Tips & Advice

Overview On March 21st, 2021, the McAfee Enterprise Advanced Threat Research (ATR) team released several vulnerabilities it discovered in the Netop Vision Pro Education software, a popular schooling software used by more than 9,000 school systems around the world. Netop was very responsive and released several updates to address many of the critical findings, creating

Executive Summary Today, enterprises tend to use multiple layers of security defenses, ranging from perimeter defense on network entry points to host based security solutions deployed at the end user’s machines to counter the ever-increasing threats. This includes inline traffic filtering and management security solutions deployed at access and distribution layers in the network, as

This month Microsoft released patches for 86 vulnerabilities. While many of these vulnerabilities are important and should be patched as soon as possible, there is one critical vulnerability that McAfee Enterprise wants to immediately bring to your attention due to the simplicity of what is required to exploit, and evidence that possible exploitation is already

Welcome back to our executive blog series, where I chat with some of the pivotal players behind McAfee Enterprise and the Advanced Threat Research Team to hear their takes on today’s security trends, challenges, and opportunities for companies across the globe. Q: What got you interested in technology and threat research? As a little kid, I was

For this week’s executive spotlight, I’m highlighting Kathleen Curry, senior vice president, Global Enterprise Channels at McAfee Enterprise. Curry was named one of CRN’s 2021 Channel Chiefs. Joining the company in April 2020, she was acknowledged for her contributions expanding our partner program initiatives to reward partners for servicing customers in line with their modern needs

Sadly, online job scams targeting older adults have been an issue for years. However, in a pandemic job market, cybercriminals are working overtime to devise schemes that exploit job seekers’ need for financial security.   According to the Better Business Bureau, Americans lost more than $62 million in employment scams in 2020. In addition, with federal unemployment benefits ending this month, that number is expected to rise as more

Why am I here? There’s a lot of information out there on critical vulnerabilities; this short bug report contains an overview of what we believe to be the most news and noteworthy vulnerabilities. We don’t rely on a single scoring system like CVSS to determine what you need to know about; this is all about

The COVID-19 pandemic flipped the world on its head in so many ways. Offices and schools stood empty while living rooms were transformed into classrooms and workspaces. Misinformation ran rampant and made people unsure of what to believe. Cybercriminals took advantage of the confusion and new way of daily life, giving rise to many COVID-19

A special thanks to our Professional Services’ IR team, ShadowServer, for historical context on C2 domains, and Thomas Roccia/Leandro Velasco for malware analysis support. Executive Summary Following a recent Incident Response, McAfee Enterprise‘s Advanced Threat Research (ATR) team worked with its Professional Services IR team to support a case that initially started as a malware

Authored by Fernando Ruiz McAfee Mobile Malware Research Team has identified malware targeting Mexico. It poses as a security banking tool or as a bank application designed to report an out-of-service ATM. In both instances, the malware relies on the sense of urgency created by tools designed to prevent fraud to encourage targets to use them. This malware can steal authentication factors crucial to accessing

Some scams can make a telltale sound—rinnng, rinnng! Yup, the dreaded robocall. Not only are they annoying, but they can also hit you in the pocketbook.   In the U.S., unwanted calls rank as the top consumer complaint reported to the Federal Communications Commission (FCC), partly because scammers have made good use of spoofing technologies that serve up phony caller ID numbers. As a result, that innocent-looking

Attackers have made it known that Microsoft is clearly in their cross hairs when it comes to potential targets. Just last month the US Justice Department disclosed that Solorigate continues to comprise security when they confirmed over 80% of Microsoft email accounts were breached across four different federal prosecutors offices. In August Microsoft released another

Cybercriminals like to get in on a good thing. Case in point, mobile apps. We love using apps and they love making bogus ones—malicious apps designed to harm phones and possibly the person using them.   It’s no wonder that they target smartphones. They’re loaded with personal info and photos, in addition to credentials for banking and payment apps, all of which are valuable to loot or hold for ransom. Add in other powerful smartphone features like cameras, microphones, and GPS, and a compromised phone may allow a hacker to:  Snoop on your

According to research from the FBI and FTC, cybercrimes against older adults cost more than $650 million in losses each year. Why? Unlike millennials and Generation Z, your grandparents weren’t born with a smartphone in their hands. On top of that, older adults tend to have more significant financial funds like retirement accounts, making them an ideal target for cybercriminals.   With Grandparent’s Day

Co-authored with Intel471 and McAfee Enterprise Advanced Threat Research (ATR) would also like to thank Coveware for its contribution. Executive Summary McAfee Enterprise ATR believes, with high confidence, that the Groove gang is associated with the Babuk gang, either as a former affiliate or subgroup. These cybercriminals are happy to put aside previous Ransomware-as-a-Service hierarchies

Security professionals and technologists old enough to remember renting movies at Blockbuster on Friday nights likely also remember a time when the internet was a new phenomenon full of wonder and promise.  These same individuals probably view it through a more skeptical lens seeing it now as a cesspool of malware and great risk.  It’s

Authored by ChanUng Pak   McAfee’s Mobile Research team recently found a new Android malware, Elibomi, targeting taxpayers in India. The malware steals sensitive financial and private information via phishing by pretending to be a tax-filing application. We have identified two main campaigns that used different fake app themes to lure in taxpayers. The first campaign from November 2020 pretended to be a fake IT certificate application while the second campaign, first seen in May 2021, used the fake tax-filing theme. With this discovery,

You open your laptop and see an email from a healthcare organization that you don’t recognize. The subject line reads “URGENT – PROOF OF VACCINATION NEEDED.” Impulsively, you open the email and click on the link. You’re redirected to a website that asks you to enter your name, date of birth, Social Security Number, and a photo of

Welcome back to our executive blog series, where we’re sitting down with some of the pivotal players behind McAfee Enterprise to hear their takes on today’s security trends, challenges, and opportunities for enterprises across the globe. Q: Do you have a role model? If so, who is it? Well, there are work and there are

As you know, McAfee Enterprise’s MVISION Unified Cloud Edge (UCE) was the was the first of all the SASE vendors to implement the MITRE ATT&CK Framework for Cloud last year. An important aspect of Gartner’s SASE Framework (link) is the ability for effective Threat Protection and Resolution in the Cloud. MVISION UCE takes this to

Now more than ever, it’s critical to be mission-ready for the next cyber threat. Our digital-first, post-pandemic world is shifting back to a new normal. But the threats are still here. Mission-Ready And according to many reports, the threats have – and are continuing to – increase. McAfee Enterprise’s Advanced Threat Research recently published a

More senior adults are taking advantage of the array of wearable technology that helps them stay connected to healthcare providers and monitor their physical health and safety. But that newfound convivence comes with risk and, for many, the genuine fear of falling prey to an online hacker.   Protection + Peace of Mind  Wearable technology brings seniors both power and peace of mind. Many elderly consumers rely on wearable technology to monitor critical blood glucose levels, heart

“My phone’s been hacked!” Words you probably don’t want to hear or say. Ever.  Your phone gets to be like an old friend after a while. You have things laid out the way you like, your favorite apps are at the ready, and you have the perfect home screen and wallpaper all loaded up. So,

Have you ever come across a website that just didn’t look quite right? Perhaps the company logo looked slightly misshapen, or the font seemed off-brand. Odds are, you landed on a phony version of a legitimate corporation’s website—a tried and true tactic relied on by many cybercriminals.   Fake Login Pages Explained   A fake login page is essentially a knock-off of

Cyberattacks on medical centers are one of the most despicable forms of cyber threat there is. For instance, on October 28th, 2020, a cyberattack at the University of Vermont Medical Center in Burlington VT led to 75% of the scheduled chemotherapy patients being turned away. Many of us have friends and loved ones who have

Overview As part of our continued goal to provide safer products for enterprises and consumers, we at McAfee Advanced Threat Research (ATR) recently investigated the B. Braun Infusomat Space Large Volume Pump along with the B. Braun SpaceStation, which are designed for use in both adult and pediatric medical facilities. This research was done with

Now that we’ve officially kicked off our journey as McAfee Enterprise, a pure-play enterprise cybersecurity company under the new ownership of Symphony Technology Group (STG), we’re celebrating a lot of new firsts and changes. But one thing remains the same: our passion and commitment to make the world a safer, more secure place. And that

Surprise! Just because you’re a Millennial or Gen Zer doesn’t mean you’re savvier when it comes to technology. Especially when it comes to cybersecurity.   Turns out, Millennials aren’t quite as tight with their security as the older generations are. That’s according to one study about working from home that focused on younger adults and their older cohorts. It’s perhaps no surprise that nearly half of them said that

Mobile phones have gone through an incredible transformation since their inception in the 1970s. Now, the sheer number of applications is dizzying, as are their privacy policies; however, smartphone apps can bring hours of fun and belly laughs, and occasionally, a viral app captures the world’s attention. Don’t let potential risks to your personal information safety ruin all smartphone apps for you. All you need to share and play safely is a

T-Mobile, the popular US mobile phone service provider, recently confirmed a data breach affecting 7.8 million current customers and 40 million records from past or prospective customers. The stolen data included customer names, dates of birth, social security numbers, and driver’s license information. Fortunately, subscriber credit card information and other financial details were not affected in the breach.   Even though financial data was spared in the breach, the types of information stolen,