by Paul Ducklin As you know by now – or can just pretend to know if you didn’t – it’s #SysAdminDay. More precisely, it’s System Administrator Appreciation Day 2018 – the day when you are expected to appreciate your sysadmins, in word and in deed. The sys in sysadmin, of course, means “the computer systems
Philip Choo
by Paul Ducklin A few years ago – make that quite a few, actually – Sophos was a lot smaller than it is now. Recruitment was different too – back then we weren’t so much writing cybersecurity software as helping to invent the entire field of anti-malware research. One of the paradoxical things that’s important
by Danny Bradbury Google took its efforts to protect online accounts up a notch this week, announcing its own hardware-based security key. Announced at Google’s Cloud Next conference, the Titan keys are a two-factor authentication (2FA) solution, designed to combat one of the most prevalent forms of online attack: account hijacking. Without 2FA, attackers who
by Mark Stockley So you’re a sysadmin – blue team, red pill, grey hat. Your brain works at the speed of a hyperloop inside a rocket ship slingshotting around a black hole that’s slingshotting around another black hole. You make the impossible possible, you make the improbable into the everyday and for everything else there’s
by Lisa Vaas A few weeks ago, a headline popped up on the BBC that caught the eye of security researchers: “Swann home security camera sends video to wrong user”. It was clear what happened: the camera uploaded a bunch of data on purpose, and then it sent it to the entirely wrong person. As
Summary In 2017, Secureworks® Counter Threat Unit™ (CTU) researchers continued to track GOLD SKYLINE, a financially motivated Nigerian threat group involved in business email compromise (BEC) and business email spoofing (BES) fraud. During the investigation, CTU™ researchers discovered a previously unidentified BEC group that they have named GOLD GALLEON. Unlike other BEC groups, GOLD GALLEON
Dalton and Flowsynth help create and test packet captures Thursday, November 16, 2017 By: Counter Threat Unit Research Team When crafting intrusion detection system (IDS) and intrusion prevention system (IPS) rules for engines such as Suricata and Snort, it is imperative that the rules behave and perform as expected. Validation requires testing, but capturing the
By all means patch, but take a risk-based approach Thursday, January 11, 2018 By: Barry Hensley Cybersecurity continues to make headlines in the New Year, including public disclosure on January 3rd of two new vulnerabilities that affect most modern computer processors. Spectre and Meltdown represent a new class of vulnerability that takes advantage of performance
In December 2017, Secureworks® incident response (IR) analysts responded to multiple incidents where threat actors compromised vulnerable Internet-facing Oracle WebLogic servers on Linux and Windows systems to deploy cryptocurrency software. The unauthorized activity significantly impacted the performance of business-critical and client-facing applications. The continued inquiries about this activity in January 2018 suggest that many organizations
Security services, IoT, integrated platforms, GDPR, skills shortage, detection and response, machine learning, automation and orchestration are just a few of the key themes in a vast array of industry analyst predictions about the changing security landscape for customers and vendors in 2018. Following are just a few of these predictions that highlight how cybersecurity
Threat actors continue to use opportunistic attacks to compromise networks and deploy SamSam ransomware to collect money from various types of organizations. Thursday, February 15, 2018 By: Counter Threat Unit Research Team On February 15, 2018, Secureworks® Counter Threat Unit™ (CTU) researchers published details about the tools and techniques used in a series of high-profile
The iPhone and many of the apps designed to live on the device have the ability to track our location. Whenever they set up these apps, however, users get the option to opt in or out of location tracking services. But what happens when a malicious campaign doesn’t give users the option to opt of
Screen time — how much is too much — is a red-hot issue right now and for good reasons. Now, with several decades of a technology-saturated lifestyle behind us, the research repeatedly tells us: Too much screen time can be detrimental to kids. Balance is the new black when it comes to screen time. However, if
By: Ruby, Digital Media Specialist It’s often assumed that interns are usually college undergraduates with a temporary assignment. I’m an exception to the rule in both respects. I started as a McAfee intern while I was a part-time graduate MBA student at Santa Clara University. Through my internship, I secured a full-time position on McAfee’s
By: DaWane, Sales Director Standing in front of 800 parents and fellow students to deliver the welcome address, thoughts swirled around in my head. My hands were shaky, my palms oozed with sweat and I had a death grip on the podium. They say I did well, but inside, I was so uncomfortable, I thought
It seems some malicious app developers have taken the phrase “fake it ‘til you make it” to heart, as fake apps have become a rampant problem for Android and iPhone users alike. Even legitimate sources, such as Google Play and Apple’s App Store, have been infiltrated with illegitimate applications, despite their own due diligence in
By Christie, HR Communications Intern As someone who always wanted to make an impact in the world, I thought nonprofit was the only fit for my passions in marketing and philanthropy. Because of this, I’ve worked primarily in the nonprofit sector for the last three years. But to keep my options open, I desired to
Similar to smartphones and computers, Bluetooth is one of the modern-day pieces of tech that has spread wide and far. Billions of devices of all types around the world have the technology woven into their build. So when news about the BlueBorne vulnerabilities broke back in late 2017, everyone’s ears perked up. Fast forward to
McAfee Labs has noticed a significant shift by some actors toward using trusted Windows executables, rather than external malware, to attack systems. One of the most popular techniques is a “fileless” attack. Because these attacks are launched through reputable executables, they are hard to detect. Both consumers and corporate users can fall victim to this
I walked into my niece’s room and found her busy making colourful bands. “What are these for?” I asked. “Friendship Day is coming up and this year I have decided to make my own bands to give to my friends. Got to finish making them all today.” “That’s lovely,” and then as a thought struck
The summer months can be tough on kids. There’s more time during the day and much of that extra time gets spent online scrolling, surfing, liking, and snap chatting with peers. Unfortunately, with more time, comes more opportunity for interactions between peers to become strained even to the point of bullying. Can parents stop their kids
Do you or someone you know lives in Egypt and holds an account on Facebook, Twitter, or/and other social media platforms with more than 5000 followers? If yes, your account can be censored, suspended and is subject to prosecution for promoting or spreading the fake news through social media platforms. On July 16, the Egyptian
Yet another bluetooth hacking technique has been uncovered. A highly critical cryptographic vulnerability has been found affecting some Bluetooth implementations that could allow an unauthenticated, remote attacker in physical proximity of targeted devices to intercept, monitor or manipulate the traffic they exchange. The Bluetooth hacking vulnerability, tracked as CVE-2018-5383, affects firmware or operating system software
The Apache Software Foundation (ASF) has released security updates to address several vulnerabilities in its Tomcat application server, one of which could allow a remote attacker to obtain sensitive information. Apache Tomcat is an open source web server and servlet system, which uses several Java EE specifications like Java Servlet, JavaServer Pages (JSP), Expression Language,
Security researchers have uncovered a “highly targeted” mobile malware campaign that has been operating since August 2015 and found spying on 13 selected iPhones in India. The attackers, who are also believed to be operating from India, were found abusing mobile device management (MDM) protocol—a type of security software used by large enterprises to control
India-linked highly targeted mobile malware campaign, first unveiled two weeks ago, has been found to be part of a broader campaign targeting multiple platforms, including windows devices and possibly Android as well. As reported in our previous article, earlier this month researchers at Talos threat intelligence unit discovered a group of Indian hackers abusing mobile
At Google Cloud Next ’18 convention in San Francisco, the company has introducedTitan Security Keys—a tiny USB device, similar to Yubico’s YubiKey, that offers hardware-based two-factor authentication for your online accounts with the highest level of protection against phishing attacks. These hardware-based security keys are thought to be more efficient at preventing phishing, man-in-the-middle (MITM)
Almost three years after the arrest of two young Dutch brothers, who pleaded guilty to their involvement in creating and distributing CoinVault ransomware malware, a district court in Rotterdam today sentenced them to 240 hours of community service. In 2015, the two suspects — Melvin (25-year-old) and Dennis van den B. (21-year-old) — were arrested
A team of security researchers has discovered a new Spectre attack that can be launched over the network, unlike all other Spectre variants that require some form of local code execution on the target system. Dubbed “NetSpectre,” the new remote side-channel attack, which is related to Spectre variant 1, abuses speculative execution to perform bounds-check
Following Apple’s lead in banning cryptocurrency mining apps, Google has also updated its Play Store policy this week to ban apps that mine cryptocurrencies on users’ devices in the background. However, there are countless cryptocurrency mining apps, including MinerGate, AA Miner, NeoNeonMiner, and Crypto Miner, still available on the Play Store. Cryptocurrency mining is not