Tag Archive for McAfee

| August 4, 2015
Comments Off on You Can Stop Cyber Attacks

You Can Stop Cyber Attacks

You Can Stop Cyber AttacksSeems like every week another major cyber attack is reported. Cyber attacks expose the personal details of millions of users worldwide. Companies are spending over $70 billion to fight off cyber attacks. But even with the best systems in place, hackers can still easily breach the company’s defenses if staff aren’t also being security conscious.

TIntel Security Group (aka McAfee)he Business Insider spoke with Christopher Young, general manager of Intel‘s (INTC) Security Group (aka McAfee) about cybersecurity. He told BI that employees can prevent data theft. The Intel GM says there are two things that every employee should be doing to help keep their company safe from cybercriminals.

Think before you click. That is the number one thing that every average employee in an organization can do,” Intel’s Young said.  He cites a recent Intel survey of security professionals (PDF), which found that humans are still the weakest link when it comes to an organization’s security. According to the report, successful attacks against companies most often stem from three things:

  1. humans are still the weakest linkUser errors caused by lack of awareness,
  2. Unofficial use of online services, and
  3. Using social media sites at work.

Basically, employees are clicking links they shouldn’t be, which can give attackers a way in. One way attackers get in is through the inbox. Mr. Young told BI

Emails are the number one way that attackers are getting in … They [cyber criminals] are crafting emails and attaching malicious files to those emails and their entry points into these organizations is often through tricking the average user or click on an email attachment and launch a malicious file.

employees need to be vigilant and ask questionsI recently wrote how attackers have honed their spear-phishing skills, making dangerous emails less obvious. BI says employees need to be vigilant and ask questions about all the email they receive that raises even the slightest suspicion. Intel’s Young warns staff to question every email.

You should ask why am I getting the email? Why is there a file attached to it? Why am I being asked to click on it? And you should ask all of this before clicking.

The second big thing which Business Insider recommends that employees should do to help keep their company safe is to report any suspicious emails or attachments. And if someone does click on a link or download a file that raises eyebrows, report it as soon as possible so that the company’s security team can investigate quickly. Mr. Young explains that an early alert can help contain an attack. “So if the average employee smells something they should report it.”

rb-

report any suspicious emails or attachmentsThe IT industry needs to develop a mascot like Smokey the Bear who reminds everybody that “Only You Can Prevent Forest Fires.”

Maybe we could put Clippy back to work to pop a little reminder every time you click on an email to open it.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , ,
| May 26, 2015
Comments Off on Mobile Malware FUD?

Mobile Malware FUD?

Mobile Malware FUD?Just last week, I wondered out loud from my Bach Seat if all the hype around mobile malware was real or just more FUD. Looks like I am not alone, TechCo recently asked a similar question, “Are We Overstating the Threats from Mobile Devices?

mobile threatsThe author cites several recent reports that back up the claim that the actual mobile threats that mobile devices introduce into the enterprise are overstated. The data indicates that the mobile malware threat is statistically small and has even decreased since 2012.

• A McAfee report shows out of all the malware now out there, only 1.9% of it is mobile malware. The author equates the mobile threat to 4 million / 195 million McAfee knows about.
• Another report (PDF) from Verizon (VZ) shows even lower numbers, with only 0.03 percent of smartphones being infected with what is called “higher grade malicious code.”
hit by lighting• But some numbers go even lower than that. Damballa, a mobile security vendor that monitors roughly half of mobile data traffic, recently released a report that claims you have a better chance of getting hit by lightning than by mobile malware. Dramballa found only 9,688 smartphones out of more than 150 million showed signs of malware infection. If you do the math, that comes out to an infection rate of 0.0064 percent.

Even more interesting is that despite the increase in mobile devices, Damballa found the infection rate had declined by half compared to 2012.

Walled gardenThese reports may show mobile threats aren’t as big of a problem as previously thought, but the author asks, why the numbers are so low at all. After all, cybercriminals like to target new platforms and exploit security weaknesses. Why do they seem to be avoiding mobile devices?

The truth of the matter is that mobile users tend to get their apps from high-quality app stores. The stores from Google (GOOG) and Apple (AAPL) work to filter out suspicious apps. If malware is found in apps after they’ve already been on the market for a while, app stores can also execute a kill switch, which takes the app off the store and the devices where they were downloaded. This limits malware’s ability to spread.

remotely wipe devicesThe article concludes that companies that adopt BYOD should just ignore BYOD security; they just don’t have to go all-out as many businesses have done. Most mobile security experts say a mobile device management system remains a good investment to make sure mobile devices are handled appropriately. MDM systems also allow an organization to remotely wipe devices, thus keeping sensitive data safe in the event a device is lost or stolen. But malware really isn’t a factor in those cases, so the overall message from these recent reports is that getting worked up over mobile threats is not necessary. A company can still gain all the benefits of BYOD without having to worry incessantly over what they’re doing to protect every device that connects to their network.

rb-

What do you think?

Is mobile malware over-hyped FUD?

View Results

Loading ... Loading ...

 

Related articles
  • Your BYOD implementation checklist (powermore.dell.com)

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , , , , , , , , ,
| October 28, 2014
Comments Off on Risky Celebrities

Risky Celebrities

Risky CelebritiesComputer security firm McAfee says talk show host Jimmy Kimmel is the most dangerous celebrity to search for online. The company says that a search for ABC’s Kimmel carries nearly a 1 in 5 chance of landing on a website that has tested positive for spyware, viruses, or malware. Cybercriminals can use celebrities as bait to install malicious software and steal passwords or other personal data.

Risky celebrities

RankCelebrityRisk %
1
Jimmy Kimmel 19.38%
2 Armin van Buuren19.33%
3 Ciara
19.31%
4 Flo Rida
18.89%
5 Bruce Springsteen
18.82%
6 Blake Shelton18.47%
7
Britney Spears 18.19%
8Jon Bon Jovi
17.64%
9
Chelsea Handler17.22%
10 Christina Aguilera16.67%

In addition to Jimmy Kimmel (No. 1) and Chelsea Handler (No. 9), a number of funny people made McAfee’s top fifty risky celebrities list. Other notable comedians in the riskiest top 50 include Jimmy Fallon (No. 12), Adam Sandler (No. 14), Jason Segel (No. 19), Wee Man (No. 35), and Cameron Diaz (No. 41).

Risky musicians

The music industry is also well represented in the McAfee top 10 riskiest with  Armin van Buuren (No.2), Ciara (No. 3), Flo Rida (No. 4), Bruce Springsteen (5), Blake Shelton (No.6), Jon Bon Jovi (No.8).

Bruce Springsteen one of 2016s most dangerous celeb onlineOther musicians in McAfee’s riskiest 50 are 50 Cent (No. 13), Cheryl Cole (No. 16) Calvin Harris (No. 17) and Iggy Azalea (No. 20). Additional superstars heating up the McAfee top 50 are Jason Derulo (No. 24), Jay Z (No. 26), Chris Brown (No. 28), Paul McCartney (No.29), Jennifer Lopez (No. 31), Pitbull (No. 34), Jessie J (No.44), Rihanna (No.45), Justin Timberlake (No.46), Carrie Underwood (No.47), and Pharrell Williams (No. 49).

rb-

I have covered these tidbits for a while and one sign of hope for humanity is that last year, searching for downloads of Kanye West, Kourtney Kardashian, Kim Kardashian, Khloe Kardashian, and Kris Jenner were popular among Americans. This year, the Kardashian clan is nowhere to be found.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , ,
| October 14, 2014
Comments Off on 25 Years of the Firewall

25 Years of the Firewall

25 Years of the FirewallThe firewall has turned 25 years old this year. In commemoration, McAfee created a timeline of the events that shaped the development of the device most of us rely on the protect ourselves from each other. The infographic shows how the firewall’s evolution coincided with high-profile security events:

These security breaches triggered security developers to react with more advanced firewall technology:

  • 1998: Evasions researched
  • 2009: Native clustering for high availability and performance introduced
  • 2012: Software enabled security introduced, making blade technology obsolete.

The first generation firewalls were called Packet Filters. Packet Filter firewalls look at network addresses and ports of the packet and determine if that packet should be allowed or blocked based on rules programmed by humans. If a packet does not match the packet filter’s ruleset, the packet filter will drop or reject the packet, breaking the connection.

The second generation firewalls do stateful packet inspection. According to Wikipedia, second generation firewalls record all connections passing through it and determines whether a packet is the start of a new connection, a part of an existing connection, or not part of any connection. Though static rules are still used, these rules can now contain a connection state as one of their test criteria.

Third-generation firewalls use application layer filtering which can “understand” certain applications and protocols (such as File Transfer Protocol (FTP), Domain Name System (DNS), or Hypertext Transfer Protocol (HTTP)). This is useful as it is able to detect if an unwanted protocol is attempting to bypass the firewall on an allowed port or detect if a protocol is being abused in any harmful way.

Next Generation FirewallPat Calhoun, SVP at McAfee, explained in a Help Net Info article that it was not until 2009 when the fourth generation firewall we know and love began to evolve. In 2009 Gartner published its definition and a paper on “Defining the Next-Generation Firewall. (PDF)” According to its definition, NGFWs are:

…deep-packet inspection firewalls that move beyond port/protocol inspection and blocking to add application-level inspection, intrusion prevention, and bringing intelligence from outside the firewall.

In its paper, the Gartner authors explain that “Firewalls need to evolve to be more proactive in blocking new threats, such as botnets and targeted attacks.” Mcafee’s Calhoun points out that NGFW discussions started in 2003 but the technology really didn’t get on the right track until Gartner defined it in 2009.

 

Intel 25th Anniversary of the Firewall infographic

rb-

Future NGFW development efforts need to integrate application control, IPS, and evasion prevention into a single, purpose-built box with enterprise-scale availability and manageability solution.

Back in the day, 2000, I managed a Checkpoint firewall IPSO ver 3.0 on a Nokia appliance (IP300?). The thing was the network had been up and running for 3 years and included over 3,000 devices before the Checkpoint was put in. Can’t get away with that now,  a naked PC on the Innertubes will be compromised within minutes to hours, according to those who know that kind of stuff. 

The most vivid recollection of setting the thing up was just randomly mashing on the keys to create the first key. Other network guys were amazed because apparently, this was the first firewall many had seen with a GUI to configure the rules.

I also remember learning the hard way that Deny All goes at the bottom of the list, not the top. 

Related articles
  • Enterprise Firewall Market: Global Forecast to 2019 by Professional Services (mynewsdesk.com)

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , ,
| October 2, 2014
Comments Off on Superman Most Dangerous on Web

Superman Most Dangerous on Web

Superman Most Dangerous on WebSuperheroes are supposed to be our friends but sometimes a plot twist allows their arch-enemies to trick our heroes turn against us. This is also true on the intertubes. Attackers are using our superheroes to infect computers to scam people into visiting compromised sites and downloading dangerous software according to Santa Clara, California-based McAfee.

The security company scoured the web and identified the most dangerous superheroes online. The report, “Most Toxic Superhero 2014” estimates how likely the average user is to come across malware by searching for the name of any given superhero.

McAfee lined up 11 likely suspects. They gathered viable threat evidence from popular search engines like Google (GOOG), Yahoo (YHOO), and Microsoft (MSFT) Bing for spyware, adware, spam, phishing, viruses, and other malware. The company also searched each superhero’s name in conjunction with common phrases like “free torrent download” and “free app,” as seeding fake torrents is a common way for attackers to infect computers.

The most dangerous superheroes online by percent of his search traffic leading to unsafe sites are:

  1. Superman 16.5%
  2. Thor 16.35%
  3. Wonder Woman 15.7% (tied)
  4. Aquaman 15.7% (tied)
  5. X-Man Wolverine 15.1%
  6. Batman 14.2%
  7. Black Widow 13.85%
  8. Captain America  13.5%
  9. Green Lantern 11.25%
  10. Ghost Rider 10.83%

McAfee tells citizen do-gooders to protect themselves by:

  • Beware of clicking on third-party links. You should access content directly from the official websites of content providers.
  • Ensure you use web protection that will let you know of risky sites or links before you visit them. Stick to official news sites for breaking news.
  • Don’t download videos from suspect sites. This should be common sense, but it bears repeating: don’t download anything from a website you don’t trust — especially video. Most news clips you’d want to see can easily be found on official video sites and don’t require you to download anything.
  • “Free downloads” are by far the highest virus-prone search term. Anyone searching for videos or files to download should be careful not to unleash unsafe content such as malware onto their computers.
  • Always use password protection on your phone and other mobile devices. If you don’t and your phone is lost or stolen, anyone who picks up the device could have access to your personal information online.
  • Don’t “log in” or provide other information: If anything asks for your information—credit card, email, home address, Facebook login, or other information—to grant access to an exclusive story, don’t give it out. Such requests are a common tactic for phishing that could lead to identity theft.
  • Search online using an Internet security program in the background. These tools protect users from malicious websites and browser exploits. A complimentary version of McAfee’s SiteAdvisor software can be downloaded at www.siteadvisor.com

rb-

Whether you live in Metropolis or Gotham, do-gooders need not work very hard to avoid these scams. Avoid dark alleys where superhero websites tend to have the same flaws as any other unsafe page. Keep an eye out for typos and files that look suspicious. Run an Internet security program in the background (your antivirus or anti-malware program probably has one built-in). Lastly, check what other commenters say before downloading a torrent.

Related articles
  • Mobile malware: Past and current rends, prevention strategies (cloudentr.com)

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , ,
« Older Entries   Recent Entries »