November 2020

No matter what size your organisation is, it will suffer a cyber attack sooner or later. There are simply too many malicious actors and too many vulnerabilities for you to identify. Unfortunately, SMEs often fall into the trap of believing that they are too small to be on cyber criminals’ radars. Why would they even think to target you? But criminal hackers target vulnerabilities rather than specific organisations. They look for weaknesses – whether it’s a flaw in a piece of software or an unprotected database containing sensitive information – and leverage it in whatever way they can. That’s why

The post Cyber security statistics for small organisations appeared first on IT Governance UK Blog.

Read More Cyber security statistics for small organisations

Today I’d like to share a quick analysis on a quite new and unknown threat spotted in the wild. The file which grabbed my attention is called Loader.js (md5: 59a03086db5ebd33615b819a7c3546a5) and if you wish you can download it from Yomi. A very similar (or maybe the same) threat has been observed in the past months […]

Read More Threat Actor: Unkown

Information security policies are essential for tackling organisations’ biggest weakness: their employees. Everything an organisation does to stay secure, from implementing technological defences to physical barriers, is reliant on people using them properly. It only takes one employee opening a phishing email or letting a crook into the premises for you to suffer a data breach. Information security policies are designed to mitigate that risk by helping staff understand their data protection obligations in various scenarios. Organisations can have as many policies as they like, covering anything that’s relevant to their business processes. But to help you get started, here are five policies

The post 5 information security policies your organisation must have appeared first on IT Governance UK Blog.

Read More 5 information security policies your organisation must have

tracking apps

70,000 Phishing Emails Sent Impersonating the IRS: How to Stay Protected  You wake up, log in to your Outlook, and find an email waiting in your inbox from [email protected] Much to your confusion, the email claims that you have an outstanding account balance that you must pay immediately, or you will face legal charges.   As it […]

The post 70,000 Phishing Emails Sent Impersonating the IRS: How to Stay Protected appeared first on McAfee Blogs.

Read More 70,000 Phishing Emails Sent Impersonating the IRS: How to Stay Protected

Holiday Video Chat

Zooming with the Grandkids, Nieces, and Nephews: Five Free and Easy Video Chat Apps for the Holidays All the kids are doing it, and so can you. If you haven’t hopped onto a video chat with the family yet, the holidays are a great time to give it a whirl. While there are plenty of […]

The post Zooming with the Grandkids: Five Easy Video Chat Apps for the Holidays appeared first on McAfee Blogs.

Read More Zooming with the Grandkids: Five Easy Video Chat Apps for the Holidays

At McAfee, ensuring our new team members are well prepared and supported for their roles is a top priority. From the first day of onboarding, team members are nurtured and given the tools they need for successful development. McAfee’s traditional in-person orientation process has evolved virtually because of the pandemic. But the approach and goal […]

The post McAfee Team Members Share Their Virtual Onboarding Experiences appeared first on McAfee Blogs.

Read More McAfee Team Members Share Their Virtual Onboarding Experiences

Digital holiday dinner

5 Fun Ways to Keep Family Connections Strong (and Secure) This Holiday The reality is beginning to hit: The holiday season will look and feel different this year. Traditional family gatherings, complete with mile-long dinner tables and flag football games, are now considered COVID “super spreader” events, putting a dent in plans for large gatherings. […]

The post 5 Fun Ways to Keep Family Connections Strong (and Secure) This Holiday  appeared first on McAfee Blogs.

Read More 5 Fun Ways to Keep Family Connections Strong (and Secure) This Holiday 

Strong passwords

Free VPNs May Still Come with a Price If we’re being honest, many of us are consuming a lot of online content these days, whether it be for work, education, or sheer entertainment. I know my family is trying to balance what we need to do online, like meetings and classes, with fun activities like […]

The post Free VPNs May Still Come with a Price appeared first on McAfee Blogs.

Read More Free VPNs May Still Come with a Price

Truebill, Chargebee, Fusebill and other financial apps have been inundating my social feeds and until recently I didn’t understand why I would need one of these apps. I’m the type that knows her bank account  balance to the penny and I was shocked to discover that many of my co-workers and, of course, my college […]

The post What Truebill and Other Financial Apps Have in Common With EDR appeared first on McAfee Blogs.

Read More What Truebill and Other Financial Apps Have in Common With EDR

Today’s U.S. government is in a race to modernize its IT infrastructure to support ever more complicated missions, growing workloads and increasingly distributed teams—and do so facing a constantly evolving threat landscape. To support these efforts, McAfee has pursued and received a Federal Risk and Authorization Management Program (FedRAMP) Authorization designation for McAfee MVISION for […]

The post McAfee MVISION Solutions Meet FedRAMP Cloud Security Requirements appeared first on McAfee Blogs.

Read More McAfee MVISION Solutions Meet FedRAMP Cloud Security Requirements

How To Stay Safe While Shopping Online This Holiday Season I’m pleased to report that I’ve achieved a number of personal bests in 2020 but the one I’m most proud about is my achievement in the highly skilled arena of online shopping. I’ve shopped online like I’m competing in the Olympics: groceries, homewares, clothing – […]

The post Christmas Shopping 2020 appeared first on McAfee Blogs.

Read More Christmas Shopping 2020

Holiday Shopping Online

‘Sleigh’ Holiday Shopping by Protecting Your Online Security And just like that, the holiday shopping season is among us! Like consumers everywhere, you may be trying to plan ahead when it comes to picking out gifts for your friends and family, scouring far and wide to cross items off your list. This year, however, will […]

The post ‘Sleigh’ Holiday Shopping by Protecting Your Online Security appeared first on McAfee Blogs.

Read More ‘Sleigh’ Holiday Shopping by Protecting Your Online Security

smart gifts

Cyber Monday is Coming – 10 Tips to Protect You and Your Family from Online Shopping Scams You’re not the only one looking forward to the big holiday sales like Black Friday and Cyber Monday. Hackers are too. As people flock to retailers big and small in search of the best deals online, hackers have […]

The post Cyber Monday is Coming – 10 Tips to Protect You From Online Shopping Scams appeared first on McAfee Blogs.

Read More Cyber Monday is Coming – 10 Tips to Protect You From Online Shopping Scams

How to Prevent Keyboard Snooping Attacks on Video Calls Video conferencing has really taken off this year. With more people working and learning from home than ever before, video calling has rapidly become the mainstream method for remote communication, allowing users to stay connected. But very few may realize that they might be giving away […]

The post How to Prevent Keyboard Snooping Attacks on Video Calls appeared first on McAfee Blogs.

Read More How to Prevent Keyboard Snooping Attacks on Video Calls

Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about a ransomware group that walked away with 2,200 Bitcoin: More than $33 million based on the current Bitcoin exchange rate. Also, read about this month’s Patch…

The post This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs appeared first on .

Read More This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs

Core to any organization is managing cyber risk with a security operations function whether it be in-house or outsourced. McAfee has been and continues their commitment to protecting cyber assets. We are dedicated to empowering security operations and with this dedication comes expertise and passion. Introducing SOCwise a monthly series of blogs, podcasts and talks […]

The post SOCwise: A Security Operation Center (SOC) Resource to Bookmark appeared first on McAfee Blogs.

Read More SOCwise: A Security Operation Center (SOC) Resource to Bookmark

Change happens – sometimes much faster than expected – like it has in 2020. When the threat landscape shifts suddenly, security professionals must quickly react and change their security posture. This not only means reconfiguring existing security investments but also adding new ones. But given the number of heterogenous security applications sold by multiple vendors, […]

The post Bridge the Gap Between the Security You Have and the Security You Need appeared first on McAfee Blogs.

Read More Bridge the Gap Between the Security You Have and the Security You Need

Using broadband internet

Thankful for broadband internet, and hopeful for much more    Where would we be without our internet this year?  We’ve shopped, worked, studied and taught, job hunted, and cared for each other online this year in ways we haven’t before—not to mention entertained ourselves plenty too. As so many of us have faced challenges and outright adversity this year, it’s difficult to imagine what this year […]

The post Thankful for broadband internet, and hopeful for much more   appeared first on McAfee Blogs.

Read More Thankful for broadband internet, and hopeful for much more  

Corporate boards have many dimensions of responsibility. Cybersecurity can be one of the most nuanced and important areas of focus for a board, but not all board members are well versed in why and what they need to care about related to cybersecurity. Cybersecurity is a board level topic for three main reasons: Cybersecurity breaches […]

The post Are You Prepared for Cybersecurity in the Boardroom? appeared first on McAfee Blogs.

Read More Are You Prepared for Cybersecurity in the Boardroom?

For more than 20 years, the cybersecurity industry has been focused on enterprises, not on a larger national integrated security environment – and certainly not on comprehensive home security. Smart devices that make home life more convenient have been growing in acceptance and adoption, but by and large, the industry continues to concentrate on enterprise […]

The post Home-Point Cybersecurity: Bring Your Enterprise Home appeared first on McAfee Blogs.

Read More Home-Point Cybersecurity: Bring Your Enterprise Home

CVSS Score: 9.8  Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C  Overview  Microsoft released a patch today for a critical vulnerability (CVE-2020-17051) in the Windows NFSv3 (Network File System) server. NFS is typically used in heterogenous environments of Windows and Unix/Linux for file sharing. The vulnerability can be reproduced to cause an immediate BSOD (Blue Screen of Death) within the nfssvr.sys driver. Interestingly, the November patches from Microsoft also include a remote kernel data read […]

The post CVE-2020-17051: Remote kernel heap overflow in NFSv3 Windows Server appeared first on McAfee Blogs.

Read More CVE-2020-17051: Remote kernel heap overflow in NFSv3 Windows Server

Paying Tribute November 11 marks Veterans Day and Remembrance Day. It is a time for us to come together and honor the brave men and women who have risked their lives to protect our nations. We pay tribute to those who have served in the U.S. military during Veterans Day. In the Commonwealth countries, we honor […]

The post Honoring Our Brave Military Veterans from the McAfee Community appeared first on McAfee Blogs.

Read More Honoring Our Brave Military Veterans from the McAfee Community

Malicious actors are increasingly taking advantage of the burgeoning at-home workforce and expanding use of cloud services to deliver malware and gain access to sensitive data. According to an Analysis Report (AR20-268A) from the Cybersecurity and Infrastructure Security Agency (CISA), this new normal work environment has put federal agencies at  risk of falling victim to […]

The post How CASB and EDR Protect Federal Agencies in the Age of Work from Home appeared first on McAfee Blogs.

Read More How CASB and EDR Protect Federal Agencies in the Age of Work from Home

Among Us – one of the Most Popular Online Game of 2020 (pictured credit: axel 795, Pixabay) If you have teens and you haven’t yet heard of ‘Among Us’ then I guarantee it won’t be long. Among Us is an online deception and strategy game that is having a real moment worldwide. Over the last […]

The post What You Need to Know About Among Us appeared first on McAfee Blogs.

Read More What You Need to Know About Among Us

Cybersecurity professionals know this drill well all too well. Making sense of lots of information and noise to access what really matters. XDR (Extended Detection & Response) has been a technical acronym thrown around in the cybersecurity industry with many notations and promises. This can be intriguing and nagging for cybersecurity professionals who are heads down defending against the persistent adversaries. The intent of this blog is to clarify XDR and remove the noise and hype into relevant and purposeful cybersecurity […]

The post Unravel the XDR Noise and Recognize a Proactive Approach appeared first on McAfee Blogs.

Read More Unravel the XDR Noise and Recognize a Proactive Approach

children learning about misinformation

Helping Your Family Combat Digital Misinformation If 2020 has taught us anything, it’s that our ability to think critically about the information we encounter online is now a fundamental life skill we need to learn, practice, and pass on to our offspring. But the actual task of teaching kids how to discern real and fabricated […]

The post Helping Your Family Combat Digital Misinformation appeared first on McAfee Blogs.

Read More Helping Your Family Combat Digital Misinformation

Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about eight new malware samples that were developed and deployed by Russian hackers in recent attacks. Also, read about how the operators of the REvil ransomware strain…

The post This Week in Security News: US Cyber Command Exposes New Russian Malware and REvil Ransomware Gang ‘Acquires’ KPOT Malware appeared first on .

Read More This Week in Security News: US Cyber Command Exposes New Russian Malware and REvil Ransomware Gang ‘Acquires’ KPOT Malware

By: Heiko, Senior Security Engineer, Germany I never could have imagined that what started as a national duty to volunteer in Germany would spark an innate passion of giving back to those in need during a time of crisis. For many years, German men were required to spend 15 months in the military after graduating […]

The post One Team Member Selflessly Provides Relief to COVID-19’s Front Line appeared first on McAfee Blogs.

Read More One Team Member Selflessly Provides Relief to COVID-19’s Front Line

Executive Summary It is rare to be provided an inside view on how major cyber espionage campaigns are conducted within the digital realm. The only transparency afforded is a limited view of victims, a malware sample, and perhaps the IP addresses of historical command and control (C2) infrastructure. The Operation North Star campaign we detailed […]

The post Operation North Star: Behind The Scenes appeared first on McAfee Blogs.

Read More Operation North Star: Behind The Scenes

McAfee’s Advanced Threat Research (ATR) today released research that uncovers previously undiscovered information on how Operation North Star evaluated its prospective victims and launched attacks on organizations in Australia, India, Israel and Russia, including defense contractors based in India and Russia. McAfee’s initial research into Operation North Star revealed a campaign that used social media […]

The post Operation North Star: Summary Of Our Latest Analysis appeared first on McAfee Blogs.

Read More Operation North Star: Summary Of Our Latest Analysis

The McAfee Advanced Threat Research team today published the McAfee Labs Threats Report: November 2020. In this edition, we follow our preceding McAfee Labs COVID-19 Threats Report with more research and data designed to help you better protect your enterprise’s productivity and viability during challenging times. What a year so far! The first quarter of […]

The post McAfee Labs Report Reveals Continuing Surge of COVID-19 Threats and Malware appeared first on McAfee Blogs.

Read More McAfee Labs Report Reveals Continuing Surge of COVID-19 Threats and Malware

There are new and expanding opportunities for women’s participation in cybersecurity globally as women are present in greater numbers in leadership. In recent years, the international community has recognized the important contributions of women to cybersecurity, however, equal representation of women is nowhere near a reality, especially at senior levels. The RSA Conference USA 2019 held […]

The post SPOTLIGHT: Women in Cybersecurity appeared first on McAfee Blogs.

Read More SPOTLIGHT: Women in Cybersecurity

NIST requests comments on Draft Federal Information Processing Standard (FIPS) 201-3, Personal Identity Verification (PIV) of Federal Employees and Contractors. This Standard defines common credentials and authentication mechanisms offering varying deg…

Read More Draft FIPS 201-3 and Workshop: Personal Identity Verification (PIV) of Federal Employees and Contractors