taxes, fees, and surcharges on prize packages are the sole responsibility of the prizewinner. Sponsor is not responsible for incorrect or inaccurate entry information, whether caused by any of the equipment or programming associated with or utilized in the McAfee CES 2019 #RT2Win Sweepstakes, or by any technical or human error, which may occur in the processing of the McAfee CES 2019 #RT2Win Sweepstakes. entries. By entering, participants release and hold harmless Sponsor and its respective parents, subsidiaries, affiliates, directors, officers, employees, attorneys, agents, and representatives from any and all liability for any injuries, loss, claim, action, demand, or damage of any kind arising from or in connection with the McAfee CES 2019 #RT2Win Sweepstakes, any prize won, any misuse or malfunction of any prize awarded, participation in any McAfee CES 2019 #RT2Win Sweepstakes -related activity, or participation in the McAfee CES 2019 #RT2Win Sweepstakes. Except for applicable manufacturer’s standard warranties, the prizes are awarded “AS IS” and WITHOUT WARRANTY OF ANY KIND, express or implied (including any implied warranty of merchantability or fitness for a particular purpose).

8. Limitations of Liability; Releases:

By entering the Sweepstakes, you release Sponsor and all Released Parties from any liability whatsoever, and waive any and all causes of action, related to any claims, costs, injuries, losses, or damages of any kind arising out of or in connection with the Sweepstakes or delivery, misdelivery, acceptance, possession, use of or inability to use any prize (including claims, costs, injuries, losses and damages related to rights of publicity or privacy, defamation or portrayal in a false light, whether intentional or unintentional), whether under a theory of contract, tort (including negligence), warranty or other theory.

To the fullest extent permitted by applicable law, in no event will the sponsor or the released parties be liable for any special, indirect, incidental, or consequential damages, including loss of use, loss of profits or loss of data, whether in an action in contract, tort (including, negligence) or otherwise, arising out of or in any way connected to your participation in the sweepstakes or use or inability to use any equipment provided for use in the sweepstakes or any prize, even if a released party has been advised of the possibility of such damages.

  • To the fullest extent permitted by applicable law, in no event will the aggregate liability of the released parties (jointly) arising out of or relating to your participation in the sweepstakes or use of or inability to use any equipment provided for use in the sweepstakes or any prize exceed $10. The limitations set forth in this section will not exclude or limit liability for personal injury or property damage caused by products rented from the sponsor, or for the released parties’ gross negligence, intentional misconduct, or for fraud.
  • Use of Winner’s Name, Likeness, etc.: Except where prohibited by law, entry into the Sweepstakes constitutes permission to use your name, hometown, aural and visual likeness and prize information for advertising, marketing, and promotional purposes without further permission or compensation (including in a public-facing winner list).  As a condition of being awarded any prize, except where prohibited by law, winner may be required to execute a consent to the use of their name, hometown, aural and visual likeness and prize information for advertising, marketing, and promotional purposes without further permission or compensation. By entering this Sweepstakes, you consent to being contacted by Sponsor for any purpose in connection with this Sweepstakes.
9. Prize Forfeiture:

If winner cannot be notified, does not respond to notification, does not meet eligibility requirements, or otherwise does not comply with the prize McAfee CES 2019 #RT2Win Sweepstakes rules, then the winner will forfeit the prize and an alternate winner will be selected from remaining eligible entry forms for each McAfee CES 2019 #RT2Win Sweepstakes.

10. Dispute Resolution:

Entrants agree that Sponsor has the sole right to determine the winners of the McAfee CES 2019 #RT2Win Sweepstakes and all matters or disputes arising from the McAfee CES 2019 #RT2Win Sweepstakes and that its determination is final and binding. There are no prize substitutions, transfers or cash equivalents permitted except at the sole discretion of Sponsor.

11. Governing Law & Disputes:

Each entrant agrees that any disputes, claims, and causes of action arising out of or connected with this sweepstakes or any prize awarded will be resolved individually, without resort to any form of class action and these rules will be construed in accordance with the laws, jurisdiction, and venue of the State of New York, U.S.A.

12. Privacy Policy: 

Personal information obtained in connection with this prize McAfee CES 2019 #RT2Win Sweepstakes will be handled in accordance policy set forth at https://www.mcafee.com/enterprise/en-us/about/legal/privacy.html.

  1. Winner List; Rules Request: For a copy of the winner list, send a stamped, self-addressed, business-size envelope for arrival after January 8, 2019 before January 11, 2019 to the address listed below, Attn: #RT2Win at CES Sweepstakes.  To obtain a copy of these Official Rules, visit this link or send a stamped, self-addressed business-size envelope to the address listed in below, Attn: Sarah Grayson. VT residents may omit return postage.
  2. Intellectual Property Notice: McAfee and the McAfee logo are registered trademarks of McAfee, LLC. The Sweepstakes and all accompanying materials are copyright © 2019 by McAfee, LLC.  All rights reserved.
  3. Sponsor: McAfee, LLC, Corporate Headquarters 2821 Mission College Blvd. Santa Clara, CA 95054 USA
  4. Administrator: LEWIS Pulse, 111 Sutter St., Suiter 850, San Francisco, CA 94104

The post Cash Out with Our CES 2019 #RT2Win Sweepstakes! appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/ces-2019-rt2win-sweepstakes/feed/ 0
Kicking off CES 2019 with New Security Solutions and Collaborations https://www.mcafee.com/blogs/consumer/consumer-threat-notices/ces-2019-kickoff/ https://www.mcafee.com/blogs/consumer/consumer-threat-notices/ces-2019-kickoff/#respond Mon, 07 Jan 2019 11:00:08 +0000 https://securingtomorrow.mcafee.com/?p=93580

Today, we at McAfee are announcing some exciting new security solutions and integrations at CES in Las Vegas. For those of you who are unfamiliar with CES, it is the global stage for innovators to showcase the next generation of consumer technologies. McAfee now delivers protection to more than 500 million customers worldwide, and we […]

The post Kicking off CES 2019 with New Security Solutions and Collaborations appeared first on McAfee Blogs.

]]>

Today, we at McAfee are announcing some exciting new security solutions and integrations at CES in Las Vegas. For those of you who are unfamiliar with CES, it is the global stage for innovators to showcase the next generation of consumer technologies. McAfee now delivers protection to more than 500 million customers worldwide, and we understand the importance of creating new solutions for those who want to live their connected lives with confidence. To help empower our customers to do this, we’ve added to our security lineup and are working with other tech innovators who understand the importance of protecting users’ online safety.

One addition to our lineup of security solutions is McAfee Gamer Security. In a recent gaming survey, we discovered that 75% of gamers are worried about the security of gaming as online threats continue to rise. To help combat these threats, we developed McAfee Gamer Security, which protects gamers while optimizing their gaming experience. Some of the product’s key features include Game Mode, a gamer-centric interface, and minimal security resource consumption. These features help optimize gamers’ computing resources, provide system status updates, and equip users with lightweight security protection.

In addition to our latest product advancements, we’ve also teamed up with other companies looking to better the cybersecurity landscape for consumers. The first is Google. In order to further simplify the process of securing today’s connected home, McAfee will provide McAfee Secure Home Platform voice commands for the Google Assistant. McAfee Secure Home Platform provides an extra layer of security to help automatically protect all of the connected devices on the user’s home network. Soon, Google Assistant users can easily manage their connected home security by just using their voice.

While it’s important to secure the connected home, it is also important to protect your mobile and IoT devices as well. According to McAfee Labs 2019 predictions, cybercriminals will leverage trusted devices like smartphones and tablets to try and access users’ IoT devices in the upcoming year. To help customers stay safeguarded from this threat, we’ve teamed up with Verizon to protect their home networks through Verizon Home Network Protection. This McAfee-powered solution helps Verizon Fios customers stay secured against malicious websites, provide parental controls, and protect all devices connected to their home network.

Furthermore, we at McAfee and Dell have teamed up to protect consumers and small businesses as they enjoy the benefits of today’s technology. To do this, we’ve expanded our collaboration to provide pre-installed McAfee software on PCs and laptops globally to both consumer and small business customers. Customers who purchase a new laptop or PC will also have the option to extend McAfee protection beyond their Dell device to their smartphones and tablets. This allows users to have a more robust security shield around all of their connected devices, creating a safer overall online experience. Dell consumer and small business customers who purchase Dell Inspiron, XPS, Vostro, and G-Series laptops will receive a 30-day or 1-year subscription. Customers who purchase Alienware, OptiPlex, Latitude, and Precision will have the option of adding a 30-day free subscription or purchasing a 1-year subscription.

Another one of our latest innovations is the addition of Cryptojacking Blocker to McAfee WebAdvisor. As we observed in our latest McAfee Labs report, coin mining malware is on the rise, growing more than  4000% in the last year. Cryptojacking Blocker helps protect users from having their devices hijacked without their knowledge or permission. The tool helps prevents websites from mining for cryptocurrency and is included in all McAfee suites that include McAfee WebAdvisor. Users can update their existing WebAdvisor software to get Cryptojacking Blocker or download WebAdvisor for free.

So far, CES 2019 has proven that innovation will continue to evolve, just as the cybersecurity landscape will continue to mature. By working together to improve the technology that protects connected devices, we can help users optimize their digital life without compromising their online safety.

To stay on top of McAfee’s CES news and the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Kicking off CES 2019 with New Security Solutions and Collaborations appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/consumer-threat-notices/ces-2019-kickoff/feed/ 0
2018 Gartner Peer Insights Customers’ Choice for Enterprise DLP https://www.mcafee.com/blogs/enterprise/data-security/mcafee-named-a-2018-gartner-peer-insights-customers-choice-for-enterprise-data-loss-prevention/ https://www.mcafee.com/blogs/enterprise/data-security/mcafee-named-a-2018-gartner-peer-insights-customers-choice-for-enterprise-data-loss-prevention/#respond Tue, 18 Dec 2018 18:00:25 +0000 https://securingtomorrow.mcafee.com/?p=93246

This blog was written by Ben Cody.  I am excited to announce that McAfee has been recognized as a 2018 Gartner Peer Insights Customers’ Choice for Enterprise Data Loss Prevention. I believe our position as a 2018 Gartner Peer Insights Customers’ Choice for Enterprise Data Loss Prevention is a testament that our device-to-cloud DLP integration […]

The post 2018 Gartner Peer Insights Customers’ Choice for Enterprise DLP appeared first on McAfee Blogs.

]]>

This blog was written by Ben Cody. 

I am excited to announce that McAfee has been recognized as a 2018 Gartner Peer Insights Customers’ Choice for Enterprise Data Loss Prevention. I believe our position as a 2018 Gartner Peer Insights Customers’ Choice for Enterprise Data Loss Prevention is a testament that our device-to-cloud DLP integration of enterprise products helps our customers stay on top of evolving security needs, with solutions that are simple, flexible, comprehensive and fast, so that our customers can act decisively and mitigate risks. McAfee takes great pride in being recognized by our customers on Gartner Peers Insights.

In its announcement, Gartner explains, “The Gartner Peer Insights Customers’ Choice is a recognition of vendors in this market by verified end-user professionals, considering both the number of reviews and the overall user ratings.” To ensure fair evaluation, Gartner maintains rigorous criteria for recognizing vendors with a high customer satisfaction rate.

 

 

 

For this distinction, a vendor must have a minimum of 50 published reviews with an average overall rating of 4.2 stars or higher during the sourcing period. McAfee met these criteria for McAfee Data Loss Prevention.

Here are some excerpts from customers that contributed to the distinction:

“McAfee DLP Rocks! Easy to implement, easy to administer, pretty robust”

Security and Privacy Manager in the Services Industry

“Flexible solution. Being able to rapidly deploy additional Discover systems as needed as the company expanded was a huge time saving. Being able to then recover the resources while still being able to complete weekly delta discovery on new files being added or changed saved us tens of thousands of dollars quarterly.”

IT Security Manager in the Finance Industry

“McAfee DLP Endpoint runs smoothly even in limited resource environments and it supports multiple platforms like windows and mac-OS. Covers all major vectors of data leakages such as emails, cloud uploads, web postings and removable media file sharing.”

Knowledge Specialist in the Communication Industry

“McAfee DLP (Host and Network) are integrated and provide a simplified approach to rule development and uniform deployment.”

IT Security Engineer in the Finance Industry

 “Using ePO, it’s easy to deploy and manage the devices with different policies.”

Cyber Security Engineer in the Communication Industry

 

And those are just a few. You can read more reviews for McAfee Data Loss Prevention on the Gartner site.

On behalf of McAfee, I would like to thank all of our customers who took the time to share their experiences. We are honored to be a 2018 Gartner Peer Insights Customers’ Choice for Enterprise Data Loss Prevention and we know that it is your valuable feedback that made it possible. To learn more about this distinction, or to read the reviews written about our products by the IT professionals who use them, please visit Gartner Peer Insights’ Customers’ Choice.

 

  • Gartner Peer Insights’ Customers’ Choice announcement December 17, 2018
The GARTNER PEER INSIGHTS CUSTOMERS’ CHOICE badge is a trademark and service mark of Gartner, Inc., and/or its affiliates, and is used herein with permission. All rights reserved. Gartner Peer Insights Customers’ Choice constitute the subjective opinions of individual end-user reviews, ratings, and data applied against a documented methodology; they neither represent the views of, nor constitute an endorsement by, Gartner or its affiliates.

The post 2018 Gartner Peer Insights Customers’ Choice for Enterprise DLP appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/enterprise/data-security/mcafee-named-a-2018-gartner-peer-insights-customers-choice-for-enterprise-data-loss-prevention/feed/ 0
MITRE ATT&CK Framework to Help You Get the Play-by-Play on Adversaries https://www.mcafee.com/blogs/enterprise/security-operations/mcafee-advanced-threat-defense-incorporates-the-mitre-attck-framework-to-help-you-get-the-play-by-play-narrative-on-adversaries/ https://www.mcafee.com/blogs/enterprise/security-operations/mcafee-advanced-threat-defense-incorporates-the-mitre-attck-framework-to-help-you-get-the-play-by-play-narrative-on-adversaries/#respond Mon, 17 Dec 2018 14:00:29 +0000 https://securingtomorrow.mcafee.com/?p=93104

In the cybersecurity space, there’s a lot of talk about the “attacker advantage.” As a defender, you’re all too familiar with the concept. Every day, you and your team try to gain ground over adversaries who seem to get the jump on your defenses by exploiting the latest points of vulnerability. Gaining a better understanding […]

The post MITRE ATT&CK Framework to Help You Get the Play-by-Play on Adversaries appeared first on McAfee Blogs.

]]>

In the cybersecurity space, there’s a lot of talk about the “attacker advantage.” As a defender, you’re all too familiar with the concept. Every day, you and your team try to gain ground over adversaries who seem to get the jump on your defenses by exploiting the latest points of vulnerability. Gaining a better understanding of your adversaries and their work through the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) framework can help bolster your defenses. Available to everyone at no cost, ATT&CK is a shared knowledgebase of information about the techniques, tactics, and processes (TTPs) used in real-world campaigns.

What’s great about ATT&CK is that it not only gets into the details about how cybercriminals mastermind actual attacks, it also helps you strategize your defenses, align your security priorities, and make crucial adjustments to your arsenal. Ultimately, it helps you detect and respond more quickly and effectively when adversaries strike.

Additionally, since ATT&CK has been incorporated into security certification training courses, your junior analysts can upgrade their skill set. By gaining familiarity with the way adversaries act, your analysts can hone their threat-hunting abilities.

Another advantage is that everyone across your entire organization can speak the same language when communicating about security. The ATT&CK framework is a jargon-free zone. As a security professional, you can impart information to your peers and other stakeholders in ordinary, everyday language.

In close collaboration with the MITRE community, McAfee recognizes the value of the ATT&CK framework. With the latest release of McAfee Advanced Threat Defense, our advanced sandboxing analytics solution, we have mapped the ATT&CK framework directly to the reporting feature. McAfee Advanced Threat Defense offers a wide spectrum of easy-to-read, detailed reporting options—from summary reports for action prioritization to mapping results to the ATT&CK framework to analyst-grade malware data. We’ve made it really easy for analysts to quickly switch from identified TTPs in the McAfee Advanced Threat Defense MITRE ATT&CK report to the ATT&CK framework itself for a deeper dive into the specifics of any given attack or identified adversaries.

Apart from the all-important benefit of accelerating detection and response, incorporating the ATT&CK framework also helps analysts demystify their results when communicating with management and the executive team. When everyone uses a common framework to describe the realities of their risk, the whole organization can benefit by reaching consensus about security priorities.

To learn more about McAfee Advanced Threat Defense and the MITRE ATT&CK framework, check out these resources:

MITRE ATT&CK and ATT&CK are trademarks of The MITRE Corporation.

McAfee and the McAfee logo are trademarks or registered trademarks of McAfee, LLC or its subsidiaries in the United States and other countries. Other names and brands may be claimed as the property of others. Copyright ©2018 McAfee, LLC

The post MITRE ATT&CK Framework to Help You Get the Play-by-Play on Adversaries appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/enterprise/security-operations/mcafee-advanced-threat-defense-incorporates-the-mitre-attck-framework-to-help-you-get-the-play-by-play-narrative-on-adversaries/feed/ 0
Why I Bring My Authentic Self to Work at McAfee https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/why-i-bring-my-authentic-self-to-work-at-mcafee/ https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/why-i-bring-my-authentic-self-to-work-at-mcafee/#respond Fri, 14 Dec 2018 17:16:44 +0000 https://securingtomorrow.mcafee.com/?p=93119

By Kristol, Sales Account Manager and President, McAfee African Heritage Community If you talked to me when I first started working at McAfee, I wouldn’t have believed you if you told me that I’d still be working here 16 years later. But I am still working here, and I’ve grown from every challenge and success […]

The post Why I Bring My Authentic Self to Work at McAfee appeared first on McAfee Blogs.

]]>

By Kristol, Sales Account Manager and President, McAfee African Heritage Community

If you talked to me when I first started working at McAfee, I wouldn’t have believed you if you told me that I’d still be working here 16 years later. But I am still working here, and I’ve grown from every challenge and success in my cybersecurity journey. Most of all, I’m thankful to work for an employee-first company.

When I walk through our Plano office doors, it’s like walking into my second home. At my desk, I even have my own as-seen-on-TV “Snuggie” blanket in case I get cold while I’m working.

Early in my career at McAfee, I formed an immediate bond with my new teammates in operations. It was clear to me that they would soon become family. Over the years, we have shared milestones, marriages, births, and burials. And as I’ve moved role to role internally at McAfee, I’ve noticed a trend: these wonderful working relationships have continued. My experience has remained consistent as I’ve moved between departments: from operations to finance and sales.

During my tenure, I have experienced a transition from a married woman with a five-year-old daughter and three-year-old son, to a divorcée who is approaching an “empty nesting” season of life. My transition has brought challenging personal experiences—and McAfee was the only constant in my life. Work/life balance as a single mother was critical to my personal and professional success. McAfee’s leadership approach has always been sensitive—not only to what’s best for the bottom line, but what’s best for the employee.

 

Culture and Office Camaraderie

One of my favorite parts about working at McAfee is the fun culture! In the last 16 years, I have had seven different roles—each with new challenges and skillsets to prepare me for the next level. It has been one adventurous ride—from recording a sales kick-off video meeting, to dress-up shenanigans, to singing “Proud Mary” at a Christmas event (and winning!).

10 years ago, I started a Holiday Candle Exchange party with the women here in our Plano office.  My goal was to put names to faces, network with other women at McAfee and of course, get a great candle for the season! The event started with four to six women and has grown to over 20 women annually. This is one of McAfee’s best attributes, the ability to innovate without fear and cultivate an inclusive culture—right where you are!

Becoming a Leader in the African Heritage Community

In 2017, I proudly accepted the appointment to become the President of the African Heritage Community, one of our diversity and inclusion chapters at McAfee. It’s been an honor to be a part of an organization that celebrates diversity while fostering inclusion and professional growth. The MAHC chapter is led by talented individuals from different business units across the company—like human resources, training, support, and operations.

Our organization is focused on staying connected, cultivating our organization, and committed to professional and personal growth—while centering ourselves within the community.

How McAfee Has Supported My Development

I have truly been blessed to be an employee at McAfee. I work with teammates, managers, and executives that push me to be a better version of myself every single day. They challenge my way of thinking and motivate me to look beyond the present. To prepare for unknown surprises. To accept defeat and learn from it. To be confident in my decisions and trust myself. To never stop learning, believing and dreaming!

This is my life at McAfee…and it’s a wonderful life!

 

 

For more stories like this, follow @LifeAtMcAfee on Instagram and on Twitter @McAfee to see what working at McAfee is all about. Interested in joining our teams? We’re hiring! Apply now!

The post Why I Bring My Authentic Self to Work at McAfee appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/why-i-bring-my-authentic-self-to-work-at-mcafee/feed/ 0
Stay Secure and Your Wallet Full with Our Holiday #RT2Win Sweepstakes! https://www.mcafee.com/blogs/consumer/holiday-shopping-rt2win-2018/ https://www.mcafee.com/blogs/consumer/holiday-shopping-rt2win-2018/#respond Mon, 26 Nov 2018 20:00:36 +0000 https://securingtomorrow.mcafee.com/?p=92823

Black Friday and Cyber Monday mark the unofficial kickoff to the holiday shopping season. In anticipation of the busiest time of year for e-commerce, this year we conducted the Stressed Holiday Online Shopping survey to understand how financial pressure can impact buyer behavior when it comes to online purchasing and cybersecurity. The economic burden of the […]

The post Stay Secure and Your Wallet Full with Our Holiday #RT2Win Sweepstakes! appeared first on McAfee Blogs.

]]>

Black Friday and Cyber Monday mark the unofficial kickoff to the holiday shopping season. In anticipation of the busiest time of year for e-commerce, this year we conducted the Stressed Holiday Online Shopping survey to understand how financial pressure can impact buyer behavior when it comes to online purchasing and cybersecurity.

The economic burden of the holidays is something consumers know all too well. From gifts for the family to parties with friends, it’s no wonder that 79 percent of survey respondents said that holiday shopping puts financial stress on them. And the stress of stretching that budget lead 53 percent of respondents to say they can to be careless when online shopping. Further, more than half of consumers (56 percent) said that they would use a website they were unfamiliar with if it meant they would save money.

But just in time for holiday shopping season, we’re here to help take the financial burden off your shoulders with our Holiday Shopping RT2Win Sweepstakes! Two [2] lucky winners of the sweepstakes drawing will receive a $500 Amazon gift card. The best part? Entering is a breeze! Follow the instructions below to enter and good luck!

#RT2Win Sweepstakes Official Rules

  • To enter, follow @McAfee_Home on Twitter and find the #RT2Win sweepstakes tweet.
  • The sweepstakes tweet will be released on Monday, November 26, 2018, 2018 at 12:00pm PT. This tweet will include the hashtags: #ProtectWhatMatters, #RT2Win AND #Sweepstakes.
  • Retweet the sweepstakes tweet released on the above date, from your own handle. The #ProtectWhatMatters, #RT2Win AND #Sweepstakes hashtags must be included to be entered.
  • Make sure you’re following @McAfee_Home on Twitter! You must follow for your entry to count.
  • Sweepstakes will end on Sunday, December 9, 2018 at 11:59pm PT. All entries must be made before that date and time.
  • Winners will be notified on Tuesday, December 11, 2018 via Twitter direct message.
  • Limit one entry per person.
1. How to Win:

Retweet one of our contest tweets on @McAfee_Home that include “#ProtectWhatMatters, #RT2Win, AND #Sweepstakes” for a chance to win a $500 Amazon gift card (for full prize details please see “Prizes” section below). Two [2] total winners will be selected and announced on December 10, 2018. Winners will be notified by direct message on Twitter. For full Sweepstakes details, please see the Terms and Conditions, below.

#RT2Win Sweepstakes Terms and Conditions

2. How to Enter: 

No purchase necessary. A purchase will not increase your chances of winning. McAfee Holiday Shopping #RT2Win Sweepstakes will be conducted from November 26, 2018 through December 9, 2018. All entries for each day of the McAfee Holiday Shopping #RT2Win Sweepstakes must be received during the time allotted for the McAfee Holiday Shopping #RT2Win Sweepstakes. Pacific Daylight Time shall control the McAfee Holiday Shopping #RT2Win Sweepstakes, duration is as follows:

  • Begins: Monday, November 26, 2018­­ at 12:00pm PST
  • Ends: Sunday, December 9, 2018 at 11:59pm PST
  • Two [2] winners will be announced: Tuesday, December 11, 2018

For the McAfee Holiday Shopping #RT2Win Sweepstakes, participants must complete the following steps during the time allotted for the McAfee Holiday Shopping #RT2Win Sweepstakes:

  1. Follow @McAfee_Home on Twitter.
  2. Find the sweepstakes tweet of the day posted on @McAfee_Home which will include the hashtags: #ProtectWhatMatters, #RT2Win and #Sweepstakes.
  3. Retweet the sweepstakes tweet of the day and make sure it includes the #ProtectWhatMatters, #RT2Win, and hashtags.
  4. Note: Tweets that do not contain the #ProtectWhatMatters, #RT2Win, and #Sweepstakes hashtags will not be considered for entry.
  5. Limit one entry per person.

Two [2] winners will be chosen for the McAfee Holiday Shopping #RT2Win Sweepstakes tweet from the viable pool of entries that retweeted and included #ProtectWhatMatters, #RT2Win and #Sweepstakes. McAfee and the McAfee social team will choose winners from all the viable entries. The winners will be announced and privately messaged on Tuesday, December 11, 2018 on the @McAfee_Home Twitter handle. No other method of entry will be accepted besides Twitter. Only one entry per user is allowed, per Sweepstakes.   

3. Eligibility: 

McAfee Holiday Shopping #RT2Win Sweepstakes is open to all legal residents of the 50 United States who are 18 years of age or older on the dates of the McAfee Holiday Shopping #RT2Win Sweepstakes begins and live in a jurisdiction where this prize and McAfee Holiday Shopping #RT2Win Sweepstakes not prohibited. Employees of Sponsor and its subsidiaries, affiliates, prize suppliers, and advertising and promotional agencies, their immediate families (spouses, parents, children, and siblings and their spouses), and individuals living in the same household as such employees are ineligible. 

4. Winner Selection:

Winners will be selected at random from all eligible retweets received during the McAfee Holiday Shopping #RT2Win Sweepstakes drawing entry period. Sponsor will select the names of two [2] potential winners of the prizes in a random drawing from among all eligible submissions at the address listed below. The odds of winning depend on the number of eligible entries received. By participating, entrants agree to be bound by the Official McAfee Holiday Shopping #RT2Win Sweepstakes Rules and the decisions of the coordinators, which shall be final and binding in all respects.

5. Winner Notification:  

Each winner will be notified via direct message (“DM”) on Twitter.com by December 11, 2018. Prize winners may be required to sign an Affidavit of Eligibility and Liability/Publicity Release (where permitted by law) to be returned within ten (10) days of written notification, or prize may be forfeited, and an alternate winner selected. If a prize notification is returned as unclaimed or undeliverable to a potential winner, if potential winner cannot be reached within twenty-four (24) hours from the first DM notification attempt, or if potential winner fails to return requisite document within the specified time period, or if a potential winner is not in compliance with these Official Rules, then such person shall be disqualified and, at Sponsor’s sole discretion, an alternate winner may be selected for the prize at issue based on the winner selection process described above.

6. Prizes: 

The prize for the McAfee Holiday Shopping #RT2Win Sweepstakes is a $500 Amazon gift card for each of the two [2] entrants/winners. Entrants agree that Sponsor has the sole right to determine the winners of the McAfee Holiday Shopping #RT2Win Sweepstakes and all matters or disputes arising from the McAfee Holiday Shopping #RT2Win Sweepstakes and that its determination is final and binding. There are no prize substitutions, transfers or cash equivalents permitted except at the sole discretion of Sponsor. Sponsor will not replace any lost or stolen prizes. Sponsor is not responsible for delays in prize delivery beyond its control. All other expenses and items not specifically mentioned in these Official Rules are not included and are the prize winners’ sole responsibility.

Limit one (1) prize per person/household. Prizes are non-transferable, and no cash equivalent or substitution of prize is offered. The McAfee Holiday Shopping #RT2Win Sweepstakes has no affiliation with Amazon.

7. General Conditions: 

Entrants agree that by entering they agree to be bound by these rules. All federal, state, and local taxes, fees, and surcharges on prize packages are the sole responsibility of the prizewinner. Sponsor is not responsible for incorrect or inaccurate entry information, whether caused by any of the equipment or programming associated with or utilized in the McAfee Holiday Shopping #RT2Win Sweepstakes, or by any technical or human error, which may occur in the processing of the McAfee Holiday Shopping #RT2Win Sweepstakes. entries. By entering, participants release and hold harmless Sponsor and its respective parents, subsidiaries, affiliates, directors, officers, employees, attorneys, agents, and representatives from any and all liability for any injuries, loss, claim, action, demand, or damage of any kind arising from or in connection with the McAfee Holiday Shopping #RT2Win Sweepstakes, any prize won, any misuse or malfunction of any prize awarded, participation in any McAfee Holiday Shopping #RT2Win Sweepstakes-related activity, or participation in the McAfee Holiday Shopping #RT2Win Sweepstakes. Except for applicable manufacturer’s standard warranties, the prizes are awarded “AS IS” and WITHOUT WARRANTY OF ANY KIND, express or implied (including any implied warranty of merchantability or fitness for a particular purpose).

8. Limitations of Liability; Releases:

By entering the Sweepstakes, you release Sponsor and all Released Parties from any liability whatsoever, and waive any and all causes of action, related to any claims, costs, injuries, losses, or damages of any kind arising out of or in connection with the Sweepstakes or delivery, misdelivery, acceptance, possession, use of or inability to use any prize (including claims, costs, injuries, losses and damages related to rights of publicity or privacy, defamation or portrayal in a false light, whether intentional or unintentional), whether under a theory of contract, tort (including negligence), warranty or other theory.

To the fullest extent permitted by applicable law, in no event will the sponsor or the released parties be liable for any special, indirect, incidental, or consequential damages, including loss of use, loss of profits or loss of data, whether in an action in contract, tort (including, negligence) or otherwise, arising out of or in any way connected to your participation in the sweepstakes or use or inability to use any equipment provided for use in the sweepstakes or any prize, even if a released party has been advised of the possibility of such damages.

  • To the fullest extent permitted by applicable law, in no event will the aggregate liability of the released parties (jointly) arising out of or relating to your participation in the sweepstakes or use of or inability to use any equipment provided for use in the sweepstakes or any prize exceed $10. The limitations set forth in this section will not exclude or limit liability for personal injury or property damage caused by products rented from the sponsor, or for the released parties’ gross negligence, intentional misconduct, or for fraud.
  • Use of Winner’s Name, Likeness, etc.: Except where prohibited by law, entry into the Sweepstakes constitutes permission to use your name, hometown, aural and visual likeness and prize information for advertising, marketing, and promotional purposes without further permission or compensation (including in a public-facing winner list).  As a condition of being awarded any prize, except where prohibited by law, winner may be required to execute a consent to the use of their name, hometown, aural and visual likeness and prize information for advertising, marketing, and promotional purposes without further permission or compensation. By entering this Sweepstakes, you consent to being contacted by Sponsor for any purpose in connection with this Sweepstakes.
9. Prize Forfeiture:

If winner cannot be notified, does not respond to notification, does not meet eligibility requirements, or otherwise does not comply with the prize McAfee Holiday Shopping #RT2Win Sweepstakes rules, then the winner will forfeit the prize and an alternate winner will be selected from remaining eligible entry forms for each McAfee Holiday Shopping #RT2Win Sweepstakes.

10. Dispute Resolution:

Entrants agree that Sponsor has the sole right to determine the winners of the McAfee Holiday Shopping #RT2Win Sweepstakes and all matters or disputes arising from the McAfee Holiday Shopping #RT2Win Sweepstakes and that its determination is final and binding. There are no prize substitutions, transfers or cash equivalents permitted except at the sole discretion of Sponsor.

11. Governing Law & Disputes:

Each entrant agrees that any disputes, claims, and causes of action arising out of or connected with these sweepstakes or any prize awarded will be resolved individually, without resort to any form of class action and these rules will be construed in accordance with the laws, jurisdiction, and venue of the State of New York, U.S.A.

12. Privacy Policy: 

Personal information obtained in connection with this prize McAfee Holiday Shopping #RT2Win Sweepstakes will be handled in accordance policy set forth at https://www.mcafee.com/enterprise/en-us/about/legal/privacy.html.

  1. Winner List; Rules Request: For a copy of the winner list, send a stamped, self-addressed, business-size envelope for arrival after November 26, 2018 before December 9, 2018, to the address listed below, Attn: #RT2Win at CES Sweepstakes.  To obtain a copy of these Official Rules, visit this link or send a stamped, self-addressed business-size envelope to the address listed in below, Attn: Sarah Grayson. VT residents may omit return postage.
  2. Intellectual Property Notice: McAfee and the McAfee logo are registered trademarks of McAfee, LLC. The Sweepstakes and all accompanying materials are copyright © 2018 by McAfee, LLC.  All rights reserved.
  3. Sponsor: McAfee, LLC, Corporate Headquarters 2821 Mission College Blvd. Santa Clara, CA 95054 USA
  4. Administrator: LEWIS Pulse, 111 Sutter St., Suite 850, San Francisco, CA 94104

The post Stay Secure and Your Wallet Full with Our Holiday #RT2Win Sweepstakes! appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/holiday-shopping-rt2win-2018/feed/ 0
WebCobra Malware Uses Victims’ Computers to Mine Cryptocurrency https://www.mcafee.com/blogs/other-blogs/mcafee-labs/webcobra-malware-uses-victims-computers-to-mine-cryptocurrency/ https://www.mcafee.com/blogs/other-blogs/mcafee-labs/webcobra-malware-uses-victims-computers-to-mine-cryptocurrency/#comments Tue, 13 Nov 2018 05:01:11 +0000 https://securingtomorrow.mcafee.com/?p=92309

McAfee Labs researchers have discovered new Russian malware, dubbed WebCobra, which harnesses victims’ computing power to mine for cryptocurrencies.

The post WebCobra Malware Uses Victims’ Computers to Mine Cryptocurrency appeared first on McAfee Blogs.

]]>

The authors thank their colleagues Oliver Devane and Deepak Setty for their help with this analysis.

McAfee Labs researchers have discovered new Russian malware, dubbed WebCobra, which harnesses victims’ computing power to mine for cryptocurrencies.

Coin mining malware is difficult to detect. Once a machine is compromised, a malicious app runs silently in the background with just one sign: performance degradation. As the malware increases power consumption, the machine slows down, leaving the owner with a headache and an unwelcome bill, as the energy it takes to mine a single bitcoin can cost from $531 to $26,170, according to a recent report.

The increase in the value of cryptocurrencies has inspired cybercriminals to employ malware that steals machine resources to mine crypto coins without the victims’ consent.

The following chart shows how the prevalence of miner malware follows changes in the price of Monero cryptocurrency.

Figure 1: The price of cryptocurrency Monero peaked at the beginning of 2018. The total samples of coin miner malware continue to grow. Source: https://coinmarketcap.com/currencies/monero/.

McAfee Labs has previously analyzed the cryptocurrency file infector CoinMiner; and the Cyber Threat Alliance, with major assistance from McAfee, has published a report, “The Illicit Cryptocurrency Mining Threat.” Recently we examined the Russian application WebCobra, which silently drops and installs the Cryptonight miner or Claymore’s Zcash miner, depending on the architecture WebCobra finds. McAfee products detect and protect against this threat.

We believe this threat arrives via rogue PUP installers. We have observed it across the globe, with the highest number of infections in Brazil, South Africa, and the United States.

Figure 2: McAfee Labs heat map of WebCobra infections from September 9–13.

This cryptocurrency mining malware is uncommon in that it drops a different miner depending on the configuration of the machine it infects. We will discuss that detail later in this post.

Behavior

The main dropper is a Microsoft installer that checks the running environment. On x86 systems, it injects Cryptonight miner code into a running process and launches a process monitor. On x64 systems, it checks the GPU configuration and downloads and executes Claymore’s Zcash miner from a remote server.

Figure 3: WebCobra’s installation window.

After launching, the malware drops and unzips a password-protected Cabinet archive file with this command:

Figure 4: The command to unzip the dropped file.

The CAB file contains two files:

  • LOC: A DLL file to decrypt data.bin
  • bin: Contains the encrypted malicious payload

The CAB file uses the following script to execute ERDNT.LOC:

Figure 5: The script to load the DLL file, ERDNT.LOC.

ERDNT.LOC decrypt data.bin and passes the execution flow to it with this routine:

  • [PlainText_Byte] = (([EncryptedData_Byte] + 0x2E) ^ 0x2E) + 0x2E

Figure 6: The decryption routine. 

The program checks the running environment to launch the proper miner, shown in the following diagram:

Figure 7: Launching the proper miner depending on a system’s configuration.

Once data.bin is decrypted and executed, it tries a few anti-debugging, anti-emulation, and anti-sandbox techniques as well as checks of other security products running on the system. These steps allow the malware to remain undetected for a long time.

Most security products hook some APIs to monitor the behavior of malware. To avoid being found by this technique, WebCobra loads ntdll.dll and user32.dll as data files in memory and overwrites the first 8 bytes of those functions, which unhooks the APIs.

List of unhooked ntdll.dll APIs

  • LdrLoadDll
  • ZwWriteVirtualMemory
  • ZwResumeThread
  • ZwQueryInformationProcess
  • ZwOpenSemaphore
  • ZwOpenMutant
  • ZwOpenEvent
  • ZwMapViewOfSection
  • ZwCreateUserProcess
  • ZwCreateSemaphore
  • ZwCreateMutant
  • ZwCreateEvent
  • RtlQueryEnvironmentVariable
  • RtlDecompressBuffer

List of unhooked user32.dll APIs

  • SetWindowsHookExW
  • SetWindowsHookExA

Infecting an x86 system

The malware injects malicious code to svchost.exe and uses an infinite loop to check all open windows and to compare each window’s title bar text with these strings. This is another check by WebCobra to determine if it is running in an isolated environment designed for malware analysis.

  • adw
  • emsi
  • avz
  • farbar
  • glax
  • delfix
  • rogue
  • exe
  • asw_av_popup_wndclass
  • snxhk_border_mywnd
  • AvastCefWindow
  • AlertWindow
  • UnHackMe
  • eset
  • hacker
  • AnVir
  • Rogue
  • uVS
  • malware

The open windows will be terminated if any of preceding strings shows in the windows title bar text.

Figure 8: Terminating a process if the windows title bar text contains specific strings.

Once the process monitor executes, it creates an instance of svchost.exe with the miner’s configuration file specified as an argument and injects the Cryptonight miner code.

Figure 9: Creating an instance of svchost.exe and executing the Cryptonight miner.

Finally, the malware resumes the process with the Cryptonight miner running silently and consuming almost all the CPU’s resources.

Figure 10: An x86 machine infected with the Cryptonight miner. 

Infecting an x64 system

The malware terminates the infection if it finds Wireshark running.

Figure 11: Checking for Wireshark.

The malware checks the GPU brand and mode. It runs only if one of the following GPUs is installed:

  • Radeon
  • Nvidia
  • Asus

Figure 12: Checking the GPU mode.

If these checks are successful, the malware creates the following folder with hidden attributes and downloads and executes Claymore’s Zcash miner from a remote server.

  • C:\Users\AppData\Local\WIX Toolset 11.2

Figure 13: Requesting the download of Claymore’s Zcash miner.

Figure 14: Claymore’s miner.

Figure 15: Executing the miner with its configuration file.

Finally, the malware drops a batch file at %temp%\–xxxxx.cMD to delete the main dropper from [WindowsFolder]\{DE03ECBA-2A77-438C-8243-0AF592BDBB20}\*.*.

Figure 16: A batch file deleting the dropper.

The configuration files of the miners follow.

Figure 17: Cryptonight’s configuration file.

This configuration file contains:

  • The mining pool: 5.149.254.170
  • Username: 49YfyE1xWHG1vywX2xTV8XZzbzB1E2QHEF9GtzPhSPRdK5TEkxXGRxVdAq8LwbA2Pz7jNQ9gYBxeFPHcqiiqaGJM2QyW64C
  • Password: soft-net

Figure 18: Claymore’s Zcash miner configuration file.

This configuration file contains:

  • The mining pool: eu.zec.slushpool.com
  • Username: pavelcom.nln
  • Password: zzz

Coin mining malware will continue to evolve as cybercriminals take advantage of this relatively easy path to stealing value. Mining coins on other people’s systems requires less investment and risk than ransomware, and does not depend on a percentage of victims agreeing to send money. Until users learn they are supporting criminal miners, the latter have much to gain.

 

MITRE ATT&CK techniques

  • Exfiltration over command and control channel
  • Command-line interface
  • Hooking
  • Data from local system
  • File and directory discovery
  • Query registry
  • System information discovery
  • Process discovery
  • System time discovery
  • Process injection
  • Data encrypted
  • Data obfuscation
  • Multilayer encryption
  • File deletion

Indicators of compromise

IP addresses
  • 5.149.249[.]13:2224
  • 5.149.254[.]170:2223
  • 104.31.92[.]212
Domains
  • emergency.fee.xmrig[.]com
  • miner.fee.xmrig[.]com
  •  saarnio[.]ru
  • eu.zec.slushpool[.]com

McAfee detections

  • CoinMiner Version 2 in DAT Version 8986; Version 3 in DAT Version 3437
  • l Version 2 in DAT Version 9001; Version 3 in DAT Version 3452
  • RDN/Generic PUP.x Version 2 in DAT Version 8996; Version 3 in DAT Version 3447
  • Trojan-FQBZ, Trojan-FQCB, Trojan-FQCR Versions 2 in DAT Version 9011; Versions 3 in DAT Version 3462

Hashes (SHA-256)

  • 5E14478931E31CF804E08A09E8DFFD091DB9ABD684926792DBEBEA9B827C9F37
  • 2ED8448A833D5BBE72E667A4CB311A88F94143AA77C55FBDBD36EE235E2D9423
  • F4ED5C03766905F8206AA3130C0CDEDEC24B36AF47C2CE212036D6F904569350
  • 1BDFF1F068EB619803ECD65C4ACB2C742718B0EE2F462DF795208EA913F3353B
  • D4003E6978BCFEF44FDA3CB13D618EC89BF93DEBB75C0440C3AC4C1ED2472742
  • 06AD9DDC92869E989C1DF8E991B1BD18FB47BCEB8ECC9806756493BA3A1A17D6
  • 615BFE5A8AE7E0862A03D183E661C40A1D3D447EDDABF164FC5E6D4D183796E0
  • F31285AE705FF60007BF48AEFBC7AC75A3EA507C2E76B01BA5F478076FA5D1B3
  • AA0DBF77D5AA985EEA52DDDA522544CA0169DCA4AB8FB5141ED2BDD2A5EC16CE

The post WebCobra Malware Uses Victims’ Computers to Mine Cryptocurrency appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/webcobra-malware-uses-victims-computers-to-mine-cryptocurrency/feed/ 2
McAfee Explorers: From Student to Teacher https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/mcafee-explorers-from-student-to-teacher/ https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/mcafee-explorers-from-student-to-teacher/#respond Wed, 07 Nov 2018 23:22:16 +0000 https://securingtomorrow.mcafee.com/?p=92551

Ahmad, Software Architect Hailing from a small town in India, school for me was largely a means to an end. Rather than a chance to explore and cultivate my own interest, education was a path to a degree that could be used to obtain a steady and respectable career. Throughout my childhood, however, I was […]

The post McAfee Explorers: From Student to Teacher appeared first on McAfee Blogs.

]]>

Ahmad, Software Architect

Hailing from a small town in India, school for me was largely a means to an end. Rather than a chance to explore and cultivate my own interest, education was a path to a degree that could be used to obtain a steady and respectable career. Throughout my childhood, however, I was a curious boy; I was always intrigued in science and fascinated by technology. My curiosity often had me taking apart my toys, attempting to understand how they worked instead of playing with the toy itself. My inquisitive nature produced boundless questions, yet there were few resources available to satisfy my young mind and its insatiable appetite for information.

A Call to Adventure

When I first learned of McAfee Explorers, I knew I had to get involved! McAfee Explorers is an on-demand, job shadowing and career guidance program for children of McAfee employees and soon, the larger community. Children ages 11-18 can come into a McAfee office and be paired with an Explorer Host (a trained McAfee employee) for job shadowing experience—bringing to life the ideas and interest of each participant.

This opportunity brought back memories of a younger me, hungry for knowledge and education. It made me think about how much I could have benefited from a program like McAfee Explorers as a youth. Not only was I excited to share my own experiences and expertise, I was looking forward to learning and observing how future generations approach learning and how they tend to their own growing minds.

Explore Your World with a Brand-new Map

Drawing on my own childhood experiences, I have been mindful to find ways of relating my work to the children participating in ways they could understand and find interesting. As we know, tech jargon about algorithms, data structures and programming languages can come off dry. McAfee Explorers has challenged me to present these topics in ways that describe how integral each function is to the holistic mission of our company. The program has pulled me out of my proverbial day-to-day role and has given me a reinvigorated sense of purpose and contribution.

Working with the children has been an absolute blast! Explorer kids are sharp, keen observers and teach me that solutions to our biggest problems don’t always require complex thinking from the most learned minds. Answers can stem from asking small questions on fundamentals. The participants are eager to learn with every new topic, engaging the hosts on a new level with their out-of-the-box questions. There is a vibrant chemistry between participants and hosts alike, which makes for a truly enriching experience for everyone!

Mahatma Gandhi once said, “A teacher who establishes rapport with the taught becomes one with them and learns more from them than he teaches them.”[1] And I believe that this perfectly reflects the spirit of McAfee Explorers.

Together for Good

I firmly believe that sharing knowledge and experiences is how we can all impact our society for the better. Margaret Fuller said, “If you have the knowledge, let others light their candles with it.” [2]

I am very grateful that McAfee provides this career opportunity. I take great pride in working for a company that empowers its employees to take an active role in their communities. McAfee Explorers has allowed me to connect with my past and use the tools I have today to create a space for young minds to explore and flourish. This program is very meaningful to me—and I plan to stay involved as it continues to grow.

For more stories like this, follow @LifeAtMcAfee on Instagram and on Twitter @McAfee to see what working at McAfee is all about.

Interested in joining our teams? We’re hiring! Apply now!

[1] Mahatma Gandhi https://www.azquotes.com/quote/548250

[2] Margaret Fuller https://www.margaretfuller.org/index.php?option=com_content&view=article&id=90:sermon-award-winner&catid=40&Itemid=82

The post McAfee Explorers: From Student to Teacher appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/mcafee-explorers-from-student-to-teacher/feed/ 0
How I Thrive in Technology at McAfee https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/how-i-thrive-in-technology-at-mcafee/ https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/how-i-thrive-in-technology-at-mcafee/#respond Tue, 06 Nov 2018 22:59:21 +0000 https://securingtomorrow.mcafee.com/?p=92531

By: Hannah, Software Quality Assurance Engineer I joined the McAfee Quality Assurance team at the Brighton office earlier this year. It was immediately obvious that the company is determined to encourage more women into technology roles. At McAfee, I have a voice, I’m heard, and my skills, experience and capabilities are valued and taken seriously. My […]

The post How I Thrive in Technology at McAfee appeared first on McAfee Blogs.

]]>

By: Hannah, Software Quality Assurance Engineer

I joined the McAfee Quality Assurance team at the Brighton office earlier this year. It was immediately obvious that the company is determined to encourage more women into technology roles.

At McAfee, I have a voice, I’m heard, and my skills, experience and capabilities are valued and taken seriously. My team is warm and friendly, as well as having a fierce desire to produce the best work we possibly can, working together. Approachability and transparency are key to the company culture. It’s a real breath of fresh air!

5 Ways to Thrive

The McAfee culture presents women considering moving to technology roles with great opportunities. Here are my top 5 tips to make the most of the opportunity, based on my experience here.

1. Make the Most of Your Uniqueness

Don’t focus on how few women there are in your team, the company or the industry. Concentrate on what you can contribute. You are unique. No one else, woman or man, can be to your team what you can. Make the most of you!

2. Be the Wise Fool

Wise fools ask the questions that need to be asked, even if others may think they are foolish. It’s often those very questions that unblock a project, move it forward, uncover vital insights and open new possibilities. I quickly discovered that when I ask questions, I’m a lot more effective and successful.

3. Get a Mentor; Be a Mentor

I can’t over-state the importance of mentoring. Find the right mentor! Mentors bring a different perspective to your challenges, opportunities, and how you are perceived in the team, as well as expanding your knowledge, skills and understanding.

On the flip-side, being a mentor, as well as offering all this to your mentee, will also help you broaden your perspectives and improve your communication skills. Pay it forward!

4. Don’t Underestimate Yourself

Let me emphasize this, it’s so important! Never underestimate yourself. Be confident. Own your knowledge, experience, skills and capabilities. Seize every opportunity to use them.

Confidence builds confidence. As you step out, you’ll discover that you can do and achieve things you never thought possible, and your confidence, and your team’s confidence in you, will grow.

5. Go For It

Don’t hold back. Don’t put things off. Step out, experiment and float ideas. Speak up and speak out. Treat your peers as equals. Expect to be taken seriously – at McAfee you will be. You can do amazing things, so get out there and do them!

The McAfee slogan is right on: together is power!

For more stories like this, follow @LifeAtMcAfee on Instagram and on Twitter @McAfee to see what working at McAfee is all about.

Interested in joining our teams? We’re hiring! Apply now!

The post How I Thrive in Technology at McAfee appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/how-i-thrive-in-technology-at-mcafee/feed/ 0
Returning to Work? Make it McAfee! https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/returning-to-work-make-it-mcafee/ https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/returning-to-work-make-it-mcafee/#respond Tue, 30 Oct 2018 19:20:43 +0000 https://securingtomorrow.mcafee.com/?p=92303

By: Vera, Software Developer After nine years out of the workplace, I was ready to return to software development. The idea was challenging at first. Would my skills still be valued? Which company would be right for me? To prepare, I attended seminars and technology deep-dives for people looking to return to software development work. […]

The post Returning to Work? Make it McAfee! appeared first on McAfee Blogs.

]]>

By: Vera, Software Developer

After nine years out of the workplace, I was ready to return to software development. The idea was challenging at first. Would my skills still be valued? Which company would be right for me?

To prepare, I attended seminars and technology deep-dives for people looking to return to software development work. McAfee offered a 12-week, full-time, compensation-based experience program which I was delighted to accept. Designed to help people successfully re-integrate into the workplace after time away, it’s part of McAfee’s strategy to help fill the cybersecurity skills gap and encourage diversity in the technology sector.

Everyone I spoke with at McAfee impressed me as they shared their roles and experiences with the company. I really liked the support, guidance and resources McAfee offered applicants—it gave me the confidence I needed to step back into work. It was clear McAfee would be the perfect starting point for me, my natural first choice when returning to work.

Part of the Team and Learning Fast

Joining McAfee’s Web Security Research software development group in Cork, Ireland, I felt welcome and part of the team from Day One. The culture is inclusive and welcoming, with creativity and new ideas welcomed.

Nine years out of practice and with experience in Java-based software, but none in cybersecurity, I had much to learn. I loved the way everyone in my team was always ready to help and support me.

The team uses the scrum development approach, members collaborating extensively on tasks in two-week sprints. We also use pair programming, working on tasks in pairs.

Scrum and pair programming were both new to me, but I quickly gained a comprehensive understanding of the technologies, techniques and tools as we bounced ideas off one another and addressed challenges together. It was great to develop skills and re-integrate with the workplace so rapidly.

I learned not only about security and McAfee’s solutions, but also about the Linux platforms they run on. I hadn’t done any Unix work since my graduate days, but the team provided support and advice whenever I needed it.

Make the Most of Your Placement

I’d recommend McAfee to anyone looking to return to the workplace. The company has been a great employer and a fantastic way to restart my career. Here are my top five tips for getting the most out of returning to work.

1. Do Your Homework
It’s important to find the right fit for you and your skills. Speak to team members to discover what the company is like, and the products, processes and technologies you’ll be working with.

2. Go Ahead – Apply!
Believe in yourself. You’ve had a good career and responsibilities in the past and your knowledge hasn’t evaporated. You can do even more in the future—I can attest to that. Wherever your next opportunity is, make sure it’s the perfect place to acquire skills and knowledge you may have missed during your time away.

3. Build Your Skills
Expand your expertise through Return to Work seminars and other resources. Review current technologies and thinking. Expand your capabilities and confidence!

4. Extend Your Network
Before and during your time at your placement company, develop connections with relevant people in your team, and in the industry as a whole.

5. Ask Questions
McAfee operates from a foundation of trust and respect. Questions get answers that support progress and development. If you don’t know, ask, either in your team or in your personal development sessions, an integral part of the program.

If you’re apprehensive, don’t worry – that’s normal! I was unsure when I first considered returning to work, especially after such a long break, but now I’m delighted to be back, and even more so to be working with McAfee in a permanent, full-time role.

It’s great to be part of a company that recognizes the capabilities of people who took time out of the workplace, investing time and resources to help us get that all-important foot back in the door. I didn’t know I could do it – now I know I can!

For more stories like this, follow @LifeAtMcAfee on Instagram and on Twitter @McAfee to see what working at McAfee is all about.

Interested in learning more about a career at McAfee? Apply here!

The post Returning to Work? Make it McAfee! appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/returning-to-work-make-it-mcafee/feed/ 0
Ghouls of the Internet: Protecting Your Family from Scareware and Ransomware https://www.mcafee.com/blogs/consumer/family-safety/ghouls-of-the-internet-protecting-your-family-from-scareware-and-ransomware/ https://www.mcafee.com/blogs/consumer/family-safety/ghouls-of-the-internet-protecting-your-family-from-scareware-and-ransomware/#respond Sat, 27 Oct 2018 14:00:11 +0000 https://securingtomorrow.mcafee.com/?p=92193 It’s the middle of a workday. While researching a project, a random ad pops up on your computer screen alerting you of a virus. The scary-looking, flashing warning tells you to download an “anti-virus software” immediately. Impulsively, you do just that and download either the free or the $9.99 to get the critical download. But […]

The post Ghouls of the Internet: Protecting Your Family from Scareware and Ransomware appeared first on McAfee Blogs.

]]>
scareware and ransomwareIt’s the middle of a workday. While researching a project, a random ad pops up on your computer screen alerting you of a virus. The scary-looking, flashing warning tells you to download an “anti-virus software” immediately. Impulsively, you do just that and download either the free or the $9.99 to get the critical download.

But here’s the catch: There’s no virus, no download needed, you’ve lost your money, and worse, you’ve shared your credit card number with a crook. Worse still, your computer screen is now frozen or sluggish as your new download (disguised malware) collects the data housed on your laptop and funnels it to a third party to be used or sold on the dark web.

Dreadful Downloads

This scenario is called scareware — a form of malware that scares users into fictitious downloads designed to gain access to your data. Scareware bombards you with flashing warnings to purchase a bogus commercial firewall, computer cleaning software, or anti-virus software. Cybercriminals are smart and package the suggested download in a way that mimics legitimate security software to dupe consumers. Don’t feel bad, a lot of intelligent people fall for scareware every day.

Sadly, a more sinister cousin to scareware is ransomware, which can unleash serious digital mayhem into your personal life or business. Ransomware scenarios vary and happen to more people than you may think.

Malicious Mayhem

What is Ransomware? Ransomware is a form of malicious software (also called malware) that is a lot more complicated than typical malware. A ransomware infection often starts with a computer user clicking on what looks like a standard email attachment only that attachment unlocks malware that will encrypt or lock computer files.

scareware and ransomware

A ransomware attack can cause incredible emotional and financial distress for individuals, businesses, or large companies or organizations. Criminals hold data ransom and demand a fee to release your files back to you. Many people think they have no choice but to pay the demanded fee. Ransomware can be large-scale such as the City of Atlanta, which is considered the largest, most expensive cyber disruption in city government to date or the WannaCry attack last year that affected some 200,000+ computers worldwide. Ransomware attacks can be aimed at any number of data-heavy targets such as labs, municipalities, banks, law firms, and hospitals.

Criminals can also get very personal with ransomware threats. Some reports of ransomware include teens and older adults receiving emails that falsely accuse them or browsing illegal websites. The notice demands payment or else the user will be exposed to everyone in his or her contact list. Many of these threats go unreported because victims are too embarrassed to do anything.

Digital Terrorists

According to the Cisco 2017 Annual Cybersecurity Report, ransomware is growing at a yearly rate of 350% and, according to Microsoft,  accounted for roughly $325 million in damages in 2015. Most security experts advise against paying any ransoms since paying the ransom is no guarantee you’ll get your files back and may encourage a second attack.

Cybercriminals are fulltime digital terrorists and know that a majority of people know little or nothing about their schemes. And, unfortunately, as long as our devices are connected to a network, our data is vulnerable. But rather than living anxiously about the possibility of a scareware or ransomware attack, your family can take steps to reduce the threat.

Tips to keep your family’s data secure:

Talk about it. Education is first, and action follows. So, share information on the realities of scareware and ransomware with your family. Just discussing the threats that exist, sharing resources, and keeping the issue of cybercrime in the conversation helps everyone be more aware and ready to make wise decisions online.

Back up everything! A cybercriminal’s primary goal is to get his or her hands on your data, and either use it or sell it on the dark web (scareware) or access it and lock it down for a price (ransomware). So, back up your data every chance you get on an external hard drive or in the cloud. If a ransomware attack hits your family, you may panic about your family photos, original art, writing, or music, and other valuable content. While backing up data helps you retrieve and restore files lost in potential malware attack, it won’t keep someone from stealing what’s on your laptop.scareware and ransomware

Be careful with each click. By being aware and mindful of the links and attachments you’re clicking on can reduce your chances of malware attacks in general. However, crooks are getting sophisticated and linking ransomware to emails from seemingly friendly sources. So, if you get an unexpected email with an attachment or random link from a friend or colleague, pause before opening the email attachment. Only click on emails from a trusted source. 

Update devices.  Making sure your operating system is current is at the top of the list when it comes to guarding against malware attacks. Why? Because nearly every software update contains security improvements that help secure your computer from new threats. Better yet, go into your computer settings and schedule automatic updates. If you are a window user, immediately apply any Windows security patches that Microsoft sends you. 

Add a layer of security. It’s easy to ignore the idea of a malware attack — until one happens to you. Avoid this crisis by adding an extra layer of protection with a consumer product specifically designed to protect your home computer against malware and viruses. Once you’ve installed the software, be sure to keep it updated since new variants of malware arise all the time.

If infected: Worst case scenario, if you find yourself with a ransomware notice, immediately disconnect everything from the Internet. Hackers need an active connection to mobilize the ransomware and monitor your system. Once you disconnect from the Internet, follow these next critical steps. Most security experts advise against paying any ransoms since paying the ransom is no guarantee you’ll get your files back and may encourage a second attack.

The post Ghouls of the Internet: Protecting Your Family from Scareware and Ransomware appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/family-safety/ghouls-of-the-internet-protecting-your-family-from-scareware-and-ransomware/feed/ 0
McAfee Security Innovation Alliance 2018 DevCon Awards https://www.mcafee.com/blogs/other-blogs/mcafee-partners/mcafee-security-innovation-alliance-2018-devcon-awards/ https://www.mcafee.com/blogs/other-blogs/mcafee-partners/mcafee-security-innovation-alliance-2018-devcon-awards/#respond Wed, 17 Oct 2018 00:00:18 +0000 https://securingtomorrow.mcafee.com/?p=92017 Today McAfee, the device-to-cloud cybersecurity company, announced the winners of its distinguished SIA Partner Awards. The awards ceremony, hosted at McAfee’s Americas Partner Summit in Las Vegas, recognized partners who demonstrated the embodiment of innovation, strategic value, and market leadership in their respective market segments that complement the McAfee solution portfolio. “Today’s businesses are challenged […]

The post McAfee Security Innovation Alliance 2018 DevCon Awards appeared first on McAfee Blogs.

]]>
Today McAfee, the device-to-cloud cybersecurity company, announced the winners of its distinguished SIA Partner Awards. The awards ceremony, hosted at McAfee’s Americas Partner Summit in Las Vegas, recognized partners who demonstrated the embodiment of innovation, strategic value, and market leadership in their respective market segments that complement the McAfee solution portfolio.

“Today’s businesses are challenged more than ever before to stay ahead of the latest risks and cyberthreats,” said D.J. Long, vice president of strategic business development, McAfee. “McAfee understands that no single cybersecurity company can prevent every possible threat. The McAfee SIA program enables businesses to tap into certified integrated solutions from industry-leading providers to help protect data and minimize risk with fewer resources.”

We are pleased to announce the winners of the 2018 McAfee Security Innovation Alliance DEVCON Awards in the following three categories: Rookie of the Year, Most Innovative Partner of the Year, and SIA Partner of the Year.

Rookie of the Year 2018: Menlo Security

Rookie of the Year criteria include business impact, solution innovation, and program membership under 18 months.

Menlo Security joined SIA in May 2018. Their integration with McAfee Web Gateway was fully completed and certified in just one month! Immediately after certification, Menlo jumped in to support McAfee on a unique project to drive innovation with a mutual customer.

Menlo Security has partnered with McAfee to provide web security that wins against today’s advanced threats. McAfee Web Gateway customers can set up policies to dynamically route web sessions to the Menlo Security Isolation Platform. The enterprise is protected from any potential web threats while the user has a seamless experience with their native browser. The joint solution improves employee productivity by providing safe access to the internet and reduces burden on IT staff who no longer need to maintain restrictive web policies and manage exceptions. The Isolation Platform can also be used to address “air-gap” requirements of certain financial services and government organizations.

Most Innovative Partner of the Year: IBM Security

Criteria for Most Innovative Partner of the Year are based on the design and use of the McAfee ePO software development kit (SDK), McAfee Threat Intelligence Exchange, McAfee Data Exchange Layer, and other key McAfee technologies.

IBM Security are partnering with McAfee across multiple IBM and McAfee product sets and teams including Resilient, BigFix, and QRadar on the IBM side. Completed and certified integrations with IBM’s Incident Response platform, Resilient include: TIE, DXL, ePO, and ATD completed just last week. ESM is slated for end of September and NSP is in progress. Furthermore, all McAfee Resilient integrations are published on IBM’s AppExchange. Roadmap projects include: building QRadar -ePO app and working to leverage bi-lateral agent deployments with Big Fix. Read our  solution brief for more details

SIA Partner of the Year 2018 : Avecto/BeyondTrust (Both acquired this year by Bomgar)

Most Valuable Partner of the Year criteria cover the breadth and depth of the partner’s multiple integrations and close business engagement with McAfee.

Avecto are the undisputed leader in sales teaming success, with an average closed-won deal size of $350K and currently more than 30 registered and accepted opportunities in the pipeline. The other half of this team are BeyondTrust with $6M in pipeline and over 100% growth Year over Year. Avecto and BeyondTrust integrate with McAfee ESM, ePO and DXL.

For more information about our integrations read the solution briefs on integrations with Avecto and  BeyondTrust .

The post McAfee Security Innovation Alliance 2018 DevCon Awards appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/mcafee-partners/mcafee-security-innovation-alliance-2018-devcon-awards/feed/ 0
How the McAfee Rotation Program is Providing Opportunities https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/how-the-mcafee-rotation-program-is-providing-opportunities/ https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/how-the-mcafee-rotation-program-is-providing-opportunities/#comments Wed, 10 Oct 2018 20:13:32 +0000 https://securingtomorrow.mcafee.com/?p=91864

 By: Darius, Sales & Marketing Rotation Engineer “The sky is the limit.” It’s a phrase I heard frequently growing up, in school, college and university. To me, the phrase means there are endless opportunities. So, my nine-year-old self desired to be a racecar driver, my freshman year ambition was to be a developer and then […]

The post How the McAfee Rotation Program is Providing Opportunities appeared first on McAfee Blogs.

]]>

 By: Darius, Sales & Marketing Rotation Engineer

“The sky is the limit.” It’s a phrase I heard frequently growing up, in school, college and university. To me, the phrase means there are endless opportunities. So, my nine-year-old self desired to be a racecar driver, my freshman year ambition was to be a developer and then my “final” plan was to work in power transmission/distribution or renewable energy.

After graduation, with all these possibilities, I still didn’t really have a clear picture of what I wanted to do. I focused on volunteering and earning great grades in school, but like many of my peers, I hadn’t really prepared for life after college. I hadn’t thought seriously enough about my career path.

What I did know was this: I wanted to use my technical skills while at the same time learn the business side of an industry. It was my broad interest that led me to the McAfee Rotation Program (MRP) in the summer of 2017.

Wide-ranging Experience

The MRP is perfect for anyone who is attracted to the cybersecurity industry but wants experience in a range of business units. I’m gaining extensive knowledge of cybersecurity products and services, developing my technical and business acumen, building communication skills and expanding my network.

The MRP consist of five four-month placements known as “rotations.” This includes our Professional Services, Pre-Sales Engineering, the Security Operations Center, Support and Sales Operations units.

During the first three of my five rotations, I’ve had the opportunity to build my brand, learn McAfee values and business strategies, make a real impact on the departments I’ve worked with and learn from outstanding mentors.

No Fear!

We innovate without fear—this is an important McAfee value. The MRP gave me several opportunities to become a trailblazer and make a real impact with fresh ideas.

During my first rotation in Professional Services, I helped to accelerate the sales cycle with a new opportunity tracking system that included weekly reports. My line management and I could see an instant difference with the new system, which was most satisfying. I am grateful to work for a company that encourages innovation and creative thinking.

Rapid Learning

In my second rotation with Pre-Sales Engineering, I took on detailed product knowledge in multiple solutions through the projects I worked on in my day-to-day job experience.

With mentorship from senior sales engineers, I put my new knowledge and understanding to the test when I demonstrated McAfee’s Endpoint Security and Threat Intelligence Exchange solutions to a customer. This also gave me the chance to work with technical and commercial departments simultaneously.

My rapid acquisition of knowledge, understanding and experience continued in my third rotation with our Security Operations Center (SOC). In the SOC, I have learned first-hand how vital security is and gained a broad spread of new skills and knowledge, applicable across all business units.

Opportunities Abound

The MRP has created opportunities that I could never have imagined. “The sky is the limit” has taken on a whole new meaning for me.

During my first year at McAfee, I have grown professionally, become a more well-rounded individual and experienced more about business operations than many people do throughout their entire career. I can’t recommend the McAfee Rotation Program enough. It’s given me confidence that I can achieve great things—but I’m also honing in on what I want to do with my career and where my skills are best suited. I can’t wait to see what the next two rotations bring!

For more stories like this, follow @LifeAtMcAfee on Instagram and on Twitter @McAfee to see what working at McAfee is all about.

Interested in the McAfee Rotation Program? Find out more here.

The post How the McAfee Rotation Program is Providing Opportunities appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/how-the-mcafee-rotation-program-is-providing-opportunities/feed/ 1
Announcing McAfee’s Evolved Consumer Product Portfolio https://www.mcafee.com/blogs/consumer/consumer-threat-notices/mcafee-consumer-portfolio-2018/ https://www.mcafee.com/blogs/consumer/consumer-threat-notices/mcafee-consumer-portfolio-2018/#respond Thu, 20 Sep 2018 23:31:31 +0000 https://securingtomorrow.mcafee.com/?p=91616 Every fall the leaves change colors, sweaters replace sundresses, and new changes are afoot. Especially for us at McAfee. In fact, we’re announcing quite a few changes to our consumer security portfolio this fall. Tailored to the increasingly connected world we live in, our evolved line of products focuses on better performance, better ransomware protection, […]

The post Announcing McAfee’s Evolved Consumer Product Portfolio appeared first on McAfee Blogs.

]]>
Every fall the leaves change colors, sweaters replace sundresses, and new changes are afoot. Especially for us at McAfee. In fact, we’re announcing quite a few changes to our consumer security portfolio this fall. Tailored to the increasingly connected world we live in, our evolved line of products focuses on better performance, better ransomware protection, and a holistic approach to securing every facet of a connected consumer’s life. Curious how exactly our lineup does that? Allow us to break it down.

First, there are a few key product updates. In exciting news, McAfee Identity Theft Protection and McAfee Safe Family are now both included in McAfee Total Protection and McAfee LiveSafe. Additionally, McAfee Ransom Guard and PC Boost have been added to the entire product lineup, which includes McAfee AntiVirus, McAfee AntiVirus Plus, and McAfee Internet Security. Now, let’s get into a few specifics about product performance.

Improved Performance

McAfee’s core lineup of products now sends malware analysis to the McAfee Global Threat Intelligence (GTI) cloud, which means fewer system resources are required, and PCs can work at optimal speeds. Beyond that, we’ve also implemented a few key PC enhancements, including:

  • McAfee App Boost – Helps resource-hungry apps complete tasks more quickly by automatically allocating more resources to applications the customer is actively using.
  • McAfee Web Boost – Prevents unwanted or unrequested downloads and system activity caused by auto-play videos resulting in reduced bandwidth and resource consumption.

There are a few notable mobile enhancements as well, which include:

  • McAfee Mobile Security – Fully redesigned to deliver a more intuitive and engaging user experience.
  • McAfee Mobile Security for Android – Now includes machine learning capabilities within the mobile AV engine, which provides more efficient scanning and faster malware detection.
  • McAfee Mobile Security for iOS – New Wi-Fi Threat Scan shows the security status of the connected Wi-Fi network and alerts users if the Wi-Fi network they are connected to is at risk.

Increased Ransomware Protection

Ransomware attacks have shown no signs of slowing, which is why last year McAfee introduced a machine learning-based anti-virus engine with Real Protect to protect consumers from modern-day threats. And now we’ve updated our features to continue the fight against these advanced attacks. New features include:

  • McAfee Ransom Guard – Adds another layer of protection on the PC which monitors for suspicious file changes, warns the user when ransomware may be at work and suggests recommended actions for remediation. Additionally, this technology allows McAfee to detect many variants of zero-day ransomware.
  • Virus Protection Pledge – This year’s lineup extends the guarantee to six additional languages. If a customer enrolled in automatic renewal gets a virus with protection turned on, the customer support team will remove it, or the customer will receive a refund.

Protecting People’s Digital Lives

As people become more and more connected in the modern digital era, they’re in need of protection in every part of their online life. That’s why McAfee’s new lineup now includes features that make it easier than ever to protect what matters most. This includes:

  • McAfee Safe Family – Provides parents the visibility and controls needed to keep their children safer online when they use their PCs, smartphones, and tablets.
    • Key features and benefits include: Activity reports, app and web blocking capabilities, screen time controls, location tracking, 1-click digital time-outs and more. McAfee Safe Family Premium is included with subscriptions to McAfee Total Protection 10 and McAfee LiveSafe.
  • McAfee Identity Theft Protection – Allows users to take a proactive approach to protecting their identities.
    • Key features and benefits include: Cyber monitoring, Social security number trace, credit monitoring, 24/7 agency support, and ID recovery and stolen funds reimbursement. McAfee Identity Theft Protection Essentials is included with subscriptions to McAfee Total Protection 10 and McAfee LiveSafe.

So, whether you’re focused on fighting back against ransomware, or ensuring all your online interactions are protected from threats, our evolved portfolio of products is here to ensure you can live your connected life with confidence. Make sure you get proactive about your personal protection now.

To learn more about consumer security and our approach to it, be sure to follow us at @McAfee and @McAfee_Home.

The post Announcing McAfee’s Evolved Consumer Product Portfolio appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/consumer-threat-notices/mcafee-consumer-portfolio-2018/feed/ 0
Back-to-School Cybersecurity 101: #RT2Win an A+ Worthy Prize https://www.mcafee.com/blogs/consumer/back-to-school-rt2win/ https://www.mcafee.com/blogs/consumer/back-to-school-rt2win/#respond Mon, 27 Aug 2018 19:00:30 +0000 https://securingtomorrow.mcafee.com/?p=91250 The days are getting shorter and your bags are (finally) unpacked from the annual family vacation. Summer is officially coming to an end, and parents and kids are switching gears from hot afternoons filled with play dates and summer camp to early mornings and long school days. But as fun as a new school year […]

The post Back-to-School Cybersecurity 101: #RT2Win an A+ Worthy Prize appeared first on McAfee Blogs.

]]>
The days are getting shorter and your bags are (finally) unpacked from the annual family vacation. Summer is officially coming to an end, and parents and kids are switching gears from hot afternoons filled with play dates and summer camp to early mornings and long school days. But as fun as a new school year may be, did you know there have been 353 cybersecurity incidents U.S. K-12 public schools and districts since January 2016? And with devices being the new norm in the classroom – and the increasing number of phishing scams, ransomware and data breaches – cybersecurity should be the first priority when sending your kids back to school.

Backpacks, notebooks, pencils, markers…. the supplies list seems to go on and on. And we know that making sure your kids’ devices are secure can be stressful enough without the pressures of back-to-school supplies shopping, so we’re here to make sure they head back to school in style with our A+ worthy RT2Win sweepstakes!

Three [3] lucky winners of the sweepstakes drawing will receive a McAfee Back-to-School Essential Backpack complete with essential school supplies like binders, notebooks, book covers, $100 Amazon gift card, Fujifilm Instanx Mini 7s, and so much more! ($300 value, full details below) The best part? Entering is a breeze! Follow the instructions below to enter and good luck!

#RT2Win Sweepstakes Official Rules

  • To enter, go to https://twitter.com/McAfee_Home, and find the #RT2Win sweepstakes tweet.
  • The sweepstakes tweet will be released on Monday, August 27, 2018, 2018 at 12:00pm PT. This tweet will include the hashtags: #ProtectWhatMatters, #RT2Win AND #Sweepstakes.
  • Retweet the sweepstakes tweet released on the above date, from your own handle. The #ProtectWhatMatters, #RT2Win AND #Sweepstakes hashtags must be included to be entered.
  • Sweepstakes will end on Monday, September 10, 2018 at 11:59pm PT. All entries must be made before that date and time.
  • Winners will be notified on Monday, September 12, 2018 via Twitter direct message.
  • Limit one entry per person.

1. How to Win:

Retweet one of our contest tweets on @McAfee_Home that include “#ProtectWhatMatters, #RT2Win AND #Sweepstakes” for a chance to win a McAfee Back-to-School Essential Backpack (for full prize details please see “Prizes” section below). Three [3] total winners will be selected and announced on September 10, 2018. Winners will be notified by direct message on Twitter. For full Sweepstakes details, please see the Terms and Conditions, below.

#RT2Win Sweepstakes Terms and Conditions

2. How to Enter: 

No purchase necessary. A purchase will not increase your chances of winning. McAfee Back-to-School #RT2Win Sweepstakes will be conducted from August 27, 2018 through September 10, 2018. All entries for each day of the McAfee Back-to-School #RT2Win Sweepstakes must be received during the time allotted for the McAfee Back-to-School #RT2Win Sweepstakes. Pacific Daylight Time shall control the McAfee Back-to-School #RT2Win Sweepstakes, duration is as follows:

  • Begins Monday, August 27­­ at 12:00pm PST
  • Ends: Monday, September 10, 2018 at 11:59pm PST
  • Three [3] winners will be announced: Wednesday, September 12, 2018

For the McAfee Back-to-School #RT2Win Sweepstakes, participants must complete the following steps during the time allotted for the McAfee Back-to-School Sweepstakes:

  1. Find the sweepstakes tweet of the day posted on @McAfee_Home which will include the hashtags: #ProtectWhatMatters, #RT2Win and #Sweepstakes
  2. Retweet the sweepstakes tweet of the day and make sure it includes the #ProtectWhatMatters, #RT2Win, and hashtags.
  3. Note: Tweets that do not contain the #ProtectWhatMatters, #RT2Win, and #Sweepstakes hashtags will not be considered for entry.
  4. Limit one entry per person.

Three [3] winners will be chosen for the McAfee Back-to-School #RT2Win Sweepstakes tweet from the viable pool of entries that retweeted and included #ProtectWhatMatters, #RT2Win and #Sweepstakes. McAfee and the McAfee social team will choose winners from all the viable entries. The winners will be announced and privately messaged on Wednesday, September 12, 2018 on the @McAfee_Home Twitter handle. No other method of entry will be accepted besides Twitter. Only one entry per user is allowed, per Sweepstakes.   

3. Eligibility: 

McAfee Back-to-School #RT2Win Sweepstakes is open to all legal residents of the 50 United States who are 18 years of age or older on the dates of the McAfee Back-to-School #RT2Win Sweepstakes begins and live in a jurisdiction where this prize and McAfee Back-to-School #RT2Win Sweepstakes not prohibited. Employees of Sponsor and its subsidiaries, affiliates, prize suppliers, and advertising and promotional agencies, their immediate families (spouses, parents, children, and siblings and their spouses), and individuals living in the same household as such employees are ineligible.

 4. Winner Selection:

Winners will be selected at random from all eligible retweets received during the McAfee Back-to-School #RT2Win Sweepstakes drawing entry period. Sponsor will select the names of three [3] potential winners of the prizes in a random drawing from among all eligible submissions at the address listed below. The odds of winning depend on the number of eligible entries received. By participating, entrants agree to be bound by the Official McAfee Back-to-School #RT2Win Sweepstakes Rules and the decisions of the coordinators, which shall be final and binding in all respects.

5. Winner Notification: 

Each winner will be notified via direct message (“DM”) on Twitter.com by September 12, 2018. Prize winners may be required to sign an Affidavit of Eligibility and Liability/Publicity Release (where permitted by law) to be returned within ten (10) days of written notification, or prize may be forfeited, and an alternate winner selected. If a prize notification is returned as unclaimed or undeliverable to a potential winner, if potential winner cannot be reached within twenty four (24) hours from the first DM notification attempt, or if potential winner fails to return requisite document within the specified time period, or if a potential winner is not in compliance with these Official Rules, then such person shall be disqualified and, at Sponsor’s sole discretion, an alternate winner may be selected for the prize at issue based on the winner selection process described above.

6. Prizes: 

McAFEE BACK-TO-SCHOOL ESSENTIAL BACKPACK (3)

Approximate ARV for Tier 1 Prize: $400

  • $100 Amazon Gift Card
  • McAfee Backpack
  • McAfee Water Bottle
  • Fujifilm Instax Mini 7s Red
  • Fujifilm Instax Mini Rainbow Film
  • McAfee Total Protection
  • Spiral Notebooks (2)
  • Binders (2)
  • Binder Dividers – 5 pack (2)
  • Planner
  • Ball Point Pens – 24 pack
  • Mechanical Pencils – 40 pack
  • Highlighters – 12 pack
  • Large Erasers – 3 pack
  • Pencil Bag
  • Plastic Ruler
  • Crayola Markers
  • Crayola Colored Pencils
  • Pencil Sharpener
  • Scissors
  • Index Cards
  • Book Covers (2)

Limit one (1) prize per person/household. Prizes are non-transferable, and no cash equivalent or substitution of prize is offered.

The prize for the McAfee Back-To-School #RT2Win Sweepstakes is a ONE (1) Back-to-School Essential Backpack, complete with the above supplies, for each of the three (3) entrants. Entrants agree that Sponsor has the sole right to determine the winners of the McAfee Back-to-School #RT2Win Sweepstakes and all matters or disputes arising from the McAfee Back-to-School #RT2Win Sweepstakes and that its determination is final and binding. There are no prize substitutions, transfers or cash equivalents permitted except at the sole discretion of Sponsor. Sponsor will not replace any lost or stolen prizes. Sponsor is not responsible for delays in prize delivery beyond its control. All other expenses and items not specifically mentioned in these Official Rules are not included and are the prize winners’ sole responsibility.

7. General Conditions: 

Entrants agree that by entering they agree to be bound by these rules. All federal, state, and local taxes, fees, and surcharges on prize packages are the sole responsibility of the prizewinner. Sponsor is not responsible for incorrect or inaccurate entry information, whether caused by any of the equipment or programming associated with or utilized in the McAfee Back-to-School #RT2Win Sweepstakes, or by any technical or human error, which may occur in the processing of the McAfee Back-to-School #RT2Win Sweepstakes. entries. By entering, participants release and hold harmless Sponsor and its respective parents, subsidiaries, affiliates, directors, officers, employees, attorneys, agents, and representatives from any and all liability for any injuries, loss, claim, action, demand, or damage of any kind arising from or in connection with the McAfee Back-to-School #RT2Win Sweepstakes, any prize won, any misuse or malfunction of any prize awarded, participation in any McAfee Back-to-School #RT2Win Sweepstakes -related activity, or participation in the McAfee Back-to-School #RT2Win Sweepstakes. Except for applicable manufacturer’s standard warranties, the prizes are awarded “AS IS” and WITHOUT WARRANTY OF ANY KIND, express or implied (including any implied warranty of merchantability or fitness for a particular purpose).

8. Limitations of Liability; Releases:

By entering the Sweepstakes, you release Sponsor and all Released Parties from any liability whatsoever, and waive any and all causes of action, related to any claims, costs, injuries, losses, or damages of any kind arising out of or in connection with the Sweepstakes or delivery, misdelivery, acceptance, possession, use of or inability to use any prize (including claims, costs, injuries, losses and damages related to rights of publicity or privacy, defamation or portrayal in a false light, whether intentional or unintentional), whether under a theory of contract, tort (including negligence), warranty or other theory.

To the fullest extent permitted by applicable law, in no event will the sponsor or the released parties be liable for any special, indirect, incidental, or consequential damages, including loss of use, loss of profits or loss of data, whether in an action in contract, tort (including, negligence) or otherwise, arising out of or in any way connected to your participation in the sweepstakes or use or inability to use any equipment provided for use in the sweepstakes or any prize, even if a released party has been advised of the possibility of such damages.

  1. To the fullest extent permitted by applicable law, in no event will the aggregate liability of the released parties (jointly) arising out of or relating to your participation in the sweepstakes or use of or inability to use any equipment provided for use in the sweepstakes or any prize exceed $10. The limitations set forth in this section will not exclude or limit liability for personal injury or property damage caused by products rented from the sponsor, or for the released parties’ gross negligence, intentional misconduct, or for fraud.
  2. Use of Winner’s Name, Likeness, etc.: Except where prohibited by law, entry into the Sweepstakes constitutes permission to use your name, hometown, aural and visual likeness and prize information for advertising, marketing, and promotional purposes without further permission or compensation (including in a public-facing winner list).  As a condition of being awarded any prize, except where prohibited by law, winner may be required to execute a consent to the use of their name, hometown, aural and visual likeness and prize information for advertising, marketing, and promotional purposes without further permission or compensation. By entering this Sweepstakes, you consent to being contacted by Sponsor for any purpose in connection with this Sweepstakes.

9. Prize Forfeiture:

If winner cannot be notified, does not respond to notification, does not meet eligibility requirements, or otherwise does not comply with the prize McAfee Back-to-School #RT2Win Sweepstakes rules, then the winner will forfeit the prize and an alternate winner will be selected from remaining eligible entry forms for each McAfee Back-to-School #RT2Win Sweepstakes.

10. Dispute Resolution:

Entrants agree that Sponsor has the sole right to determine the winners of the McAfee Back-to-School #RT2Win Sweepstakes and all matters or disputes arising from the McAfee Back-to-School #RT2Win Sweepstakes and that its determination is final and binding. There are no prize substitutions, transfers or cash equivalents permitted except at the sole discretion of Sponsor.

11. Governing Law & Disputes:

Each entrant agrees that any disputes, claims, and causes of action arising out of or connected with this sweepstakes or any prize awarded will be resolved individually, without resort to any form of class action and these rules will be construed in accordance with the laws, jurisdiction, and venue of the State of New York, U.S.A.

12. Privacy Policy: 

Personal information obtained in connection with this prize McAfee Back-to-School #RT2Win Sweepstakes will be handled in accordance policy set forth at https://www.mcafee.com/enterprise/en-us/about/privacy.html.

  1. Winner List; Rules Request: For a copy of the winner list, send a stamped, self-addressed, business-size envelope for arrival after August 27,2018 before September 10, 2018 to the address listed below, Attn: #RT2Win at CES Sweepstakes.  To obtain a copy of these Official Rules, visit this link or send a stamped, self-addressed business-size envelope to the address listed in below, Attn: Sarah Grayson. VT residents may omit return postage.
  2. Intellectual Property Notice: McAfee and the McAfee logo are registered trademarks of McAfee, LLC. The Sweepstakes and all accompanying materials are copyright © 2018 by McAfee, LLC.  All rights reserved.
  3. Sponsor: McAfee, LLC, Corporate Headquarters 2821 Mission College Blvd. Santa Clara, CA 95054 USA
  4. Administrator: LEWIS Pulse, 111 Sutter St., Suiter 850, San Francisco, CA 94104

The post Back-to-School Cybersecurity 101: #RT2Win an A+ Worthy Prize appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/consumer/back-to-school-rt2win/feed/ 0
Take a Holistic Approach to Reviewing Security Strategy https://www.mcafee.com/blogs/enterprise/take-a-holistic-approach-to-reviewing-security-strategy/ https://www.mcafee.com/blogs/enterprise/take-a-holistic-approach-to-reviewing-security-strategy/#respond Thu, 23 Aug 2018 21:07:30 +0000 https://securingtomorrow.mcafee.com/?p=91145

The first step in building a culture of security in an organization is embedding it into your vision and values. Creating a foundational commitment to security among all employees establishes a strong first line of defense. With that in place, the next step is reviewing each area of the business to ensure you’re walking the […]

The post Take a Holistic Approach to Reviewing Security Strategy appeared first on McAfee Blogs.

]]>

The first step in building a culture of security in an organization is embedding it into your vision and values. Creating a foundational commitment to security among all employees establishes a strong first line of defense. With that in place, the next step is reviewing each area of the business to ensure you’re walking the talk when it comes to thinking security-first. Knowing where to start can be overwhelming. But using this simple framework will guide you through the critical elements.

Begin with a holistic review of your security strategy

In today’s digital world, businesses are more interconnected and fast-moving than ever. It’s important to take a wide perspective and review all angles of security across governance, people, process, and technology.

  • Governance: Depending on many factors – including company size, industry, geography, ownership structure, and more – the level of data governance at a company can vary greatly. It’s worth evaluating what you have in place and considering adding new structures for data protection for the long term.
  • People: This is an organization’s greatest vulnerability, but also its strongest line of defense. Review your education and training for cybersecurity best practices across all levels and departments, from your most junior staff up to executives, and make sure your people are part of the solution.
  • Processes: This should extend beyond just security-specific processes to broader business-level processes. Review data collection, flows, processing, storage, and handling to understand the scope of securing that data. But also evaluate processes for product design and development, new hire onboarding, and other departmental workflows to identify areas to add new security measures.
  • Technology: This is the backbone of your digital organization, so ensuring your technology is secure is table stakes. It’s important to also assess how the systems are actually used by staff and consider changes if people tend to bypass standard procedures to avoid any inconvenient steps required.

Measure outcomes to gauge effectiveness

While gaining clear visibility into actual security strategies in effect across the organization provides understanding of scope, it’s only the first step. As you craft a plan to strengthen your security and implement changes, measuring the impact is critical to evaluating effectiveness. Start by establishing a baseline metric for each change in your plan, whether it is designing new procedures for data protection, rolling out an updated staff training, adjusting steps in product design to consider security, or replacing a technology system.

As updates are implemented, build a cadence of evaluations into regular workflows. For example, include measurement of outcomes in quarterly review or planning cycles. Check progress against the original baseline, including quantitative measurements when possible as well as qualitative feedback from team members to validate. Use that data to course correct and continuously improve implementation of your strategies.

Throughout each stage of this holistic review process and implementation of changes, continually think about how various roles on each team are affected by implementation of changes. Understanding impact and communicating each person’s responsibility to security on a personal level is key to developing a sustainable culture of security.

Steps for Conducting a Holistic Review of Security Strategy

Thinking about the scope and effectiveness of security measures across every area of the business can be overwhelming. Breaking it down into defined segments helps get started. Use this framework to guide your review.

Download one-pager

The post Take a Holistic Approach to Reviewing Security Strategy appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/enterprise/take-a-holistic-approach-to-reviewing-security-strategy/feed/ 0
A Culture of Security is Built on a Strong First Line of Defense https://www.mcafee.com/blogs/other-blogs/executive-perspectives/a-culture-of-security-is-built-on-a-strong-first-line-of-defense/ https://www.mcafee.com/blogs/other-blogs/executive-perspectives/a-culture-of-security-is-built-on-a-strong-first-line-of-defense/#respond Thu, 23 Aug 2018 21:04:48 +0000 https://securingtomorrow.mcafee.com/?p=91137

With the pressure of digital transformation on companies today, executives need to consider how to keep their organization safe amidst rapid change. Most businesses cover their security bases with the basics: advanced analytics, technology using machine-learning and AI, and baseline protocols. But in the face of today’s rising threats, the basics may not be enough. […]

The post A Culture of Security is Built on a Strong First Line of Defense appeared first on McAfee Blogs.

]]>

With the pressure of digital transformation on companies today, executives need to consider how to keep their organization safe amidst rapid change. Most businesses cover their security bases with the basics: advanced analytics, technology using machine-learning and AI, and baseline protocols. But in the face of today’s rising threats, the basics may not be enough. On top of that, the need to keep up may lead to oversight of key security measures.

A McAfee cloud security report last year found almost 40% of cloud services are commissioned without the involvement of IT. As a result, 65% of IT professionals think this interferes with their ability to keep the cloud safe and secure. The responsibility of safeguarding businesses must now extend beyond the purview of IT. So, what can leaders do to ensure they’re protecting their companies? McAfee has identified key first steps to build the foundation of an organization-wide culture of security in which every employee plays a role.

Begin with a vision and values that prioritize security

Employees can be the best defense or the greatest vulnerability when it comes to cybersecurity. Whether your company is in the business of security or another industry, getting staff to keep security top of mind in everything they do is critical. This begins with embedding security into the vision and values of the organization from the top down.

While McAfee has the advantage of its teams already living and breathing cybersecurity every day, CEO Chris Young knew more was needed to create a culture of security people truly owned. The leadership crafted The Pledge, a commitment all employees make to crystalize their dedication to security. To keep this top of mind, copies of The Pledge are posted throughout the office and included on notebooks and badge cards. Visibility and reinforcement from leadership is essential to maintaining the importance of this value.

Employ technology that supports rather than inconveniences

All too often new systems are put into place without considering the practical application for users. Change is always hard, but when technology updates result in additional steps or obstacles for employees, chances are they’re going to look for a shortcut. But these types of workarounds open doors to exactly the risks IT and security teams are working to avoid. By implementing technology systems that motivate staff to make smart decisions without overly burdening them, structures are put in place to inherently encourage secure behaviors.

Think security-first across all teams

It’s not enough to train employees to be security-minded in their online activities. Organizations need to think beyond that initial vulnerability and build security into every aspect of their business. This could include planning a step in the product design process that considers security implications. Or when drafting partnership agreements, a new clause may be added to cover security risks and protocols. HR teams can introduce a security-first mentality right from the start through the hiring and onboarding process.

Businesses have too much to lose if they don’t prioritize security at every level. Cybercrime costs companies hundreds of billions of dollars annually, even putting smaller firms out of business entirely. With more and more data to protect and cyber threats continually evolving, everyone must play a part in creating a culture of security.

Tips to Establish a Strong First Line of Defense

Every executive wants to be sure they’re doing everything they can to protect their company. These starting points for building a foundation of a culture of security across your organization will help you think through your approach.

Download one-pager

The post A Culture of Security is Built on a Strong First Line of Defense appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/executive-perspectives/a-culture-of-security-is-built-on-a-strong-first-line-of-defense/feed/ 0
A Culture of Security Must Extend Beyond the Business https://www.mcafee.com/blogs/other-blogs/executive-perspectives/a-culture-of-security-must-extend-beyond-the-business/ https://www.mcafee.com/blogs/other-blogs/executive-perspectives/a-culture-of-security-must-extend-beyond-the-business/#respond Thu, 23 Aug 2018 17:36:40 +0000 https://securingtomorrow.mcafee.com/?p=91175

This blog was written by Grant Bourzikas, previous CISO at McAfee. In a world where the lines between personal and corporate data and devices are increasingly blurred, companies benefit when they take the time to educate all staff about online safety. Both the volume and sophistication of cyber threats are growing, and we are more […]

The post A Culture of Security Must Extend Beyond the Business appeared first on McAfee Blogs.

]]>

This blog was written by Grant Bourzikas, previous CISO at McAfee.

In a world where the lines between personal and corporate data and devices are increasingly blurred, companies benefit when they take the time to educate all staff about online safety. Both the volume and sophistication of cyber threats are growing, and we are more exposed than ever with the level of always-on connectivity constantly at our fingertips. Mobile devices and cloud applications make it seamless to stay on top of work-related emergencies while traveling or check personal email when at work. However, the amount of sensitive data associated with these devices and their vulnerability to hacking should prompt us to think twice about our online habits.

Creating a comprehensive culture of security in an organization reaches beyond the parameters of the business and into the realm of each employee’s personal life. There are simple steps everyone can take to better safeguard their devices and data, but the sad truth is all too often people just don’t. A recent Pew Research Study found that 54% of internet users regularly connect to public Wi-Fi, with as many as 20% using it to perform sensitive activities such as online banking. Similarly, about 40% of survey respondents said they only update their phone’s operating system when it’s convenient, with 14% indicating that they never update it.

Through prioritizing security as a corporate value, the business can take steps to educate their workforce and begin shifting the automatic online habits of employees to be more thoughtful and safe. It starts with building awareness of areas of vulnerability. Training employees to be on the lookout for socially engineered attacks, from phishing to ransomware, cultivates a healthy sense of skepticism and caution. Teaching them about entry points for cybercriminals, such as IoT and malicious sites, also increases their overall understanding of cybersecurity threats and what steps they can take to better protect themselves.

With a greater understanding of security and the risks posed by everyday actions, staff will be more willing to make changes that are likely to stick. Working together to provide education and supporting materials, IT and HR teams can motivate safer behavior by focusing on a few critical areas of impact.

Passwords

Healthy password hygiene means a strong line of defense against cybercriminals. Unfortunately, ease and convenience are often prioritized over data security, and this is commonly the weakest entry point for hackers. Using the same credentials for multiple online sites and allowing login access to third party apps through networking platforms like Facebook means all of your data is at risk once a hacker gets past that first gate. Use separate, unique passwords across all accounts and change them regularly. If you have trouble remembering them, consider using a password manager.

Public Wi-Fi

We have become accustomed to being connected 24/7, and getting on free public Wi-Fi while out provides convenience and saves on data usage. We may feel safe logging on at our favorite coffee shop, but an unsecured network means anyone can see what you’re doing on your device, making it easy for cybercriminals to eavesdrop, steal information, or infect devices with malware. Gaining access to your sensitive data for a hacker only requires you visiting a spoofed website while on public Wi-Fi. The best defense against this is to limit your activity or avoid public Wi-Fi entirely, when possible. Consider using a virtual private network (VPN) or a personal/mobile hotspot to stay secure while on the go.

Apps

Information about you is collected by the apps you use, so educating yourself about who’s getting your data and what they’re doing with it will go a long way in protecting yourself. Before downloading a new app, read reviews to see if users have had problems and check the fine print. Never download apps from unknown sources, as they may be designed to mine your personal information. Review the privacy settings for your apps, and be aware of any personal information being accessed by third parties. Be thoughtful about which apps you allow to access geolocation data. Apps can add convenience, social connection, or increased productivity to our lives, but they also open the door to multiple risks. Taking a little time to review your apps settings and customize them for your use can reduce vulnerability.

Updates

Keeping your applications and operating system up to date is the best defense against threats. Out-of-date software has security vulnerabilities that make it easier for cybercriminals to access your system and personal data. Create instant peace of mind by scheduling updates to happen automatically. Delete apps you no longer use to keep your device free of clutter and outdated software.

These precautions might seem basic, but often the simplest steps are skipped and they can have a huge impact on security. Reinforce the importance of security on personal devices to help your staff build their own culture of security at home. With a little time and attention spent on device management, everyone can increase the security of their data significantly.

Starting Points to Promote Safe Online Behavior for Employees

Creating a culture of security isn’t just something that needs to happen for businesses, especially in a world where lines between personal and professional data are blurred. By educating and training staff in safer online habits, companies build a stronger culture of security at work that extends to the home.

Download one-pager

The post A Culture of Security Must Extend Beyond the Business appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/executive-perspectives/a-culture-of-security-must-extend-beyond-the-business/feed/ 0
Think Broadly to Keep Ahead of the Next Threat https://www.mcafee.com/blogs/other-blogs/executive-perspectives/think-broadly-to-keep-ahead-of-the-next-threat/ https://www.mcafee.com/blogs/other-blogs/executive-perspectives/think-broadly-to-keep-ahead-of-the-next-threat/#respond Thu, 23 Aug 2018 17:23:42 +0000 https://securingtomorrow.mcafee.com/?p=91169

This blog was written by Grant Bourzikas, previous CISO at McAfee. As cyber threats grow increasingly sophisticated, staying ahead of bad actors is proportionately more challenging. Hackers, data theft, and viruses have been around for decades, but the stakes have raised significantly. The WannaCry ransomware attack last year was the first time we’ve seen worm […]

The post Think Broadly to Keep Ahead of the Next Threat appeared first on McAfee Blogs.

]]>

This blog was written by Grant Bourzikas, previous CISO at McAfee.

As cyber threats grow increasingly sophisticated, staying ahead of bad actors is proportionately more challenging. Hackers, data theft, and viruses have been around for decades, but the stakes have raised significantly. The WannaCry ransomware attack last year was the first time we’ve seen worm tactics combined with ransomware on a major scale, infecting at least 350,000 victims in more than 150 countries. WannaCry brought sci-fi futuristic threats into the present, and it made the theory of threats personal.

To create a culture of security that extends to every person, our professional cybersecurity defenses need to be as robust and efficient as possible. We need to keep our edge on cybercriminals, ensuring our teams are equipped to anticipate and outwit their next move. At McAfee we operate on the principle that the most effective defense is built on a cybersecurity platform that is both open and integrated. This allows it to accept new technologies as threats evolve as well as work together with other systems as a cohesive defense.

Staying ahead requires more than just keeping up with the current trends on Artificial Intelligence (AI) or advanced analytics. We must employ advanced practices and continually focus on improvement to reduce risk and vulnerability.

Use human-machine teaming

It’s clear that machines alone will not save us from the next cyber threat. With all the benefits of AI and machine learning, we still need humans to match the ingenuity of the criminals on the other side. The concept of human-machine teaming can drive us forward, taking advantage of the strengths of each for a more efficient and effective outcome. The lag between a person noticing an issue and the machine helping address it gives attackers the upper hand. But when we put the human in the AI algorithm loop, the machine is able to learn better to proceed in new scenarios while the human continues to adapt and focus on higher-value tasks.

Evolve the SOC

While endpoint and cloud are the critical control points for cybersecurity, the Security Operations Center (SOC) is the central analytics hub and situation room. This is where dedicated resources reside for incident detection, investigation, and response – and where continuous innovation is vital for keeping ahead of increasingly sophisticated attacks. Unfortunately, research shows more than a third of all companies are approaching cybersecurity manually. This will not be sustainable with the volume of data to keep up with. In fact, 25% of security events go unanalyzed. Establishment of an advanced SOC requires integration of data, analytics, and machine learning.

Embrace collaboration

There are more than 1,200 cybersecurity vendors in the industry, but there are thousands more online dangers ready to challenge them. On top of that, 67% of customer respondents to a McAfee ePO study this year indicated that analytics and operations investments are being impaired because of too many point solutions, instead of using an integrated platform. More than ever, we need to work together – and make sure the tools we’re developing work together too. In support of this, the OpenDXL open source project enables more applications to run across the McAfee Data Exchange Layer (DXL) fabric, building an ecosystem of companies collaborating in an information/intelligence exchange. With more than a dozen participants and new ones ready to join, enterprises gain secure, near real-time access to new data and instant interactions with other products.

The need to continue sharing best practices and collaborate is of paramount importance. We can’t take our eyes of the threats right in front of us, but we must also step back to evaluate the big picture and keep our sights on the future. Only by working together can we create a global culture of security.

Advanced Practices for Keeping an Edge on Bad Actors

As the volume and sophistication of threats increase, we must continue evolving our cybersecurity defenses to stay ahead of attackers. McAfee has identified some key strategies to help be prepared in the face of unknown threats.

Download one-pager

The post Think Broadly to Keep Ahead of the Next Threat appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/executive-perspectives/think-broadly-to-keep-ahead-of-the-next-threat/feed/ 0
Train your Cybersecurity Team for Peak Performance https://www.mcafee.com/blogs/other-blogs/executive-perspectives/train-your-cybersecurity-team-for-peak-performance/ https://www.mcafee.com/blogs/other-blogs/executive-perspectives/train-your-cybersecurity-team-for-peak-performance/#respond Thu, 23 Aug 2018 17:20:50 +0000 https://securingtomorrow.mcafee.com/?p=91163

This blog was written by Grant Bourzikas, previous CISO at McAfee. Whether you’re racing to fill cybersecurity jobs to keep up with the changing threat landscape or support your company’s rapid growth, getting your team trained and at the top of their game is a high priority. You need to ensure all new hires are […]

The post Train your Cybersecurity Team for Peak Performance appeared first on McAfee Blogs.

]]>

This blog was written by Grant Bourzikas, previous CISO at McAfee.

Whether you’re racing to fill cybersecurity jobs to keep up with the changing threat landscape or support your company’s rapid growth, getting your team trained and at the top of their game is a high priority. You need to ensure all new hires are operating with the same baseline of knowledge and skills as your veterans. But at the same time, you must keep everyone a step ahead of the latest threats and attacks. By providing staff opportunities to develop their expertise as well as nurture their natural interests, you can build a team of cybersecurity professionals that form the backbone of your organizational culture of security.

One of the best ways to prepare for the unexpected is to practice. This may seem counterintuitive, but there are a variety of ways to test your teams with realistic scenarios to accelerate skill development.

Use gamification

Many of the problem-solving skills used in gaming translate to those needed in cybersecurity. Gamification is also becoming more frequently used to improve performance among cybersecurity employees – and is something our very own SOC team employees for creative problem-solving skills development and training. The recent McAfee Winning the Game report revealed 77% of senior managers agree their organization’s cybersecurity would be much safer if they implemented more gamification. Top benefits from using games include increasing knowledge on how breaches can occur, how to avoid being a victim to a breach, and how to best react to a breach. In addition to fine-tuning skills, games force players to be vigilant and focused, characteristics highly valued in security roles. Using gamification as part of training, and even giving credit to gaming experience in hiring candidates, can help you keep your team sharp and energized.

Simulate real threats

Using penetration testing to simulate threats isn’t a new tactic, but combining it with elements of social engineering can provide a more authentic scenario to help teams prepare. Deploying this over a realistic timeline to test your staff on detecting and responding to the latest types of cyberattacks provides insight into how they will fare in a real-world attack scenario. Craft scenarios to emulate specific types of threat actors, such as enthusiasts, organized groups, and cybercriminals, and gauge your resilience against threats like data theft, fraud, and corporate espionage. For help in developing and implementing this kind of testing, learn more about McAfee’s Red Team Services.

Think beyond your own walls

McAfee employees had the honor earlier this year of being invited to participate in a three-day cyber exercise led by the Department of Homeland Security called Cyber Storm. They joined more than 2,000 members of private industry, federal government, and international partners in a simulation of discovery and response to a large-scale coordinated cyberattack. While this event is by invitation only, it’s a great example of the kind of opportunity worth seeking out for your staff. The practice scenario strengthened information sharing partnerships among private and public sector organizations, underscoring the critical nature of these relationships.

Ensuring your team is constantly energized through positive training experiences like gamification is a new development in cybersecurity benefiting many companies. It helps teams feel motivated to continuously learn and problem solve – so they are ready to detect and respond to the latest cyberattacks. Deploying a combination of both traditional and non-traditional testing will keep you operating at peak performance. When looking to build a culture of security across your entire organization, security leaders must constantly train and invest in their teams to ensure they are inspired to live by security-first values in all that they do. A strong group of cybersecurity pros can set an example for the rest of the company.

Tips for Preparing Cybersecurity Teams to Face the Unexpected

Recruiting and retaining security professionals can be a challenge in today’s competitive environment. Make sure the team you’ve worked so hard to build gets the training they need to perform at their best.

Want to test your team’s skills separating the signal from the noise when performing incident response? Check out our interactive quiz.

Download one-pager

The post Train your Cybersecurity Team for Peak Performance appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/executive-perspectives/train-your-cybersecurity-team-for-peak-performance/feed/ 0
A Strategic Approach to Retention Builds Sustainable Cybersecurity Teams https://www.mcafee.com/blogs/other-blogs/executive-perspectives/a-strategic-approach-to-retention-helps-build-sustainable-cybersecurity-teams/ https://www.mcafee.com/blogs/other-blogs/executive-perspectives/a-strategic-approach-to-retention-helps-build-sustainable-cybersecurity-teams/#respond Thu, 23 Aug 2018 17:17:58 +0000 https://securingtomorrow.mcafee.com/?p=91157

This blog was written by Grant Bourzikas, previous CISO at McAfee. The demand for cybersecurity talent is outpacing supply across the entire business landscape. Depending on what research you reference, experts predict that by 2020 there will be around 1.5 million to 2 million cybersecurity roles unfilled. This makes employee retention more important than ever […]

The post A Strategic Approach to Retention Builds Sustainable Cybersecurity Teams appeared first on McAfee Blogs.

]]>

This blog was written by Grant Bourzikas, previous CISO at McAfee.

The demand for cybersecurity talent is outpacing supply across the entire business landscape. Depending on what research you reference, experts predict that by 2020 there will be around 1.5 million to 2 million cybersecurity roles unfilled. This makes employee retention more important than ever before to ensuring the stability and security of your organization.

When thinking about how to build a model for talent development and management that’s sustainable for the long-term, it’s critical to focus on building the right team, not just hiring more people. While technical skills are important, creativity, problem-solving ability, and diversity are also key indicators of strong candidates and should not be underestimated when evaluating resumes. Investing in building the right team with different skill sets will be more valuable to the big picture in the long run.

However, this is no easy feat as the pressure to secure an organization against the ongoing barrage of today’s many and varied threats has never been greater. Professionals must fight day-to-day security threat responses while staying ahead of the next threat and keeping up with training. The stress of limited time, resources, and training can lead to burn out. On top of that, as people become more skilled, they’re also more attractive to competing resources and willing to consider offers. To avoid excess turnover of your top performers, you must be strategic about retention and prioritize a positive working environment.

Build a motivating environment

It’s probably obvious that an employee satisfied in their current job is less likely to leave for another opportunity than one who is dissatisfied. But what are the factors that influence true job satisfaction? Data from our recent Winning the Game study shows key reasons people switch jobs are better financial incentives and pay, opportunity for promotion and development, flexible hours, and opportunities to work with exciting new technologies. This demonstrates the value of taking time to evaluate your compensation packages to be sure they’re competitive, and working with HR to ensure staff see clear career pathways and professional development opportunities available.

The study additionally highlighted the type of work cybersecurity employees are engaged in as adding to the level of enjoyment experienced at work. Top of the list were threat hunting, resolving threats, and preventing threats, with just over a fifth of survey respondents indicating a threat hunter position is a career aspiration, either at their current organization or elsewhere. There’s also a clear correlation between companies using gamification and higher job satisfaction. More than half the respondents that are extremely satisfied in their roles say their organization uses competitive games, such as capture the flag, once or more a year to help train teams to respond to current threats and keep their skills honed. On the flip side, 80% of extremely dissatisfied employees whose companies do not use gamification say they wish they did run games.

Provide support structures for success

Providing teams with the right technology alleviates them from time-intensive tasks. Automation is the obvious tool for this and has shown clear benefits to cybersecurity organizations on multiple levels. In terms of strengthening retention practices, it provides employees the chance to work with new technology, which ranks high in influencing job satisfaction. Automation also reduces the time staff needs to spend on repetitive tasks such as day-to-day monitoring of logs and policy enforcement, freeing them up to focus on more challenging and higher-value tasks that lead to greater enjoyment.

Evolving machine learning to human-machine teaming leverages the advantages of intelligent automation of many tasks while emphasizing the importance of people to perform strategic analysis and problem solving. This approach provides staff with opportunities to focus on tasks they find most rewarding and reminds them of the value they provide the organization in their critical role. We need machines to process the volume of data security teams manage every day, but we need humans too, to outthink the people behind the code on the other side.

Educate all staff on the responsibility of security

IT and SOC teams have traditionally been the primary guardians when it comes to keeping an organization secure. But in the face of advanced threats at every angle, the duty must be shared by everyone to be truly effective against cyber threats. By educating the entire employee base about the role they play in keeping the business safe, leadership can build a culture of security that takes some of the pressure off one department. Giving your IT and SOC staff the support of the rest of the company will go a long way to boost morale and share the responsibility of organization-wide security.

Hiring more staff may be challenging with the looming talent shortage, so taking a more strategic approach that focuses on retention and education of current employees will go a long way to building a sustainable team of cybersecurity professionals. Spend the time and effort upfront to develop a thoughtful model for recruitment and retention, and it will reduce the wasted resources lost on dealing with staff churn. Focusing on building a positive environment, supporting with the right technology, and educating on everyone’s role in security will create a team of cybersecurity professionals that can help you build a strong culture of security across the entire organization.

Three Factors to Help Build Sustainable Teams

In the face of a growing shortage of cybersecurity professionals, taking a strategic approach to retention is critical to sustaining your talent pool. Consider these three factors identified in the McAfee Winning the Game study when crafting your model for staff development.

Download one-pager

The post A Strategic Approach to Retention Builds Sustainable Cybersecurity Teams appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/executive-perspectives/a-strategic-approach-to-retention-helps-build-sustainable-cybersecurity-teams/feed/ 0
All Work and No Play? Not at McAfee! https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/all-work-and-no-play-not-at-mcafee/ https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/all-work-and-no-play-not-at-mcafee/#respond Fri, 17 Aug 2018 14:00:27 +0000 https://securingtomorrow.mcafee.com/?p=90924

By Srinidhi, Software Quality Engineer There’s more to life than work.   It’s a commonly held and often stated view, but companies that take it to heart are few and far between. McAfee is one of those few.  Well known as an industry leader, the creator of powerful security technologies and solutions, McAfee also believes it is […]

The post All Work and No Play? Not at McAfee! appeared first on McAfee Blogs.

]]>

By Srinidhi, Software Quality Engineer

There’s more to life than work.  

It’s a commonly held and often stated view, but companies that take it to heart are few and far between. McAfee is one of those few. 

Well known as an industry leader, the creator of powerful security technologies and solutions, McAfee also believes it is vital to build community among employees through clubs and events, promoting and facilitating fun, engaging and educational activities for employees. And this company puts that belief into action! 

McAfee Photography Club

In India, McAfee established the M-Alive employee engagement committee to support various activities to encourage creativity and learning, one of which is McAfee Photography Club. 

This is close to my heart. As a wildlife enthusiast with a love of nature, I’ve found digital photography an ideal tool to help me observe nature and express my desire to understand it more deeply. Over the years, learning the art of photography has become a hobby in its own right. 

Quarterly Competitions

McAfee Photography Club runs quarterly photographic competitions. These have proven to be popular with employees, the very first competition drawing over 100 submissions. Given the wide range of images submitted, we decided to adopt a different theme each month (which has done nothing to reduce the substantial numbers of excellent images submitted monthly!) Each month’s winning images are framed and displayed around the office.  

The competition engages large numbers of employees, either entering their photographs in the competition or simply appreciating others’ images and the extensive talent we have at McAfee. Entries are viewed across the world – one woman in Europe commented on an image of a magnificent lion which sadly lost its fight against cancer: “As I go through this phase of struggle in my life, this image means a lot to me”. It’s wonderful to me that our art can be so helpful to others. 

A Great Place to Work

Photography is just one example of the many areas – sports, arts, sciences and others – encouraged and supported by McAfee. The company invests enthusiastically in helping employees pursue interests and build community within the business. McAfee is truly a great place to work.

For more stories like this, follow @LifeAtMcAfee on Instagram and @McAfee on Twitter to see what working at McAfee is all about. Interested in joining our teams? We’re hiring! Apply now.

 

 

 

The post All Work and No Play? Not at McAfee! appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/all-work-and-no-play-not-at-mcafee/feed/ 0
Q&A with Software QA Manager: How McAfee Empowers Me to Shape the Future https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/qa-with-software-qa-manager-how-mcafee-empowers-me-to-shape-the-future/ https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/qa-with-software-qa-manager-how-mcafee-empowers-me-to-shape-the-future/#respond Mon, 13 Aug 2018 15:38:20 +0000 https://securingtomorrow.mcafee.com/?p=90880

By Simon, Software QA Manager Simon is a Software Quality Assurance Manager at the McAfee Aylesbury office. He joined the company 11 years ago and has fulfilled various roles at McAfee Labs, where he found his passion for improving the quality of the technology we deliver to McAfee customers. Who doesn’t want to live out […]

The post Q&A with Software QA Manager: How McAfee Empowers Me to Shape the Future appeared first on McAfee Blogs.

]]>

By Simon, Software QA Manager

Simon is a Software Quality Assurance Manager at the McAfee Aylesbury office. He joined the company 11 years ago and has fulfilled various roles at McAfee Labs, where he found his passion for improving the quality of the technology we deliver to McAfee customers.

Who doesn’t want to live out their passions in their career? It’s something people spend decades looking for and not all are fortunate to find. For my part, I’m thankful I found a company where I discovered both and can live out my passion: raising awareness of the importance of software testing and quality assurance.

Some of you may be wondering what exactly quality assurance is. It’s ensuring the software McAfee offers is of the highest quality and delivers world-class results for our customers. In the eleven years I’ve been with McAfee, I’ve been provided plenty of opportunities to learn, collaborate and carry out my goal of sharing knowledge along the way.

Questions? It’s part of my job to have answers (Get it? QA?). Here are three questions I’m commonly asked about my QA journey and love for raising awareness:

What inspired me to pursue QA testing?

One of my most memorable experiences at McAfee was attending TestBash in 2015, the UK testing conference. Not only was this a great time to build relationships and network, but it also ignited my enthusiasm for software testing, introduced me to new concepts and drove the idea of testing communities home. If you have an opportunity to attend or are interested in QA, I strongly recommend you go!

When did I realize raising awareness about QA was important?

A couple of years ago, my alma mater invited me to present a career talk. I was excited to share my enthusiasm for QA with students, but the university stated QA was not part of their curriculum. After extensive research, I discovered only one out of the UK’s top 25 universities offered a testing/QA module.

Knowing the value of QA, I decided then and there I would help spread the word about testing to universities and broader community to improve the skills of potential candidates for future roles. I’ve given careers talks at various universities, joined the University of Buckingham’s Industry Advisory Board and spoke at London’s UKStar Testing Conference and the Online Test Conference.

Another way I do what I love in educating the next generation is with McAfee’s Online Safety Program. As a certified instructor, I teach children in the UK about the importance of cybersecurity, cyber safety and cyber ethics.

How do I bring this QA passion into McAfee?

McAfee has always supported my personal development and live out my passions both for QA and teaching others, through internal and external collaboration.

Inspired by TestBash a few years ago, I formed the Aylesbury Tester Gathering, a testing and quality community that connects interested McAfee employees and like-minded individuals from other companies. McAfee stands by Together is Power and fully supports this endeavour of mine by providing a location for our monthly gatherings.

I recently launched the McAfee UK & Ireland Quality Chapter, a  networking group that brings engineering teams and other interested individuals together. Between the Aylesbury, Brighton and Cork offices, McAfee makes it simple for the chapter to share test automation and ideas, through monthly WebEx calls between the 3 sites. We all share the ultimate aim of getting teams aligned on the same goal, improving the quality of the McAfee products and releases.

As a Software QA Manager at McAfee, I’m determined to help build the best teams possible. I lead my team members in best practices, support them by working through challenges and encourage a networking mindset for professional growth.

By encouraging me to grow my leadership skills, lead collaborative communities and focus on more than creating higher quality software, McAfee empowers me to shape the future and help to protect the world from cyber threats.

If you’re still looking for your passion or for a company that supports your interests and encourages you to do more, I can tell you it’s worth the search.

For more stories like this, follow @LifeAtMcAfee on Instagram and @McAfee on Twitter to see what working at McAfee is all about. Interested in joining our teams? We’re hiring! Apply now.

The post Q&A with Software QA Manager: How McAfee Empowers Me to Shape the Future appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/qa-with-software-qa-manager-how-mcafee-empowers-me-to-shape-the-future/feed/ 0
Examining Code Reuse Reveals Undiscovered Links Among North Korea’s Malware Families https://www.mcafee.com/blogs/other-blogs/mcafee-labs/examining-code-reuse-reveals-undiscovered-links-among-north-koreas-malware-families/ https://www.mcafee.com/blogs/other-blogs/mcafee-labs/examining-code-reuse-reveals-undiscovered-links-among-north-koreas-malware-families/#respond Thu, 09 Aug 2018 13:00:14 +0000 https://securingtomorrow.mcafee.com/?p=90674 Attacks from the online groups Lazarus, Silent Chollima, Group 123, Hidden Cobra, DarkSeoul, Blockbuster, Operation Troy, and 10 Days of Rain are believed to have come from North Korea. But how can we know with certainty?

The post Examining Code Reuse Reveals Undiscovered Links Among North Korea’s Malware Families appeared first on McAfee Blogs.

]]>
This research is a joint effort by Jay Rosenberg, senior security researcher at Intezer, and Christiaan Beek, lead scientist and senior principal engineer at McAfee. Intezer has also posted this story. 

Attacks from the online groups Lazarus, Silent Chollima, Group 123, Hidden Cobra, DarkSeoul, Blockbuster, Operation Troy, and 10 Days of Rain are believed to have come from North Korea. But how can we know with certainty? And what connection does a DDoS and disk-wiping attack from July 4, 2009, have with WannaCry, one of the largest cyberattacks in the history of the cyber sphere?  

From the Mydoom variant Brambul to the more recent Fallchill, WannaCry, and the targeting of cryptocurrency exchanges, we see a distinct timeline of attacks beginning from the moment North Korea entered the world stage as a significant threat actor.

Bad actors have a tendency to unwittingly leave fingerprints on their attacks, allowing researchers to connect the dots between them. North Korean actors have left many of these clues in their wake and throughout the evolution of their malware arsenal.

This post reflects months of research; in it we will highlight our code analysis illustrating key similarities between samples attributed to the Democratic People’s Republic of Korea, a shared networking infrastructure, and other revealing data hidden within the binaries. Together these puzzle pieces show the connections between the many attacks attributed to North Korea and categorize different tools used by specific teams of their cyber army.

Valuable context 

This article is too short to dig deeply into the history, politics, and economic changes of recent years. Nonetheless, we must highlight some events to put past and present cyber events into perspective.

The DPRK, like any country, wants to be as self-sufficient and independent as possible. However, for products such as oil, food, and foreign currency for trading, the country lacks resources and has to find ways of acquiring them. What can a nation do when legal international economics are denied? To survive, it must gain foreign currency for trading. One of the oldest ways to do this is to join the worlds of gambling (casinos) and drugs. In 2005, the United States wanted to shut down North Korean enterprises involved in illegal operations. They investigated a couple of banks in Asia that seemed to have ties with North Korea and operated as money laundering sites. One bank in particular is controlled by a billionaire gambling mogul who started a casino in Pyongyang and has close ties to Pyongyang. That bank, based in Macau, came back into the picture during an attack on the SWIFT financial system of a bank in Vietnam in 2015. The Macau bank was listed twice in the malware’s code as a recipient of stolen funds:

Figure 1: SWIFT code in malware.

Code reuse

There are many reasons to reuse malware code, which is very common in the world of cybercrime. If we take an average ransomware campaign, for example, once the campaign becomes less successful, actors often change some of basics such as using a different packer to bypass defenses. With targeted campaigns, an adversary must keep its tools undetected for as long as possible. By identifying reused code, we gain valuable insights about the “ancestral relations” to known threat actors or other campaigns. Our research was heavily focused on this type of analysis.

In our years of investigating cyber threats, we have seen the DPRK conduct multiple cyber campaigns. In North Korea, hackers’ skills determine which cyber units they work for. We are aware two major focuses of DPRK campaigns: one to raise money, and one to pursue nationalist aims. The first workforce gathers money for the nation, even if that means committing cybercrime to hack into financial institutions, hijack gambling sessions, or sell pirated and cracked software. Unit 180 is responsible for illegally gaining foreign currency using hacking techniques. The second workforce operates larger campaigns motivated by nationalism, gathering intelligence from other nations, and in some cases disrupting rival states and military targets. Most of these actions are executed by Unit 121.

We focused in our research on the larger-scale nationalism-motivated campaigns, in which we discovered many overlaps in code reuse. We are highly confident that nation-state–sponsored groups were active in these efforts.

Timeline 

We created a timeline of most of the malware samples and noticeable campaigns that we examined. We used primarily open-source blogs and papers to build this timeline and used the malware artifacts as a starting point of our research.

 

Figure 2: Timeline of malware and campaigns.

Analysis and observations

Similarities

During our research, we found many malware family names that are believed to be associated with North Korea’s cyber operations. To better understand this threat actor and the similarities between the campaigns, we have used Intezer’s code similarity detection engine to plot the links between a vast number of these malware families.

The following graph presents a high-level overview of these relations. Each node represents a malware family or a hacking tool (“Brambul,” “Fallchill,” etc.) and each line presents a code similarity between two families. A thicker line correlates to a stronger similarity. In defining similarities, we take into account only unique code connections, and disregard common code or libraries. This definition holds both for this graph and our entire research.

 

Figure 3: Code similarities between North Korean–associated malware families.

We can easily see a significant amount of code similarities between almost every one of the attacks associated with North Korea. Our research included thousands of samples, mostly unclassified or uncategorized. This graph was plotted using a data set of only several hundred samples, so there might be more connections than displayed here. 

Deep technical analysis 

During our research, we came across many code similarities between North Korean binaries that had not been seen before. Some of these attacks and malware have not been linked to one another, at least publicly. We will showcase four examples of reused code that has been seen only in malware attributed to North Korea.

  1. Common SMB module

The first code example appeared in the server message block (SMB) module of WannaCry in 2017, Mydoom in 2009, Joanap, and DeltaAlfa. Further shared code across these families is an AES library from CodeProject. These attacks have been attributed to Lazarus; that means the group has reused code from at least 2009 to 2017.

Figure 4: Code overlap of a Mydoom sample.

In the next screenshots we highlight the exact code block that reflects the SMB module we found in campaigns other than WannaCry and Mydoom.

Figure 5: An SMB module common to several attacks.

A lot has been written about WannaCry. As we analyze the code against our databases, we can draw the following overview:

Figure 6: WannaCry code comparison overview.

For our research we compared the three major variants of WannaCry. An early release, called a beta, from February 2017, one from April, and the infamous one that hit the world in May.

  1. Common file mapping

The second example demonstrates code responsible for mapping a file and using the XOR key 0xDEADBEEF on the first four bytes of the file. This code has appeared in the malware families NavRAT and Gold Dragon, plus a certain DLL from the South Korean gambling hacking campaign. These three RATs are thought to be affiliated with North Korea’s Group 123. NavRAT and the gambling DLL share more code, making them closer variants.

Figure 7: Code overlap in a NavRAT sample.

Figure 8: File-mapping code 

  1. Unique net share

The third example, responsible for launching a cmd.exe with a net share, has been seen in 2009’s Brambul, also known as SierraBravo, as well as KorDllBot in 2011. These malware families are also attributed to the Lazarus group.

Figure 9: Code overlap of a SierraBravo (Brambul) sample.

Figure 10: A code block reused in the malware families Brambul/SierraBravo and KorDllBot.

  1. Operation Dark Hotel

In 2014, Kaspersky reported a more than seven-year campaign against Asian hotels, in which the adversaries used an arsenal of tools to break into the computers of hotel visitors. Zero days and control servers were used, along with the malware family Tapaoux, or DarkHotel, according to the report.

While we examined the DPRK samples, we noticed a hit with the Dark Hotel samples in our collections. By going through the code, we noticed several pieces of code overlap and reuse, for example, with samples from Operation Troy.

Figure 11: Code overlap in a Dark Hotel sample.

Identifying a group

By applying what we learned from our comparisons and code-block identifications, we uncovered possible new links between malware families and the groups using them.

With the different pieces of malware we have analyzed, we can illustrate the code reuse and sharing between the groups known to be affiliated with North Korea.

 

Figure 12: Groups and families linked by code reuse.

The malware attributed to the group Lazarus has code connections that link many of the malware families spotted over the years. Lazarus is a collective name for many DPRK cyber operations, and we clearly see links between malware families used in different campaigns.

The malware (NavRAT, gambling, and Gold Dragon) possibly created by Group 123 are connected to each other but are separate from those used by Lazarus. Although these are different units focusing on different areas, there seems to be a parallel structure in which they collaborate during certain campaigns.

MITRE ATT&CK

From our research of these malware samples, we can identify the following techniques used by the malware families:

When we zoom in on the Discovery category in the MITRE model, for example, we notice that the techniques are typical for first-stage dropper malware. The adversary drops these samples on victims’ machines and collects information on where they landed in the victims’ networks and which user/access rights they gained.

In 2018, we saw examples of campaigns in which attackers used PowerShell to download and execute these droppers. Once information has been sent to a control server, the adversary determines the next steps, which often include installing a remote access tool to enable lateral movement on the network and pursue the goals of the campaign.

Final words

Security vendors and researchers often use different names when speaking about the same malware, group, or attack. This habit makes it challenging to group all the malware and campaigns. By taking a scientific approach, such as looking for code reuse, we can categorize our findings. We believe our research will help the security community organize the current “mess” we face in relation to North Korean malware and campaigns.

We clearly saw a lot of code reuse over the many years of cyber campaigns we examined. This indicates the North Koreans have groups with different skills and tools that execute their focused parts of cyber operations while also working in parallel when large campaigns require a mix of skills and tools.

We found our months of research, data gathering, and analysis very satisfying. By combining our skills, data, and technology, we were able to draw connections and reveal links that we had not seen before. The cybersecurity industry would greatly benefit from more collaboration and sharing of information, and we hope that this effort between McAfee and Intezer will inspire the community to work together more often.

The authors thank Costin Raiu for providing them with samples they did not have in their collections.

Sources

Glenn Simpson, Gordon Fairclough, and Jay Solomon, “U.S. Probes Banks’ North Korea Ties.” Wall Street Journal, last updated September 8, 2005.

Christiaan Beek, “Attacks on SWIFT Banking system benefit from insider knowledge.” https://securingtomorrow.mcafee.com/mcafee-labs/attacks-swift-banking-system-benefit-insider-knowledge/

Atif Mushtaq, “DDOS Madness Continued…” https://www.fireeye.com/blog/threat-research/2009/07/ddos-madness-climax.html

Ryan Sherstobitoff and Jessica Saavedra-Morales, “Gold Dragon Widens Olympics Malware Attacks, Gains Permanent Presence on Victims’ Systems.” https://securingtomorrow.mcafee.com/mcafee-labs/gold-dragon-widens-olympics-malware-attacks-gains-permanent-presence-on-victims-systems/ 

Alex Drozhzhin, “Darkhotel: a spy campaign in luxury Asian hotels.” https://www.kaspersky.com/blog/darkhotel-apt/6613/ 

Warren Mercer, Paul Rascagneres, and Jungsoo An, “NavRAT Uses US-North Korea Summit As Decoy For Attacks In South Korea.” https://blog.talosintelligence.com/2018/05/navrat.html 

Sergei Shevchenko and Adrian Nish, “Cyber Heist Attribution.https://baesystemsai.blogspot.com/2016/05/cyber-heist-attribution.html

Mydoom code reuse report. https://analyze.intezer.com/#/analyses/113ba80f-1680-43d7-b287-cc62f3740fad

NavRAT code reuse report. https://analyze.intezer.com/#/analyses/4f19fd5a-a898-4fdf-96c9-d3a4aad817cb

SierraBravo code reuse report. https://analyze.intezer.com/#/analyses/8da8104e-56e4-49fd-ba24-82978bc1610c

Dark Hotel code reuse report. https://analyze.intezer.com/#/analyses/c034e0fe-7825-4f6d-b092-7c5ee693aff4

Kang Jang-ho, “A foreign currency earned with a virtual currency … What is the life of a North Korean hacker?” http://m.mtn.co.kr/news/news_view.php?mmn_idx=2018062517065863930#_enliple

Awesome work by the team responsible for the “Operation Blockbuster” report. https://www.operationblockbuster.com/resources/

The post Examining Code Reuse Reveals Undiscovered Links Among North Korea’s Malware Families appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/examining-code-reuse-reveals-undiscovered-links-among-north-koreas-malware-families/feed/ 0
Can your Security Distinguish a Candle from a Fire? https://www.mcafee.com/blogs/enterprise/endpoint-security/can-your-security-distinguish-a-candle-from-a-fire/ https://www.mcafee.com/blogs/enterprise/endpoint-security/can-your-security-distinguish-a-candle-from-a-fire/#respond Tue, 07 Aug 2018 13:00:48 +0000 https://securingtomorrow.mcafee.com/?p=90742 We’ve all heard it – a smoke detector that goes off with only the slightest of prompts. Light a candle and listen to it go off. Cook (or overcook) a meal, and the beeping sends you running to make sure there isn’t a fire. You of course know that a lit candle and sizzling food […]

The post Can your Security Distinguish a Candle from a Fire? appeared first on McAfee Blogs.

]]>
We’ve all heard it – a smoke detector that goes off with only the slightest of prompts. Light a candle and listen to it go off. Cook (or overcook) a meal, and the beeping sends you running to make sure there isn’t a fire. You of course know that a lit candle and sizzling food are not dangerous, but your smoke detector acts the same as if a five-alarm fire is in progress.

I doubt many of us would keep such an annoying device for very long right? Yet when it comes to endpoint security, some seem content to overlook false alarms and the inaccuracy of their defenses. To be fair, these problems often don’t surface until after you’ve made a purchase and the vendor has convinced you the benefits outweigh any potential downside. Still, that doesn’t remove the wasted time and lost productivity caused by a high number of false positive detections.

So how do you know whether your vendor (or potential vendor) is going to be able to tell a candle from a fire, or a good application from a malicious one? You could set up a test environment and see the results for yourself, but a far easier way is to consider testing by third-parties. AV-Comparatives is one of these third-party testing organizations who has just released their findings for Business Security products tested in the first half of the year. The test examined active real-world malware threats, common business malware and performance, including false positive detections.

McAfee Endpoint Security was certified as an Approved Business Product with a perfect protection rate and “Very low” false positives. 

This product is undoubtedly powerful, and as part of a wider McAfee managed platform it offers a lot.”

To be certified as an “Approved Business Product” by AV Comparatives, the tested products must score at least 90% in the Malware Protection Test, and at least 90% in the overall Real-World Protection Test (over the course of four months), with zero false alarms on common business software. Others in the test did not do as well and were not as consistent in performance in each area resulting in missed threats, and high or very high false positive rates.

It is also worth noting that McAfee Endpoint Security was one of the few vendors in the test with performance rated as “very fast” in all but one tested area of performance (which was still rated as fast by the way). Sometimes better accuracy comes at the cost of performance, but as this test demonstrates, that is not a sacrifice you’ll have to make with McAfee.

The results of this test aren’t an isolated incident either. AV Test.org has tested McAfee for some time and they have found that:

  • McAfee Endpoint Security scored the highest protection scores for the past year
  • McAfee achieved a near perfect usability score for the past year

Is it time you spent less time on false positives and more on actual threats? Do you want to get accuracy without sacrificing speed or performance? Then maybe it’s time to try an endpoint security solution that has a proven nose for spotting a real fire instead of a candle.

Learn more about how McAfee Endpoint Security offers a single point of visibility, comprehension, and control across all your devices.

The post Can your Security Distinguish a Candle from a Fire? appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/enterprise/endpoint-security/can-your-security-distinguish-a-candle-from-a-fire/feed/ 0
CactusTorch Fileless Threat Abuses .NET to Infect Victims https://www.mcafee.com/blogs/other-blogs/mcafee-labs/cactustorch-fileless-threat-abuses-net-to-infect-victims/ https://www.mcafee.com/blogs/other-blogs/mcafee-labs/cactustorch-fileless-threat-abuses-net-to-infect-victims/#respond Thu, 26 Jul 2018 13:00:32 +0000 https://securingtomorrow.mcafee.com/?p=90489 McAfee Labs has noticed a significant shift by some actors toward using trusted Windows executables, rather than external malware, to attack systems. One of the most popular techniques is a “fileless” attack. Because these attacks are launched through reputable executables, they are hard to detect. Both consumers and corporate users can fall victim to this […]

The post CactusTorch Fileless Threat Abuses .NET to Infect Victims appeared first on McAfee Blogs.

]]>
McAfee Labs has noticed a significant shift by some actors toward using trusted Windows executables, rather than external malware, to attack systems. One of the most popular techniques is a “fileless” attack. Because these attacks are launched through reputable executables, they are hard to detect. Both consumers and corporate users can fall victim to this threat. In corporate environments, attackers use this vector to move laterally through the network.

One fileless threat, CactusTorch, uses the DotNetToJScript technique, which loads and executes malicious .NET assemblies straight from memory. These assemblies are the smallest unit of deployment of an application, such as a .dll or .exe. As with other fileless attack techniques, DotNetToJScript does not write any part of the malicious .NET assembly on a computer’s hard drive; hence traditional file scanners fail to detect these attacks.

In 2018 we have seen rapid growth in the use of CactusTorch, which can execute custom shellcode on Windows systems. The following chart shows the rise of CactusTorch variants in the wild.

Source: McAfee Labs.

The DotNetToJScript tool kit

Compiling the DotNetToJScript tool gives us the .NET executable DotNetToJScript.exe, which accepts the path of a .NET assembly and outputs a JavaScript file.

 

Figure 1: Using DotNetToJScript.exe to create a malicious JavaScript file.

The DotNetToJScript tool kit is never shipped with malware. The only component created is the output JavaScript file, which is executed on the target system by the script host (wscript.exe). For our analysis, we ran some basic deobfuscation and found CactusTorch, which had been hidden by some online tools:

Figure 2: CactusTorch code.

Before we dive into this code, we need to understand .NET and its COM exposure. When we install the .NET framework on any system, several .NET libraries are exposed via Microsoft’s Component Object Model (COM).

Figure 3: COM exposing the .NET library System.Security.Cryptography.FromBase64Transform.

If we look at the exposed interfaces, we can see IDispatch, which allows the COM object to be accessed from the script host or a browser.

Figure 4: Exposed interfaces in a .NET library.

To execute malicious code using the DotNetToJScript vector, an attack uses the following COM objects:

  • Text.ASCIIEncoding
  • Security.Cryptography.FromBase64Transform
  • IO.MemoryStream
  • Runtime.Serialization.Formatters.Binary.BinaryFormatter
  • Collections.ArrayList

Now, let’s return to the JavaScript code we saw in Figure 2. The function base64ToStream()converts the Base64-encoded serialized object to a stream. Before we can fully understand the logic behind the JavaScript code, we need to examine the functionality of the Base64-encoded serialized object. Thus our next step is to reverse engineer the embedded serialized object and recreate the class definition. Once that was done, the class definition looks like the following code, which is responsible for executing the malicious shellcode. (Special thanks to Casey Smith, @subTee, for important pointers regarding this step).

Figure 5: The class definition of the embedded serialized object.

Now we have the open-source component of CactusTorch, and the JavaScript code in Figure 2 makes sense. We can see how the malicious shellcode is executed on the targeted system. In Figure 2, line 29 the code invokes the flame(x,x) function with two arguments: the executable to launch and the shellcode.

The .NET assembly embedded in the CactusTorch script runs the following steps to execute the malicious shellcode:

  • Launches a new suspended process using CreateProcessA (to host the shellcode)
  • Allocates some memory with VirtualAllocEx() with an EXECUTE_READWRITE privilege
  • Writes the shellcode in the target’s process memory with WriteProcessMemory()
  • Creates a new thread to execute the shellcode using CreateRemoteThread()

Conclusion

Fileless malware takes advantage of the trust factor between security software and genuine, signed Windows applications. Because this type of attack is launched through reputable, trusted executables, these attacks are hard to detect. McAfee Endpoint Security (ENS) and Host Intrusion Prevention System (HIPS) customers are protected from this class of fileless attack through Signature ID 6118.

 

Acknowledgements

The author thanks the following colleagues for their help with this analysis:

  • Abhishek Karnik
  • Deepak Setty
  • Oliver Devane
  • Shruti Suman

References

MITRE ATT&CK techniques

  • Drive-by compromise
  • Scripting using Windows Script Host
  • Decode information
  • Command-line interface
  • Process injection

Hashes

  • 4CF9863C8D60F7A977E9DBE4DB270819
  • 5EEFBB10D0169D586640DA8C42DD54BE
  • 69A2B582ED453A90CC06345886F03833
  • 74172E8B1F9B7F9DB600C57E07368B8F
  • 86C47B9E0F43150FEFF5968CF4882EBB
  • 89F87F60137E9081F40E7D9AD5FA8DEF
  • 8A33BF71E8740BDDE23425BBC6259D8F
  • 8DCCC9539A499D375A069131F3E06610
  • 924B7FB00E930082CE5B96835FDE69A1
  • B60E085150D53FCE271CD481435C6E1E
  • BC7923B43D4C83D077153202D84EA603
  • C1A7315FB68043277EE57BDBD2950503
  • D2095F2C1D8C25AF2C2C7AF7F4DD4908
  • D5A07C27A8BBCCD0234C81D7B1843FD4
  • E0573E624953A403A2335EEC7FFB1D83
  • E1677A25A047097E679676A459C63A42
  • F0BC5DFD755B7765537B6A934CA6DBDC
  • F6526E6B943A6C17A2CC96DD122B211E
  • CDB73CC7D00A2ABB42A76F7DFABA94E1
  • D4EB24F9EB1244A5BEAA19CF69434127

 

The post CactusTorch Fileless Threat Abuses .NET to Infect Victims appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/cactustorch-fileless-threat-abuses-net-to-infect-victims/feed/ 0
McAfee Interns Share Their Experience for #NationalInternDay https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/global-mcafee-interns-share-their-experience-on-nationalinternday/ https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/global-mcafee-interns-share-their-experience-on-nationalinternday/#respond Wed, 25 Jul 2018 11:22:07 +0000 https://securingtomorrow.mcafee.com/?p=90509

By Christie, HR Communications Intern As someone who always wanted to make an impact in the world, I thought nonprofit was the only fit for my passions in marketing and philanthropy. Because of this, I’ve worked primarily in the nonprofit sector for the last three years. But to keep my options open, I desired to […]

The post McAfee Interns Share Their Experience for #NationalInternDay appeared first on McAfee Blogs.

]]>

By Christie, HR Communications Intern

As someone who always wanted to make an impact in the world, I thought nonprofit was the only fit for my passions in marketing and philanthropy. Because of this, I’ve worked primarily in the nonprofit sector for the last three years. But to keep my options open, I desired to experience at least one corporate internship before I graduated college.

I wasn’t sure if any company would take me under its wing due to my lack of corporate experience though. That was until McAfee offered me the opportunity to work with them this summer.

As a senior in college, McAfee provided me the real-life experience I hoped for and more. Below are the top three reasons why my internship experience with McAfee has truly been nothing less than invaluable:

Playing to Win Even as an Intern

Since day one, I knew this internship was unique and not like any other. Everyone at McAfee works with agility. Although the nonprofit industry is notorious for moving fast, it is still fascinating to see employees so eager to work on tasks of all sizes with such drive and efficiency.

Instead of being delegated tasks to fulfill, I get to share what I want to work on and what I want to take away from my time working with McAfee.

As a huge social media enthusiast, I helped manage @LifeatMcAfee’s Instagram strategy from implementing new social trends, generating online advertisements and publishing my own designs.

But the best part? I am not seen or approached as an intern, but as a team member. I am held to the same expectations and given the same opportunities – being able to add value to the team and carry out real, impactful work every day.

People First and Foremost

If I’ve learned anything from my first 10 weeks here, it is that McAfee genuinely values its employees and community. McAfee does not shy away from diversity or from supporting its employees in every way possible.

I experienced this firsthand by assisting with social media during Pride Month by covering the Global LGBT Pride Photo Competition, Gender Revolution Documentary Watch Party and Keyeon’s “How I Wear My #McAfee Pride” Life at McAfee blog. Although this doesn’t fully portray how McAfee practices inclusive candor and transparency, it really showed me how McAfee embraces diversity and its employees’ authentic selves.

Giving back is also very important in McAfee’s company culture. This is visible through its various events and programs such as Global Community Service Day, McAfee Explorers, Bring Your Kid to Work Day, McAfee Blood Drive, and the list goes on and on. This undeniably displayed to me McAfee also shares my value of making a positive impact on the world. And knowing colleagues share this significant value with me, reinforced McAfee as a truly one tight-knit, loving family.

Together is Power

On the first day of my internship, I signed my name on the McAfee Pledge Wall among all the other employees’ signatures – signifying our single pledge to defend the world from cyber threats.

This symbolic gesture is evident every day when I step my foot into the office. I work with people from different positions, departments and even countries. Everyone is always willing to help, even in projects they’re not involved in.

This sense of togetherness is something I really value and believe is one of the best things about working at McAfee. We all have one mission that we want to fulfill and strive towards every day, together.

An Unforgettable Experience

McAfee makes an impact in the world every day by providing the best cybersecurity possible, but also gives back to the community and its employees through its various educational and community outreach programs. But notably, McAfee has made a lasting impact on me. These short 10 weeks have shown me my career options are unlimited and I can truly make a difference in any field of work, especially with a great team that strives to fulfill the same mission as I do every day.

Read from other McAfee interns from around the globe about their internship experiences below!

Internship Experiences at McAfee

 

Juan – Customer Experience (Argentina)

“These past few months, I got to meet some of the most talented people and all of them were eager to share their knowledge and expertise with me. McAfee is truly a great place to work while making our world and our communities a safer place.”

 

 

 

 

Emily – Digital Marketing & Content Operations (US)

“I get to help my team work on redesigning our Marketing Intranet, so that new Marketing hires, as well as existing employees, can have a resource to answer questions they may have. I really love working here at McAfee!”

 

 

 

 

Adam – Human Resources & Talent Acquisition (Ireland)

“This opportunity has provided me with priceless experience and insight into one of the leading cybersecurity companies in the world. I have been extremely privileged to have been given the responsibilities I have had during my time here and I have gleaned a vast amount of experience as a result.”

 

 

 

Mark – Advanced Threat Research (US)

“I got to meet all the wonderful people I’d be working most closely with, whose locations ranged from Dallas to the UK. McAfee places importance on interpersonal relationships in their teams and even as an intern, I was treated as one of the gang since day one.”

 

 

 

 

Csaradhi – Platform Engineering (India)

“The transition from college to corporate life has been so beautiful. I’ve learned so many tings apart from the technical aspects. I thank McAfee for choosing to believe in me and I’m here to make the most of it.”

 

 

 

For more stories like this, follow @LifeAtMcAfee on Instagram and on Twitter @McAfee to see what working at McAfee is all about.

Interested in joining our teams? We’re hiring! Apply now.

The post McAfee Interns Share Their Experience for #NationalInternDay appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/global-mcafee-interns-share-their-experience-on-nationalinternday/feed/ 0
Facing the Fear of Public Speaking with Toastmasters https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/facing-the-fear-of-public-speaking-with-toastmasters/ https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/facing-the-fear-of-public-speaking-with-toastmasters/#respond Mon, 23 Jul 2018 18:41:34 +0000 https://securingtomorrow.mcafee.com/?p=90473

By: DaWane, Sales Director Standing in front of 800 parents and fellow students to deliver the welcome address, thoughts swirled around in my head. My hands were shaky, my palms oozed with sweat and I had a death grip on the podium. They say I did well, but inside, I was so uncomfortable, I thought […]

The post Facing the Fear of Public Speaking with Toastmasters appeared first on McAfee Blogs.

]]>

By: DaWane, Sales Director

Standing in front of 800 parents and fellow students to deliver the welcome address, thoughts swirled around in my head. My hands were shaky, my palms oozed with sweat and I had a death grip on the podium. They say I did well, but inside, I was so uncomfortable, I thought I may vomit.

That was my experience as a 16-year-old high school senior as president of the National Honor Society during a school function. And it was a moment when I swore I’d never, ever feel that way again.

My strategy? Avoid all circumstances that could even possibly place me in a position to feel so vulnerable. It worked—until I was promoted in to sales leadership. Haunted by that moment in high school, I decided if public speaking was expected of me, I had two options: I could A) quit or B) tackle my fear head-on.

I chose option B. Thanks to McAfee Toastmasters, I am a skilled public speaker and am now heading up our office chapter in Plano.

Conquering My Fear of Public Speaking

I started overcoming my fears by seeking out opportunities to push myself out of my comfort zone—again, again and again. I presented to new hire classes. I volunteered to present at sales kick-offs. I even took a class called Acting for Non-Actors. Whatever gave me a chance to get more stage time, I was in.

About a year into my career at McAfee, I was invited to a humorous speech contest hosted by Toastmasters. I watched talented people deliver funny and well-done speeches. I thought to myself, “I can do that,” but the only way I’d know for sure was to give it a try.

Getting Involved and Growing with McAfee Toastmasters

Soon after, I realized McAfee had internal Toastmasters chapters in Santa Clara, Waterloo, India and Plano. I visited Plano Toastmasters, which validated my theory that public speaking is muscle memory. The more you do it, the better you become.

More importantly, the more comfortable you become enables your desire to do it more. It’s a vicious cycle, but a good one.

But last year, the McAfee Toastmasters in Plano was in danger of dissolving. Knowing the difference practice makes and wanting to help others overcome their fears, I knew I couldn’t let that happen.

In a 1×1 with my VP, I shared the growth I experienced in public speaking during my short tenure in Toastmasters and recalled the severe stage fright I plowed through. He agreed that even if you’re pretty good on stage, there is always room for improvement and how valuable this could be to others as well.

He assigned the resurrection of the McAfee Plano Toastmasters chapter to me as my own leadership development project.

Leading the Charge for Toastmasters 

I worked with various McAfee executives to pitch the value of a Toastmasters chapter and the benefits to individuals and the entire organization.

In addition to improving your public speaking skills, Toastmasters brings opportunities to develop hands-on leadership experience—not only during chapter meetings but as a club officer or in district leadership.

Toastmasters resonated with enough people that we relaunched McAfee Plano Toastmasters in January 2018 starting with 21 members. Over the first 6 months of 2018, we successfully competed in speech contests. We recently signed our 42nd member and installed a new set of officers, who will lead our club going forward into the next wave of success. And for the first time ever, McAfee Toastmasters achieved “Distinguished” status.

A Long and Rewarding Journey

It has been an honor to be part of this resurrection story and to see the growth of our members—from each meeting held to each speech given. If you’ve ever had to give a speech and left the stage thinking, “Well, I’ll never do THAT again,” there is a solution.

For me, it was Toastmasters. I appreciate the learnings McAfee’s Plano chapter left me with and now the opportunity to lead and help others speak confidently in front of a crowd.

Interested in joining our teams? We’re hiring! Apply now!

The post Facing the Fear of Public Speaking with Toastmasters appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/facing-the-fear-of-public-speaking-with-toastmasters/feed/ 0
How My McAfee Internship Launched My Career https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/how-my-mcafee-internship-launched-my-career/ https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/how-my-mcafee-internship-launched-my-career/#respond Mon, 23 Jul 2018 15:17:21 +0000 https://securingtomorrow.mcafee.com/?p=90459

By: Ruby, Digital Media Specialist It’s often assumed that interns are usually college undergraduates with a temporary assignment. I’m an exception to the rule in both respects. I started as a McAfee intern while I was a part-time graduate MBA student at Santa Clara University. Through my internship, I secured a full-time position on McAfee’s […]

The post How My McAfee Internship Launched My Career appeared first on McAfee Blogs.

]]>

By: Ruby, Digital Media Specialist

It’s often assumed that interns are usually college undergraduates with a temporary assignment. I’m an exception to the rule in both respects. I started as a McAfee intern while I was a part-time graduate MBA student at Santa Clara University. Through my internship, I secured a full-time position on McAfee’s Digital Media team.

A Life-Changing Experience

My internship at McAfee has literally changed my life. I’ve been able to explore various aspects of marketing—starting out in Digital Content Operations where I helped with website content and design—and later transitioning to the Digital Media team. It was here that I discovered my love for digital media, found my niche in marketing and earned my position as a full-time McAfee employee.

I love my work, but over the three years I have been at McAfee, there are two primary reasons why I’ve never considered moving on: the people and culture. There’s a real opportunity at McAfee to build an exciting career, even from a standing start as an intern.

When I started my internship at McAfee, I worked with a group of marketing interns and had the opportunity to create relationships with everyone on the Content Marketing team. Several co-workers took me under their wing which helped me tremendously and was key in enabling me to advance to where I am today. McAfee has a unique culture full of learning, innovation, excellence, and challenge—with everyone supporting each other.

Out and About for McAfee

McAfee makes it a point to send interns to conferences and events. During my internship, I traveled to Black Hat USA in Las Vegas, RSA Conference in San Francisco and attended MPower Cybersecurity Summit twice, a McAfee customer event in Las Vegas!

Black Hat was amazing and probably one of the best experiences I’ve ever had. All four events opened my eyes to the power of real-time social media, as well as the importance of cybersecurity to enterprises and individuals alike.

Wearing Many Hats: A Balancing Act

I am often asked how I balance full-time employment with school and everything else in life. While the answer may seem simple, (good time management and stress relief outlets!) anyone who wears multiple hats knows that life can be a balancing act. To tackle stress, it’s all about working out for me! In addition to working at McAfee and pursuing my school studies, I’m a half marathon, triathlon and swim coach.

The culture at McAfee has been a huge gift. My managers understand the challenges I face and the benefits my MBA will bring both to me and the company. They have been very supportive of my school schedule along the way.

McAfee helped me launch my career and find work that I’m passionate about while pursuing higher education. I have an exciting and challenging career path ahead of me and I’ve made several lifelong friendships that would never have happened if it were not for McAfee. It’s a great place to be and I am thankful to be here!

For more stories like this, follow @LifeAtMcAfee on Instagram and @McAfee on Twitter to see what working at McAfee is all about.

Interested in joining our teams? We’re hiring! Apply now!

The post How My McAfee Internship Launched My Career appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/how-my-mcafee-internship-launched-my-career/feed/ 0
Top Three Ways You Can Simplify and Automate Your Endpoint Protection, Detection and Response Capabilities https://www.mcafee.com/blogs/enterprise/endpoint-security/top-three-ways-you-can-simplify-and-automate-your-endpoint-protection-detection-and-response-capabilities/ https://www.mcafee.com/blogs/enterprise/endpoint-security/top-three-ways-you-can-simplify-and-automate-your-endpoint-protection-detection-and-response-capabilities/#respond Fri, 29 Jun 2018 22:33:48 +0000 https://securingtomorrow.mcafee.com/?p=90194 A new SANS 2018 Survey on Endpoint Protection and Response, co-sponsored by McAfee, reports that the top threats to organizations include web-based malware, social engineering and ransomware—all of which focus on user endpoints. So what does that mean when you are trying to protect an ever-changing attack surface?  The survey results point to three best […]

The post Top Three Ways You Can Simplify and Automate Your Endpoint Protection, Detection and Response Capabilities appeared first on McAfee Blogs.

]]>
A new SANS 2018 Survey on Endpoint Protection and Response, co-sponsored by McAfee, reports that the top threats to organizations include web-based malware, social engineering and ransomware—all of which focus on user endpoints.

So what does that mean when you are trying to protect an ever-changing attack surface?  The survey results point to three best practices to help you simplify and automate your endpoint protection, detection and response capabilities.

  1. Users and the web are still your biggest security risks

The top threat vectors for exploited endpoints take advantage of the hapless user: web drive-by (63%), social engineering/phishing (53%) and ransomware (50%). Because these top compromises rely on human actions, it suggests a need for increased monitoring and containment, along with user education. A variety of tools, including next-gen antivirus and automated EDR should assist in this mission.

  1. You’ve got to correlate to automate

The 277 IT professionals who took this survey voiced concerns about their endpoints and all agreed that the need for predictive technologies (such as machine learning) are needed to go from known bad elements to focusing on identification of abnormal behavior.

  1. If an endpoint fell in your forest, would you hear it?

The need for visibility is clear. Being able to feed into the detection and response systems automatically reduces the time to detect and remediate the threat. Though workflow automation and machine learning are key enablers to improve detection, remediation and response, organizations are falling short in their use (less than a quarter of respondents use them).

The takeaway

Improved analysis and automation tools are key to discovery and correction. Next-generation tools bring not only machine learning, but also automation to identify unexpected behavior. Equally important is having tools that provide ease of use for analysts to reduce the skills gap in our industry.

To address these needs we are constantly upgrading our capabilities and just released McAfee® Endpoint Security (ENS) version 10.6 which includes new capabilities to better protect customers from advanced threats. In addition, it’s simpler, with a single agent, single console and automated responses to targeted attacks. Just as important, it has advancements such as machine learning and zero-day containment.

If you haven’t watched our latest video below.

The post Top Three Ways You Can Simplify and Automate Your Endpoint Protection, Detection and Response Capabilities appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/enterprise/endpoint-security/top-three-ways-you-can-simplify-and-automate-your-endpoint-protection-detection-and-response-capabilities/feed/ 0
Taking the Robot out of the Human https://www.mcafee.com/blogs/enterprise/taking-the-robot-out-of-the-human/ https://www.mcafee.com/blogs/enterprise/taking-the-robot-out-of-the-human/#respond Thu, 28 Jun 2018 07:00:08 +0000 https://securingtomorrow.mcafee.com/?p=90149 This blog post was written by Nick Viney. Artificial intelligence, or simply AI, was merely a dream a number of years ago – now, not only are we seeing it become more common in our everyday lives, it’s beginning to be a very hot topic amongst businesses. Last year, the Boston Consulting Group and MIT Sloan […]

The post Taking the Robot out of the Human appeared first on McAfee Blogs.

]]>
This blog post was written by Nick Viney.

Artificial intelligence, or simply AI, was merely a dream a number of years ago – now, not only are we seeing it become more common in our everyday lives, it’s beginning to be a very hot topic amongst businesses. Last year, the Boston Consulting Group and MIT Sloan Management Review study published a report that found 84% of respondents thought AI will enable them to obtain or sustain a competitive advantage whilst 75% felt AI would allow them to move into new businesses and ventures. Simply put, AI is revolutionising business as we know it.

Many business leaders agree that having AI and a level of self-automation being present in some part of a business, however big or small, is beneficial. However, there are still a number, albeit a small group, of leaders who have voiced their concerns. At the very worst, there is a worry that should AI become too prominent, the worst-case scenario is a humans vs robots with ultimately the human workforce being side-lined. Putting that to one side, the benefits of AI in business is vast and here are a few examples of how I believe AI will be revolutionising the enterprise space in the not too distant future:

Redefining logistics

When AI and robotics were added to the production line, many feared that manual jobs would become solely automated. However what sceptics of robotics don’t realise is that it was implemented to take on the smaller, less critical tasks – like packing, stacking and labelling boxes. Many think the world is on the verge of a technological revolution, or the “The Fourth Industrial Revolution” (4IR) which is a combination of technologies that fuse the physical, digital and biological worlds together – a world where machines can think for themselves.

Similar to production lines, basic data entry and programming roles are becoming much more efficient and cost-effective through AI. Filling vacancies with long-term, fully automated AI-powered computers could be the answer, but in the short term, teaching smart technology to work alongside human talent could be the way forward for businesses and help bridge the skills gap, which takes me onto my next point.

Data Insights

Whilst the access to time and skills is limited and businesses become more and more data-driven, it’s clear that taking two weeks to manually translate raw data has significant implications. With the volume of data being generated on a daily basis, it’s no surprise that inaccuracies occur. Whilst time is eaten by employees tidying data into something that’s meaningful – chances are that by the time it’s complete, it’s already out of date. Sceptics will argue that certain jobs can be done more efficiently by humans, however, this can come at a higher cost in man-hours and more receptive to human error. Jeopardising the security of your business cannot be an exception at any cost.

Improving data security

Cybersecurity is a critical part of enterprises with businesses spending billions of dollars each year in making sure its defences are able to keep out hackers. The job of staying ahead of hackers is incredibly challenging for CTO’s, but the capabilities of AI can certainly help. Whether it’s the latest spyware, DDoS attack patterns or botnets, hackers are constantly evolving and adapting to find new ways in which to breach a company’s data defences. Where we’re seeing AI supporting is having the ability to scour the internet to look for some of these threats ahead of time and before they are used against companies. Human security analysts can only do so much and in many cases, the pace and change to the threat landscape are simply too much. Leveraging AI and deep learning to help human analysts will make things a lot safer for businesses.

Bridging the skills gap

Despite AI’s potential to drive change, there continues to be a shortage of cyber skills. According to a ESG survey of 650 IT cybersecurity professionals this year, 51% claimed they had a “problematic shortage of cybersecurity skills”. The ramifications include increased workload on cybersecurity staff to hire and train juniors as opposed to hiring experienced cybersecurity professionals – leaving less time to deal with cyber crises when they need to. However, this shouldn’t be seen as replacing jobs, but will instead increase the need for workers with more advanced skills. Businesses need to invest in creating a culture of constant learning for their staff where they can learn new skills and attract leading AI practitioners. The introduction of AI could help bridge the gap by widening skills and allowing employees to work alongside machines – leaving AI to manage less critical jobs.

AI should not only create time for innovation and proactive threat hunting but deliver cost savings and increase employee productivity. Like the revolutions that preceded it, 4IR has the potential to improve the quality of life for employees and their employers around the world. With AI taking a leading role in tackling simple and repetitive tasks, the human workforce can focus on roles that are more complex, challenging and require much more critical thinking power. Unfortunately, though we cannot see the future yet, businesses should think more holistically about the advantages of AI and what can be reaped, before competitors do.

To keep up-to-date with the latest cybersecurity news, take a look at the McAfee Security blog here.

The post Taking the Robot out of the Human appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/enterprise/taking-the-robot-out-of-the-human/feed/ 0
How I Wear My #McAfeePride https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/how-i-wear-my-mcafeepride/ https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/how-i-wear-my-mcafeepride/#comments Wed, 20 Jun 2018 14:13:44 +0000 https://securingtomorrow.mcafee.com/?p=89962

By: Keyeon, Business Development Representative Imagine if you felt like you had to keep a secret from everyone you know, because if you told someone, then you might lose family, friends, healthcare coverage, money or worse, your dignity. Being open at work can be a challenge. No one wants to feel that their job is […]

The post How I Wear My #McAfeePride appeared first on McAfee Blogs.

]]>

By: Keyeon, Business Development Representative

Imagine if you felt like you had to keep a secret from everyone you know, because if you told someone, then you might lose family, friends, healthcare coverage, money or worse, your dignity. Being open at work can be a challenge. No one wants to feel that their job is at risk or opportunities for advancement are limited. According to the Human Rights Campaign, 35% of LGBT employees feel compelled to lie about their personal lives while at work. As for me, I’m proud to be part of the 65% who feel comfortable to bring my full, authentic self to work.

This Pride month, I’m celebrating my first year at McAfee. Moving to a different city by yourself comes with a few obstacles—especially when you move only two weeks after graduating college. Once I started my job at McAfee, I doubted how OPEN I could truly be. Between the endless support from coworkers who welcomed me with open arms, to McAfee’s Pride flag flying high in the sky next to the American flag, I quickly realized that I was in the right place.

#McAfeePride

In the spirit of Pride month, McAfee is hosting month-long celebrations around the globe including flag raising ceremonies, on-site Gender Revolution showings, ice cream socials and my favorite: the #McAfeePride photo challenge. During the first week of June, employees wore a different color of the Pride flag each day. Below are photos of how I wore my #McAfeePride.

Each color represents something specific to show the diversity of the LGBT community. Coming to work and seeing people wearing these colors makes me feel proud. Reports show people are afraid to come out of the closet at work because they’re afraid that they won’t be accepted. By showing that you’re an ally to the LGBT community, you are encouraging others who may feel alone.

The Value of Inclusiveness

At McAfee, we value inclusive candor and transparency. This value clearly represents how McAfee runs towards diversity and encourages people to be who they are without fear.

You’ll find proof of this within the McAfee LGBT Community. This exists so that every day, not just during the month of June, the Lesbian, Gay, Bisexual and Transgender (LGBT) Community can feel proud at work. The McAfee LGBT Community courageously challenges and eliminates perceptions about LGBT employees and allies. They support inclusiveness and business principles by bolstering efforts to recruit, integrate and retain LGBT employees and allies in the workforce.

Working at McAfee has given me mentors and friends that I would have never gained working at a different company. My colleagues don’t judge me for my orientation. Instead, they care about the ideas I bring to the table and the dedication I show my team every day. No human should ever feel afraid of acceptance in the workplace, which is why I am proud to be a part of the McAfee family.

I’m Keyeon and I love to live LIFE to the fullest. I have a rough past, but I’m HEALING with no scars. When I walk into a room, my smile brings a ray of SUNLIGHT. I am one with NATURE and practice the ART of having a joyful SPIRIT each and every day. I am McAfee, We are McAfee, and You are McAfee!

For more stories like this, follow @LifeAtMcAfee on Instagram and on Twitter via @McAfee to see what working at McAfee is all about.

Interested in joining our team? We’re hiring. Apply now!

The post How I Wear My #McAfeePride appeared first on McAfee Blogs.

]]>
https://www.mcafee.com/blogs/other-blogs/life-at-mcafee/how-i-wear-my-mcafeepride/feed/ 1
Play The Game – Tips and Tricks for Safe Online Gaming https://www.mcafee.com/blogs/consumer/play-the-game-tips-and-tricks-for-safe-online-gaming/ https://www.mcafee.com/blogs/consumer/play-the-game-tips-and-tricks-for-safe-online-gaming/#respond Wed, 20 Jun 2018 07:00:14 +0000 https://securingtomorrow.mcafee.com/?p=89983 This blog was written by Jessica Brookes. When I was child, gaming was all joysticks and arcades. Now, it’s all about hyper realistic graphics, immersive experience and above all, playing online against players from all over the world. Since the early 2000s, we’ve seen online gaming grow into a worldwide phenomenon, increasing hugely in popularity […]

The post Play The Game – Tips and Tricks for Safe Online Gaming appeared first on McAfee Blogs.

]]>
This blog was written by Jessica Brookes.

When I was child, gaming was all joysticks and arcades. Now, it’s all about hyper realistic graphics, immersive experienc