0 Comments
The Obama Presidential Policy Directive 20 (PPD-20) that outlined the interagency communications required for the US to deploy cyber-weapons was reversed by President Trump, according to a report from the Wall Street Journal Wednesday 15 August. Infosecurity Magazine contacted the White House for comment, but the Trump administration reportedly has not issued an official statement
0 Comments
by John E Dunn For Intel and more than a billion computers that depend on Intel CPUs, the microprocessor flaws just keep coming. This time, the company was the bearer of its own bad news when it disclosed a weakness dubbed ‘Foreshadow/Foreshadow-NG’ in a security technology called Software Guard Extensions (SGX) that has been baked
0 Comments
Furthering the cause of education in Brazil is the mission that fuels SOMOS Educação’s laser-focused drive toward technology and innovation—and McAfee is playing a pivotal role in that transformation. As CIO Juliano Pereira points out, “Compared to 99% of the educational organizations in Brazil, we are way ahead of the game”—and, in large part, it’s
0 Comments
The first week in security video round-up from WeLiveSecurity Welcome to the first ever week in security video round-up. This weekly video will bring you some of the biggest industry news that we have covered here on WeLiveSecurity. The videos will be presented by ESET’s Global Security Evangelist & Industry Ambassador Tony Anscombe. In this
0 Comments
Sam Thomas, a security researcher from Secarma, has discovered a new exploitation technique that could make it easier for hackers to trigger critical deserialization vulnerabilities in PHP programming language using previously low-risk considered functions. The new technique leaves hundreds of thousands of web applications open to remote code execution attacks, including websites powered by some
0 Comments
The final version of a report on botnet security, commissioned by a 2017 White House cybersecurity executive order,… was recently published. What are the recommendations in this NIST report? What’s missing in the report that enterprises should be aware of? If there is one thing NIST is known for in the information security community, it
0 Comments
Penetration tests help organizations gain a better understanding of how protected they are against cyber-attacks, and when Kaspersky Lab’s performed several dozen cybersecurity assessment tests on corporate networks, it found that the overall level of protection against external attackers was low or extremely low for almost half of the analyzed companies. The report, Security Assessment of Corporate
0 Comments
By Srinidhi, Software Quality Engineer There’s more to life than work.   It’s a commonly held and often stated view, but companies that take it to heart are few and far between. McAfee is one of those few.  Well known as an industry leader, the creator of powerful security technologies and solutions, McAfee also believes it is
0 Comments
Well, there’s something quite embarrassing for Apple fans. Though Apple servers are widely believed to be unhackable, a 16-year-old high school student proved that nothing is impossible. The teenager from Melbourne, Australia, managed to break into Apple servers and downloaded some 90GB of secure files, including extremely secure authorized keys used to grant login access
0 Comments
Klarity, a member of the Y Combiner 2018 Summer class, wants to automate much of the contract review process by applying artificial intelligence, specifically natural language processing. Company co-founder and CEO Andrew Antos has experienced the pain of contract reviews first hand. After graduating from Harvard Law, he landed a job spending 16 hours a
0 Comments
A campaign that began weeks ago and targeted approximately 2,700 Fortune 100 banking institutions in the US and around the world with a widespread botnet attack came to a sudden halt as of 15:37 EST on 15 August, according to researchers at Cofense. The phishing emails appeared to be coming from India and contained the
0 Comments
by Paul Ducklin Sextortion is where someone tries to blackmail you by telling you to pay up or else they’ll reveal something truly personal about your sexuality or your sex life. Recent sextortion scams have tried to amplify your fear by throwing a genuine password of yours into the email, or quoting your actual phone
0 Comments
The modern mom is super-efficient; she manages the home, her profession, family, and a hundred other things efficiently day in, day out. But in recent times, something is playing a spoilsport in this perfect scenario in some cases; and that’s her device. My friend was nostalgic at a party about how she missed her son’s
0 Comments
This post has been updated with a comment from Tesla .  Employees at Tesla’s Nevada gigafactory were allegedly involved in a massive drug ring, stole $37 million worth of precious metals and equipment and illegally spied on former employees at the behest of chief executive Elon Musk, according to a new whistleblower complaint filed against
0 Comments
It likely comes as no surprise that cyber-criminals are financially motivated, but according to new research, many nefarious actors in the cyber world are also driven to a life of digital crime by ego as well as socioeconomic and psychological factors. As follow-up to the recent report Under the Hoodie: Lessons from a Season of
0 Comments
by Paul Ducklin At the recent DEF CON cybersecurity conference in Las Vegas, macOS security researcher Patrick Wardle did something that the responsible disclosure doctrine says is a bit naughty. He “dropped 0day” on Apple’s macOS, meaning that he publicly revealed an exploit for which no patch is yet available. Exploits against unpatched vulnerabilities are
0 Comments
The latest update to the McAfee® ePolicy Orchestrator® platform offers a new add-in to provide insight into the latest analysis carried out by McAfee Labs and the Advanced Threat Research team. The Security Resources section of the McAfee ePO™ console Version 5.10.0 will contain multiple windows providing the latest news. The first window in the section shows an
0 Comments
Heralded as the answer to many cybersecurity issues, machine learning hasn’t always delivered Over the past several years there was no such thing as a security vendor that didn’t have machine learning (ML) – usually mischaracterized it as artificial intelligence (AI) because bandwagons are so attractive, no matter how misleading – and they mostly claimed