Tag Archive for Anti-Virus

| November 12, 2021
Comments Off on McAfee Can’t Stay Out of the News

McAfee Can’t Stay Out of the News

McAfee Cant Stay Out of the NewsLess than 6 months after John McAfee was found dead in his Spanish jail cell, the anti malware company that still bears his name is back in the news. The anti-malware and internet security firm, McAfee announced Monday (11/08/2021) that it had reached an agreement to be bought. The McAfee has been bought by a global investor group in a deal worth more than $14 billion.

McAfee logoMcAfee will move forward as a privately held company. The new firm will be a pure consumer cybersecurity play. McAfee has 20 million subscribers for its security services globally.

McAfee investors

The global investor group is made up of Advent International Corp., Permira Advisors, Crosspoint Capital Partners, Canada Pension Plan Investment Board, GIC Private Limited and a wholly owned subsidiary of the Abu Dhabi Investment Authority.

A billion dollar here and a billion thereMcAfee sold it’s Enterprise business in July, 2021 for $4.50 a share to Symphony Technology Group. The sale equaled $4 billion.

The move takes the publicly-traded company private again after the initial public offering of McAfee by Intel and TPG last year.

rb-

Confused? I don’t. blame you. The firm has a history of changing.

  • 1987 to 1997 – The company was founded as and known as McAfee Associates, Inc.
  • 1997 to 2004 – Network Associates Inc.
  • 2004 to 2014 –  Renamed back to McAfee Associates, Inc.
  • 2014 to 2017 –  The company was part of the Intel Security Group.
  • 2017 to 2020  – The firm was spun out of Intel and renamed McAfee.
  • I don't. blame you2020 – McAfee goes public again with a $740 million IPO on Nasdaq under ticker symbol MCFE. This marked its return to the public market after 9 years.
  • 2021 – McAfee sold it’s Enterprise business to Symphony Technology Group for $4 billion.
  • 2021 – McAfee sold it’s consumer business to an investor group in a deal worth more than $14 billion.

 

Stay safe out there!

 

Related article

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , ,
| March 9, 2021
Comments Off on McAfee Selling its Enterprise Security Business

McAfee Selling its Enterprise Security Business

McAfee Selling its Enterprise Security BusinessMcAfee is back in the news again. The often sold antivirus vendor is selling its enterprise security business. McAfee and private equity firm Symphony Technology Group (STG) announced on 03/08/2021 that the PE is buying McAfee’s enterprise security business for $4.0 billion in an all-cash deal. The deal is expected to close before 2022. McAfee is keeping its consumer security software business.

Selling its enterprise security business

$4.0 billion in an all-cash dealThe McAfee website touts that the enterprise business serves 86% of the Fortune 100 firms, and generated $1.3 billion in net revenue in the fiscal year 2020. Despite these numbers, it is clear why McAfee is selling its enterprise security business. For FY2020 the company reported $2.9 billion in total revenue, up 10% YoY. Techcrunch says the overall revenue broke down to $1.6 billion from the consumer side. The enterprise side brought in $1.3 billion in net revenue, an increase of just 1%.

Increased competition

One of the reasons McAfee is selling its enterprise security business is increased competition. McAfee’s enterprise business has struggled in recent years against fast-growing endpoint detection and response (EDR) software companies — such as CrowdStrike and SentinelOne. CrowdStrike’s revenue was up 86% YoY in 21Q3. SentinelOne is preparing an IPO that could achieve a $10 billion valuation. Also, major technology companies such as Cisco Systems, Microsoft, and VMware’s  Carbon Black have pushed deeper into McAfee’s market space.

We have seen this before

We have seen this beforeAfter the sale of the enterprise security business, it will re-branded. Once the deal closes, the McAfee consumer business will be known as McAfee. The STG-McAfee deal is similar to Symantec’s breakup. As I wrote about in 2019, Broadcom acquired Symantec’s enterprise security business for $10.7 billion. Symantec’s consumer business, now known as NortonLifeLock, remains publicly traded.

Legacy Synergy 

SynergySTG’s purchase of McAfee’s enterprise security business should pair well with another STG enterprise-focused security holding. The PE firm purchased RSA from Dell last February for $2 billion. STG did not point directly to the RSA acquisition, the two investments create a large combined legacy security business for the firm. Both firms have strong brand recognition but have lost some of their edge to more modern competitors in the marketplace.

Stay safe out there !

Related article

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , ,
| November 16, 2019
Comments Off on Why Don’t Users Protect Themselves

Why Don’t Users Protect Themselves

Why Don't Users Protect ThemselvesA new report (PDF) from recently swallowed and swallowed again Webroot, says that American technology users overestimate their levels of cyber hygiene. Cyber hygiene is a cybersecurity risk mitigation technique introduced by Vinton Cerf in 2000 where you train yourself to think proactively about your cybersecurity. The goal is to resist cyber threats and online security issues to protect and maintain IT systems and devices and implement cybersecurity best practices, just as you do with your daily personal hygiene.

Webroot logoThe report says U.S. users do not know how to protect themselves from cyber threats. Americans are overconfident in the perceived protection they have. The endpoint security and threat intelligence provider found that 88% of interviewed Americans believe they are taking the appropriate steps to protect themselves from cyber-attacks.

Their confidence is misplaced. Instead, Americans have only a surface-level understanding of the most common types of cyber threats according to Webroot. We can recognize some of the names of the most common cyber-attacks such as malware (79%) or phishing (70%), but for most, that’s where their knowledge ends. Very few (less than 1 in 3) actually know what these common cyber-attacks are or what they do.

While Americans claim to have heard of some of the most common cyber-attack terms when prompted, very few actually understand what those cyber-attacks are. When asked about critical cyber-hygiene issues like malware, backups passwords, and identity theft surveyed Americans reported:

20% update their AV software regularlyMalware – 79% have heard of malware, but only 28% can confidently explain what it is. 82% are using some sort of AV software on their personal devices. 62% of those who use AV software use a free product. Only 20% update their AV software each time they are prompted.

Backups – are another weakness. 78% of respondents report backing up their data. However, 57% are still leaving themselves susceptible to risk by only backing up using one method, rather than backing up online (cloud) and offline.

  • 22% rarely or never backup their data.34% Automatically backup to the cloud
  • 27% Backup to an external hard drive
  • 24% Backup to a USB stick
  • 22$ backup locally on My Computer
  • 17% backup manually to the cloud
  • 22% rarely or never back up their data.

Among those who are backing up their information by uploading it to the cloud, only 43% are taking the extra step in ensuring that it’s stored in an encrypted format.

33% of Americans admit to sharing their passwordsPasswords – Followers of Bach Seat know that passwords suck and the Webroot report confirms it. 33% of Americans admit to sharing their passwords with others. To make matters worse, 63% are reusing passwords across multiple accounts. The research found that Americans have on average 9 passwords for 17 accounts.

Mobile – While on the go, 67% of Americans use public Wi-Fi, but only 35% take the extra step to protect themselves by using a VPN. Additionally, 34% use a work device as their primary personal device at home.

Identity theft 74% of Americans believe their identity stolen has never been stolen.

According to the Webroot whitepaper, the 5 most cyber risky U.S. states are:

  1. Mississippi most cyber risky stateMississippi
  2. Louisiana
  3. California
  4. Alaska
  5. Connecticut

The 5 least risky U.S. states are

  1. New Hampshire least cyber risky stateNew Hampshire
  2. North Dakota
  3. Ohio
  4. Idaho
  5. Kentucky

rb-

According to the research conducted by Wakefield for Webroot, Michigan ranked 31 among the 50 states. Overall, the average home user scored a 60% for cyber-hygiene. The researchers also found that those who they classified as “Superstars” tended to be:

  • A Boomer
  • Married or in a relationship
  • Suburbanite
  • Not a parent.

Related article

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , ,
| July 28, 2015
Comments Off on Snoops Offer Security Tips

Snoops Offer Security Tips

Snoops Offer Security TipsIn one of the more ironic, notice I did not say tragic, turns in the post-Snowden era, the National Security Agency (NSA) has published a report with advice for companies on how to deal with malware attacks. FierceITSecurity says the report (PDF) boils down to “prevent, detect and contain.” To be more specific, the report recommends that IT security pros:

  • Segregate networksSegregate networks so that an attacker who breaches one section is blocked from accessing more sensitive areas of the network;
  • Protect and restrict administrative privileges, in particular high-level administrator accounts, so that the attacker cannot get control over the entire network;
  • Deploy, configure, and monitor application whitelisting to prevent malware from executing;
  • Restrict workstation-to-workstation communication to reduce the attack surface for attackers;
  • Deploy strong network boundary defenses such as perimeter and application firewalls, forward proxies, sandboxing and dynamic analysis filters (PDF) to catch the malware before it breaches the network;
  • Network monitringMaintain and monitor centralized host and network logging product after ensuring that all devices are logging enabled and their logs are collected to detect malicious activity and contain it as soon as possible;
  • Implement pass-the-hash mitigation to cut credential theft and reuse;
  • Deploy Microsoft (MSFT) Enhanced Mitigation Experience Toolkit (EMET) or other anti-exploitation capability for devices running non-Windows operating systems;
  • Employ anti-virus file reputation services (PDF) to catch known malware sooner than normal anti-virus software;
  • Implement host intrusion prevent systems to detect and prevent attack behaviors; and
  • Update and patch software in a timely manner so known vulnerabilities cannot be exploited.

The author quotes from the report;

I Luv your PCOnce a malicious actor achieves privileged control of an organization’s network, the actor has the ability to steal or destroy all the data that is on the network … While there may be some tools that can, in limited circumstances, prevent the wholesale destruction of data at that point, the better defense for both industry and government networks is to proactively prevent the actor from gaining that much control over the organization’s network.

rb-

For those who have not been following along, the TLA’s have been attacking and manipulating anti-virus software from Kasperskey.

SpyingWe also now know suspect that the TLA’s have compromised at least one and probably two hardware vendors. The Business Insider recalls, way back in 2013, as part of the Edward Snowden NSA spying revelations.German publication Spiegel wrote an article alleging that the NSA had done a similar thing — put code on Juniper Networks (JNPR) security products to enable the NSA to spy on users of the equipment. 

Over at Fortinet (FTNT) they had their own backdoor management console access issue that appeared in its FortiOS firewalls, FortiSwitch, FortiAnalyzer and FortiCache devices. These devices shipped with a secret hardcoded SSH logins with a secret passphrase.

The article seems like advertising for the TLA’s hacking program.

Related articles

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow him at LinkedInFacebook and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , ,
| May 26, 2015
Comments Off on Mobile Malware FUD?

Mobile Malware FUD?

Mobile Malware FUD?Just last week, I wondered out loud from my Bach Seat if all the hype around mobile malware was real or just more FUD. Looks like I am not alone, TechCo recently asked a similar question, “Are We Overstating the Threats from Mobile Devices?

mobile threatsThe author cites several recent reports that back up the claim that the actual mobile threats that mobile devices introduce into the enterprise are overstated. The data indicates that the mobile malware threat is statistically small and has even decreased since 2012.

• A McAfee report shows out of all the malware now out there, only 1.9% of it is mobile malware. The author equates the mobile threat to 4 million / 195 million McAfee knows about.
• Another report (PDF) from Verizon (VZ) shows even lower numbers, with only 0.03 percent of smartphones being infected with what is called “higher grade malicious code.”
hit by lighting• But some numbers go even lower than that. Damballa, a mobile security vendor that monitors roughly half of mobile data traffic, recently released a report that claims you have a better chance of getting hit by lightning than by mobile malware. Dramballa found only 9,688 smartphones out of more than 150 million showed signs of malware infection. If you do the math, that comes out to an infection rate of 0.0064 percent.

Even more interesting is that despite the increase in mobile devices, Damballa found the infection rate had declined by half compared to 2012.

Walled gardenThese reports may show mobile threats aren’t as big of a problem as previously thought, but the author asks, why the numbers are so low at all. After all, cybercriminals like to target new platforms and exploit security weaknesses. Why do they seem to be avoiding mobile devices?

The truth of the matter is that mobile users tend to get their apps from high-quality app stores. The stores from Google (GOOG) and Apple (AAPL) work to filter out suspicious apps. If malware is found in apps after they’ve already been on the market for a while, app stores can also execute a kill switch, which takes the app off the store and the devices where they were downloaded. This limits malware’s ability to spread.

remotely wipe devicesThe article concludes that companies that adopt BYOD should just ignore BYOD security; they just don’t have to go all-out as many businesses have done. Most mobile security experts say a mobile device management system remains a good investment to make sure mobile devices are handled appropriately. MDM systems also allow an organization to remotely wipe devices, thus keeping sensitive data safe in the event a device is lost or stolen. But malware really isn’t a factor in those cases, so the overall message from these recent reports is that getting worked up over mobile threats is not necessary. A company can still gain all the benefits of BYOD without having to worry incessantly over what they’re doing to protect every device that connects to their network.

rb-

What do you think?

Is mobile malware over-hyped FUD?

View Results

Loading ... Loading ...

 

Related articles
  • Your BYOD implementation checklist (powermore.dell.com)

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , , , , , , , , ,
« Older Entries