Security Operations

Learn the latest SecOps threats and how McAfee enables SecOps teams to collect, enrich, and share data and turn that data into insights.

Security Operations

Updates and Mitigation to Microsoft Office Zero-Day Threat (CVE-2013-3906)

On November 5, Microsoft posted Security Advisory 2896666. This vulnerability, discovered by Haifei Li of McAfee Labs, affects multiple versions of Microsoft Office, Windows, and Lync. Successful exploitation could result in the ability to execute arbitrary code on a vulnerable host (a remote code execution vulnerability). The issue (an integer overflow) lies ...

Security Operations

Using the McAfee SIEM to Augment Successful Detection of Financial Fraud

Financial fraud has a wide range of impact across a society: Providers of financial services may incur the largest losses, but the users of financial services who become victims may be hit much harder. Fraud victims range across the income scale, and even a small fraud can be catastrophic to ...

Security Operations

New in SIEM – Advanced Correlation Features

Now that 9.2 has been out for some time, it’s time to document some of the very cool things the McAfee SIEM can do. While the documentation is a must read for the how, this post is meant to bring you up to speed of the why of some advanced ...

Endpoint Security Security Operations

Thinking Outside of the Sandbox: McAfee Advanced Threat Defense Unveiled

It’s always a great day when you can share something so innovative that it will surely change the game in the industry. Today, at the McAfee FOCUS 2013 conference, McAfee and my team announced the development and launch of McAfee Advanced Threat Defense – the newest addition to our Security ...

Security Operations

Advanced Malware Protection with Network Security Platform

McAfee Network Security Platform customers have benefited from malware protection for some time now. Most customers already use McAfee Global Threat Intelligence (GTI), which has been available since the 6.0 release. The largest and most used reputation service, with over 64 Billion queries per day, GTI classifies files as either ...

Security Operations

McAfee Named a Leader in 2012 Gartner Magic Quadrant for SIEM

Following our acquisition of NitroSecurity last year, we have been working towards fully integrating their Security Information and Event Management (SIEM) technology into our portfolio of solutions. McAfee Enterprise Security Manager (the fruit of our combined efforts) recently received a 5-star rating from SC Magazine, and now we are proud ...

Security Operations

Skywiper – Fanning the ‘Flames’ of Cyberwarfare

A few weeks ago, Iran reported intensified cyberattacks on its energy sector that they observed as a direct continuation of the Stuxnet and Duqu attacks. Over the weekend, the IR Cert (Iran’s emergency response team) published a new report that describes this attack as Flame and/or Flamer. Some other news ...

Enterprise Security Operations

An Update on DNSChanger and Rogue DNS Servers

In late 2011, the FBI released documents and data focusing on “Operation Ghost Click.” This malicious operation, leveraging a variety of DNSChanger-type malware, was defined by the FBI as an “international cyber ring that infected millions of computers.” Associated malware samples and events can be traced back several years, and multiple platforms were targeted. ...

Subscribe to McAfee Securing Tomorrow Blogs