Tag Archives: cybersecurity

How You Can Protect Against W-2 Theft This Tax Season

Protect Against W-2 Theft

 Tags :- www.mcafee.com/activate | mcafee.com/activate | mcafee.com activate | McAfee com activate | activate McAfee | McAfee Activate | McAfee Retail Card.

Benjamin Franklin once said only two things are certain in life: death and taxes. And practically everyone can agree – taxes are certain. So, it’s only natural that cybercriminals are trying to take advantage of the certainty of taxes by finding ways to steal all the crucial personal data floating around during tax season. From deceptive phishing scams, to physical theft  – we’ve seen the exploitation of W-2s becoming a major trend as tax season is underway.

We saw W-2 phishing scams run rampant last year, and unfortunately this year is no different.

Just this past week, we saw a deceptive phishing attack compromise the personal information of 100 Waldo County employees in Maine. It began with a cybercriminal impersonating a county official and requesting confidential employee information, including W-2 forms and social security numbers. Easily deceived, an employee sent over the data and just like that, Waldo County employees were faced with potential identity theft. And this isn’t the first case we’ve seen in 2018, as earlier in February the City of Pittsburg was hit by a phishing scheme in which an employee was tricked into giving up the W-2 information of both current and former employees.

W-2 theft isn’t just digital either, as there’s a chance that thieves may head to physical mailboxes and open them in the hopes of discovering envelopes containing W-2 forms. In fact, authorities in Minnesota are expecting such thing to occur and have been warning residents to be extra vigilant with their mail.

So, whether the thievery is digital or physical, it’s important we all start taking action to protect against W-2 theft and secure our personal identities this tax season. To do just that, follow these tips:

  • File before cybercriminals do it for you. The easiest defense you can take against tax seasons schemes is to get your hands on your W-2 and file as soon as possible. The more prompt you are to file, the less likely your data will be raked in by a cybercriminal.
  • Obtain a copy of your credit report. FYI – you’re entitled to a free copy of your credit report from each of the major bureaus once a year. So, make it a habit to request a copy of your file every three to four months, each time from a different credit bureau. That way, you can keep better track of and monitor any suspicious activity and act early if something appears fishy.
  • Beware of phishing attempts. It’s clear that phishing is the primary tactic crooks are leveraging this tax season, so it’s crucial you stay vigilant around your inbox. This means if any unfamiliar or remotely suspicious emails come through requesting tax data, double check their legitimacy with a manager or the security department before you respond. Remember: the IRS only contacts people by snail mail, so if you get an email from someone claiming to be from the IRS, stay away.
  • Consider an identity theft protection solution.  If for some reason your personal data does become compromised, be sure to you an identity theft solution such as McAfee Identity Theft Protection, which allows users to take a proactive approach to protecting their identities with personal and financial monitoring and recovery tools to help keep their identities personal and secured.

Source : Securingtomorrow.mcafee.com

McAfee.com/activate : Blog

Could You Have a Toxic Relationship with Your Smartphone?

Could You Have a Toxic Relationship with Your Smartphone

It’s the elephant in the room no one wants to talk about: our devotion to and dependence on our smartphones. For most of us, our children included, smartphones have become an appendage; a limb of voracious digital consumption and social obligation that keeps us scrolling, refreshing, swiping, and responding with no end in sight.

Any friend or psychologist would encourage us to rid ourselves of toxic relationships that hinder — even threaten — our emotional and physical well-being, but what if that relationship is with a smartphone? Would you be willing to give it up (or reset the relationship) if you knew it was toxic?

Researchers are increasingly debating the impact of the smartphone on our emotional well-being, and the debate often returns to striking a balance between the ethical design of technology versus corporate profitability. One of the most compelling arguments is that of researcher Tristan Harris, a former Google Design Ethicist, on a crusade to inspire people to stop clicking and start caring about how technology is intentionally designed to shape the behavior of the people who use it. Harris has launched a nonprofit called Time Well Spent. His viral TED Talk proposes a renaissance in online design that can free tech users from being manipulated by apps, websites, and advertisers as the race for user attention increases.

From Facebook notifications to Snapstreaks to YouTube auto plays, Harris argues that our online behavior is anything but random. Instead, our thoughts and feelings are being carefully manipulated by technologists behind the scenes persuasively competing for more and more our attention.

Not convinced you among the tech lemming crowd? I wasn’t either. But the discussion got me thinking and inspired me to make some specific changes to test my smartphone dependence.

5 Ways to Drastically Reduce Smartphone Dependence

  • Turn your phone to grayscale mode (google how to do this – it’s amazing)
  • Turn off all push notifications (reclaim your attention span).
  • Park your phone in one physical location (stop carrying it everywhere).
  • Stand up when you use your phone (no more getting cozy for hours).
  • Ban your phone from the bedroom (get an alarm clock).

I made these changes for a week and here’s what happened.

Not as interesting, right?
Grayscale mode, iPhone.

Absolutely no fun in sight for the first three days. Initially, I felt overcome with a sense of vulnerability, panic even that suddenly, somehow, I wasn’t in control of something. I felt an overwhelming need to check my phone every 15-30 minutes. That time gradually increased to about an hour by the third day. Not having my phone nearby, I was sure I’d miss out on something important. For the first few days, I constantly felt as if I had lost something and I’d get up and wander around before realizing my phone was docked safely in the kitchen — just like when I was growing up and had to physically walk to the kitchen to use the phone. I resolved to check my phone once every three hours rather than carry it with me from room to room. When I did check it, surprisingly, the world had not collapsed without my attention to it. I found an average of three texts (two from family with non-critical comments, and usually, one discount text from a retailer).

Because I turned my screen grayscale (wow, what a game changer!) I didn’t feel the anticipation of checking social media, scrolling, reciprocating, uploading, or commenting. My phone in the grayscale mode made using it stale, almost irritating. I realized looking at my phone in grayscale that I being overly influenced and pulled by pretty pictures and all the colors, sounds, links, and prompts, which had come to own my attention. Sadly, I was giving my time to this relationship without any meaningful, lasting benefit coming back to me. I was in a toxic relationship, and something had to change.

By the end of the week, I felt awesome, empowered almost. I had successfully distanced myself from a toxic relationship and redefined it on my terms. I also realized something profound: There’s an unspoken cost to unbalanced technology use I’m not willing to hand over any longer, and that is my time.

When I parked my phone in the kitchen, banned it from the bedroom, and refused to sit down with it, I noticed patches of extra time magically appear in my day. What could I do with all the time I once poured into my phone? As it turns out, quite a lot.

I’m keeping my new habits, and I’m encouraging my family to do the same for a good reason. Here’s what we know: Kids are spending more time on digital devices than ever before, and that trend has no reason to reverse. Anxiety disorders linked to social media use is at an all-time high. Also, researchers are confirming the link between technology, depression, and suicide among youth

How We Price the McAfee SECURE Certification (The 4 Risk Factors)

McAfee SECURE Certification
Tags :- www.mcafee.com/activate | mcafee.com/activate | mcafee.com activate | McAfee com activate | activate McAfee | McAfee Activate | McAfee Retail Card.

Not all websites are created equal. Some have thousands of pages and receive millions of hits every day, while others get less traffic but have a slew of intricate components, such as credit card forms. The way we price our McAfee SECURE certification service, therefore, has to account for the enormous variety of websites out there.


To accomplish this (very tricky) task, we created an assessment that looks at four major factors of a website. Based on the risk factors, we derive a score from 1-100, and from that score, we set a price. Higher scores mean higher prices, but a website that scores 16 will pay the exact same price as all the other websites that score 16. It doesn’t matter if your website looks and acts completely different from another website that scored the same—both will always pay the same price for certification.

The 4 Risk Factors Are:


What counts as “engagement?” Everything from loading a page, to clicking on links, to posting comments—all the way up to entering credit card info. Once we assess all of it, it’s simple: the more your website asks from visitors, the higher your engagement score will be.


Pages, pages, pages. And of course, the stuff that’s on them. The more you have, the more content we have to scan and certify. The more time and resources that go to use, the higher your size score.


A heavily trafficked website is that much more likely to attract unwanted attention than a lightly trafficked one, and we price that risk accordingly. So if you have two identical websites and one gets a million hits a day and the other gets a thousand? You guessed it—the popular site costs more to certify.


If you’ve been breached by hackers in the past 24 months, you’re more likely to be hit again. This risk factor also affects the price, and may even require you to undergo a security review with our team of experts before we feel comfortable certifying your website as secure.

Source : blog.mcafeesecure.com

McAfee.com/activate : Blog

McAfee SECURE Certification Now Includes Identity Protection for Your Buyers


Tags :- www.mcafee.com/activate | mcafee.com/activate | mcafee.com activate | McAfee com activate | activate McAfee | McAfee Activate | McAfee Retail Card.

Today, we’re excited to announce that McAfee SECURE Certification Pro sites can now give their buyers free Identity Protection. Now you can address one of the top concerns of internet users by adding another layer of protection to your McAfee SECURE service.

Give your customers another reason to buy.

Because internet users are so worried about online security (almost 9 in 10, according to a 2013 survey), any indications that you’re making their security a priority is going to sit well with them. You already have McAfee SECURE certification, which eases their concerns before they buy. And now with Identity Protection, you’re able to:

  • Make customers feel safe after they buy as well
  • Show customers you care about their security
  • Boost conversions by turning on-the-fence shoppers into buyers
  • Build customer loyalty by giving them free identity theft insurance

And from a consumer perspective, Identity Protection is completely free. That’s right. Just because they bought from your site, they’re protected for up to $100,000. All they have to do to get it is take 2 minutes to activate the service. What’s a consumer not to like about buying from you?

So what exactly is Identity Protection?

Identity Protection is a type of insurance that, in the unfortunate but all-too-common event of identity theft, helps your customers cover the costs associated with getting their lives back. Once they enable the service, they’re protected forever.

Why is this a valuable service?

Because even if your site already has security features like an SSL certificate and McAfee SECURE certification, identity theft can still happen. Consumers know this, and want to be protected from this worst-case scenario.

Some facts about the cost of identity theft, from the Department of Justice, might be useful here:

  • More than 17 million Americans suffered identity theft in 2014
  • 14% of victims reported an out-of-pocket loss (i.e. the cost wasn’t covered)
  • Of those reporting a loss, roughly half lost more than $100, and 14% lost more than $1,000.

Here is what is covered by Identity Protection (it’s a lot).

  • Any legal costs for up to $100,000
  • Up to $5,000 for any fraudulent withdrawals from bank accounts
  • Up to $3,000 dollars for child and elderly care, plus up to $3,000 in any loss of income
  • Up to $1,000 for any traveling expenses, and up to $1,000 for replacing documents

Here’s what you need to do

Giving Identity Protection to your customers is super easy. All you need to do is add an extra line of code to your site’s purchase confirmation page. This code allows us to send them an email containing the insurance certificate they need to file a claim. The code looks like this:


You’ll also want to add a single line of code that will add an engagement kicker. The kicker will let visitors know that if they buy from you, their identities will be protected. That’s why it’s a good idea to put it anywhere you want more conversions — like product pages, in the shopping cart, and near credit card forms. The kicker will look like this:


The line of code that lets you add the kicker is simple. It looks like this:


Your verification page will also reflect the change:


Once you’ve installed the code snippets, you’re done! After a customer makes a purchase on your site, they will now receive an email from you informing them of their coverage, and they’ll feel more confident making future purchases, making you more money.

Source : blog.mcafeesecure.com

McAfee.com/activate : Blog

How McAfee is Adapting to the Mobile Landscape with New Partnerships and Innovation

How McAfee is Adapting to the Mobile Landscape with New Partnerships and Innovation

 Tags :- www.mcafee.com/activate | mcafee.com/activate | mcafee.com activate | McAfee com activate | activate McAfee | McAfee Activate | McAfee Retail Card.

Mobile World Congress (MWC) 2018 is finally upon us, and mobile and security providers from around the world are in Barcelona presenting the latest and greatest insight and innovation. At this year’s MWC, McAfee is excited to present our own unique insights and innovations, some of which are supported by our partners. These include: McAfee Secure Home Platform Skill for Amazon Alexa, the 2018 McAfee Mobile Threat Report, and our industry partnerships with Samsung, Telefónica, Türk Telekom, NTT DOCOMO.

Adapting to Alexa

As we know, the growing type and number of connected devices has changed the way security operates – which is why our team created McAfee Secure Home Platform in the first place. But now, we’re excited to announce the planned launch of the new McAfee Secure Home Platform skill for Amazon Alexa, one of the most popular connected devices out there today. Customers with a McAfee Secure Home Platform enabled router can easily manage their connected home’s network security using their voice. And it’s already gaining traction with MWC attendees, as McAfee just won “Best of MWC 2018” from PC Mag for the Alexa skill!

Insight on the changing mobile landscape

Your phone is not just a phone. It is a rich computing environment that contains the keys to your connected life. And as the 2018 McAfee Mobile Threat Report reveals, cybercriminals know that, and are tailoring their strategy to our dependency on our mobile devices. The report aims to provide insight on the explosion of mobile malware and dramatic changes to the mobile landscape. The report also tells us that there have been over 16 million infestations detected in the third quarter of 2017 alone – nearly double the number from last year.

Partnerships that strengthen our customers’ security

The ever-changing mobile landscape is precisely why we’re working with our partners to find new ways to secure our customers’ mobile devices and digital lives. McAfee is today announcing key partnerships to ensure security is built-in across devices and networks. It’s more important than ever that the entire ecosystem works together to protect consumers around the world from these attacks and deliver them peace of mind. So, how exactly are we doing this? For starters, our partnership with Samsung has expanded to safeguard all Galaxy S9 smartphones, the Galaxy Note8, along with Samsung smart TVs, PCs and notebooks. We also announced a partnership with Telefónica, which will help protect Telefónica customers, and provide always on protection for every connected device in the home. We also announced a strategic partnership with Türk Telekom to deliver cross-device security protection. What’s more – NTT DOCOMO and McAfee now have an extended partnership in order to deliver Wi-Fi protection and security to NTT DOCOMO mobile users.

We’re excited to see what’s to come for the rest of MWC, and how these announcements will help improve our customers’ lives. With these new innovations, we hope our 400 million customers can live their digital lives with confidence and comfort.

Source : blog.mcafeesecure.com

McAfee.com/activate : Blog

10 Identity Protection Tips You Need To Know


 Tags :- www.mcafee.com/activate | mcafee.com/activate | mcafee.com activate | McAfee com activate | activate McAfee | McAfee Activate | McAfee Retail Card.

Our lives and personal information are increasingly online. And though going digital saves time and trees, it can be risky. In fact, roughly 1 in 14 Americans become a victim of identity theft every year.

But there are steps you can take to make you less likely to be one of those unlucky 1 in 14. In this post, we’re going to go over 10 tips to protect your identity both online and off.

TIP #1 – Use HTTPS sites whenever possible

HTTPS sites offer you better protection, because any information you enter on them—like contact information, passwords, or credit card details—will be encrypted.

TIP #2 – Do not keep a password document

Many people have a document on their computers called “passwords.” This is dangerous, as it is easily accessible. A better, more secure solution is to use a web-based password management tool such as LastPass or 1Password.

TIP #3 – Protect your home computers

Simple, free software like antivirus and a firewall can ensure that your computers — and personal information — aren’t compromised by hackers.

TIP #4 – Get annual credit report

It never hurts to check up on your credit report once a year to make sure it doesn’t include suspicious accounts. It’s usually free, too!

TIP #5 – Guard your personal information

If you get unsolicited requests for personal information, or a random email asking you to click on a link, be on guard. Make sure you verify the identity of the person or company requesting it. It could be a scam.

TIP #6 – Monitor account activity daily

Be vigilant about checking your checking, savings and other financial accounts daily to catch fraud before it costs you.

TIP #7 – Protect your Social Security Number

Keep your card and any documents with your social security number on them in a safe place. Don’t carry them on your person, unless you have to.

TIP #8 – Use a strong password on your mobile devices

These days there are great apps to access your financial information and tax information on your mobile phone. Protect your mobile devices with a strong password.

TIP #9 – Beware of phishing scams

Phishing emails try and trick you into giving out your credit card, passwords, or social security number. Remember that trustworthy companies would ask you to log into your account before sending any personal information.

TIP #10 – Shred your documents

Identity thieves can find sensitive information in documents you throw away, such as bank statements and bills. You can protect yourself by shredding all your sensitive documents before dumping them in the trash.

Source : blog.mcafeesecure.com

McAfee.com/activate : Blog

The Need for Cybersecurity Products, and Companies, to Talk to Each Other


 Tags :- www.mcafee.com/activate | mcafee.com/activate | mcafee.com activate | McAfee com activate | activate McAfee | McAfee Activate | McAfee Retail Card.

There are a considerable measure of cyberthreats out there. Also, some may take comfort that there are 1,300 cybersecurity programming firms fighting against them. That may appear like a great deal, however despite a large number of online perils, it’s a fight that is not generally won. A large portion of these cybersecurity associations are, truth be told, going up against the test in relative vacuums, each endeavoring to take care of similar issues in various ways. This basically makes isolate front lines, as opposed to working together in this mind-boggling digital war.

We know there is a need to lessen multifaceted nature, particularly given the battle to get enough IT security aptitude and headcount, and clients gripe it’s hard to get numerous items cooperating and keeping up those combinations. Truth be told, 67%1 of client respondents demonstrate that investigation and tasks ventures are being disabled in light of an excessive number of point arrangements, rather than utilizing an incorporated stage. So it’s vital to investigate how cybersecurity firms function, and cooperate.

This is the test that drove McAfee to make the “Information Exchange Layer” (DXL) in 2014. The thought is straightforward: organizations team up in a data/insight trade. The DXL correspondence texture interfaces and enhances security activities over different seller items, and also inside created and open-source arrangements. Undertakings increase secure, close constant access to new information and moment collaborations with different items.

Starting today, the DXL environment has in excess of twelve members, including Aruba, Check Point, Cisco, Huawei, Interset, SAS, and Titus. What’s more, in the previous a half year alone 24 organizations have started the procedure to join, including IBM Security, Juniper, and VM Ware.

Open DXL

The DXL idea got a major lift in 2016, when McAfee reported it would open the DXL source code to engineers (the “Open DXL” activity). OpenDXL helps engineers and undertakings unreservedly use DXL, giving the “keys to the kingdom” to 1,500 programming designers to date. That is an extra 1,500 programming engineers battling for everybody’s wellbeing.

The OpenDXL.com site is the point of convergence for the OpenDXL people group and enables engineers to envision, find, assemble, send, or talk about administrations for the DXL interchanges texture. The objective is to enable DXL combinations, give an index of accessible applications, and sustain new thoughts.

The OpenDXL activity has indicated expanding appropriation, with 57 group constructed combinations on opendxl.com to date. Arrangements are supported through a product engineer unit (SDK), distributed to the GitHub source code vault and OpenDXL.com. Through the OpenDXL activity, incorporation and coordination are currently reached out to open-source and venture applications.

Joining with Cisco

DXL keeps on advancing with a strong stage to arm for cybersecurity fighting. In late 2017 McAfee and Cisco started a joint incorporation amongst DXL and Cisco’s own informing texture, PxGrid, making the business’ biggest risk security coordination (100 accomplices) biological system.

Industry and venture pioneers have since quite a while ago called for more noteworthy perceivability and adequacy in security tasks. Cisco pxGrid and DXL interoperability stamp the first run through this has been accomplished at such scale. Together this joint framework gives clients perceivability and continuous security arrangement, sharing data between the system and the endpoint. Bi-directional information stream enhances coordinated applications with nitty gritty data, permitting investigators perceivability into basic information, for example, what is on their system, current security act, benefit levels, and that’s only the tip of the iceberg. With the two textures interoperating, associations would now be able to drive mixes with security arrangements from many merchants.

McAfee groups additionally contributed a few new ventures to OpenDXL.com, including a Docker-based advancement condition that gets individuals up and running in five minutes. Organizations, for example, MGM and AT&T have grasped the idea. Today DXL has more than 3,000 clients and seven million introduced customers with mechanized procedures that can cross already siloed devices. This enables clients to proficiently and viably oversee dangers by connecting endpoint, system and security task spaces to close security holes.

The Future

It may not shock individuals that there is a deficiency of designers in the cybersecurity business. What’s more, as the advanced world develops into new fields like counterfeit consciousness, and the Internet of Things puts cybersecurity unequivocally into our homes, the dangers will likewise develop. We should cooperate as an industry.

This is only the start of an essential development. We are at an intersection. We have to challenge our own convictions.

We should enable security groups to quit investing their energy in monotonous mixes and manual undertakings, and rather center around shielding against enemies. Associations should hope to boost the estimation of their condition with arrangements that incorporate. Layering new innovations that don’t address each other just makes holes that enemies can abuse. Coordinated effort all through the security business is basic to shutting data holes, breaking storehouses and giving the perceivability we have to shield our most essential resources from cybercriminals.

To put it plainly, we have to converse with each other. Also, the devices we create need to converse with each other, and cooperate.

Source : Securingtomorrow.mcafee.com

McAfee.com/activate : Blog

What do cybersecurity and the board game Battleship have in common?


 Tags :- www.mcafee.com/activate | mcafee.com/activate | mcafee.com activate | McAfee com activate | activate McAfee | McAfee Activate | McAfee Retail Card.

A long day of encouraging a customer to reconsider their lack of desire to develop a plan, build a security architecture that included automation and orchestration –  with the ability to measure value vs. just adding tools as needed – led to a very late-night drive home. I was encouraged the customer invited me back to prove my case, but it was one of those days that left me shaking my head. In reflecting on the day and all the discussions, I kept thinking back to how many times both sides used the words “cybersecurity strategy.”

Clearly, strategy is one of those words that takes on different meaning depending on the context. A thought that came to mind on my drive home was that cybersecurity is very much like the board game Battleship. Both involve strategy, and operate in a “static model”.  In the game Battleship, as you may recall, the game play is simple: each player arranges five ships—an aircraft carrier, battleship, cruiser, submarine, and destroyer—on a ten-by-ten grid of squares and attempts to “sink” his opponent’s ships by calling out the squares where he believes his enemy’s ships are hiding. Most players approach the game as essentially one of chance, targeting squares at random and hoping for a “hit.” In the Battleship game, once the player positions and arranges their ships they cannot move them so in turn they become static targets. One could say the same holds true for our classic cyber security defenses. Once we position all our defensive sensors across our environments they remain static.

But is there a better strategy? In Cybersecurity we tend to deploy strategy in a similar fashion. We establish a perimeter, network and internal protections with Firewalls, Security Gateways, IPS’s, Endpoint Security etc., and wait for the adversary to guess where to attack us. They then refine their method until they achieve their objective. Clearly it is time for a change in cybersecurity game theory.

One concept that has not been yet fully explored is that of the Moving Target Defense (MTD). Not a new concept by any means, early research dates back to prior to 2011, however it is one I believe requires much more attention by the industry. The Department of Homeland Security (DHS) defines MTD as the concept of controlling change across multiple system dimensions in order to increase uncertainty and apparent complexity for attackers, reduce their window of opportunity and increase the costs of their probing and attack efforts. DHS believes in this concept so much they have invested Research & Development money to advance the idea past the concept stage.

MTD assumes that perfect security is unattainable. Given that starting point, and the assumption that all systems are compromised, research in MTD focuses on enabling the continued safe operation in a compromised environment and to have systems that are defensible rather than perfectly secure.

MTD will enable us to create, analyze, evaluate and deploy mechanisms and strategies that are diverse and that continually shift and change over time to increase complexity and cost for attackers, limit the exposure of vulnerabilities and opportunities for attack, and increase system resiliency.

In an ideal case, I envision a scenario where an administrator would have the ability to set via policy variable time intervals to “move or shift” an entire network environment, or enclave including applications along with changing privileged account credentials, and leave a ghost network (think honeynet) in its place to capture forensics data for further review and analysis. There are several new innovative cybersecurity companies out there that have developed unique and forward-thinking deception technologies. I look forward to seeing what the art of the possible is in this space in the near future!

Good luck and good hunting…. Here is to you never having to say, “you sunk my battleship!”C

Source : Securingtomorrow.mcafee.com

McAfee.com/activate : Blog

Inside the Capabilities and Detection of UDPoS Malware


 Tags :- www.mcafee.com/activate | mcafee.com/activate | mcafee.com activate | McAfee com activate | activate McAfee | McAfee Activate | McAfee Retail Card.

Imagine a job that changes every day of your life, where you get to do something new each week – that’s what it’s like working in the cybersecurity industry. For me, this is ideal—smarter adversaries, new challenges, and the constant struggle to predict and prepare for the future of security in information technology makes this feel a lot less like work. However, it’s important to remember that we do this only because people are getting hurt, often literally. And that’s a sobering and humbling perspective. In many scenarios, a successful campaign can have drastic effects on the victims’ lifestyles and finances. In today’s example, the victims, point-of-sale systems, are being attacked by a POS malware and are being targeted for identity and financial theft.

This particular attack leveraged a POS malware dubbed UDPoS, aptly named for its somewhat uncommon data exfiltration method over UDP, specifically via DNS queries. Although this malware is definitely not the first of its kind (see Multigrain POS malware, DNSMessenger), it certainly is an uncommon technique, and intelligent in that many organizations deprioritize DNS traffic for inspection as compared to HTTP and FTP. Coupled with the fact that UDPoS allegedly leverages a popular remote desktop service known as LogMeIn, and you have a malware campaign that could have a broad reach of victims (in this case unpatched or dated POS systems), and a unique ability to avoid detection for data exfiltration.

Although uncommon, and perhaps somewhat covert in its ability to transmit data over DNS, this malware does offer an upside for defenders — attackers will continue to use protocols which do not employ encryption. The move to SSL or other encryption methods for data exfiltration has been surprisingly inconsistent, meaning detection is relatively simple. This makes the need for communication and visibility of these kinds of techniques essential.

As defenders, McAfee’s Advanced Threat Research team actively monitors the threat landscape and tracks both new and current techniques for every stage of malware—from reconnaissance to infection, lateral movement, persistence, command and control, and exfiltration. We will stay closely tuned to determine if this technique grows in popularity or evolves in capabilities.

We are constantly playing a game of cat and mouse with the adversaries. As we adapt, protect, and attempt to predict new methods of malicious activity, we can be certain the same efforts are being made to evade and outsmart us. Our challenge as a security community is to work together, learn from each other, and apply these learnings toward recognizing and mitigating new threats, such as the DNS exfiltration method employed by UDPoS.

Source : Securingtomorrow.mcafee.com

McAfee.com/activate : Blog

World Economic Forum Sets High Bar on Public-Private Cybersecurity Partnerships


 Tags :- www.mcafee.com/activate | mcafee.com/activate | mcafee.com activate | McAfee com activate | activate McAfee | McAfee Activate | McAfee Retail Card.

This week’s World Economic Forum (WEF) in Davos, Switzerland featured the launch of the World Economic Forum System Initiative on Shaping the Future of Digital Economy and Society, a global platform for coalitions of public and private sector entities to “collaborate and accelerate progress against shared digital economy goals and to shape a digital future that is sustainable, inclusive, and trustworthy.”

The Forum has partnered with The Boston Consulting Group to produce a report entitled Cyber Resilience Playbook for Public-Private Collaboration, which contextualizes cybersecurity policies through 14 key areas of potential cooperation between governments and corporations. While countries and cultures must make their own choices on how to address the public-private policy challenges facing us in the years ahead, we at McAfee argue that the government and business leaders meeting in Davos this week must answer critical policy questions in four critical areas to truly have a constructive, positive impact in shaping the evolution of cyberspace in 2018 and beyond.

The Uncertainty of Attribution

Attribution is among the most complex and challenging aspects of cybersecurity, and the implications of getting active defense responses wrong based on faulty attribution are particularly daunting. Government and business leaders must be wary of these dynamics as cyber-attacks inflict greater levels of damage, and as cyber-attack victims demand accountability and retaliation based on such imprecise attribution.

Digital forensic work can suggest a perpetrator behind a cyber-attack, but it rarely does so with certitude. Level-headed attackers will naturally seek to implicate some other party in their handiwork, so false flags and red herrings often litter the cyber-attack scene.

For instance, it could be risky to draw conclusions about a cyber-attack’s origin and perpetrators solely on things such as the presence of Cyrillic, Mandarin, Korean, Arabic, or Persian characters or words within an identified piece of malware. Once such methods of attribution become accepted best practices, attackers undoubtedly seek to manipulate that acceptance to hide their tracks.

This marks a profound difference from nuclear strategy or conventional terrorism, where proven techniques can source an incoming missile or trace a bomb’s origin. Cyberspace can allow a bit player terror group seeking to pit nation-states against one another with cyber aggression that appears to come from those countries.

There is a clear need for both the private and public sectors to understand where they add value. Pinpointing blame for a cyberattack takes a blend of cutting-edge digital forensics from the public and private sector, and traditional intelligence from public sector intelligence service or law enforcement partners.

The Unpredictability of Active Defense—Hacking Back

Offensive cyber weapons can be programmed to focus on an intended target. In some ways, they are the ultimate precision ordinance—at least in theory.

In actuality, active defense or “hacking back” cyber-attacks can have unpredictable consequences due to the complex interconnectedness of the today’s internet, and the ability of attackers to use that dense complexity to cover their tracks.

Even in capable, officially-sanctioned hands, retaliatory strikes can inadvertently, directly or indirectly impact online services, third-party assets, and individuals in addition to their intended targets.

Add to this wild card exercise any software bugs or coding errors within these cyber weapons, and small flaws could have large consequences, as cyber-attacks could go awry, damaging more unintended networks and third-party actors.

The unpredictable dynamics of “hacking back” should place a tremendous priority on the responsible governance and coordination of active defense efforts by public and private entities.

Zero day vulnerabilities

Governments must always recognize that the private sector’s willingness and commitment to cybersecurity collaboration reliant in part on how transparent governments are about knowledge critical to their mission, including disclosures of zero day vulnerability discoveries.

Private sector actors must always recognize that governments have the unique responsibility to balance vulnerability disclosures with the necessity to protect real human lives by any means necessary, including digital cyber-weapons exploiting such vulnerabilities.

Once such software vulnerabilities are discovered and publicly released “into the wild,” technology vendors can take action to address those vulnerabilities with security updates. Public knowledge of these vulnerabilities also provides hackers blueprints for exploiting them through cyber-attacks. If withheld, governments can use their knowledge of the zero day vulnerabilities for cyber-espionage or cyber-warfare campaigns.

While it is reasonable to assume that governments should take an active, responsible role in the research and timely public disclosure of such vulnerabilities, it is also reasonable to assume that governments should “stockpile” their knowledge of zero day vulnerabilities for use in future covert cyber activities.

After all, isn’t there real humanitarian value in using cyber-attacks to digitally disable power plants or other physical military targets without the physical destruction and loss of life caused by a kinetic weapon such as a bomb?

Successful public-private cybersecurity partnerships must involve an ongoing dialogue, and a pragmatic give and take exchange between actors. Only by addressing this and other potential trust issues can governments, technology vendors, and other private sector actors hope to work together to gain a step on the cyber-attackers working furiously to uncover and take advantage of the same vulnerabilities.

Threat intelligence sharing

Ultimately, information is the lifeblood of cyber-defense. It’s not an exaggeration to say that success in the previously mentioned critical areas of public-private cybersecurity collaboration relies heavily on getting policies right in the crucial area of threat research, data, and other intelligence sharing. “Getting it right” requires that policies reflect the limitations as well as the advantages of sharing.

Data collected and shared by governments could be out of date in the minds of cybersecurity industry actors. There will always be concerns that government or industry members of information sharing communities might play “free rider,” benefiting from drawing volumes of other organizations’ data and intelligence, while contributing little information of their own.

Strong processes must enable effective, real-time sharing of the data that matters most to enable coordinated responses to security events, such as the cross-industry response to major developments like the WannaCry and NotPetya malware outbreaks, and the Meltdown and Spectre firmware exploit revelations of earlier this month.

Beyond episodic collaboration, information sharing must seek to achieve real security improvements over the long-term, while strong privacy protections must be in place to maintain the trust of those whom security efforts are meant to protect.

While leaders at Davos and beyond may understand that cybersecurity is one of the greatest digital challenges of our time, it’s even more important that they understand that no one organization, entity or sector can solve it alone. There’s a reason McAfee believes in the “Together is Power” mantra. The solutions to cybersecurity lie in collaboration and innovation, and public-private partnerships present one of the greatest challenges and opportunities facing us.

Source : Securingtomorrow.mcafee.com

McAfee.com/activate : Blog