Login
With the widespread adoption of hybrid work models across enterprises for promoting flexible work culture in a post pandemic world, ensuring critical services are highly available in the cloud is no longer an option, but a necessity. McAfee Enterprise’s MVISION Unified Cloud Edge (UCE) is designed to maximize performance, minimize latency, and deliver 99.999% SLA guaranteed resiliency, offering blazing fast connectivity to cloud applications from any location and causing no service degradation, even when the usage of cloud services spiked 600% during the COVID-19 pandemic, as reported in our Cloud Adoption and Risk Report (Work From Home Edition). This blog shares details on how MVISION UCE is architected to enable uninterrupted access to corporate resources to meet the demands of the hybrid workforce.
MVISION UCE, our data-centric, cloud-native Security Service Edge (SSE) security platform, derives its capabilities from McAfee Enterprise’s industry leading Secure Web Gateway and Enterprise Data Protection solutions. However, this is not a lift and shift of capabilities to the cloud, which would have made it prone to service outages and impossible to have the flexibility that is needed to meet the demands of SSE. Instead, the best of breed functionality was purposefully reconstructed for SSE, using a microservices architecture that can scale elastically, and built on a platform-neutral stack that can run on bare metal and public cloud, equally effectively. A hallmark of the architecture is that the cloud is a single global fabric where service instances are spread throughout the globe. Users automatically access the best instance of any service through policy configuration.
What other alternatives are out there? We have seen some cloud services replicated in each region of their presence. While this makes controlling resources and data simple, and keeps everything within a boundary, such an approach loses out on the flexibility needed to scale on demand and reduced latency on access. With UCE, each point of presence (POP) is part of the global fabric, yet at the same time, fully featured with all services housed within the POP. This avoids the need to send traffic back and forth between various services located at different locations, a phenomenon known as traffic hairpin.
By default, user traffic gets processed at the POP closest to their physical location, regardless of where the user may be. A user may work at their office in New York 90% of the time and travel to UK occasionally. When the user connects to MVISON UCE, they are connected to New York POP when they are at office, and the POP in London if they are in a UK hotel while traveling. This is a big advantage if you think about it. User’s traffic does not need to trombone from the hotel in UK, to the POP in New York and back to a server in London. MVISION UCE’s out-of-the-box traffic routing scheme favors low latency. This does not mean that the customer cannot override this policy and force the traffic to be processed at the New York POP. They might do so if there is a compliance need to process all traffic at a certain location. Many customers have a need to store logs in a certain geography even though traffic processing may occur anywhere on the globe. MVISION UCE architecture decouples log storage from traffic processing and lets the customer choose their log storage geography based on criteria that customers define.
One of the key considerations while choosing a SSE vendor would be how much latency the service adds to user’s requests. Significant latency can negatively affect user experience and could be a deterrent to product adoption. With 85 POPs strategically placed around the globe providing low latency access to customers, UCE POPs have direct peering with the biggest SaaS vendors like Microsoft, Google, Akamai, and Salesforce to further reduce latency. In addition, MVISION UCE POPs peer with many ISPs around the globe, enabling high bandwidth and low latency connectivity end to end, from the customer’s network to UCE and from UCE to the destination server.
With thousands of peering partners growing every day, over 70% of traffic served by MVISION UCE uses peering links in some geographies. The whitepaper, How Peering POPs Make Negative Latency Possible, shares details about a study conducted by McAfee Enterprise to measure the efficacy of these peering relationships. This paper is proof that UCE customers experience faster response times going through our POPs than they would usually get by going directly through their Internet Service Providers. UCE follows a living partnership model when it comes to peering, with thousands of peering relationships in production. We are committed to keeping the latency to a minimum.
You may be wondering what the secret sauce is for achieving a reliability of five 9s or higher in MVISION UCE. Several items play a crucial role in preventing unplanned service degradation.
At McAfee Enterprise, security is not an afterthought. From the start, the architecture was designed with zero trust in mind. Services are segmented from one another and follow the least privileged principle when resources need to be shared between services. Industry standard protocols and methodologies are used to enforce user and identity access management (UAM/IAM). Strong role-based access controls (RBAC) across the platform keep customer’s data separate and provide self-defense when a service is compromised. None of these features matter if the software is vulnerable. McAfee Enterprise follows one of the strictest Software Development Life Cycle (SDLC) processes in the industry to eliminate known vulnerabilities and threats in our software as it is written.
Another aspect of security that is gaining momentum these days is data privacy. This is at the forefront of all feature designs in MVISION UCE. Usually, data privacy means tokenization or anonymization of customer private data stored in MVISION UCE, be it logs or other metadata. At McAfee Enterprise, we strive to take this a step further. We do not want to retrieve private data from the customer environment if it can be avoided. For example, to evaluate a policy that involves customer premise data, UCE can offload the evaluation to a component on the customer premise. Case in point, McAfee Client Proxy (MCP) that is installed on user’s machine can perform a policy evaluation and avoid sending private data to the cloud. The McAfee Enterprise cloud leverages the results of the evaluation to complete the policy execution. Where this is not possible, private data is anonymized at the earliest entry point in the cloud to minimize data leaks.
Last but not the least, a chain is only as strong as its weakest link, and physical data center security must also be considered. Global partners are selected only after careful evaluation of their facilities and infrastructure that will host our data centers, while other vendors in this space are working with a larger set of less rigorously qualified regional partners to increase their presence. The McAfee Enterprise approach provides the necessary guard rails against supply chain attacks that our customers demand.
There are other architectural gems hidden within UCE and thus failing to mention them would make this article incomplete. First, the policy engine is exposed in the form of code with which the customer can construct complex policies without being constrained by what UI provides. If you are a user of MVISON UCE, you can see this in action by enabling “Code View” in the Web Policy tree. If you do not like the way policy nodes are ordered in the tree or the evaluations made by default, you can take complete control and process the traffic in any manner you wish. By the way, the policy is so flexible that one can write a policy to process traffic in one region and store logs in another region.
Second, policy evaluation can be distributed across various components which allows its evaluation at the earliest point in the network. This avoids hauling all traffic to the cloud to apply policy. For example, if a sensitive document needs to be blocked due to data protection rules, the DLP agent running on the user’s machine can block it instead of hauling the traffic to cloud for classification and blocking. This strategy reduces load on the cloud and consequently increases the scale at which we can process requests.
Lastly, all services are automated and require no manual intervention to provision a customer unlike other vendors that require a support ticket to provision some features. Independent of where your account has been provisioned and where your preferred UI console resides, polices that you author are stored in a global policy system that is synchronized to all POPs around the world, giving you the flexibility to process traffic anywhere in the world.
To conclude, all clouds are not built equally. Architecture of a cloud is a matter of choice and tradeoffs. MVISON UCE implements a global cloud and puts customers in the driver’s seat through programmatic policies, that are secure, scalable, and highly available.
To learn more about how MVISION UCE can help ensure your critical services are highly available in the cloud, watch this short video or visit our MVISION UCE page to get started.
The post Qualities of a Highly Available Cloud appeared first on McAfee Blog.
It would be impossible nowadays to separate our everyday lives from technology. We travel well-worn, comfortable paths online and engage in digital activities that work for us. But could those seemingly harmless habits be putting out the welcome to cyber criminals out to steal our data?
It’s a given that our “digital-first mindset” comes with inherent risks. With the work and learn from home shift looking more permanent and cybercrime on the rise, it’s imperative to adopt new mindsets and put new skills in motion. The first step with any change? Admitting your family may have a few bad habits to fix. Here are just a few to consider.
1. You share toooo much online. Too Much Information, yes, TMI. Oversharing personal information online is easy access for bad actors online. Those out to do harm online have made it their life’s work to piece together your personal details so they can steal your identity—or worse. Safe Family Tips: Encourage your family not to post private information such as their full name, family member names, city, address, school name, extracurricular activities, and pet names. Also, get in the habit of a) setting social media profiles to private, b) regularly scrubbing personal information on social profiles—this includes profile info, comments, and even captions that reveal too much c) regularly editing your friends lists to people you know and trust.
2. You’ve gotten lazy about passwords. It’s tough to keep up with everything these days. We get it. However, passwords are essential. They protect your digital life—much like locks on doors protect your physical life. Safe Family Tips: Layer up your protection. Use multi-factor authentication to safeguard user authenticity and add a layer of security to protect personal data and all family devices. Consider adding comprehensive software that includes a password manager as well as virus and malware protection. This level of protection can add both power and peace of mind to your family’s online security strategy.
3. You casually use public Wi-Fi. It’s easy to do. If you are working away from home or on a family trip, you may need to purchase something, meet a deadline, or send sensitive documents quickly. Public Wi-Fi is easy and fast, but it’s also loaded with security gaps that cybercriminals camp out on. Safe Family Tip: If you must conduct transactions on a public Wi-Fi connection, consider McAfee Total Protection. It includes antivirus and safe browsing software, plus a secure VPN.
4. You have too many unvetted apps. We love apps, but can we trust them? Unfortunately, when it comes to security and privacy, apps are notoriously risky and getting tougher to trust as app technology evolves. So, what can you do? Safe Family Tips: A few things you can do include a) Double-checking app permissions. Before granting access to an app, ask yourself: Does this app need what it’s asking me to share? Apps should not ask for access to your data, b) researching the app and checking its security level and if there have been breaches, c) reading user reviews, d) routinely deleting dormant and unused apps from your phone. This is important to do on your phone and your laptop, e) monitor your credit report for questionable activity that may be connected to a malicious app or any number of online scams.
5. You’ve gotten too comfortable online. If you think that a data breach, financial theft, or catfish scam can’t happen to you or your family, it’s a sign you may be too comfortable online. Growing strong digital habits is an ongoing discipline. If you started strong but have loosened your focus, it’s easy to get back to it. Safe Family Tips: Some of the most vulnerable areas to your privacy can be your kids’ social media. They may be oversharing, downloading malicious apps, and engaging with questionable people online that could pose a risk to your family. Consider regularly monitoring your child’s online activity (without hovering or spying). Physically pick up their devices to vet new apps and check they’ve maintained all privacy settings.
6. You lack a unified family security strategy. Consider it: If each family member owns three devices, your family has countless security gaps. Closing those gaps requires a unified plan. Safe Family Tips: a) Sit down and talk about baseline security practices every family member should follow, b) inventory your technology, including IoT devices, smartphones, game systems, tablets, and toys, c) make “keeping the bad guys out” fun for kids and a challenge for teens. Sit and change passwords together, review privacy settings, reduce friend lists. Come up with a reward system that tallies and recognizes each positive security step.
7. You ignore updates. Those updates you’re putting off? They may be annoying, but most of them are security-related, so it’s wise to install them as they come out. Safe Family Tip: Many people make it a habit to change their passwords every time they install a new update. We couldn’t agree more.
Technology continues to evolve and open extraordinary opportunities to families every day. However, it’s also opening equally extraordinary opportunities for bad actors banking on consumers’ casual security habits. Let’s stop them in their tracks. If you nodded to any of the above habits, you aren’t alone. Today is a new day, and putting better digital habits in motion begins right here, right now.
The post 7 Common Digital Behaviors that Put Your Family’s Privacy at Risk appeared first on McAfee Blog.
Becoming a cloud first company is an exciting and rewarding journey, but it’s also fraught with difficulties when it comes to securing an entire cloud estate. Many forwarding-thinking companies that have made massive investments in migrating their infrastructure to the cloud are facing challenges with respect to their cloud-native applications. These range from inconsistent security across cloud properties to lack of visibility into the public cloud infrastructure where cloud-native applications are hosted—and more. All of these issues can create vulnerabilities in a sprawling attack surface that can be potentially exploited by cybercriminals.
Legendary Entertainment is a global media company with multiple divisions including film, television, digital studios, and comics. Under the guidance of Dan Meacham, VP of Global Security and Corporate Operations and CSO/CISO, the multi-billion dollar organization transitioned from on-premises data centers to the cloud in 2012.
Meacham points out that it’s been a source of great pride for his security and IT teams to always be “on top of the latest and greatest” technology trends—and migration to the cloud is no exception. That’s why his interest was sparked when he learned about the rollout of the MVISION security product line early in the migration process. Its cloud-native, open architecture was exactly the right fit for Legendary Entertainment’s environment.
As a cloud-first organization, Legendary Entertainment encountered challenges that are common to many companies that have migrated their workloads, applications, and data assets to the cloud. At first, the organization attempted to rely on security services natively provided by the individual cloud service providers: Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), and Wasabi for cloud storage. As Meacham notes, “The security from one vendor doesn’t trickle over to the others. They all have different security controls, so our cloud security was not uniform, and security management was complicated.”
In their disparate multicloud environment spanning several cloud service providers, it became time-consuming and difficult to monitor and assess the security posture of applications and workloads, such as which systems needed patching or contained critical vulnerabilities.
With multiple management consoles required for its many cloud environments, applying and enforcing uniform security policy across their cloud estate was nearly impossible without investing a lot of time, effort, and resources.
Another problem in Legendary Entertainment’s early adoption of cloud-first was shadow IT, where employees or contractors enrolled in cloud collaboration platforms that were not authorized by IT. Although the shadow IT platforms were not connected to core systems, they made it more difficult to tightly monitor data which sometimes caused cloud-enabled applications to violate security policies. It is understandable that teams with a cloud-first mindset would embrace innovation and new collaborative experiences to accomplish goals faster. However, some of the shadow IT application has weak or no security controls – resulting the opportunities for external collaborator accounts to be compromised or have mis-managed privileges.
With high-profile data breaches in the entertainment industry in recent headlines, Legendary Entertainment was concerned about its level of risk and exposure, especially since it has valuable intellectual property such as scripts and marketing strategy plans for film releases among its holdings. The requirement for stronger security has been a boardroom-level conversation at digital media companies since the Sony Pictures hack and other vendor supply chain and workflow hacks. Attacks now extend beyond data leaks and can have far reaching business disruptions across an entire supply chain.
By deploying MVISION Cloud Native Application Protection Platform (MVISION CNAPP), Legendary Entertainment addressed all of these challenges at once. This unique solution prioritizes alerts and defends against the latest cloud threats and vulnerabilities. MVISION CNAPP combines granular application and data context with cloud security posture management and cloud workload protection in a single-console solution.
MVISION CNAPP provides Legendary Entertainment with broad and deep visibility across its entire infrastructure. It discovers all their cloud assets, including compute resources, containers, and storage and provides continuous visibility into vulnerabilities and security posture for applications and workloads running across multiple clouds.
Thanks to MVISION CNAPP, Meacham’s team can write, apply, and enforce security policies in a consistent fashion for the entire cloud estate. As Meacham points out, policy is continually checked so his team can correct any misconfigurations, disable services, or remove escalated privileges until corrections are made in alignment with internal compliance rules. And in many cases, the remediation can be automated internally in MVISION CNAPP or through workflow initiations.
“MVISION CNAPP gives me manageability and security uniformity for all our cloud platforms so that I can elevate the level of security and make it consistent across the board. Now that I have visibility into all our cloud assets from a high level, I can look at how current controls and configurations compare to our best practices, industry best practices, and to the best practices of peers who are using the same product. Without MVISION CNAPP, management is one to one, whereas with MVISION CNAPP, it’s one to many,” explains Meacham.
The Cloud Security Posture Management (CSPM) component of MVISION CNAPP provides Legendary Entertainment with on-demand scanning, which looks at all services used in the public cloud and checks their security settings against internal benchmarks. “This gives us a security posture score and provides feedback on what we can do to bring ourselves back into compliance,” observes Meacham. “If someone changes a configuration, we get an alert right away. And if it’s not in alignment with policy, we can roll it back to the previous settings. MVISION CNAPP also helps us remediate policy exceptions by clearly stating the risks, instances impacted, and the necessary step by step actions needed for resolution.”
MVISION CNAPP also ensures that Legendary Entertainment’s developers operate in a secure environment by alerting the security team when their actions violate security policies or increase the risk of a data breach. This effectively puts a halt to Shadow IT.
“MVISION CNAPP helps me keep my system administrators and developers accountable for what they are doing. We can make sure that they are consistent in how they execute, deploy, and build things. Configuration policies, on-demand scans, and different types of checks in MVISION CNAPP can help force that compliance. I am able to keep tabs on my developers to make sure they are operating according to these guidelines in any platform,” remarks Meacham.
MVISION CNAPP reduces risk associated with operating in the cloud, enabling Legendary Entertainment to run mission-critical applications and develop blockbuster movies such as “The Dark Knight Rises” and “Dune” securely across a heterogenous multicloud environment. The solution also enables contextual entitlements so that users can be identified and assigned selective access to and permissions for applications and resources based on the security profile of the devices they are using at any given time.
Legendary Entertainment leverages MVISION CNAPP’s data loss prevention (DLP) capabilities to monitor activity in cloud data stores in order to help prevent data breaches. Unusual or suspicious activity or unauthorized movement of data transit is tracked and flagged immediately by leveraging built-in UEBA capabilities.
“If I see 2,000 files change in 30 seconds, that’s a huge red flag indicating ransomware or some other type of attack. The solution’s monitoring tool detects suspicious behavior and immediately brings that to our awareness. If we see something like that happening on multiple platforms, we know that immediate action is required. The UEBA capability is invaluable for identifying external collaborators who may have compromised accounts, which we find on a regular basis.”
If you are looking for a simple-to-manage, high-visibility solution to secure your multicloud environment against the latest threats and vulnerabilities such as ChaosDB, take a look at MVISION CNAPP. For more information, visit: https://www.mcafee.com/enterprise/en-us/solutions/mvision-cnapp.html.
The post Legendary Entertainment Relies on MVISION CNAPP Across Its Multicloud Environment appeared first on McAfee Blog.
The Robinhood trading platform recently disclosed a data breach that exposed the information of millions of its customers. News of the attack was released on Monday, November 8th along with word the hackers behind it had demanded an extortion payment from the company.
According to Robinhood’s disclosure, the attack occurred on November 3rd, which allowed an unauthorized party to obtain the following:
In addition, smaller groups of Robinhood customers had yet more information compromised. Around 310 people had their names, birth dates, and zip codes exposed in the breach. Another 10 customers had “more extensive account details revealed,” per Robinhood’s disclosure.
Robinhood went on to say, “We believe that no Social Security numbers, bank account numbers, or debit card numbers were exposed and that there has been no financial loss to any customers as a result of the incident.”
Robinhood further stated that the company contained the intrusion and that it promptly informed law enforcement of the extortion demand. Robinhood says that it is continuing to investigate the incident with the assistance of a security firm.
The company advised its customers to visit the Robinhood help center to receive the latest messages from the company, noting that they will never include a link to access an account in a security alert.
Any data breach that you and your information may have been involved in calls for a few quick security steps:
1. Log into your account and update your password with a new one that is strong and unique. Likewise, if you use the same or similar passwords across several accounts, change those as well. (A password manager that’s included with comprehensive online protection software can do that work for you.) Set up two-factor authentication if your account allows for it, as this will provide an extra layer of protection as well.
2. Review your statements for any strange activity—even the smallest of withdrawals or transactions could be the sign of a larger issue.
3. Report any suspected fraud to the company or institution involved. They typically have set policies and procedures in place to provide support.
If you believe that you’ve become a victim of identity theft, file a report with local law enforcement and the Federal Trade Commission (FTC). Law enforcement can provide you with a case number that you may need as part of the recovery process. Likewise, the FTC’s identity theft website provides excellent resources, including a recovery plan and a step-by-step walkthrough if you create an account with them.
For even more information, visit our blog that points out the signs of identity theft and the steps you can take should you find yourself victim.
Given that the breach apparently exposed some 5 million email addresses, there’s the risk that these may end up in the hands of bad actors who may use them for follow-on attacks.
Notable among them would be phishing attacks, where hackers could target Robinhood users with phony messages in an attempt to get affected users to reveal further account information. For example, hackers could potentially create bogus emails that appear to come from Robinhood and direct users to a malicious site that requests account information. As Robinhood stated, the company will never include a link to access an account in a security alert. Users should visit the Robinhood site directly for account information.
This breach could lead to other phishing attacks as well, ones that may or may not pose as communication from Robinhood. Some of these phishing attacks can be rather easy to spot, as they may include typos, poorly rendered logos, or spoofed web addresses. However, some sophisticated hackers can roll out rather polished phishing attacks that can closely resemble legitimate communications.
In all, people can avoid falling victim to phishing attacks by keeping the following in mind:
1. Only access your accounts directly from the official website of the company or financial institution involved. If you receive an email, message, or text alerting you of an issue, do not click any links provided in the communication. Go straight to the site yourself by typing in the proper address and view your account information there. Likewise, calling the customer support line posted on their official site is an option as well.
2. Use comprehensive online protection software that includes a spam filter. This can prevent phishing emails from reaching your inbox in the first place.
3. Get to know the signs of phishing emails. A common sign of a scam is an email, ad, message, or site that simply doesn’t look or read right. (Maybe the grammar is awkward or the logo is grainy or has the colors slightly wrong.) However, some of them can look quite convincing, yet there are still ways to spot an attempted phishing attack.
4. Beware of email attachments you aren’t expecting. This is always good form because hackers love to spike attachments with malware that’s designed to steal your personal information. Whether you get an unexpected attachment from a friend or business, follow up before opening it. That’s a quick way to find out if the attachment is legitimate or not.
For more info on phishing and how to steer clear of it, check out our blog on how to spot phishing attacks.
The unfortunate fact is that data breaches can and do happen. Many of the larger data breaches make the headlines, yet many more do not—such as the ones that hit small businesses, restaurants, and medical care providers. In the hands of hackers, the information spilled by these breaches can provide them with the building blocks to commit identity theft. As a result, keeping on top of your identity and personal information is a must.
The good news is that you have solid options to prevent them from harming you or at least greatly lessen their potential impact. With identity theft protection, even in the short-term, you can monitor emails addresses and usernames that are being used to breach other accounts. You can monitor dozens of different types of personal information and receive alerts to keep an eye out for misuse. Likewise, it can monitor your email addresses and bank accounts for signs of misuse or fraud, plus provide theft protection and support from a recovery specialist if identity theft, unfortunately, happens to you.
Along those same lines, news of a data breach offers all of us a moment to pause and take stock of just how protected we are. Above and beyond the steps covered above, comprehensive online protection can protect your devices from malware, phishing attacks, malicious websites, and other threats. More importantly, it protects you—your identity and privacy, particularly in times where breaches such as the one we’re talking about here occur with seeming regularity.
The post Protecting Yourself in the Wake of the Robinhood Data Breach appeared first on McAfee Blog.
You’re not the only one looking forward to the big holiday sales like Black Friday and Cyber Monday. Hackers are too. As people flock to retailers big and small in search of the best deals online, hackers have their shopping scams ready. Remember, McAfee frees you to live your connected life safe from threats like viruses, malware, phishing, and more. Download award-winning antivirus that protects your data and devices today.
One aspect of cybercrime that deserves a fair share of attention is the human element. Crooks have always played on our feelings, fears, and misplaced senses of trust. It’s no different online, particularly during the holidays. We all know it can be a stressful time and that we sometimes give into the pressure of finding that hard-to-get gift that’s so hot this year. Crooks know it too, and they’ll tailor their attacks accordingly as we get wrapped up in the rush of the season.
So while you already know how to spot a great deal, here are ways you and your family can spot online shopping scams so you can keep your finances safer this shopping season:
A common scam hackers use is introducing malware via email attachments, and during the holiday sale season, they’ll often send malware under the guise of offering emails and shipping notifications. Know that retailers and shipping companies won’t send things like offers, promo codes, and tracking numbers in attachments. They’ll clearly call those things out in the body of an email instead.
A classic scammer move is to “typosquat” phony email addresses and URLs that look awfully close to legitimate addresses of legitimate companies and retailers. They often appear in phishing emails and instead of leading you to a great deal, these can in fact link you to scam sites that can then lift your login credentials, payment info, or even funds should you try to place an order through them. You can avoid these sites by going to the retailer’s site directly. Be skeptical of any links you receive by email, text, or direct message—it’s best to go to the site yourself by manually typing in the legitimate address yourself and look for the deal there.
A related scammer trick that also uses typosquatting tactics is to set up sites that look like they could be run by a trusted retailer or brand but are not. These sits may tout a special offer, a great deal on a hot holiday item, or whatnot, yet such sites are one more way cybercriminals harvest personal and financial information. A common way for these sites to spread is by social media, email, and other messaging platforms. Again a “close to the real thing” URL is a telltale sign of a copycat, so visit retailers directly. Also, comprehensive online protection software can prevent your browser from loading suspicious sites and warn you of suspicious sites in your search results.
While the best of them can look practically professional and be tough to spot, one way to avoid counterfeit shopping apps is to go to the source. Hit the retailer’s website on your mobile browser and look for a link to the app from their website. Likewise, stick to the legitimate app stores such as Google Play and Apple’s App Store. Both have measures in place to prevent malicious apps from appearing in their stores. Some can sneak through before being detected though, so look for the publisher’s name in the description and ensure it is legitimate. On a fake app, the name may be close to the retailer you’re looking for, but not quite right. Other signs of a fake will include typos, poor grammar, and design that looks a bit off.
At the heart of holiday shopping is scarcity. Special offers for a limited time, popular holiday items that are tough to find, and just the general preciousness of time during the season to get things done, like shopping. Scammers love this time of year. During the holidays, they’ll play on that scarcity and crunch you’re under in their offers and messaging. Enter the “too good to be true” offer, typically set up on phony sites like the ones mentioned above. If the pricing, availability, or delivery time all look too good to be true, it may be a scam designed to harvest your personal info and accounts. Use caution here before you click. If you’re unsure about a product or retailer, read reviews from trusted websites to help see if it’s legitimate.
Apart from spotting scams, there are several things you can do to keep yourself safer while shopping this holiday season. In fact, they can keep you safer when you shop year ‘round as well. Looking for a last minute deal? Download McAfee online protection today.
This is a great one to start with. Secure websites begin their address with “https,” not just “http.” That extra “s” in stands for “secure,” which means that it uses a secure protocol for transmitting sensitive info like passwords, credit card numbers, and the like over the internet. It often appears as a little padlock icon in the address bar of your browser, so double-check for that. If you don’t see that it’s secure, it’s best to avoid making purchases on that website.
Specific to the U.S., the Fair Credit Billing Act offers the public protection against fraudulent charges on credit cards, where citizens can dispute charges over $50 for goods and services that were never delivered or otherwise billed incorrectly. Note that many credit card companies have their own policies that improve upon the Fair Credit Billing Act as well. However, debit cards aren’t afforded the same protection under the Act. Avoid using those while shopping online and use your credit card instead.
Another alternative is to set up a virtual credit card, which is a proxy for your actual credit card. With each purchase you make, that proxy changes, which then makes it much more difficult for hackers to exploit. You’ll want to research virtual credit cards further, as there are some possible cons that go along with the pros, such as in the case of returns where a retailer will want to use the same proxy to reimburse a purchase.
Using a complete suite of online protection software can offer layers of extra protection while you shop, such as web browser protection and a password manager. Browser protection can block malicious and suspicious links that could lead you down the road to malware or a financial scam. A password manager can create strong, unique passwords and store them securely as well, making it far more difficult for hackers to compromise your accounts. Identity theft protection takes your safety a step further by helping you secure your identity online and restore it should any of your personal info be found in the wrong hands.
Two-factor authentication is an extra layer of defense on top of your username and password. It adds in the use of a special one-time-use code to access your account, usually sent to you via email or to your phone by text or a phone call. In all, it combines something you know, like your password, with something you have, like your smartphone. Together, that makes it tougher for a crook to hack your account. If any of your accounts support two-factor authentication, the few extra seconds it takes to set up is more than worth the big boost in protection you’ll get.
Public Wi-Fi in coffee shops and other public locations can expose your private surfing to prying eyes because those networks are open to all. Using a virtual private network (VPN) encrypts your browsing, shopping, and other internet traffic, thus making it secure from attempts at intercepting your data on public Wi-Fi and harvesting information like your passwords and credit card numbers.
With all the passwords and accounts we keep, this is important. Checking your credit will uncover any inconsistencies or outright instances of fraud. From there, you can then take steps to straighten out any errors or bad charges that you find. In the U.S., you can run a free credit report once a year with the major credit reporting agencies.
So while you’re shopping online this year, take a deep breath before you dive in. Double-check those deals that may look almost too good to be true. Look closely at those links. And absolutely don’t click on those attachments that look like shipping notices or coupon deals. Hackers are counting on you to be in a bit of a hurry this time of year. Taking an extra moment to spot their tricks can go a long way toward keeping you and your finances safe. Remember, stay ahead of cyber criminals, get an extra layer of protection with McAfee this holiday season.
The post Spot Those Black Friday and Cyber Monday Shopping Scams appeared first on McAfee Blog.
It’s little surprise that a digital currency scam based on the popular Squid Games series on Netflix is making the news.
If you haven’t caught wind of it yet, the story goes along the following lines:
Note that this Squid Game cryptocurrency had no relationship to the show or to Netflix, aside from hijacking the Squid Game name without permission so that the scammers could use it as bait.
Scams such as this are nothing new. Earlier this year, an “initial coin offering” (ICO) called Mando turned out to be a scam as well. Based on Disney’s popular Star Wars series, The Mandalorian, the scammers used the name and the Star Wars-themed imagery around it without permission. Then, just as suddenly they used the popular name to drum up investments in the ICO, the scammers disappeared with the money they garnered from the “pre-sale” of the bogus Mando cryptocurrency.
With all the fervor around cryptocurrencies, scams associated with them are on the rise and have been for some time. A study published by Investopedia found that 80% of cryptocurrencies are scams and that only 8% of cryptocurrencies make their way onto legitimate trading exchanges.
In the case of the Squid Game cryptocurrency, there were several apparent signs that it was bogus to begin with. Reports call out the fact that the currency was not available for purchase on mainstream platforms. Instead, investors could only purchase the cryptocurrency on a platform that doesn’t guarantee the transactions made upon it. Further, investors could only buy the currency, not sell it, effectively locking them in.
Other indications were found in the accompanying website and technical white paper, which were laden with spelling and grammatical errors, along with apparently unsubstantiated claims. In all, red flags such as those are very similar to the ones associated with phishing attacks—where scammers co-opt the identities of well-known brands and organizations in bogus emails and websites, albeit in an often-clumsy fashion. Errors like those are often a telltale sign that something sketchy is afoot.
1. Working with an accredited financial adviser is always a sound step with any investment you choose to make, as is only investing funds you can afford to lose if the investment falls through.
2. Steer clear of cryptocurrency investments that ask you to contribute money directly from one of your own accounts rather than via a reliable platform that is verified.
3. Consider dependable cryptocurrencies such as Bitcoin, Ethereum, and Litecoin—of course recognizing that even legitimate cryptocurrencies can be highly volatile investments.
4. Regard any cryptocurrency based on a pop culture reference like movies, memes, and shows with a highly critical eye. It may very well be a scam built around buzz rather than an earnest attempt at launching a legitimate cryptocurrency, such as it was with the Squid Game scam.
Just as Netflix’s Squid Game is one in a long string of hit shows that’ll capture our attention, we can count on a similarly long string of cryptocurrency scams to continue. In this case, the Squid Game cryptocurrency scam was rigged from the start, despite the warning signs. After all, an investment people can only buy into but never sell is scam, plain and simple.
The post Squid Game Cryptocurrency Scam appeared first on McAfee Blog.
The holidays are almost here! That means it’s time to start making your list and checking it twice. To help prepare you for this year’s holiday shopping spree, McAfee is providing you with the ultimate holiday shopping list for every Tech lover in your family. Here are the devices to keep on your radar this holiday shopping season and what you should use to protect them.
Know someone who enjoys vanquishing aliens, building virtual amusement parks, and online battle royale? There’s a good chance that you do, as online gaming traffic increased 30% from the first to the second quarter of 2020. For the gaming guru in your life, consider gifting them a top-of-the-line gaming laptop so, they don’t have to compromise portability for playability. If they prefer to play in the comfort of their own home, consider giving the gamer in your life a snazzy new gaming monitor. This will allow them to enjoy a crystal-clear resolution, rapid refresh rate, and size to bring their virtual world to life. And to truly immerse your gamer in a new realm, gift them a new gaming console so they can enjoy optimal speed and stellar game lineups.
When shopping for your gamer, consider how you can empower them to stay secure while they play. A security solution like McAfee Gamer Security not only delivers a faster, quieter, and safer experience, but it can also boost a rig’s performance. This antivirus software detects threats through the cloud and optimizes resources to minimize frame drops. Gamers can even customize which games to boost (or even add other apps they’d like to boost), which background services to pause, and more. This improves your gamer’s experience and also keeps them safe while they play.
Does your tech-savvy teen love to browse on the go? Or perhaps you have a college student who likes to bring their online studying and video streaming with them beyond the home. For the mobile mastermind in your family, gift them a new smartphone or tablet this holiday season. These devices will allow your loved ones to access all their favorite apps and surf the web anytime, anywhere.
With the World Wide Web constantly at their fingertips, enable your family members to surf the internet with confidence by employing the help of a safe browsing solution like McAfee WebAdvisor. This trusty companion, available for free and included in the McAfee Total Protection app for iOS and Android, helps keep users safe from threats like malware and phishing attempts. Web Advisor blocks malicious sites, scans downloads, and alerts the user if a known threat is detected. With comprehensive security on their side, your mobile user will be free to search, stream, and download on the go.
The number of smart households (households that contain connected technology and can interact with other IoT devices) in the U.S. is expected to grow to 77.05 million by 2025. That may not come as a surprise, since IoT devices have upped the convenience of tech users’ lives everywhere. Perhaps your spouse or parents love filling their home with the latest and greatest smart home gadgets. This holiday season, give them the gift of convenience with a smart TV, speaker, thermostat, kitchen appliances, a personal home assistant – the list of smart home devices goes on!
While these devices can provide greater efficiency to anyone’s life, it’s important to be aware of the potential risks that come with this level of interconnectivity. Many product designers treat security as an afterthought, rushing to get their smart devices to market and consequentially creating an easy access point for criminals to exploit. But fear not! A solution like McAfee Secure Home Platform can automatically secure connected devices through a router with McAfee protection. It can hide your IoT devices from hackers, giving you the confidence that you have a solid line of defense against online threats.
For the Fitness Fanatic
At the onset of the pandemic, people adjusted their workout routines to accommodate for gym closures and began to rely on other solutions to stay fit. In fact, many turned to IoT devices used for virtual fitness, including wearable fitness trackers and stationary machines equipped with digital interfaces. Sound like someone you know? Consider giving them a stylish new or upgraded smartwatch that allows them to track their daily step count, heart rate, and sleep patterns.
While these devices can be instrumental in tracking users’ activity levels, it’s important to remember that wearable gadgets collect valuable health and location data a criminal could exploit. To keep your fitness fanatic happy and healthy without sweating their security, encourage them to install software updates immediately. This will protect your loved one’s device from reported bugs, enhance functionality, and seal up any security loopholes.
As you plan your holiday shopping list this year, don’t forget about the gift that keeps on giving: the peace of mind that comes with having the right online security! With comprehensive solutions built to safeguard your loved one’s devices, personal data, and everything they do online, they can continue to live their digital lives with confidence.
The post The Ultimate Holiday Shopping Guide appeared first on McAfee Blog.
It’s safe to say that many Americans are obsessed with Squid Game. According to Business Insider, the Korean drama series has driven the newest engagers to a Netflix title of any Netflix series over the last three years. And while word-of-mouth buzz has played a big part in the show’s success, TV watchers aren’t the only ones taking note. Cybercriminals are also formulating ways to profit off the show’s popularity. According to the New York Post, a malicious app based on Squid Game was recently found on the Google Play Store, infecting users’ devices with malware.
The app in question, called “Squid Game Wallpaper 4K HD,” was one of the 200 Squid Game-related apps on the Google Play Store. This particular app masqueraded as a place to download cool Squid Game backgrounds for Android devices. However, once a user downloaded the app, it infected their smartphone with a strain of Joker malware. Joker malware is a type of billing fraud malware that usually disguises itself as a messenger, photo editor, camera, or in this case, wallpaper apps.
You may wonder how an app like this even ends up on a legitimate app purchasing store. In order to bypass Google Play’s app review process, Joker malware hides its malicious payload during the review process. This means that when the app is published in the Google Play Store, there’s no sign of malware. It’s only when a user installs the app that the malware downloads the malicious payload. Once the malware successfully installs itself, it secretly signs the user up for premium subscriptions, intercepts all their SMS messages, and can upload all their contacts to the malware operators.
The “Squid Game Wallpaper 4K HD” app received 5,000 downloads before it was removed from the Google Play Store. It’s likely that cybercriminals will continue to use the show’s popularity to exploit its fans and make a profit, whether that be through malicious apps disguised as a place where viewers can watch the show or fraudulent websites selling Squid Game merchandise. But fear not! There are steps you can take to help ensure that you steer clear of malware:
Unlike Google Play and Apple’s App Store, which have measures in place to review and vet apps to help ensure that they are safe, third-party sites may not have that process in place. In fact, some third-party sites may intentionally host malicious apps as part of a broader scam. However, cybercriminals have found ways to work around Google and Apple’s review process (such as with “Squid Game Wallpaper 4K HD”), but the chances of downloading a safe app from these stores are far greater than anywhere else. Additionally, Google and Apple are quick to remove malicious apps once discovered.
Before you download a new app, do some quick research. Check out the developer. Have they published several other apps with many downloads and good reviews? A legit app typically has several reviews, whereas malicious apps may have only a handful of fake five-star reviews. Lastly, look for typos and grammatical errors in both the app description and screenshots. They could be a sign that a hacker slapped the app together and quickly deployed it.
Certain types of malware strains operate stealthily behind the scenes, commandeering login credentials or banking information right under a user’s nose. Check your accounts every so often and if you notice any suspicious activity, report it and change your passwords. You can also use ID monitoring tools, which will notify you of uncharacteristic changes or actions.
Just like you secure your computers and laptops, it’s important to secure the minicomputer in your pocket—your smartphone! For the strongest protection, use comprehensive security software that shields your device from malware and risky websites, links, and files. With a few key steps, you can boost your confidence in the safety of your devices and personal information and enjoy your favorite binge-worthy shows to the fullest!
The post Squid Game App or Mobile Malware in Disguise? appeared first on McAfee Blog.
It’s October, and at McAfee we love celebrating spooky season. As McAfee’s Chief Technology Officer, I’m also excited that it’s Cyber Security Awareness Month. And while there are no fun-size candy bars, we do talk about some truly bone-chilling stuff when it comes to cyber safety. So gather round, as I tell you all about one of the scariest threats online, ransomware.
Ransomware is a form of extortion that happens when cyber criminals demand payment. Recently some high-profile companies have been in the news as victims of major ransomware attacks. However, ransomware also impacts individuals, just like you and me. In the individual’s case, a cybercriminal may demand payment to restore access to your device or data or even to prevent them from dumping sensitive or embarrassing information onto the internet. McAfee defends consumers from tens of thousands of ransomware attacks every month.
If the worst should happen, take a deep breath and don’t panic. Calmly assessing the situation now can save you a lot of stress later. Ask yourself:
Now that you’ve assessed the situation, we can do something about it.
If you can afford to lose your data, and the personal impact is minimal, we always recommend you don’t pay the criminal. There’s no guarantee that if you pay the ransom, you’ll get your data back, and ultimately, you’re incentivizing the cybercriminal to do it again. The best defense against ransomware is to have great cybersecurity habits that prevent the attack from occurring in the first place.
So, whether you’re enjoying some creepy lawn decorations, or just surfing the web, remember to stay safe out there this Halloween.
The post Staying Cyber Aware and Safer from Ransomware appeared first on McAfee Blog.
Cybersecurity detection is a criminal investigation. Cybercrime investigators are experts who are in limited supply. Sometimes their hunt begins while an intrusion is in process, but more often than not, it occurs after the attack when a crime has occurred. The investigation is taunting and less glamorous, realizing that it can take an average of 228 days even to identify the breach[i].
At that point, you’re looking to find out what your adversaries have seen or stolen, you want to plug the holes that enabled the hack and kick out or remove the adversary completely. Figure on an average of 80 days to resolve and contain a breach. Meanwhile, your adversary spends the epic dwell time in your environment to monitor your traffic and behavior before determining their next move.
Do the math on that exercise and, unless you have generous funding, you may conclude that your resources stretch further by focusing on prevention rather than detection. While eliminating detection may not be practical, you can at least realign your spending and shore up your prevention efforts with enhanced actionable information.
Several things have happened to make this shift possible. First, detection is now often automated and highly productive. Second, advance warning is better than ever. You can apply predictive analytics to leverage in-depth threat intelligence sources to produce real-time, automated assessments of your security posture risks from device to cloud.
Making the shift from detection to prevention didn’t happen overnight for the Service public de Wallonie (SPW), the public administration arm of the French-speaking regional government of Wallonia in Belgium. SPW’s endpoint security team oversees 9,000 desktops, 1,300 servers, and 1,000 applications used by more than 8,000 employees.
When SPW implemented MVISION Insights, the security team sought to identify potential threats lurking outside the agency’s perimeter. Using data gathered from one billion sensors globally that have been distilled and analyzed by artificial intelligence and human experts, MVISION Insights provides comprehensive risk intelligence filtered for a specific industry and geography. It helps SPW’s security team to prioritize which threats and campaigns are most likely to target them.
Before making this shift, SPW’s team regularly spent hours checking out various security sites, lab reports, and news articles to track the latest threat campaigns. After deploying MVISION Insights, the same result arrived in seconds or minutes. Now they’re engaging in more proactive threat hunting and attack prevention by tapping into predictive assessments and adjusting their posture accordingly.
Organizations such as SPW illustrate that playing both offense and defense becomes necessary to reduce time-to-detect and dwell time. Detection is difficult for several reasons, most notably the deluge of advanced persistent threats (APTs). And it’s also complicated by the cost of threat hunting talent, given the current shortage of cybersecurity expertise.
These days there’s such an overwhelming amount of security data pouring into data lakes that manually aggregating and analyzing it to make sense of anything requires a fair amount of threat expertise. Then there’s the time it takes to triage and determine the following steps to thwart an attack. By the time you’re analyzing this data, at best, you’re in a reactive state with limited visibility and understanding of your local environment.
One effective way to streamline that process is to apply the proven MITRE ATT&CK® framework, which provides an excellent knowledge base to help with threat hunting and detection. We use that framework to better inform MVISION XDR powered by MVISION Insights, for example. As we mentioned in March, we align XDR with MITRE to greatly expand the depth of our investigation, threat detection, and prevention capabilities to prevent the attack chain with relevant insights.
In our leading role in the cybersecurity community, we gather a lot of intelligence and invest considerable time curating content to ensure that what we share is timely, accurate, and valuable. This is reflected in MVISION Insights with over 1000 threat campaign profiles. If you place MVISION Insights in your environment it goes beyond threat intelligence. You also gain prioritized threat insights on a likely attack targeting you, where your gaps are and what you can do. Introducing our new Proactive Evolution series to get regular information on how to become more preventive and protective with LinkedIn Live discussions, blog posts, and other intelligence from our cybersecurity expert contributors highlighting the power of MVISION Insights.
This new Proactive Evolution Series features helpful content intended for managing or building security operations to be more effective and preventive or for a CISO who wants to stay on top of changing best practices.
Detection is often done in reaction to an attack or a looming threat. Not every organization can do both detection and prevention equally well. That’s usually because they lack dedicated or experienced threat hunters or suitable detection technologies. By shifting your efforts to a proactive prevention strategy, you’re boosting your chances to harden your systems before an attack.
Click here to access McAfee Enterprise’s new Proactive Evolution Series content.
Event Replay
Understand how the adversary is working and how you stack up against them. Together, Raj and Brett dig into how MVISION Insights helps you determine which active threat campaigns you need to worry about, if you’re a target, and what you can do.
The post Why an Ounce of Cybersecurity Prevention is Worth a Pound of Detection appeared first on McAfee Blog.
There’s a person behind every cybercrime. That’s easy to lose sight of. After all, cybercrime can feel a little anonymous, like a computer is doing the attacking instead of a person. Yet people are indeed behind these attacks, and over the years they’ve been getting organized—where cybercriminals structure and run their operations in ways that darkly mirror the workings of a real business.
Funny, the notion of hackers running an illegal business just like a regular business. But there you go. What works, apparently works. So, let’s take a closer look at how organized crime goes about its business—and get a little more insight into how we can protect ourselves in the process.
A classic notion of the cybercriminal is that of a lone hacker, donning a hoodie in a dimly lit room and chipping away at the networks and devices of a business or household. That does happen, such as in the case of the former engineer accused of. Yet increasingly, attacks are orchestrated efforts.
More and more of today’s cybercrime is a distributed, international affair that relies on several bad actors to see it through. This takes the form of organized crime groups with ringleaders located in one country and developers in others, further supported by operations, marketing, finance, and call center teams in yet other locations—just like a legitimate business, strange as it seems.
What does that look like in real life? Consider a practical example: an identity theft ring sets up a series of phony websites to hijack personal information. There’s a lot of work that goes into putting up those websites, so let’s start there and see who could be involved. From there, we can work our way up the chain of cybercrime organizations. For starters:
And that’s just for starters. There’s plenty of activity that follows once victims share their personal info on that phony site, spanning yet more business roles:
Stepping back and looking at this example, you can see how there are several distinct skillsets at play here. While small groups of hackers could pull off something similar, the most effective of these scams will have a relatively large staff in place to ensure it runs effectively. This is just one broad example, yet it does serve to remind us that sophisticated cybercrime can have a sophisticated organization behind it.
Other examples include tech support scams that run their own call support centers, corporate ransomware attacks where scammers hijack the company’s social media accounts and shame them into paying. There are yet more examples of bogus call centers, like the ones that will walk individual victims through the process of paying off a ransomware attack with cryptocurrency. Once again, quite an operation.
Back to the lone hacker in a hoodie for a moment. They’re still out there. In fact, many of them are enabled by larger cybercrime organizations. This can happen in several ways:
It’s a marketplace out there, where our data acts as a kind of currency that’s traded and sold by operators large and small.
So yes, there’s a person behind every cybercrime. And then there’s you. Along with all things you can do to stop them.
Earlier this year, I shared how McAfee now solely focuses on people. Organized cybercrime is just one of the many reasons why. While different devices may come and go in our lives, our data always follows us—the very things cybercriminals are after. It’s people who need protection. By protecting you, your identity, and your privacy, along with your devices, we protect you from threats like these, whether they stem from a small-time crook or an organized crime gang. Even lone hackers in hoodies.
To me, the solution looks something like this: you’re out there enjoying the internet without having to look over your shoulder. You’re just safe. And living your life.
So as cybercrime becomes more sophisticated, we’re becoming yet more sophisticated at McAfee. And it’s you entirely with you in mind. Online protection should come naturally and give you the confidence to go about your day—protection that is personalized, intelligent, and easier to use so that it adapts based on what you’re doing and what you need at any given moment. That’s our aim. Ease. Freedom. Particularly in a time when criminals are trying their hardest to make you their business as you go about yours.
The post Organized Cybercrime: The Big Business Behind Hacks and Attacks appeared first on McAfee Blog.
Many people are excited about Gartner’s Secure Access Service Edge (SASE) framework and the cloud-native convergence of networks and security. While originally proposed as fully unified architecture delivering network and security capabilities, the reality soon dawned that enterprise transition to a complete SASE model would be a decade long journey due to factors such as existing investments, operational silos (customer), and vendor consolidation. Consequently, Gartner introduced a new two-vendor approach to SASE that brought together a highly converged WAN Edge Infrastructure platform alongside a highly converged security platform – known as Security Service Edge (SSE).
Figure 1: SASE convergence.
SSE brings together Secure Web Gateway (SWG), Cloud Access Security Broker (CASB), and Zero Trust Network Access (ZTNA) to secure access to the web, cloud services, and private applications, resulting in reduced risk, cost and complexity. McAfee Enterprise has long been a proponent of this approach: we embarked on a project to build the industry’s best SASE security solution over three years ago, introduced our MVISION Unified Cloud Edge solution in early 2020, and have since continued to innovate and set the standard for the Security Service Edge space.
The fundamental problem that SSE sets out to solve is that enterprises must adequately secure their personnel and their data. This became increasingly difficult as digital transformation spurred widespread cloud adoption and empowered remote and mobile workers. Just a few short years ago we would talk about remote access for short periods of time due to travel, and typically for a small proportion of the workforce. Today we speak in the context of COVID-19 and a vast, permanent “Work From Anywhere” (WFA) cultural shift. Supporting this shift is an accelerated migration into the cloud, where the vast majority of workloads and applications will soon reside.
All of this has taken down the walls that formed the perimeter we relied on heavily in the past. Today our people and our data are outside of that perimeter but inside of cloud applications. Cloud applications run from many locations, sometimes around the globe. Yet our objectives must remain the same. We still must secure our people, we must secure our devices, and we must secure our data on any device, at any time, using any service.
Secure web gateways were one of the gatekeepers to the old perimeter, fundamentally appliances that existed at the border of a network. Cloud access security brokers (CASB) were fundamentally built to secure the inside of cloud services. Virtual Private Networks (VPNs) enabled you to securely interconnect offices and remote users onto a single network. Managing these technologies separately became increasingly problematic as the boundaries between networks, the web, and the cloud began to blur. Organizational policies and compliance requirements must be translated to the administrative setup of a specific vendor’s management consoles. At first pass, this results in more errors in the implementation of these policies. Maintenance is difficult as policy changes must be rolled out and implemented within multiple vendor management interfaces. And when you position these traditional technologies against the problem statement of a “perimeterless” world, they fail. The logical answer to these problems is to converge these technologies together and bring them to the cloud.
For more than 3 years, McAfee Enterprise has invested deeply into a unified policy framework. We’ve unified threat engines, data engines. We’ve built a unified user experience and unified administrative experience to deliver against that promise of cloud native security.
A closely integrated SSE infrastructure can address the management challenges of setting up policies in multiple vendor management interfaces by deeply integrating security controls to reduce overhead, complexity, and cost, while increasing performance. But looking at the competitive landscape, this has proven to be easier said than done. Many fall short with it comes to securing data within the cloud, but McAfee Enterprise’s industry-leading Multi-Vector Data Protection capabilities make it incredibly easy to keep data safe no matter where it resides, with unified data classification, policy enforcement, and incident management.
Figure 2: McAfee Enterprise Multi-Vector Data Protection.
Other vendors grew up in the cloud but fall short when it comes to connecting to the private resources all large enterprises still use today. Some vendors are attempting to build-out the entire SSE product set from scratch, perhaps as part of a larger SASE offering. Most of the functions present baseline functional capability and the considerable instability of a complex and very new product.
McAfee Enterprise has planned and executed a strategy for several years that takes MVISION Unified Cloud Edge’s complete set of SSE converged security services and then tie them closely to other highly integrated network services such as those offered by SD-WAN vendors to implement SASE. This approach enables most large enterprises the ability to leverage the majority of the technology partners they have to pull a SASE architecture together using much of the technology infrastructure they already have in place.
Figure 3: Enable secure access to web, cloud, and private apps with MVISION Unified Cloud Edge.
The increased efficiency of an integrated environment reduces the investment in administration, enhances the precision of policy enforcement, and improves the speed with which security control processes can be applied to data and activity in one single pass, improving security efficiency and efficacy. This earlier published blog demonstrates how our integration of Remote Browser Isolation (RBI) greatly improves security protection in a seamless, cost-effective manner.
Figure 4: MVISION Unified Cloud Edge threat protection stack with integrated Remote Browser Isolation.
The convergence and integration of cloud security technologies such as SWG, CASB, ZTNA, DLP, RBI and FWaaS substantially enhance operations, reduce cost, minimize errors, and enable more precise enforcement of organizational policy and management. Expenses are lower as experts in the administration and management of separate security controls are no longer required.
In conclusion, McAfee Enterprise has delivered the best and most rapid path to a comprehensive integrated SSE offering available in the market. Our Unified Cloud Edge (UCE) architecture completes that vision of unified and completely integrated policy management today. MVISION UCE is the security fabric that delivers data and threat protection to any location so you can enable fast and secure direct-to-internet access for your distributed workforce. This results in a transformation to a cloud-delivered SSE that converges with connectivity to reduce cost and complexity while increasing the speed and flexibility of your workforce.
Click here to see more about how MVISION Unified Cloud Edge can get you on the fastest route to SASE, or visit the MVISION UCE homepage to learn more and contact us to get started on your journey.
The post Realize Your SASE Vision with Security Service Edge and McAfee Enterprise appeared first on McAfee Blog.
In the hands of a thief, your Social Security Number is the master key to your identity.
With a Social Security Number (SSN), a thief can unlock everything from credit history and credit line to tax refunds and medical care. In extreme cases, thieves can use it to impersonate others. So, if you suspect your number is lost or stolen, it’s important to report identity theft to Social Security right away.
Part of what makes an SSN so powerful in identity theft is that there’s only one like it. Unlike a compromised credit card, you can’t hop on the phone and get a replacement. No question, the theft of your SSN has serious implications. If you suspect it, report it. So, let’s take a look at how it can happen and how you can report identity theft to Social Security if it does.
Yes. Sort of. The Social Security Administration can assign a new SSN in a limited number of cases. However, per the SSA, “When we assign a different Social Security number, we do not destroy the original number. We cross-refer the new number with the original number to make sure the person receives credit for all earnings under both numbers.”
In other words, your SSN is effectively forever, which means if it’s stolen, you’re still faced with clearing up any of the malicious activity associated with the theft potentially for quite some time. That’s yet another reason why the protection of your SSN deserves particular attention.
There are several ways an SSN can end up with a thief. Some involve physical theft, and others can take the digital route. To what extent are SSNs at risk? Notably, there was the Equifax breach of 2017, which exposed some 147 million SSNs. Yet just because an SSN has been potentially exposed does not mean that an identity crime has been committed with it.
So, let’s start with the basics: how do SSNs get stolen or exposed?
That’s quite the list. Broadly speaking, the examples above give good reasons for keeping your SSN as private and secure as possible. With that, it’s helpful to know that there are only a handful of situations where your SSN is required for legitimate purposes, which can help you can make decisions about how and when to give it out. The list of required cases is relatively short, such as:
You’ll notice that places like doctor’s offices and other businesses are not listed here, though they’ll often request an SSN for identification purposes. While there’s no law preventing them from asking you for that information, they may refuse to work with you if you do not provide that info. In such cases, ask what the SSN would be used for and if there is another form of identification that they can use instead. In all, your SSN is uniquely yours, so be extremely cautious in order to minimize its potential exposure to theft.
Let’s say you spot something unusual on your credit report or get a notification that someone has filed a tax return on your behalf without your knowledge. These are possible signs that your identity, if not your SSN, is in jeopardy, which means it’s time to act right away using the steps below:
File a police report and a Federal Trade Commission (FTC) Identity Theft Report. This will help in case someone uses your Social Security number to commit fraud, since it will provide a legal record of the theft. The FTC can also assist by guiding you through the identity theft recovery process as well. Their site really is an excellent resource.
Get in touch with the fraud department at each of the businesses where you suspect theft has taken place, let them know of your situation, and follow the steps they provide. With your police and FTC reports, you will already have a couple of vital pieces of information that can help you clear your name.
Check your Social Security account to see if someone has gotten a job and used your SSN for employment purposes. Reviewing earnings associated with your SSN can uncover fraudulent use. You can also contact the Social Security Fraud Hotline at (800) 269-0271 or reach out to your local SSA office for further, ongoing assistance. Likewise, contact the Internal Revenue Service at (800) 908-4490 to report the theft and help prevent someone from submitting a tax return in your name.
As we’ve talked about in some of my other blog posts, identity theft can be a long-term problem where follow-up instances of theft can crop up over time. However, there are a few steps you can take to minimize the damage and ensure it doesn’t happen again. I cover several of those steps in detail in this blog here, yet let’s take a look at a few of the top items as they relate to SSN theft:
By placing a fraud alert, you can make it harder for thieves to open accounts in your name. Place it with one of the three major credit bureaus (Experian, TransUnion, Equifax), and they will notify the other two. During the year-long fraud alert period, it will require businesses to verify your identity before issuing new credit in your name.
A full credit freeze is in place until you lift it and will prohibit creditors from pulling your credit report altogether. This can help stop thieves dead in their tracks since approving credit requires pulling a report. However, this applies to legitimate inquires, including any that you make, like opening a new loan or signing up for a credit card. If that’s the case, you’ll need to take extra steps as directed by the particular institution or lender. Unlike the fraud alert, you’ll need to notify each of the three major credit bureaus (Experian, TransUnion, Equifax) when you want the freeze lifted.
Once every 12 months, you can access a free credit report from Experian, TransUnion, and Equifax. (And as of this writing during the pandemic, this can be done for free on a weekly basis, which is great news.) Doing so will allow you to spot any future discrepancies and offer you options for correcting them.
Using a service to help protect your identity can monitor several types of personally identifiable information and alert you of potentially unauthorized use. Our own Identity Protection Service will do all this and more, like offering guided help to neutralize threats and prevent theft from happening again. You can set it up on your computers and smartphone to stay in the know, address issues immediately, and keep your identity secured.
Of all the forms of identity theft, the theft of a Social Security Number is certainly one of the most potentially painful because it can unlock so many vital aspects of your life. It’s uniquely you, even more than your name alone – at least in the eyes of creditors, banks, insurance companies, criminal records, etc. Your SSN calls for extra protection, and if you have any concerns that it may have been lost or stolen, don’t hesitate to spring into action.
The post How to Report Identity Theft to Social Security appeared first on McAfee Blog.
In a world of contact-free pickup and payments, an old hacker’s trick is getting a new look—phony QR code scams.
QR codes have been around for some time. Dating back to industrial use in the 1990s, QR codes pack high volumes of visual information in a relatively compact space. In that way, a QR code shares many similarities with a barcode, yet a QR code can hold more than 300 times the data of a barcode.
With the rise of the smartphone, QR codes have taken on more consumer applications. Especially in the latter days of the pandemic in the form of contact-free conveniences. Now, by pointing your smartphone’s camera at a QR code, you can order food at a restaurant, pay for parking, download coupons from the shelf at your drugstore or several other convenient things.
Yet as it is in places where people, devices, and money meet, hackers are there with a scam ready to go. Enter the QR code scam. By pointing your smartphone’s camera at a bogus QR code and giving it a scan, hackers can lead people to malicious websites and commit other attacks on their phones.
The good news is that there are several ways you can spot these scams, along with several other ways you can avoid them altogether, all so you can get the best out of QR code convenience without the hassle.
In several ways, the QR code scam works much like any other phishing attack. With a few added wrinkles, of course.
Classically, phishing attacks use doctored links that pose as a legitimate website in the hopes you’ll follow them to a hacker’s malicious website. Once there, that site is designed to trick you into providing your personal information, credit card numbers, and so forth, perhaps in the context of a special offer or a phony account alert. Likewise, it could send you to a site that simply infects your device with malware.
It’s much the same with a QR code, yet here’s are a couple of big differences:
Aside from appearing in emails, direct messages, in social media ads, and such, there are plenty of other places phony QR codes can show up. Here are a few that have been making the rounds in particular:
Scanning a QR code may open a notification on your smartphone screen to follow a link. Like other phishing-type scams, hackers will do their best to make that link look legitimate. They may alter a familiar company name so that it looks like it could have come from that company. Also, they may use link shorteners that take otherwise long web addresses and compress them into a short string of characters—the trick there being that you really have no way of knowing where it will send you simply by looking at it.
In this way, there’s more to using QR codes than simply “point and shoot.” A mix of caution and eagle-eyed consideration is called for to spot the legitimate uses from the malicious ones.
Luckily some very basic rules about avoiding QR code attacks. The U.S. Better Business Bureau (BBB) has put together a great list that can help. Their advice is right on the mark, which we’ve paraphrased and added to here:
1. Don’t open links or scan QR codes from strangers. Unsolicited messages with these links or codes could lead you to a scam site or access the functionality of your smartphone in unwanted ways.
2. Some scams will appear to come from legitimate sources. Double-check and see if it indeed is. You can check the official website to confirm, such as by accessing your account or contacting a customer service rep to follow up on the communication sent to you.
3. Try alternative payment methods. If you receive a bill with a QR code for payment, see if there’s another way to pay it—such as on the company’s website or simply through online bill pay to their known, legitimate address. These are less susceptible to fraud. Likewise, check to see if the requested payment is legitimate in the first place.
4. Think twice about following shortened links. As mentioned above, shortened links can be a shortcut to a malicious website. This can particularly be the case with unsolicited communications. And it can still be the case with a friend or family member if their device or account has been hacked.
5. If someone you know sends you a QR code, also confirm before scanning it. Whether you receive a text message from a friend or a message on social media from your workmate, contact that person directly before you scan the QR code to make sure they haven’t been hacked.
6. Watch out for tampering. Hackers have been known to stick their own QR codes over legitimate ones. If you see any sign of altering or placement that looks slapdash, don’t give that code a scan.
7. Install mobile security. Comprehensive online protection software can protect your mobile devices as well as your computers and laptops. In this case, it can detect bad links associated with QR codes and steer you clear of accessing the malicious sites and downloads associated with them.
QR codes have made transactions smoother and accessing helpful content on our phones much quicker, especially in recent months as they’ve seen an uptick in use. And useful as they are like other means of paying or browsing online, keep an eye open when using them. With this advice as a guide, if something doesn’t feel right, keep your smartphone in your pocket and away from that QR code.
The post Be on the Lookout for a New Wave of QR Code Scams appeared first on McAfee Blog.
Take a roll call of all your devices that connect to the internet. These include the obvious ones – laptops, tablets, and your smartphone. But they also include the ones you may not immediately think about, such as routers, smart TVs and thermostats, virtual assistant technology, and connected fitness watches and equipment.
Each of these devices is known as an endpoint to you. To a cybercriminal, they’re an entry point into your online information. It’s important to secure every endpoint so that you can confidently go about your day-to-day without worrying about your security. Here’s the definitive device security checklist to get you on your way confidently and safely.
Laptops and desktops are prime entryways into your online life. Think of all the payment information, passwords, and maybe even tax documents you store on it. The best way to protect the contents of your laptops and desktops is to password-protect your computer with strong passwords or passphrases. Here are a few password and passphrase best practices:
Especially if you work at common spaces like coffee shops, the library, or even your kitchen table, get in the habit of putting your computer to sleep when you step away. Commit the sleep command shortcut to memory to make it less of a hassle. For example, on Mac computers, the keyboard command is command + option + eject, and for Windows, it’s alt + F4.
Speaking of common spaces, whenever you log in from a public Wi-Fi network, always log in with a virtual private network (VPN). A VPN scrambles your data, making it indecipherable to any malicious characters who may be lurking on public networks.
Multifactor authentication is another way to protect your valuable devices and accounts. This means that anyone trying to log in on your device needs to provide at least two forms of identification. Forms of ID could include a text message with a one-time code or a fingerprint or face scan in addition to a correct password.
These two devices are grouped because the security features on them are similar. Just like with computers, put your device to sleep every time you walk away from it. It’s much easier and may already be in your routine to hit the sleep button when you put down your cellphone or tablet.
Always put a passcode on your smartphones and tablets. Choose a collection of numbers that do not have an obvious connection to you, such as important birthdays or parts of your phone number. Even if they’re a random assortment, you’ll get the hang of them quickly. Or to make sure only you can enter your phone, set up a facial or fingerprint ID scan. People have several passwords and account combinations they have to remember. To take the guesswork and trial and error of logging in, consider trusting your passwords to a password manager that can remember them for you!
A great mobile phone and tablet habit you should adopt is backing up your files regularly to the cloud. In the event that you lose your device or if someone steals it, at least it’s valuable — and in some cases, priceless — content is safe. You may be able to remotely “brick” your device to keep a stranger from breaking into your accounts. Bricking a device means remotely wiping a connected device and rendering it unusable.
Your router is the gateway to all the connected devices in your home; thus, it’s key to beef up its security. The best way to do so is to make sure that you customize the router name and password to make it different from the factory settings. Always password-protect your home router! Employing password best practices you use for your online accounts and your devices will prevent strangers from hopping onto your network. Another way to keep your Wi-Fi network out of the hands of strangers is to toggle on the setting to not appear to non-users. While it’s fun seeing the quirky names your neighbors choose for their home networks, it’s best to keep yours completely private.
There have been some unsettling reports about cybercriminals commandeering smart home devices and virtual assistant technology. For example, a cybercriminal hacked a homeowner’s virtual assistant and blasted music through the home’s speakers, and turn the heat up to 90 degrees. The key to securing the connected devices that are responsible for your heating and cooling, shopping lists, and even your home security system is to ensure it is connected to a secure router and protected by a strong password.
Also, keep an eye on software updates, which include security upgrades. If you don’t think you have time to manually update software, set up your devices to automatically update. This will give you peace of mind knowing that you have the latest security patches and bug fixes as soon as they are available.
IoT fitness watches and machines are fun additions to your workout routines. In the case of Peloton bikes, they track your heartbeat and location and offer a huge library of classes. However, cybercriminals may be able to track your workouts if they break their way into your fitness devices. The best way to keep your workouts private is to turn off geolocation and make sure you are up to date with all software releases and protect your accounts with strong passwords.
If you’re looking for a tool to put your mind at ease, consider McAfee Total Protection. It includes antivirus and safe browsing software plus a secure VPN. You can be confident that your personal information is safe, thus allowing you to enjoy the full potential of all your devices.
The post How to Secure All Your Everyday Connected Devices appeared first on McAfee Blog.
A good time to check if someone is using your identity is before it even happens.
One of identity theft’s several downsides is how people discover they’ve become a victim in the first place—by surprise. They go to rent an apartment, open a line of credit, or apply for financing, only to discover that their finances or reputation has taken a hit because of identity thief.
And those hits add up, particularly when you look at the dollars involved. In 2020, the Federal Trade Commission (FTC) reported $3.3 billion in financial losses from 4.7 million reported cases of fraud, a 45% increase over the year prior. Of those reports, identity theft was the leading fraud category, accounting for 29% of fraud incidents.
Plenty. Depending on the type and amount of information an identity thief gets their hands on, they can harm your finances and reputation in several ways, including:
Rather than ending up with a rude and potentially costly surprise of your own, you can get ahead of thieves by checking to see if someone is using your identity before it’s a problem or before it really takes root.
Major data breaches that expose personal information seem to hit the headlines with some regularity, not to mention the many, many more that don’t get national or international press coverage. Most recently we have the Neiman Marcus breach, where this major retailer alerted 4.6 million customers that “an unauthorized party obtained personal information associated with certain Neiman Marcus customers’ online accounts.”
And as it is with many such breaches, it took quite some time before the theft of information was discovered. Per Neiman Marcus, it’s believed that the breach occurred in May 2020 and only discovered in September of 2021. Potentially compromised information included:
Whether or not you have reason to suspect that your information got caught up in this recent large-scale breach, it serves as a good reminder that any time is the right time to check up on your identity. Acting now can save headaches, potentially big headaches, later.
Quite a bit of identity theft prevention begins with taking stock of the accounts and services you have in your name. This ranges anywhere from bank accounts to public utilities and from credit cards to loans, all of which contain varying degrees of personal information about you. With a sense of where your personal identity is being used, you can better look for instances where it’s being misused.
Ways you can spot for possible identity theft include:
If you stop receiving a bill that normally comes to you, such as a utility bill or for a department store credit card, that could be a sign that a thief has changed the mailing address and has potentially hijacked your identity.
This is rather straightforward, yet it reminds us how important it is to look at our statements closely. Charges that you didn’t ring up or that seem slightly higher than normal are a surefire sign that you should follow up with the bank or company involved and let them know of possible fraud.
In the U.S., you have annual access to free credit reports from the major credit reporting agencies. Not only will this give you a sense of your credit score, but it will also show the credit that’s open in your name, along with addresses associated with your identity. Spotting an account that you haven’t signed up for or seeing an address of a residence that you’re not renting are other common signs that your identity may have been compromised.
With the number of accounts many of us have these days, a credit monitoring service can help you stay on top of what’s happening in your name. Often offered through banks, credit unions, and even insurance providers, credit monitoring can alert you in several instances, including:
Overall, credit monitoring can act as another set of eyes for you and spot potential identity issues. Different services provide different levels of monitoring, so consider reviewing a few options to find the one that works best for you.
One like our own Identity Protection Service will monitor several types of personally identifiable information, alert you of potentially stolen personal info, and offer guided help to neutralize the threat—in addition to offering several preventative steps to help keep theft from happening in the first place. With this set up on your computers and smartphone you can stay in the know and address issues immediately.
Along with keeping an eye on what’s happening with your identity online and elsewhere, there are a few more things you can do to make it tougher for thieves to steal your identity.
Given all the banking and shopping we do on our computers and phones, installing and using comprehensive online protection software is a must these days. It puts several layers of security in place, such as creating complex passwords automatically, shielding credit card info from prying eyes, and protecting your privacy and data online by connecting with a VPN. In short, online protection software acts as a solid first line of defense.
As mentioned above, comprehensive online protection software often includes a password manager that can generate strong, unique passwords for each of your accounts and remember them for you. It’s extra protection that makes life a lot easier for you by managing all the accounts you’re juggling. Also, use MFA (multi-factor authentication) on the accounts that give you the option, which makes it harder for a thief to crack your accounts with a password alone.
Sensitive documents come in all forms. Top-of-the-line examples include things like tax returns, bank statements, and financial records. Yet there are also things like your phone and utility bills, statements from your doctor’s office, and offers that come to you via mail. Together, these things can contain personal information such as account numbers, your full Social Security Number, the last four digits of your Social Security Number (which can still be useful to thieves), and other information that may uniquely identify you. You’ll want to dispose of sensitive documents like these so that they can’t be harvested by hackers.
For physical documents, consider the low-cost investment of a paper shredder to help ensure they don’t fall into the wrong hands when you are done with them. (And let’s face it, they’re fun to use!) For digital documents, simply deleting a file is not enough – online protection software is a great resource that often includes a digital document shredder, designed to render the data practically unusable when you’re ready to trash the file.
Your Social Security Number is one of the most prized possessions a thief can run away with because it is so closely associated with you and things like your tax returns, employment, and so on. Keep it stored in a safe location rather than on your person or in your wallet. Likewise, be careful about giving out your SSN. While organizations like the IRS, your bank, and employer require it, there are other organizations who do not—but may ask for it anyway. (Doctor’s offices are a prime example.) If you get such a request, ask them what they intend to use it for and then ask if another form of identification will work instead.
Phishing attacks are one of the primary ways identity thieves steal personal information. Whether they come via a direct message, on social media, or through email, text, or phone calls, thieves use them to harvest your personal info by posing as a legitimate organization—such as in this recent IRS phishing scam. Phishing is a topic all unto itself, and you can check out this quick read to see how you can spot phishing scams and protect yourself from them.
Like any criminal, identity thieves do their dirtiest work in the shadows—quietly stealing money under your nose, or worse, as we outlined above. By shining a light on your identity and keeping regular track of what’s happening with it, you can spot unusual activity right away. Even the small stuff is important. A co-worker of mine once saw an incorrect address listed on his credit report. Turned out, that address was used to rack up several large charges at a retailer, which he was able to fix with the aid of the credit reporting agency and the retailer in question.
No doubt about it. Identity theft is indeed on the rise, and your best bet to avoid such a nasty surprise is to keep an eye on your digital identity the same way you keep an eye on your actual wallet.
The post How to Check if Someone is Using Your Identity appeared first on McAfee Blog.
We hope you’ve enjoyed Cyber Awareness month. This year’s theme asked us all to do our part to stay safer online. The idea is that if we each take steps to secure our lives online, then together we all contribute to creating a safer, more secure internet. Of course, it’s our job to help you #BeCyberSmart. With that in mind, we’ve pulled together all the safety tips we featured in October. From family security to protecting your latest smart home gadgets, they’re all here and organized by theme. So take a look below and let’s all do our part today, tomorrow, and in the year to come!
10 quick tips for keeping the whole family safe
Online security for senior citizens
A quick list of tips for protecting kids on apps and social networking
How to protect baby’s first digital footprints
Millennials are major targets for identity theft. Check out this quick guide for protecting identity online
Ways for online gamers to #BeCyberSmart.
#Phishing is a common #scam that pops up in emails, DMs, and texts where crooks try and get you to click sketchy links. Learn how to spot them.
Securing your mobile phone.
Protecting your #socialmedia accounts from hacks and attacks.
Keeping the whole family safer
Spotting fake news and misinformation
https://www.mcafee.com/blogs/consumer/spot-fake-news-and-misinformation-in-your-social-media-feed
How to avoid oversharing online.
https://www.mcafee.com/blogs/consumer/family-safety/is-this-tmi
Managing your personal photos online safely.
Interested in starting a podcast? Here are some tips to get you started.
https://www.mcafee.com/blogs/consumer/entertainment-fromhome-how-to-start-your-own-podcast
Check out some tips for keeping your family safe when you hit the road with your phones, tablets, and laptops
Have smart home devices like a doorbell or smart lightbulbs? See how you can enjoy it all safely
Staying safe while banking online
App scams aimed at kids
https://www.mcafee.com/blogs/consumer/family-safety/9-tips-to-help-kids-avoid-popular-app-scams
Take a look at some of the ways you can improve your privacy
Using payment apps safely
Protecting kids from identity theft
Let’s talk online shopping and ways you can score some great deals safely during a time of year when hackers break out some of their oldest (yet effective) tricks
Thanks for celebrating Cyber Awareness month with us this October. More importantly, we hope you’re able to take the tips above and not only make your life safer but also the lives of friends and family as well. After all, we all need to do our part to #BeCyberSmart and protected online.
The post Do your part and #BeCyberSmart with these online safety tips appeared first on McAfee Blog.
After more than a century of technological innovation since the first units rolled off Henry Ford’s assembly lines, automobiles, and transportation bear little in common with the Model T era. This evolution will continue as society finds better ways to achieve the outcome of moving people from point A to point B.
While Secure Web Gateways (SWGs) have operated on a far more compressed timetable, a similarly drastic evolution has taken place. SWGs are still largely focused on ensuring users are protected from unsafe or non-compliant corners of the internet, but the transition to a cloud and remote-working world has created new security challenges that the traditional SWG is no longer equipped to handle. It’s time for the next generation of SWGs that can empower users to thrive safely in an increasingly decentralized and dangerous world.
The SWG actually started out as a URL filtering solution that enabled organizations to ensure that employees’ web browsing complied with corporate internet access policy.
URL filtering then transitioned to proxy servers sitting behind corporate firewalls. Since proxies terminate traffic coming from users and complete the connection to the desired websites, security experts quickly saw the potential to perform more thorough inspection than just comparing URLs to existing blacklists. By incorporating anti-virus and other security capabilities, the “Secure Web Gateway” became a critical part of modern security architectures. However, the traditional SWG could only play this role if it was the chokepoint for all internet traffic, sitting at the edge of every corporate network perimeter and having remote users “hairpin” back through that network via VPN or MPLS links.
The transition to a cloud and remote-working world has put new burdens on the traditional perimeter-based SWG. Users can now directly access IT infrastructure and connected resources from virtually any location from a variety of different devices, and many of those resources no longer reside within the network perimeter on corporate servers.
This remarkable transformation also expands the requirements for data and threat protection, leaving security teams to grapple with a number of new sophisticated threats and compliance challenges. Unfortunately, traditional SWGs haven’t been able to keep pace with this evolving threat landscape, resulting in an inefficient architecture that fails to deliver the potential of the distributed workforce.
Just about every major breach now involves sophisticated multi-level web components that can’t be stopped by a static engine. The traditional SWG approach has been to coordinate with other parts of the security infrastructure, including malware sandboxes. But as threats have become more advanced and complex, doing this has resulted in slowing down performance or letting threats get through. This is where Remote Browser Isolation (RBI) brings in a paradigm shift to advanced threat protection. When RBI is implemented as an integral component of SWG traffic inspection, it can deliver real-time, zero-day protection against ransomware, phishing attacks, and other advanced malware so that even the most sophisticated threats can’t get through, without hindering the browsing experience.
Another issue with most traditional SWGs is that they aren’t able to sufficiently protect data as it flows from distributed users to cloud apps, due to lacking advanced data protection and cloud app intelligence. Without Data Loss Prevention (DLP) technology that is advanced enough to understand the nature of cloud apps and to keep up with evolved safety demands, organizations can find data protection gaps in their SWG solutions that keep them vulnerable to risks.
Finally, there is the question of cloud applications. While cloud applications operate on the same internet as traditional websites, they function in a fundamentally different way that traditional SWGs simply can’t understand. Cloud Access Security Brokers (CASBs) are designed to provide visibility and control over cloud applications, and if the SWG doesn’t have access to a comprehensive CASB application database and sophisticated CASB controls, it is effectively blind to the cloud. It’s only a cloud-aware SWG with integrated CASB functionality that can extend data protection to all websites and cloud applications, empowering organizations and their users to be better protected against advanced threats.
A next-gen SWG should help simplify the implementation of Secure Access Service Edge (SASE) architecture and help accelerate secure cloud adoption. At the same time, it needs to provide advanced threat protection, unified data control, and efficiently enable a remote and distributed workforce.
Here are some of the use cases:
SWGs have clearly come a long way from just being URL filtering devices to the point where they are essential to furthering the safe and accelerated adoption of the cloud. But we need to push the proverbial envelope a lot further. Digital transformation demands nothing less.
The post What to Expect from the Next Generation of Secure Web Gateways appeared first on McAfee Blog.
The security operations center (SecOps) team sits on the front lines of a cybersecurity battlefield. The SecOps team works around the clock with precious and limited resources to monitor enterprise systems, identify and investigate cybersecurity threats, and defend against security breaches.
One of the important goals of SecOps is a faster and more effective collaboration among all personnel involved with security. The team seeks to streamline the security triage process to resolve security incidents efficiently and effectively. For this process to be optimized, we believe that ruthless prioritization is critical at all levels of alert response and triage. This ruthless prioritization requires both the processes and the supporting technical platforms to be predictive, accurate, timely, understandable for all involved, and ideally automated. This can be a tall order.
Most SecOps teams are bombarded with an increasing barrage of alerts each year. A recent IBM report also found that complexity is negatively impacting incident response capabilities. Those surveyed estimated their organization was using more than 45 different security tools on average and that each incident they responded to required coordination across around 19 security tools on average.
Depending on the enterprise size and industry, these tools may generate many thousands of alerts in periods ranging from hours to days, and many of them may be redundant or no value. One vendor surveyed IT professionals at the RSA conference in 2018. The survey results show that twenty-seven% of IT professional’s receive more than 1 million security alerts daily[1].
The cost and effort of reviewing all of these alerts are prohibitive for most organizations, so many are effectively deprioritized and immediately ignored. Some surveyed respondents admit to ignoring specific categories of alerts, and some turn off the security alerts associated with the security controls that generate much of the alert traffic. However, the one alert you ignore may have resulted in a major data breach to the organization.
Tier 1 SecOps analysts have to manage this barrage of alerts. They are surrounded by consoles and monitors tracking many activities within enterprise networks. There is so much data that incident responders cannot process but a fraction of it. Alerts pour in every minute and ratchet up the activity level and the attendant stress throughout the day.
A Tier 1 SecOps analyst processes up to several hundred alerts in a day that require quick review and triage. As the alert is logged, the Tier 1 SecOps analyst usually goes through a checklist to determine further prioritization and determine if further escalation is required. This can vary substantially depending on the automation and tools which support their efforts.
Once the alert is determined to be potentially malicious and requires follow-up it is escalated to a Tier 2 SOC Analyst. Tier 2 SOC Analysts are primarily security investigators. Perhaps only 1% or less are escalated to a Tier 2 SOC analyst for deep investigation. Once again, the numbers can vary substantially depending on the organization and industry.
Security investigators will use a multitude of data, threat intelligence, log files, DNS activity, and much more to identify the exact nature of the potential breach and determine the best response playbook to use. In the case of a severe threat, this response and subsequent remediation must be done in the shortest possible amount of time, ideally measured in minutes if not just a very few hours.
In the most dangerous scenario that a threat actor has executed what is determined to be a zero-day attack, the SOC team works with IT, operations, and the business units to protect, isolate, and even take critical servers offline to protect the enterprise. Zero-day attacks raise the SOC to a war footing, which, if properly and rapidly executed against the team’s playbooks, can help mitigate further damage from what is otherwise previously unknown attack techniques. These require the skill and expertise of advanced security analysts to help assess and mitigate complex ongoing cyberattacks.
Given the barrage of alerts, it is essential to adopt a strategy to fit best the capabilities of your team against a priority-driven process. This allows you to optimize your response to alerts, best manage the resources on the SecOps team, and reduce the risk of a dangerous breach event.
There are several strategic views that SOC leadership can take on how to best approach prioritization. These include data driven strategies using tools like DLP, threat driven strategies to bolster defenses and shorten reaction time to threat vectors active in your industry and geography, and perhaps asset driven strategies, where certain assets will merit enhanced protection and priority driven escalation for alerts. Most organizations find that an integrated mix of these strategies addresses their overall needs.
The first approach to prioritization, consistent with the tenets of zero trust, is to take a data-driven approach. Customer data and intellectual property are often at the center of every organization’s most protected jewels. One way to move this into focus within SecOps would be to implement Data Loss Prevention (DLP). Data loss prevention (DLP), per Gartner, may be defined as technologies that perform both content inspection and contextual analysis of data sent via messaging applications such as email and instant messaging, in motion over the network, in use on a managed endpoint device, and at rest in on-premises file servers or in cloud applications and cloud storage. These solutions execute responses based on policy and rules defined to address the risk of inadvertent or accidental leaks or exposure of sensitive data outside authorized channels.
Enterprise DLP solutions are comprehensive and packaged in agent software for desktops and servers, physical and virtual appliances for monitoring networks and email traffic, or soft appliances for data discovery. Integrated DLP works with secure web gateways (SWGs), secure email gateways (SEGs), email encryption products, enterprise content management (ECM) platforms, data classification tools, data discovery tools, and cloud access security brokers (CASBs).
Threat intelligence focuses on defense and triage priority from the data to external threat actors and the techniques they are most likely to utilize. Threat intelligence can give the SOC the data they need to anticipate threat actors and the Tactics, Techniques, and Procedures (TTPs) these threat actors might use. Further, threat intelligence can provide a path to recognize the often unique Incidents of Compromise (IOCs) that can uniquely identify a type of cyberattack and the threat actor that uses them. The goal, of course, is to identify and prevent these most likely attacks before they occur or stop them rapidly upon detection.
The consolation prize is also a good one. If you cannot prevent an attack, you must be able to identify an unfolding threat. You must identify the attack, break the attacker’s kill chain, and then stop the attack. Threat intelligence can also help you assess your environment, understand the vulnerabilities that would support the execution of a particular kill chain, and then let you move rapidly to mitigate these threats.
In August of 2020, researchers from Dutch and German universities[2] co-presented at the 29th Usenix conference on a survey they conducted. The survey showed that there is less overlap between threat intelligence sources than most of us would expect. This includes both open (free) and paid threat intelligence sources. The moral of the story is that large organizations likely need a wide set of threat intelligence data from multiple sources to gain an advantage over threat actors and the attack vectors they are likely to use. And these sources must be integrated into a common dashboard where SecOps threat investigators can rapidly leverage them.
Of course, certain assets are more valuable than others. This can be a function of the data they may uniquely hold, and the access to network, applications, and information resources frequented by their owners, or the level of criticality of the asset’s function. For example, the chief financial officer’s laptop may be assumed to be in possession of the most sensitive data, or medical device monitor during surgery or command controller for manufacturing production. Hence they may deserve higher priority in terms of protection.
MVISION XDR provides capabilities leveraging all of these prioritization strategies: data-driven, threat-driven, and asset-driven. On top of this MVISION XDR offers predictive assessment based on global threats likely to target your organization with a local assessment of how your environment can counter the threat. This “before the attack” actionable assessment is powered by the distinct MVISION Insights empowering SOC to be more proactive and less reactive. Here is a preview of MVISION Insights top ten threat campaigns. Here are some key prioritization examples delivered in MVISION XDR:
Key MVISION XDR Prioritization Examples
| Priority Strategy (ies) | Capability Description | Benefit & Value |
| Data-driven | Alert based on data-sensitivity | Focus on critical impact activity |
| Threat-driven | Automatic correlated threat techniques to derive at likely next steps | Gain confidence in the alert less false positives |
| Threat-driven | View trends and threat actors targeting your organization | Reduce the universe of threats and actors to those that matter |
| Asset-driven | Tag critical assets for automated prioritization | Address threats to critical assets faster |
MVISION XDR can help you implement and optimize your prioritization strategy. Your SecOps team will have the improved triage time they need with prioritized threats, predictive assessment, and proactive response, and the data awareness to make better and faster decisions. To learn more, please review our Evolve with XDR webpage or reach out to our sales team directly.
[1] https://www.imperva.com/blog/27-percent-of-it-professionals-receive-more-than-1-million-security-alerts-daily/
[2] https://www.usenix.org/system/files/sec20_slides_bouwman.pdf
The post The Art of Ruthless Prioritization and Why it Matters for SecOps appeared first on McAfee Blog.
The latest gadget on the tech and fashion streets is Ray-Ban Stories, a sunglasses collaboration between Facebook and Ray-Ban. These pair of shades feature two cameras that capture video, audio, and photos and sync to a mobile app. Social media fanatics are excited about this new ability to capture and share hands-free content.
Do gadgets like Ray-Ban Stories make you immediately think, “Cool, but what about the security and privacy red flags?” If so, you may be suited to a career in cybersecurity. Everyone benefits from implementing cybersecurity best practices into their daily lives, and those who enjoy a career in the field experience many benefits.
Check out these four benefits of a career in cybersecurity and discover if this might be the path for you.
One of the best things about working in cybersecurity is you go to work every day knowing that you’re helping people. Nightly news broadcasts are littered with reports of major disruptions caused by cyberattacks, such as the Colonial Pipeline incident. Sometimes, even people’s lives are at stake in the cybersecurity realm, as in the case of connected pacemaker security vulnerabilities.
Cybersecurity professionals can feel good that their work gives people the confidence to go about their daily lives without worrying. The fear of identity theft, phishing, and malware stop people from enjoying their connected devices and the internet to the fullest. Technology is capable of incredible feats, and everyone should be able to use it enthusiastically.
Saving the world from cybercriminals is financially rewarding as well as personally rewarding. Cybersecurity professionals are in high demand as nearly every business in every sector is at risk of a breach, DDoS, or ransomware attack at any time. Average entry-level positions begin over $80k CDN. Seasoned professionals can make six figures. Additionally, cybersecurity professionals are in high demand, so you will likely enjoy solid job security.
3. Work in a Global Industry
Another benefit of a career in cybersecurity is the opportunity to work in a global industry. You’ll get to meet coworkers and clients all over the world. The diversity of outlooks and backgrounds can make every day a learning experience.
If you’re a keen traveler, working in cybersecurity allows you to explore the world. First, much of the work you would be completing can be done remotely. As long as you have a secure and strong internet connection and are OK with time zone differences, you may be able to work from anywhere. Also, there are opportunities for trips to international conferences and meetups with satellite offices or clients.
Working in a global industry means that you can be a cybersecurity ambassador for your home country. For example, if your home country has devised an innovative new technology, you may have the opportunity to teach others abroad. Or, if another country has developed an exciting new technology, you can learn about it and perhaps tailor it to your location.
Cybersecurity is a highly specialized field, which means there is definitely a branch of it that plays to your strengths and interests you. Also, if you get tired of one aspect of the field, you can likely stay with your same company but move to a different department.
Here are a few areas of cybersecurity specializations that may speak to you:
McAfee can help you achieve your cybersecurity career aspirations. It’s an exciting, fast-paced field, and McAfee is at the forefront of new innovations. Check out current McAfee career openings and embark on your new career today!
The post How to Start a Career in Cybersecurity appeared first on McAfee Blogs.
When it comes to crime, what do people worry about most? Having their car stolen? A break-in while they’re not at home? Good answers, but not the top answer by a long shot. In this U.S.-based survey, hacker-related crime weighed in at 72%, with a home burglary at 35% and auto theft at 34%, indicating that people’s concerns about cybercrime are very much front and center.
The good news is that plenty of cybercrime can be prevented, or at least made less likely, provided you protect yourself online, much in the same way you take steps to protect your car or home. And that’s the focus of this year’s Cybersecurity Awareness Month. With the theme of “Do Your Part. #BeCyberSmart,” it reminds us of how we can take charge of our own safety—the ways we can look out for ourselves and others as we enjoy our time online.
Throughout October, we’re participating in Cybersecurity Month here on our blogs and across our social media channels, posting a host of ways that you can help keep cybercrooks away from your digital doorstep. Each week, we’ll tackle a different aspect of online protection:
Maybe it comes as no surprise to hear it, yet one recent study shows the average person spends nearly eight hours a day online. With that, we’re taking this week to focus on the family, how they spend their time online and how they can be safer when they do.
Whether they come by email, text, or DM, phishing attacks account for the most common types of reported cybercrime, according to the FBI Internet Crime Complaint Center. This week, we’ll show you how you can indeed fight the phish!
This sentiment sums up the best of the internet in so many ways. Getting out there, discovering, catching up with friends online. Our focus this week is helping you enjoy it all without any of the bad apples out there spoiling your fun.
We wrap it up with a look at some of the top priorities so everyone in the family can #BeCyberSmart—online banking, app scams, privacy, identity theft, and more—along with plenty of straightforward tips that can help you stay safer.
We hope our posts throughout Cybersecurity Awareness Month help you get a little sharper and feel a little safer so you can enjoy your time online, free from hassles or headaches. Look for more from us throughout October!
The post Cybersecurity Awareness Month: Taking Charge of Your Safety Online appeared first on McAfee Blog.
Some scams can make a telltale sound—rinnng, rinnng! Yup, the dreaded robocall. Not only are they annoying, but they can also hit you in the pocketbook.
In the U.S., unwanted calls rank as the top consumer complaint reported to the Federal Communications Commission (FCC), partly because scammers have made good use of spoofing technologies that serve up phony caller ID numbers. As a result, that innocent-looking phone number may not be innocent at all.
Whether the voice on the other end of the smartphone is recorded or an actual person, the intent behind the call is likely the same—to scam you out of your personal information, money, or both. Callers such as these may impersonate banks, government agencies, insurance companies, along with any number of other organizations that give them an excuse to demand payment, financial information, or ID numbers.
And some of those callers can sound rather convincing. Others, well, they’ll just get downright aggressive or threatening. One of the most effective tools these scam calls use is a sense of urgency and fear, telling you that there’s a problem right now and they need your information immediately to resolve whatever bogus issue they’ve come up with. That right there is a sign you should take pause and determine what’s really happening before responding or taking any action.
Whatever form these unwanted calls take, there are things you can do to protect yourself and even keep you from getting them in the first place. These five tips will get you started:
Okay, maybe you can file this one under “obviously.” Yet be aware that scammers excel at spoofing. They can make a call look like it’s local or just familiar enough. If you get caught off guard and answer a spammy call, hang up immediately. If you’re unsure about the number, you’re better off letting your voicemail screen the call for you. Picking up the phone to determine if a call is legit or not could help a scammer verify that you have a valid line, which could lead to more nuisance calls down the road.
So, let’s say you let an unknown call go through to voicemail. The call sounds like it’s from a bank or business with news of an urgent matter. If you feel the need to follow up, get a legitimate customer service number from a statement, bill, or website of the bank or business in question so you can verify the situation for yourself. Calling back the number captured by your phone or left in voicemail could play right into the hands of a scammer.
As you can see, scammers love to play the role of an imposter and will tell you there’s something wrong with your taxes, your account, or your bank statement. Some of them can be quite convincing, so if you find yourself in a conversation where you don’t feel comfortable with what’s being said or how it’s being said, hang up and follow up bank or business as called out above. In all, look out for pressure or scare tactics and keep your info to yourself.
Several nations provide such a service, effectively a list that legitimate telemarketers will reference before making their calls. While this may not prevent scammers from ringing you up, it can cut down on unsolicited calls in general. For example, the U.S., Canada, and the UK each offer do not call registries.
Many mobile carriers provide additional apps and services that can block unwanted calls, often as part of your smartphone’s service plan. There are third-party apps that do this as well. Yet do your research. You’ll want to see if those apps are legitimate and if they can effectively let “good” calls through without blocking them.
While security software and apps won’t block robocalls, they increase the security of your phone overall, which can protect both you and your data. You have a couple of options here. You can grab comprehensive security software that protects all of your devices or pick up an app in Google Play or Apple’s App Store. This way, you’ll have malware, web, and device security that’ll help you stay safe on your phone in general.
Taken together, these steps can help you beat or outright block unwanted calls like robocalls—and be safer (and maybe less annoyed) as a result.
The post Smartphone Security: Five Steps Beating and Blocking Robocalls appeared first on McAfee Blog.
You may have heard the news that more than 300,000 Android users unknowingly downloaded banking trojan apps from the Google Play Store, malicious apps which bypassed the store’s security detections to install malware.
This news comes from a security report that found these trojans cleverly posed as apps that people commonly search for, such as QR code scanners, fitness apps, and a bevy of other popular types of utilities. In fact, these phony apps contain trojans that are designed to steal banking information, harvest keystrokes as you enter account info, and even grab screenshots of what you’re doing on your phone.
The trick with this malware is that it only activates after it is installed, which may or may not be apparent to the user. For the malware to activate, it requires an extra step, such as an in-app update (not through the Play Store), which then downloads the payload of malware onto the phone. In many cases, the bogus apps force users to make this update once the app is downloaded.
So, while the apps that appeared in the Play Store may not have contained malware, they deliver the payload onto the user’s phone post-purchase from other servers, which is a reason why these malicious apps have not been readily flagged.
All of this is just one more way hackers have found to infect smartphones with malware.
It’s no wonder that they target smartphones. They’re loaded with personal info and photos, in addition to credentials for banking and payment apps, all of which are valuable to loot or hold for ransom. Add in other powerful smartphone features like cameras, microphones, and GPS, and a compromised phone may allow a hacker to:
All of that adds up to one thing—a great, big “no thanks!”
So how do these sorts of malicious apps work? By posing as legitimate apps, they can end up on your phone and gain broad, powerful permissions to files, photos, and functionality—or sneak in code that allows cybercriminals to gather personal info. As a result, that can lead to all kinds of headaches, ranging from a plague of popup ads to costly identity theft.
Here are a few recent examples of malicious apps in the news:
Again, “no thanks!” So, let’s see about steering clear of malicious apps like these.
The good news is that there are ways you can spot these imposters. Major app marketplaces like Google Play and Apple’s App Store do their part to keep their virtual shelves free of malware, as reported by Google and Apple themselves. Still, cybercriminals can find ways around these efforts. (That’s what they do, after all!) So, a little extra precaution on your part will help you stay safer. These steps can help:
Another way cyber criminals weasel their way into your device is by getting permissions to access things like your location, contacts, and photos—and they’ll use sketchy apps to do it. (Consider the long-running free flashlight app scams mentioned above that requested up to more than 70 different permissions, such as the right to record audio, video, and access contacts.) So, pay close attention to what permissions the app is requesting when you’re installing it. If it’s asking for way more than you bargained for, like a simple game wanting access to your camera or microphone, it may be a scam. Delete the app and find a legitimate one that doesn’t ask for invasive permissions like that.
Additionally, you can check to see what permissions an app may request before downloading the app. In Google Play, scroll down the app listing and find “About this app.” From there, click “App permissions,” which will provide you with an informative list. In the iOS App Store, scroll down to “App Privacy” and tap “See Details” for a similar list. If you’re curious about permissions for apps that are already on your phone, iPhone users can learn how to allow or revoke app permissions here, and Android can do the same here.
While some apps (like games) rely on downloadable content from within the app, look out for apps that prompt you for an immediate update directly from the app. For the most part, the app you download from the store should be the most recent version and not require an update. Likewise, update your phone through the app store, not the app itself, which can help you avoid malware-based attacks like these.
As with so many attacks, cybercriminals rely on people clicking links or tapping “download” without a second thought. Before you download, take time to do some quick research, which may uncover a few signs that the app is malicious. Check out the developer—have they published several other apps with many downloads and good reviews? A legit app typically has quite a few reviews, whereas malicious apps may have only a handful of (phony) five-star reviews. Lastly, look for typos and poor grammar in both the app description and screenshots. They could be a sign that a hacker slapped the app together and quickly deployed it.
Even better than combing through user reviews yourself is getting a recommendation from a trusted source, like a well-known publication or from app store editors. In this case, much of the vetting work has been done for you by an established reviewer. A quick online search like “best fitness apps” or “best apps for travelers” should turn up articles from legitimate sites that can suggest good options and describe them in detail before you download.
Unlike Google Play and Apple’s App Store, which have measures in place to review and vet apps to help ensure that they are safe and secure, third-party sites may not have that process in place. In fact, some third-party sites may intentionally host malicious apps as part of a broader scam. Granted, cybercriminals have found ways to work around Google and Apple’s review process, yet the chances of downloading a safe app from them are far greater than anywhere else. Furthermore, both Google and Apple are quick to remove malicious apps once discovered, making their stores that much safer.
With all that we do on our phones, it’s important to get security software installed on them, just like we do on our computers and laptops. Whether you go with comprehensive security software that protects all of your devices or pick up an app in Google Play or Apple’s iOS App Store, you’ll have malware, web, and device security that’ll help you stay safe on your phone.
Hand-in-hand with installing security software is keeping your phone’s operating system up to date. Updates can fix vulnerabilities that cybercriminals rely on to pull off their malware-based attacks—it’s another tried and true method of keeping yourself safe and your phone running in tip-top shape.
Here are a few more things you can do:
Lastly, you can always ask yourself, “Do I really need this app?” One way to avoid malicious mobile apps is to download fewer apps overall. If you’re unsure if that free game is on the up-and-up or if the offer for that productivity app sounds a little too good, skip it. Look for a better option or pass on the idea altogether. As said earlier, cybercriminals really rely on us clicking and downloading without thinking. Staying on guard against mobile malware will cost you a few moments of your time, which is minimal compared to the potential costs of a hacked phone.
The post Before You Download: Steer Clear of Malicious Android Apps appeared first on McAfee Blog.
Attackers have made it known that Microsoft is clearly in their cross hairs when it comes to potential targets. Just last month the US Justice Department disclosed that Solorigate continues to comprise security when they confirmed over 80% of Microsoft email accounts were breached across four different federal prosecutors offices. In August Microsoft released another security patch (the second of two) for PrintNightmare, which allows remote attackers system level escalation of all Windows clients and servers. Since Microsoft still has the dominate market share for desktop OS, email/office services, along with the second largest market share in cloud computing, any security vulnerability found within the Microsoft ecosystem has cascading effects across the board.
Based on this, we wanted to let our customers know our response to the latest Microsoft security vulnerability. On August 12, Microsoft confirmed a security vulnerability dubbed ChaosDB whereby attackers can download, delete, or modify all data stored within the Azure Cosmos DB service. In response to the vulnerability Microsoft has since disabled the feature that can be exploited and notified potentially affected customers. However, according to the research team that identified the vulnerability they believe the actual number of customers affected is much higher and has the potential to expose thousands of companies dating back to 2019.
Cosmos DB is Microsoft’s fully managed NoSQL database service hosted on Azure which boasts customers such as Mars, Mercedes Benz, and Chipotle. The ChaosDB vulnerability affects customers that use the Jupyter Notebook feature. This built-in feature allows customers to share data visualizations and narrative text based on the data stored in Cosmos DB. Unfortunately, the Jupyter Notebook feature has been enabled by default for customers since February 2021, and fixing the vulnerability is no easy task. Because the vulnerability exposes public keys that can be used to access other Cosmos databases, the resolution requires that customers manually rotate their Cosmos DB primary keys – which are typically long-lived keys and used across multiple services or applications.
For customers using Cosmos DB, we highly recommend following Microsoft’s guidance and rotate their keys, but we also recognize that business can’t stop and unless you’ve automated key rotation, that task may take time and coordination across multiple teams. This blog will help provide some assistance on how one of our newest services can help identify and mitigate ChaosDB.
MVISION Cloud Native Application Protection Platform (CNAPP) is a new service we launched this year that provides complete visibility and security into services and applications built on top of cloud native solutions. MVISION CNAPP helps customers secure the underlying platform like Amazon Web Services (AWS), Microsoft Azure, and Google Cloud used to build applications but also provides complete build and runtime protection for applications using virtual machines, Docker, and Kubernetes.
As part of this service, MVISION CNAPP has a feature called the custom policy builder. The custom policy builder is a great way for customers to audit services across their entire cloud environment in real time to identify risky configurations but can also be used to curate a specific policy to the customer’s unique environment based on several API properties.
How does the custom policy builder work? Once MVISION CNAPP is connected to a customer’s AWS, Azure, or GCP account, the custom policy builder will list all the supported services within each cloud platform. Along with all the supported services, the custom policy builder will also list all the available API attributes for each of those services – attributes that customers can use as triggers for creating security incidents and automatic responses. A good example of the capability would be “if MVISION CNAPP identifies a public Amazon S3 bucket, performs a scan to on the bucket objects to identify any sensitive data and alerts teams via a SNS notification.” When new vulnerabilities like ChaosDB hit the wire, the custom policy builder is purpose built to help customers identify and understand their risk to anything new.
So how can CNAPP help identify if you’re at risk for ChaosDB? Essentially, you’ll want to answer three questions to understand your risk:
To find answers to these questions, I’ll show how you can create several custom policies using the MVISION CNAPP custom policy builder, but you can combine and mix these rules based on your needs.
In the first example, I’m going to answer the first two questions to see if we’re running Cosmos DB and if the service has unrestricted network access. Under the MVISION CNAPP menu I’ll click on Policy | Configuration Audit | Actions | Create Policy. From there I’ll give my policy a name and select Microsoft Azure | Next. The custom policy builder will automatically prepopulate all the available services in Azure when I click on Select Resource Type. Select Azure Cosmos DB and the custom policy builder will now show me all the available API attributes for that service. Start typing for the string of properties.publicNetworkAccess with a statement of equals to Enabled with a severity level you assign. Click Test Rule and the custom policy builder will check if you’re running any Cosmos DBs that allow access from any source.
Figure 1: Custom Policy Builder Screenshot
If the results of the custom policy show any incidents where Cosmos DB has unrestricted access, you’ll want to immediately change that setting by Configuring an IP firewall in Azure Cosmos DB.
Now let’s see if we have any Cosmos databases where we haven’t set firewall rules. These rules can be based on a set of IP addresses or private end points and should have been set when you created the DBs, but let’s confirm. You’ll follow the same steps as before but select the following criteria for the policy using AND statements:
Figure 2: Custom Policy Builder Screenshot 2
If you see any results from the custom policy, you’ll want to review the IP address and endpoints to make sure you’re familiar with access from those sources. If you’re not familiar with those sources or the sources are too broad, follow Configuring an IP firewall in Azure Cosmos DB to make the necessary changes.
Finally, let’s show how MVISION CNAPP can audit to see what is possible if your keys were exposed. In general, database keys are issued out to applications so they can access data. Rarely would you issue keys to make configuration changes or write changes to your database services. If you granted keys that can make changes, you may have issued an overly permissive key. Eventually you’ll want to regenerate those keys, but in the meantime let’s identify if the keys can make write changes.
We’ll follow the same procedure as before but use the properties.disableKeyBasedMetadataWriteAccess equals to false
Figure 3: Custom Policy Builder Screenshot 3
Like in the previous examples, if you find any results here that show you’ve issued keys that can make write changes, you’ll want to disable the feature by following Disable key based metadata write access.
Our custom policy builder is just one of the many features we’ve introduced with MVISION CNAPP. I invite you to check out the solution by visiting http://mcafee.com/CNAPP for more information or request a demo at https://mcafee.com/demo.
The post How MVISION CNAPP Helps Protect Against ChaosDB appeared first on McAfee Blog.
Customers often ask us some version of this question. It’s a good question and in the past, there was no direct answer – only recommendations. For instance, we recommend online protection that goes beyond antivirus to include identity and privacy protection, as well as promoting safety best practices like using multi-factor authentication. We wondered if there was a simpler and easier way to advise customers how to better protect themselves.
A recent survey shows how important online security has become to consumers. We found that 74% of you have concerns about keeping your information private online. 57% want to be more in control of their personal info online. And, since the pandemic started, 47% of online consumers feel unsafe compared to 29%. Simply put, customers are more conscious of their safety online than ever before, and eager to play an active role in their protection.
It’s time for a new approach – meet the Protection Score.
If you’re thinking this looks like a credit, fitness, sleep, or any of the other scores we now use to visualize and quantify aspects of our life, you’re on the right track.
Your personalized Protection Score is a measure of your security online. The higher your score, the safer you are online. Your score will highlight any weaknesses in your security and help you fix them with easy step-by-step instructions. We’ll also let you know which features haven’t been setup so you can get the most out of your protection.
When we developed Protection Score the idea was to give customers a simple solution to better protect themselves and get the most from their subscription, including security tips to protect their identity, privacy, and devices, while also improving their online habits. We wanted it to be easy for anyone to:
Now that we’ve talked about Protection Score generally, let’s look at how it works in practice. Your score is based on a few things, including setting up your McAfee protection, strengthening your security with our safety recommendations, and ensuring your personal info is safely monitored with Identity Protection.
For example, if your information is exposed in a data breach your score may drop, but you can improve it by following our easy-to-follow remediation steps. Once you’ve completed those steps your score will go back up and you can be confident knowing you’re better protected online.
A perfect score does not mean you’re perfectly safe, but it does mean that you’re doing an excellent job of preventing and managing risks.
Your Protection Score is a great way to understand how safe you are at a glance. Additionally, improving your score ensures your life online is being protected by many of the safety features and benefits McAfee has to offer. For instance, the subscriber, John Smith, can see they’re fairly safe based on their score. However, it isn’t a perfect score and there are a few actions they could still take to improve it. In this case, adding their email and phone number to dark web monitoring – a crucial step in protecting their personally identifiable information online.
Protection Score can be easily accessed* from your browser of choice on any device so you can review our guidance and take steps to improve your score from wherever you are. McAfee’s Protection Score is a first for the cybersecurity industry, but we’re not stopping there. We’re going to continue to improve the feature by adding more personalization and accessibility so you can enjoy your life online knowing exactly how protected you are.
*Note that Protection Score is currently live in the US, Canada, Brazil, Australia, New Zealand, Japan, UK, Germany, France, Spain, and Italy.
The post Stay on top of your online security with our Protection Score appeared first on McAfee Blog.
Security professionals and technologists old enough to remember renting movies at Blockbuster on Friday nights likely also remember a time when the internet was a new phenomenon full of wonder and promise. These same individuals probably view it through a more skeptical lens seeing it now as a cesspool of malware and great risk. It’s also widely understood that no web security solution can offer perfect protection against the metaphorical minefield that is the internet. This last statement, however, is being challenged by a new technology that is grasping at the title of perfect web security. This mythical technology is Remote Browser Isolation, or RBI, and it can be argued that it does, in fact, provide its users with invincibility against web-based threats.
Remote Browser Isolation changes the playbook on web security in one very fundamental way: it doesn’t rely on detecting threats. When a user tries to browse to a website, the RBI solution instantiates an ephemeral browser in a remote datacenter which loads all the requested content. The RBI solution then renders the website into a dynamic visual stream that enables the user to see and safely interact with it.
Figure 1: How Remote Browser Isolation works.
User behavior can be controlled at a granular level, preventing uploads, downloads, and even copy & paste using the local clipboard. When properly configured, absolutely none of the content from the requested site is loaded on the local client. For this reason, it can be argued that it’s literally impossible for malware to be delivered to the local client. Of course, the RBI solution’s ephemeral browser instance may be compromised, but it will be fully isolated from the organization’s valuable assets and data, rendering the attack harmless. As soon as the user closes their local browser tab, the ephemeral browser is destroyed.
The value of this cannot be overstated. The world is increasingly conducting its affairs through web browsers, and the challenge of detecting threats continues to increase at an exponential rate. While there is great efficacy and value in the threat intelligence and malware detection capabilities of web security solutions today, the “cat & mouse” game being played with cybercriminals means that they’re simply never going to offer perfect protection. Attackers often use zero-day threats coupled with domains registered perhaps within the past few minutes to compromise their victims, and these methods will too often succeed in circumventing any detection-based security measures. The game-changing efficacy of RBI and the fact its inception was actually more than 10 years ago should bring an obvious question to mind – If it’s so great, why doesn’t every organization in the world use RBI today? There are a few relevant answers to this, but one rises above all the rest: cost.
RBI’s method of instantiating remote web browsers for all users precludes the possibility of any implementation that is not expensive to deliver. Consider the size of a modern enterprise, the number of users, the number of web browser tabs an average user keeps open, and then consider the amount of memory and CPU consumed by each of those tabs. To mirror these resources in a remote datacenter will always be a costly proposition. For this reason, many RBI solutions on the market today may literally consume the entire security budget allocated for each licensed user. As prevalent as web-based threats are today and as effective as RBI’s protection may be, no security organization can dedicate most or all of their security budget to a single technology or even a single threat vector.
To better understand the cost problem and how it may be solved, let’s take a closer look at the two most common use cases for RBI. The first and most common use case is handling uncategorized sites or sites with unknown risk, known as selective isolation. As mentioned before, attackers will often use a site that was registered very recently to deliver their web-based threats to victims. Therefore, organizations often want to block any site that has not been categorized by their web security vendor. However, the problem is that many legitimate sites can be uncategorized resulting in unnecessary blocking that may impact business. Managing such a policy is very tedious, and the user experience tends to suffer greatly. RBI is an ideal solution to this problem where you can grant users access to these sites while maintaining a high level of security. This situation calls for a selective use of RBI where trusted sites are filtered through more traditional means while only the unknown or high-risk sites are isolated.
The other common need for RBI is various groups of high-risk users. Consider C-level executives who have access to highly sensitive information relating to business strategies, intellectual property, and other information that must remain private. Another common example is IT administrators who have elevated privileges that could be devastating if their accounts were compromised. In these scenarios, organizations may look to isolate all of the traffic for these users including even sites that are trusted. Typically, this full isolation approach is reserved for only a subset of users who pose a particularly high risk if compromised.
In light of these two use cases, selective isolation and full isolation, let’s take a closer look at the cost of this invincibility-granting technology. Let’s consider a hypothetical organization, Brycin International, who has a total of 10,000 users. Brycin has identified 400 users who either have access to critical data or have elevated permissions and therefore require full-time isolation. We will assume a street price of $100 per user for full time isolation totaling $40,000 for these users. This seems like a reasonable cost considering the elevated risk a compromise would represent for any one of these users. Brycin would also like to leverage selective isolation for the rest of the user population, or 9,600 users. Some solutions may require purchasing a full license, but most offer a discounted license for selective isolation. We will assume a generous discount of 60%, resulting in a total cost of $40 per user or $384,000 for the rest of the organization. This gives us a total price tag of $424,000 for Brycin, or an average cost of $42.40 per user.
Not only is this a steep cost for our 10,000-user enterprise, but the cost does not at all align with the value or the cost to deliver the solution. The 9,600 selective isolation users may represent 96% of the user population, but when you consider the fact that only a small percentage of their web traffic will actually be isolated – state-of-the-art web threat security stacks can detect as much as 99% of all threats, leaving 1% of all traffic to be isolated – they generate perhaps less than 20% of the isolated web traffic. The full isolation users, while a minority of the license count, will represent the bulk of the isolated web traffic – a little more than 80%. However, despite the fact that selective isolation users are responsible for such a small share of all isolated traffic and given the generous 60% discounted licensing, they are still by far the largest expense at over 90% of the total solution cost! This ratio of cost to value simply will not align with the budget and goals of most security organizations.
Figure 2: The disproportionate relationship between RBI users, traffic load, and solution cost.
McAfee Enterprise has now upended this unfortunate paradigm by incorporating remote browser isolation technology natively into our MVISION Unified Cloud Edge platform. McAfee Enterprise offers two licensing options for RBI: RBI for Risky Web and Full Isolation. RBI for Risky Web uses an algorithm built by McAfee Enterprise to automatically trigger browser isolation for any site McAfee Enterprise determines to be potentially malicious. This is designed to address the most common use case, selective isolation, and it is included at no additional cost for any Unified Cloud Edge customer. Additionally, Full Isolation licenses can be purchased as an add-on for any users that require isolation at all times. These Full Isolation licenses allow you to create your own policy dictating which sites are isolated or not for these users.
Now, let’s revisit Brycin International’s cost to deliver enterprise-wide RBI if they chose McAfee Enterprise. As we saw earlier, despite the fact the selective isolation users generated less than 20% of the traffic, they represented over 90% of the total cost of the solution. With McAfee Enterprise’s licensing model, these users would not require any additional licenses at all, reducing this cost to zero! Now, Brycin only has to consider the Full Isolation add-on licenses for their 400 high-risk users, or $40,000 – this is now the entire cost for the enterprise-wide RBI deployment. While $100 per user still may exceed the per-user security budget for Brycin, it is now diluted by the total user population, reducing the per-user cost of the RBI deployment from $42.40 to only $4. This is a tremendous reduction in cost for equal or greater value, making RBI much more likely to fit into Brycin’s budget and overall security plans.
This may beg the question, “How can McAfee Enterprise do this?” In short, as one of the most mature security vendors in the world, McAfee Enterprise has the most powerful threat intelligence and anti-malware capabilities in the market today. McAfee Enterprise’s Global Threat Intelligence service leverages over 1 billion threat sensors around the world reducing the unknowns to an extremely small fraction of all web traffic. In addition, its heuristics-based anti-malware technology is able to detect many zero-day malware variants. More uniquely, the Gateway Anti-Malware engine offers inline, real-time, emulation-based sandboxing using behavioral analysis to identify never-before seen threats based on their behavior. After analyzing the combined effectiveness of these technologies, we found that only a small percentage of web traffic could not be confidently identified as either safe or malicious – roughly 0.5%. This made the cost of delivering selective RBI for Risky Web something that could be easily absorbed without any additional cost to our customers.
Remote Browser Isolation is an absolute paradigm shift in how we can protect our most critical assets against web-based threats today. While the benefits are tremendous, cost has been a significant barrier preventing this powerful defense from becoming a ubiquitous technology. McAfee Enterprise has broken down this barrier by leveraging our superior threat intelligence to reduce the cost of delivering RBI and then passing this savings on to our customers.
Remove the risk and enjoy worry-free web browsing with McAfee’s RBI.
The post Remote Browser Isolation: The Next Great Security Technology is Finally Attainable appeared first on McAfee Blog.
As you know, McAfee Enterprise’s MVISION Unified Cloud Edge (UCE) was the first of all the SASE vendors to implement the MITRE ATT&CK Framework for Cloud last year. An important aspect of Gartner’s SASE Framework is the ability for effective Threat Protection and Resolution in the Cloud. MVISION UCE takes this to the next level – the product takes a multi-layered approach to cloud threat investigation that can speed your time to detect adversary activity in your cloud services, identify gaps, and implement targeted changes to your policy and configuration.
As a quick refresher, the MITRE Att&CK Matrix represents the relationship between attacker Tactics and Techniques:
This Dashboard is available within the MVISION Cloud console by accessing the Dashboards > MITRE Dashboard link
Ever since the launch of this truly differentiated product offering, we have seen a tremendous amount of interest and adoption of this feature within our existing customers. Over the past few months, we have continued to make significant enhancements as part of our MITRE Dashboard.
In this post, I shall summarize some of the significant highlights that we have introduced in the past few releases:
The Executive Summary displays an at-a-glance view of the current count of Threats, Anomalies, Incidents, types of incidents, and Detected Techniques with severity.
To suit the needs of the different teams that would be using the MVISION Dashboard, we now have the ability to filter the MITRE Dashboard by using a variety of facets:
When an incident is detected for a technique in MVISION Cloud, a severity is computed. The detected techniques are categorized based on the severity of the incidents. Each detected technique is interactive and leads to more detailed explanations.
To view the details of the detected techniques:
With McAfee Enterprise, threat investigation isn’t just for one environment – it is for all of your environments, from cloud to endpoint to your analytics platforms. With MVISION Cloud, MVISION EDR, and MVISION Insights, your enterprise has an extended detection and response (XDR) platform for the heterogenous attacks you face today.
Want to learn more about how you can leverage MITRE ATT&CK to extend your detection and response capabilities to the cloud?
The post SASE, Cloud Threats and MITRE appeared first on McAfee Blog.
“My phone’s been hacked!” Words you probably don’t want to hear or say. Ever.
Your phone gets to be like an old friend after a while. You have things laid out the way you like, your favorite apps are at the ready, and you have the perfect home screen and wallpaper all loaded up. So, if you unlock your phone one day and notice that something is a little … off, you’ll know pretty quickly. And it could be a sign that your phone may be hacked.
It’s often pretty easy to tell when a piece of your tech isn’t working quite right. The performance is off, things crash, and so on. While there are several cases where there’s a legitimate technical issue behind that, it could also be the sign of a hacked device.
Many hacks and attacks involve the installation of malware on the device, which eats up system resources, creates conflicts with other apps, and uses your data or internet connection to pass along your personal information—all of which can make your smartphone feel a little off.
A few examples follow. Note that these may be signs of a hacked phone, yet not always.
A suddenly sluggish phone or one that simply can’t hold a charge anymore are often attributed to phones that are getting a little old (these things happen). Yet, those same behaviors can also be signs of a compromised phone. For example, malicious bitcoin miners can run in the background and cause all types of performance issues because they eat up battery life and take up resources that your phone could otherwise normally use. In a way, it’s like having a second person using your phone at the same time you are.
Similar to the performance issues mentioned above, malware or mining apps running in the background can burn extra computing power, battery life, and data. Aside from a performance hit, they can cause your phone to physically run hot or even overheat. So if your phone feels like it’s been sitting in the sun, this could be a sign that malware is present.
If you’re seeing more popup ads than usual or seeing them for the first time, it could be a sign that your phone has been hit with adware—a type of malicious app that hackers use to generate revenue by distributing ads without the consent of the user. Furthermore, those ads may be malicious in nature as well (which is a good reminder to never click on them). Such ads may lead to bogus products and services or pages designed to steal personal information. All in all, malicious adware is what hackers prop up to make money off unsuspecting people.
A potential telltale sign that your phone has been hacked is the appearance of new apps that you didn’t download, along with spikes in data usage that you can’t account for. Likewise, if you see calls in your phone bill that you didn’t make, that’s a warning as well.
Big red flag here. Like seeing an unknown charge or payment in your bank statement, this is a possible sign that a hacker has hijacked your phone and is using it to transfer data, make purchases, send messages, or make calls via your phone.
To help keep your phone from getting hacked in the first place, there are a few relatively easy steps you can take. Inside of a few minutes, you can find yourself much safer than you were before.
1. Use comprehensive security software on your phone. Over the years, we’ve gotten into the good habit of using this on our computers and laptops. Our phones? Not so much. Installing security software on your smartphone gives you the first line of defense against attacks, plus several of the additional security features mentioned below.
2. Stay safer on the go with a VPN. One way that crooks can hack their way into your phone is via public Wi-Fi, such as at airports, hotels, and even libraries. These networks are public, meaning that your activities are exposed to others on the network—your banking, your password usage, all of it. One way to make a public network private is with a VPN, which can keep you and all you do protected from others on that Wi-Fi hotspot.
3. Use a password manager. Strong, unique passwords offer another primary line of defense. Yet with all the accounts we have floating around, juggling dozens of strong and unique passwords can feel like a task—thus the temptation to use (and re-use) simpler passwords. Hackers love this because one password can be the key to several accounts. Instead, try a password manager that can create those passwords for you and safely store them as well. Comprehensive security software will include one.
4. Avoid public charging stations. Charging up at a public station seems so simple and safe. However, some hackers have been known to “juice jack” by installing malware into the charging station. While you “juice up,” they “jack” your passwords and personal info. So what to do about power on the road? You can look into a portable power pack that you can charge up ahead of time or run on AA batteries. They’re pretty inexpensive and can prevent malware from a public charging station.
5. Keep your eyes on your phone. Preventing the actual theft of your phone is important too, as some hacks happen simply because a phone falls into the wrong hands. This is a good case for password or PIN protecting your phone, as well as turning on device tracking so that you can locate your phone or even wipe it remotely if you need to. Apple provides iOS users with a step-by-step guide for remotely wiping devices and Google offers up a guide for Android users as well.
A phone that’s acting a little funny may indicate a run-of-the-mill tech issue, yet it could also be a tell-tale sign of a hack. At a minimum, following up on your gut instinct that something isn’t quite right can take care of a nagging tech issue. But in the event of a possible hack, it can save you the far greater headache of unauthorized charges and purchases, and even identity theft. If you spot a problem, it absolutely pays to take a closer look. Follow up with tech support for help, whether that’s through your device manufacturer, retailer, or your antivirus providers. They’ll help pinpoint the issue and get you on your way.
The post Help! I Think My Phone’s Been Hacked appeared first on McAfee Blog.
More senior adults are taking advantage of the array of wearable technology that helps them stay connected to healthcare providers and monitor their physical health and safety. But that newfound convivence comes with risk and, for many, the genuine fear of falling prey to an online hacker.
Wearable technology brings seniors both power and peace of mind. Many elderly consumers rely on wearable technology to monitor critical blood glucose levels, heart activity, and blood pressure. In addition, seniors and their families rely on fall detection, emergency alerts, and home security technology to monitor physical safety. Since the pandemic, wearable technology has played a central role in connecting virus-vulnerable seniors to healthcare professionals.
A recent study cites that 25 percent of U.S. homeowners with broadband internet expect to purchase a new connected consumer health or fitness device within the next year. Another study predicts the global market for wearable healthcare devices will reach $46.6 billion by 2025.
This kind of data is excellent to show consumer trends, but it also gives cybercriminals a road sign for new inroads into stealing consumer data.
So how do we dodge the digital dangers of our beloved wearable devices? With time, attention, and a few basics.
Sound like a hassle? Perhaps. However, following these basic protocols is likely far more manageable than having to navigate through the potential chaos connected to a data breach.
1. Install updates immediately. When it comes to protecting your wearables, security updates are not optional. Be sure to install the updates (usually with a single click) to protect your device from reported bugs, enhance functionality, and of course, seal up any security loopholes.
2. Add digital protection. It’s more than a buzz. Extra security solutions such a Virtual Private Network (VPN) and added security software can be your saving grace from prying eyes and help protect the health data you send over the internet. A VPN uses an encrypted connection to send and receive data. For example, if you use a VPN, a hacker trying to eavesdrop on your network will be met with a cacophony of jumbled data on their screen. In addition, installing comprehensive security software can thwart viruses and malware scams from infecting your digital landscape.
3. Level up your password IQ. Several practices can quickly shore up your password security: 1) Change your device’s default username and password immediately, 2) choose a strong password, 3) use Two Factor Authentication (2FA), and 4) keep your passwords in one place such as a password manager.
4. Switch devices off and on. Here’s a fun one—go old school. The National Security Alliance (NSA) recently advised consumers of one powerful way to thwart cybercriminals, especially with smartphones. Turn your device on and off every now and then. Better yet, if a device is not in use, shut it down.
5. Verify every source. Scams connected to your new device or health condition increasingly look legitimate. For that reason, verify sources, websites, and avoid giving out any personal information, and never send money to an unverified source. Scams come in the form of a phony email, people posing as an IT department or helpdesk, text message, pop-up, calendar invite, or even a direct message on social media. This is where antivirus software can save the day.
6. Ask for help. Beyond your device manual, Google and YouTube, if you are a senior and still have issues securing a new device, reach out for help. Don’t overlook the help desk associated with your new device, many of which also have a convenient online chat feature. Other possible resources include: Your local library, senior center, Agency on Aging, or community center may have help. In addition, AARP has published a list of helpful IT resources for seniors.
Having the right technology at your fingertips can feel like magic especially if you are a senior adult with health and safety concerns. In these times of widespread digital insecurity, giving even a little extra time and attention to these basic digital security protocols can bring a new level of peace and power to your daily routine.
The post Can Your Wearable Health Monitors Be Compromised? appeared first on McAfee Blog.
Mobile phones have gone through an incredible transformation since their inception in the 1970s. Now, the sheer number of applications is dizzying, as are their privacy policies; however, smartphone apps can bring hours of fun and belly laughs, and occasionally, a viral app captures the world’s attention. Don’t let potential risks to your personal information safety ruin all smartphone apps for you. All you need to share and play safely is a few tips to help you identify which apps are OK to use and how to navigate them intelligently.
Check out these four viral apps that may be putting your personal information at risk, plus a few tips that’ll help you enjoy smartphone apps safely.
Voilà AI Artist is a trending app that reimagines your face as a cartoon, caricature, or model of fine Renaissance art. Users can snap a selfie with the app or allow the app to access their photo library. According to WIRED, the app says it deletes users’ photos from its database in 24 to 48 hours, though it’s difficult to confirm that they aren’t stored.
Approach any app that could potentially use and store your likeness with caution. Deepfake technology is becoming more sophisticated and common by the day. Deepfakes are fabricated videos, images, or sound clips of every day or famous people based on real videos and images. Fake media impacts the victims whose likenesses are used because often the media is demeaning or incendiary. Voilà AI Artist hasn’t been suspected of any wrongdoing, but it’s best to be aware of how your face could be used to endorse something you don’t agree with.
Another face-altering app that could pose a risk to users’ privacy is FaceApp. Similar to Voilà AI Artist, it’s unclear what the app does with your likeness once you allow it to take your picture. FaceApp’s terms of use agreement outline that the selfies uploaded to the app belong to the app. From there, the app is free “to use, reproduce, modify, adapt, create derivative works from, distribute, perform, and display your User Content.” This line of fine print should make users pause. Again, users’ faces could be used in ways they wouldn’t normally agree to.
While the Pokémon Go craze of 2016 has greatly subsided, the next viral app that sweeps the world could replicate the security vulnerabilities the premise presents. Pokémon Go uses augmented reality, which is the kind of technology that makes it look like a Pokémon is strolling across your living room. The app can access your camera, as well as your contacts, pictures, chats, and location. It’s a blast exploring your neighborhood looking for animated critters and seeing nearby strangers’ profiles pop up on your map; however, be wary of sharing location data and images of the inside of your home with people you don’t know in real life.
TikTok may pose a risk to users’ data privacy. TikTok is under suspicion for using data mining tactics. Data mining is a practice where corporations harvest personal details from user-profiles and share them with advertising, marketing, and analytics companies. According to Business Insider, TikTok collects more than 50 kinds of data from users as young as 13 years old, including age, gender, location, and online habits. These facts are often used to create targeted ads that sometimes border on an invasion of privacy.
Check out these tips to make sure you’re prepared to use apps safely or help you decide to skip trends entirely.
The post 4 Viral Apps Risking Your Personal & Smartphone Security appeared first on McAfee Blog.
Surprise! Just because you’re a Millennial or Gen Zer doesn’t mean you’re savvier when it comes to technology. Especially when it comes to cybersecurity.
Turns out, Millennials aren’t quite as tight with their security as the older generations are. That’s according to one study about working from home that focused on younger adults and their older cohorts. It’s perhaps no surprise that nearly half of them said that they enjoyed working from home. What is surprising is that while working from home, “Gen Zers (38%) and Millennials (23%) said they had four or more [technology] issues, on average, every week,” according to the research.
For comparison, the research also showed that only 12% of employees aged 45 to 54, 4% aged 55 to 64, and 13% of seniors said that they had four or more issues per week.
Talk about a stereotype-buster!
Aside from technology issues in general, they found themselves dealing with security issues as well. The top three culprits …
If this survey is any indication, we could be a lot safer out there, particularly while we’re doing things like paying bills, checking our bank balances, or splitting dinner with friends via a payment app.
That’s what’s at stake. Millennials have among the highest rates of online shopping by generation at more than 86% (compared to Boomers at just over 62%). They also use social media the most and 50% of them self-describe themselves as being online “almost constantly” (a figure that drops sharply with age). Taken together, that’s a significant level of exposure to potential threats online. So, if there’s one place where Millennials can get a bit savvier, it’s with their cybersecurity.
The good news is that it doesn’t take a whole lot to improve your safety online. With a few straightforward steps, you can protect yourself better than before—and perhaps spare you some of those technology headaches in the process. Let’s take a quick look:
As always, this is “square one” advice when it comes to keeping yourself safe online. Comprehensive security software will do more than protect your stuff. It’ll protect you by making it safer while you use your apps, breeze through some videos, or take care of your finances—practically anything that involves you, your identity, your money, and your data online. And because we do so much of that on our phones, go ahead and add security software on your phone, too. That’ll make you far safer when you’re moving money around online or simply going about your day.
Yup, keeping track of all those passwords is a pain. Resetting them when you forget them is a pain too. And even bigger pain is reusing passwords, getting one account hacked, followed by a bunch of others getting hacked too because they use the same password. It happens. And hackers count on lazy password habits. Going online with strong, unique passwords is a must (even if it’s a bit of a pain), yet using a password manager makes it far easier and far more secure. Typically included with comprehensive security software, it can create and safely store strong, unique passwords for each of your accounts.
What’s lurking behind that link? A sketchy site? A scam looking to steal your personal info? Sometimes it’s tough to know, until you click that link and find out the hard way. A web advisor can identify those bad sites and links for you without clicking. And further, it can block a mistaken click, giving you an extra level of protection. Often available with your security software, you can also get our own McAfee® Web Advisor for free.
By way of an app, a VPN helps keep your personal data safe as you use the internet. More than just protecting your browsing, it further protects you while using apps because of the way it creates a secure connection. Using a VPN is a smart move when using public Wi-Fi because that connection is, well, public, meaning anyone can potentially spy on your activity—potentially lifting passwords, data, and other personal info. A VPN is also a great idea any time you want extra privacy any time, particularly when you’re doing things like banking or shopping online.
It seems like nearly every day some of your apps and devices will prompt you for an update. Take a moment to follow through on those alerts and install them. In a few moments, you’ll be up to date, which often includes security fixes that can improve your level of protection. Also, those alerts are a good time to ask yourself, “Do I really use that app anymore?” If you don’t, just go ahead and delete that app, along with any account or data associated with it. This leaves you with one less target that hackers can zero in on, thus making you that much safer (and with a less cluttered device to boot).
Once you get up and running with these tips, you’ll find that you’re safer than before. Plus, you’ll also find that apps like security software and password managers can take care of a lot of time-consuming tasks for you, practically automatically. Giving you one less thing to worry about.
The post Younger, But Not Savvier: 3 Cybersecurity Threats Plaguing Millennials appeared first on McAfee Blog.
We’ve all been there. It’s the middle of the night and you wake up to a sad and sniffly kiddo shuffling into your room. Yup, looks like someone has a temperature. You phone the on-call doctor to make sure it’s nothing serious and then set an alarm so you can make an appointment when the office opens. Yet this time that doctor’s visit could go a little differently. It may not take place in the office at all. You may be offered a chance to see the doctor with a telemedicine visit.
Telemedicine has been in use for some time. For several years now, it’s connected patients to health care services using live video and sometimes special diagnostic tools that pass along information via the internet. Overall, it’s a way of going to the doctor without actually going to the doctor’s office. Historically, it’s done a great job of caring for people who live in remote locations and for people with ongoing conditions that need long-term monitoring.
That all changed last year. Telemedicine visits saw a big spike during the early days of the pandemic, partly to help keep the spread of the virus in check and to protect vulnerable patients. Even though that spike has since tapered off, one study found that about 40 percent of consumers in the U.S. say they’ll use telemedicine moving forward—and our own research from earlier this year put that worldwide figure at nearly 30 percent. Telemedicine seems to be taking root.
While telemedicine leaves many families with more healthcare options, it may leave them with a few more questions about their security as well. After all, our health data is a precious thing. In the U.S., HIPPA privacy standards protect our information and consultations with healthcare professionals. However, online visits add an entirely new dimension to that.
If your health care provider recommends a telemedicine visit for you or your child, it can be both a convenient and safe experience with a little prep on your part. With a few straightforward security measures lined up (some of which you may already have in place), you can make sure that everyone’s private health information will be safe and secure during your virtual visit.
A great first step for a safer telemedicine visit is to protect your devices with comprehensive security software. Like security software protecting you while you manage your finances, file your taxes online, and so forth, it will help protect you while sharing your private health information. Plus, it will give you plenty of other features that can help you manage your passwords, protect your identity, safeguard your privacy in general, and more.
Be sure to protect your tablets and smartphones while you’re at it, even if you’re not using them for telemedicine. With all the shopping and banking we do on those devices, it’s a smart move to protect them in addition to laptops and computers.
Your telemedicine visit may require setting up a new account and password, one that will add to your growing list considering all the banking, social media, and payment apps you probably use. Plus, there are the umpteen other passwords you have for your online shopping accounts, your children’s school records, your taxes, and so on. Don’t give into the temptation of re-using an old password or making a simple one. Hackers count on that, where stealing one password means stealing several—and gaining access to multiple accounts in one blow.
When you set up your account, use a strong, unique password. This may also be a good time to get a handle on all your passwords with a password manager. Also found in comprehensive security software, a password manager can create and securely store strong and unique passwords for you, which can keep you safe and make your day a little easier too.
A VPN, or virtual private network, offers a strong layer of additional protection when you’re transmitting health data or simply having a private conversation about your health with a professional. A VPN creates an encrypted tunnel to keep you and your activity anonymous. In effect, your data is scrambled and hidden to anyone outside your VPN tunnel, thus making your private information difficult to collect.
Like many of the security steps, we’re talking about here, using a VPN offers benefits beyond telemedicine. A VPN is a must when using public Wi-Fi, like at airports and cafes, because it makes a public connection private (and safe from prying eyes). Additionally, it’s also great for use at home when taking care of sensitive business like your banking or finances.
If you’re searching for a telemedicine provider online, keep an eye out for sketchy links and scams. The sad thing with the increased use of telemedicine is that hackers have clued in and are looking for targets. One way you can stay safer is to use a web advisor with your browser that can identify potentially hazardous links and sites. Anti-phishing technologies in your security software can help as well by preventing email-based scams from reaching your inbox in the first place.
Even better than searching online, consider contacting your pediatrician or doctor’s office for a recommendation, as they can point out the best healthcare options for you and your concerns—and let you know if a telemedicine visit is the best course of action for you in the first place. This way, you can get comfortable with what your visit will look like, find out what special apps (if any) are used, and how your care provider will protect your privacy. Also, you can decide which device you will use and where you’ll use it so that you feel at ease during your virtual visit.
A reputable care provider will likely put all this pre-appointment information together for you on their website or “frequently asked questions” (FAQ) page, which will include helpful links and numbers to call if you need help or have questions. For an example of what that could look like, check out the telemedicine page that Virginia Mason/Franciscan Health designed for its patients.
We’ve talked plenty about digital security, yet there’s the old-fashioned issue of physical eavesdropping to think about too. When it’s time for your actual appointment, pick a place in your home where you can assure yourself some privacy. (Of course, don’t go online for your virtual appointment in a public place.) Look for a space where you can’t be overheard by neighbors and passers-by—preferably someplace like your bedroom where you can be comfortable as well. If your child has an appointment, let them know that this is like any other doctor’s visit and help them keep their voice down so they can keep their info private.
With telemedicine becoming more and more of an option for families, it’s just one of the many tools your doctor or pediatrician can use to keep you and your family well. So as always, if you have a health concern, call your doctor or pediatrician’s office for guidance. They’ll know the best path forward.
In the meantime, there are some great resources out there that can help you make the best decision about telehealth if the time comes. One really helpful article from the American Academy of Pediatrics helps parents get up to speed on telemedicine and outlines a few cases where a telemedicine visit might be right for your child.
With the sniffles, fevers, and plenty of, “Mom, I don’t feel so good …” comments that come along with parenthood, it’s nice to know that telemedicine gives us another tool we can use to keep our families well—one that’s ultimately up to you and your doctor to choose if it’s right for your child.
The post 6 Tips for a Safer and Easier Telemedicine Visit appeared first on McAfee Blog.
For some, vanquishing aliens, building virtual amusement parks, and online battles royale are an excellent stress reliever. As we all know, over the past year there’s been plenty of stress to relieve and more spare time on our hands in which to revel in our hobbies. There was a 30% jump in online gaming traffic from the first to the second quarter of 2020.
Hackers are taking advantage of highly trafficked online gaming portals to make a profit on the dark web. The next time you log on to your virtual world of choice, consider these recent video game breaches and up your gamer security, which could include an antivirus for gaming.
Between 2019 and 2020, web attacks on gaming companies rocketed up 340%, according to Akamai. Hackers have targeted several high-profile gaming companies recently with various motives. First, game source code was stolen from Electronic Arts to sell on the dark web. Developers shopping the dark web use stolen source codes to reverse-engineer popular games or copy the code into their own game. Capcom and CD Projekt Red were hit by ransomware attacks only a few months apart from each other, one attack focused on company financial information and the other on source code.
“Titan Fall” and “Apex Legends” have both been hacked to the point where the former is unplayable, according to many gamers. To protest “Titanfall’s” developers’ inaction, gamers took to “Apex Legends,” altering in-game messages. The apparent ease with which hackers can walk into online gaming portals requires that game developers and gamers themselves pay more attention to their security.
Online PC gaming allows players to use real-world money to purchase valuable upgrades to their characters. These characters receive admiration from some fellow players. Others feel greed. Advanced characters can fetch a lot of money on the dark web, so some cybercriminals practice credential stuffing to force their way into player accounts and steal ownership. Credential stuffing is a type of brute force attack where hackers take informed guesses at username and password combinations. A strong password or passphrase is essential to keeping your account and investment safe from a dark web fate.
Based on the above recent hacks, it is clear that gaming companies host a trove of valuable information. Gamers trust these platforms with their payment information and with the safety of their gaming characters on which they spend thousands of hours and hundreds of dollars upgrading, making gaming a lucrative target for hackers.
Another way cybercriminals target gamers is through malware disguised as an advantage. Cheat software for online games is common as players strive to be the best out of thousands. Advantage seekers for “Call of Duty: Warzone” were targeted by a malware scam. The malware creators advertised the “cheat software” on YouTube with instructions on how to download it. The video received thousands of views and hundreds of comments, which made it look legitimate.
One of the steps in installing the “cheat software” was that users had to disable antivirus programs and firewalls. Users let the cybercriminals walk right into their device! From there, the device was infected by an aggressive type of fileless malware called a dropper. A dropper doesn’t download a malicious file onto the device; rather, it creates a direct pathway to deliver an additional payload, such as credential-stealing malware.
Competitive gaming is, well, competitive. So, if you invest a lot of real money into your characters, be especially vigilant and follow these five important tips to protect your online accounts.
It’s common for gamers to use variations of their real names and birthdates in their public-facing usernames. Don’t use your real name or birthdate in your username. Consider using a nickname or a combination of random numbers instead. Along this same vein, don’t reveal personal details about yourself (phone number, birthday, places you visit regularly) on chats or streams. Lurking cybercriminals can gather these personal details to impersonate you.
On some online PC games, you can join campaigns with gamers from all over the world. While the interconnectivity is great, carefully vet who you allow to follow your online profile. If a stranger sends a friend request out of the blue, be on alert. They could have nefarious motives, such as phishing for valuable personal data. It’s best to customize your privacy settings to make your profile invisible to strangers.
Developers spend a lot of time creating amazing games, so make sure you purchase games legally and play them as they are intended. Be especially wary of free downloads or pirated versions and cheat software, as they’re likely too good to be true. Instead, go for a challenge and have fun with the game as it’s written.
A virtual private network (VPN) scrambles your online data traffic, making it impossible for hackers to access your IP address and spy on your online browsing.
Gaming antivirus software not only makes your online gaming experience more secure, but it can boost your rig’s performance! McAfee Gamer Security detects threats through the cloud and optimizes resources to minimize frame drops.
The post 5 Online Gaming Tips to Stay Safe From Hackers appeared first on McAfee Blogs.
We are in the midst of digital transformation to the cloud – these cloud services fuel transformative projects for businesses, empowering employees with powerful tools to do their jobs better and more efficiently. This cloud transformation has meant that a large portion of enterprise data now resides and is being accessed outside of the network perimeter and beyond the reach of traditional data security controls.
MVISION Unified Cloud Edge is the SASE security fabric between an organizations’s workforce and their resources that enables fast direct-to-internet access by eliminating the need to route traffic through their data center for security. Data and threat protection are performed at every control point in a single pass to reduce the cost of security and simplify your management.
Sensitive data uploaded to CRM has also put the service on the radar of IT security teams. Based on the Market share report Microsoft Dynamics 365 is amongst the top CRM vendors
Data in Dynamics 365 represents anything from proprietary business information to sensitive customer data. The high volume and value of this data have made Dynamics 365 security a top priority for companies embarking on cloud security projects.
Microsoft provides a host of security features for enterprise customers at the infrastructure and software level, but customers default lack many controls around data and user account security. For example, only 36 percent of cloud customers say they can enforce data loss prevention in the cloud. These are key security controls for organizations using Dynamics 365, especially those who upload regulated data to the service.
MVISION Cloud for Dynamics 365, part of McAfee’s Unified Cloud Edge offering is a comprehensive solution, which allows enterprises to enforce security controls for data in Dynamics 365. It addresses four areas of Dynamics security:
By applying cloud DLP policy you can find any sensitive info stored in Dynamics entity in near real-time. Configure via UI the entities where you know sensitive content is posted by the user and do near real time DLP. Also, you can integrate your Endpoint DLP engine policy and use the single console of MVISION to leverage the DLP policy defined on Dynamics entities. In addition, before the Auditor finds any sensitive information stored in data at rest, you can run on-demand scans on Dynamics 365 entities/attachments to ensure there is no sensitive data in Dynamics entities. MVISION Cloud Compliance scan applies to entities (structured data) and attachments (unstructured data) in Dynamics. Data privacy can save organizations from massive compliance fines, a negative public image, and loss of customer trust. Dynamics 365 data privacy is just as important as security, MVISION Cloud compliance scan ensures GDPR compliance for data at rest. In all cases whenever out of compliance is found, then raise incidents and takes remedial action for complete visibility. Malware scan to detect malware on any Dynamics 365 attachments if there is Malware. This scan could be Near Real-Time and also could be on data at rest.
MVISION Cloud for Dynamics 365 can act as an additional control point between enterprise users and the cloud to provide enhanced analytics into cloud usage, detect threats from insiders, compromised accounts, and privileged users, enforce compliance policies with DLP, and contextual access controls. Additionally, detecting intentional or inadvertent threats from employees or third parties, enforcing granular access controls based on parameters such as role, device, data, and location, and enforcing DLP policies.
Finally, the MVISION platform provides benefits that a single-point solution for one cloud service cannot satisfy. A single point for cloud control removes gaps in policy enforcement. Visibility into all cloud traffic allows MVISION to correlate activity occurring across multiple cloud services, identifying high-risk users and cloud-to-cloud threats. And MVISION offers integrations with on-premises security tools to extend existing security policies to the cloud and feed cloud threats into SIEM solutions. Consolidating all cloud security data in one tool is the best way to capture a holistic view of cloud risk, in a snapshot and as it changes over time.
Moving to the cloud does not have to be a trade-off between business results and security. Improved security in the cloud is a reality for companies that have embraced a cloud-native security approach. Using MVISION Cloud for Dynamics 365 can make data safer than ever before while empowering business teams to become more efficient and dynamic.
For more information or to test out MVISION Cloud for Dynamics please visit us at: https://www.mcafee.com/enterprise/en-us/solutions/mvision/marketplace.html
The post Business Results and Better Security with MVISION Cloud for Microsoft Dynamics 365 appeared first on McAfee Blogs.
Smart speakers. Banking online. Location tracking. If you are a senior adult, there’s no doubt, the digital leaps and bounds you’re asked to consider each day can be daunting. If you are the child of a senior adult trying to make digital life more accessible, helping your parent consistently stay safe online can also be a challenge.
According to the most recent Pew study on the topic, senior adults continue to become more digitally connected, but adoption rates continue to trail younger users, and digital divides remain. The study also revealed that 77% of older adults needed assistance in learning how to use technology.
As a senior, it’s easy to feel intimidated and even try to avoid technology altogether as a safety plan. However, more healthcare, banking, and retailers become almost 100% digital, opting out of digital life is becoming impossible.
Still, there’s a way forward. As with any challenge, it’s best to begin one step at a time. First, put your stake in the ground by committing to increase your awareness and consistency in the digital realm. Doing so will help you reduce your fear about potential data breaches, malware attacks, or worse, falling prey to an online scam. Here are seven more ways to build upon your privacy path.
1. Consider another layer of protection. Parental controls and antivirus software cover every age and stage of a family’s digital life. Here’s why: 1) If you are a senior and love exploring online but hate bumping into inappropriate content, parental controls will help you keep the fun and block the junk 2) Filtering software also keeps your PC clean and protected from viruses and malware. 3) If you are a caregiver to a senior and notice your parent struggling with online shopping limits, keeping personal information private on social media, or even sharing fake news, parental controls can help by blocking tempting sites.
2. Update and store your passwords. Updating your passwords regularly is an online privacy gamechanger. The only problem? It’s tough to remember all those passwords, so who wants to risk changing them, right? Consider a password manager (find the software packages that have a password manager built-in). Your Password Manager (PM) stores then populates the username and password fields every time you log on to a favorite site or app. Better yet, it makes changing your password an easy task since you don’t need to do any remembering—your PM does it all for you.
3. Use 2-Factor Authentication (2FA). What in the world? 2FA sounds complicated! Don’t worry, it’s not. Opting for 2FA means that before logging onto your account, you will have one more step to verify it’s you logging on. When given this privacy option, take it. Commonly, the 2FA process is a code generated by a smartphone app—no biggie. If you want to try, go to your settings in your favorite apps, such as Google or Facebook, and turn on the 2FA option.
4. Install software updates immediately. Along with strong passwords, updating your software is a front-line defense against identity theft and fraud. Installing software updates (those pesky pop-up notices that are critical to your privacy) is essential in securing your IoT devices, PCs and phones, and the social media, banking, and healthcare portals connected to them.
5. Use a Virtual Private Network (VPN). If we could write this one tip down a hundred times without losing our readers, we surely would. Every senior adult needs a VPN for practical, powerful privacy protection and peace of mind. A VPN keeps credit card and personal info contained in a secure network and away from prying eyes.
6. Fight back with knowledge. Fraudulent emails connected to fraudulent websites can look very legitimate. A secure website will have an “HTTPS” in the browser’s address bar. The “s” stands for “secure.” If the web address or URL is just HTTP, it’s not a secure site. Still unsure? Read reviews of the site from other users before making a purchase. Never send cash, cashier’s check, or a personal check to any online vendor. If purchasing, always use a credit card in case there is a dispute. Stay up-to-date on scams that target seniors specifically. Lately, elder scams have been constructed around COVID, dating apps, tax returns, employment, and, of course, the common military catfish scams.
7. Have fun as you skill up. When trying to boost your digital skills, don’t forget about all the amazing instructional content at your fingertips. A quick search of YouTube will render easy-to-understand videos on how to do just about everything (including install security software, change your router password, secure the smart devices in your home, and how to adjust your privacy settings on any device).
Learning or building a new skill isn’t always easy, but if you stop to think about it, as a senior, you’ve gained so many skills over your lifetime (far more than your juniors). So, practically speaking, building up your tech skills is one is just one more task to ace. So, lean into the challenge, have fun learning, and don’t hesitate to ask for help if you need it.
The post 7 Savvy Ways Senior Adults Can Safeguard Digital Privacy appeared first on McAfee Blogs.
Picture this: you open your MacBook and see an email claiming to be from your favorite online store. In the email, there is an attachment with “important information regarding your recent purchase.” Out of curiosity, you open the attachment without checking the recipient’s email address. The next thing you know, your device is riddled with malware.
Unfortunately, this story is not far from reality. Contrary to popular belief, Apple computers can get viruses, and XLoader has Mac users in their sights.
Let’s break down XLoader’s ‘s origins and how this malware works.
Where Did XLoader Come From?
XLoader originated from FormBook, which has been active for at least five years and is among the most common types of malware. Designed as a malicious tool to steal credentials from different web browsers, collect screenshots, monitor and log keystrokes, and more, FormBook allowed criminals to spread online misfortune on a budget. Its developer, referred to as ng-Coder, charged $49, a relatively cheap price to use the malware, making it easily accessible to cybercriminals.
Although ng-Coder stopped selling FormBook in 2018, this did not stop cybercriminals from using it. Those who had bought the malware to host on their own servers continued to use it, and in turn, quickly noticed that FormBook had untapped potential. In February 2020, FormBook rebranded to XLoader. XLoader can now target Windows systems and macOS devices.
Typically, XLoader is spread via fraudulent emails that trick recipients into downloading a malicious file, such as a Microsoft Office document. Once the malware is on the person’s device, an attacker can eavesdrop on the user’s keystrokes and monitors. Once a criminal has collected enough valuable data, they can make fake accounts in the victim’s name, hack their online profiles, and even access their financial information.
According to recent data, Apple sold 20 million Mac and MacBook devices in 2020. With macOS’s growing popularity, it is no surprise that cybercriminals have set their sights on targeting Mac users. Check out these tips to safeguard your devices and online data from XLoader and similar hacks:
Hackers often use phishing emails or text messages to distribute and disguise their malicious code. Do not open suspicious or irrelevant messages, as this can result in malware infection. If the message claims to be from a business or someone you know, reach out to the source directly instead of responding to the message to confirm the sender’s legitimacy.
Hackers tend to hide malicious code behind the guise of fake websites. Before clicking on an unfamiliar hyperlink, hover over it with your cursor. This will show a preview of the web address. If something seems off (there are strange characters, misspellings, grammatical errors, etc.) do not click the link.
Use a solution like McAfee Total Protection, which can help protect devices against malware, phishing attacks, and other threats. It also includes McAfee WebAdvisor — a tool that identifies malicious websites.
Regardless of whether you use a PC or a Mac, it is important to realize that both systems are susceptible to cyberthreats that are constantly changing. Do your research on prevalent threats and software bugs to put you in a great position to protect your online safety.
XLoader is just the latest example of how the gap between the prevalence of PC versus macOS malware is steadily closing. To better anticipate what threats could be around the corner and how to best combat them, stay updated on all of the latest online safety trends and practice great security habits. This will not only help protect your devices and online accounts but also bring you greater peace of mind.
The post 3 Tips to Protect Yourself From XLoader Malware appeared first on McAfee Blogs.
The current business transformation and remote workforce expansion require zero trust access to corporate resources, with end-to-end data security and continuous risk assessment to protect applications and data across all locations – public clouds, private data centers, and user devices. MVISION Private Access is the industry’s first truly integrated Zero Trust Network Access solution that enables blazing fast, granular “Zero Trust” access to private applications and provides best-in-class data security with leading data protection, threat protection, and endpoint protection capabilities, paving the way for accelerated Secure Access Service Edge (SASE) deployments.
We are currently operating in a world where enterprises are borderless, and the workforce is increasingly distributed. With an increasing number of applications, workloads and data moving to the cloud, security practitioners today face a wide array of challenges while ensuring business continuity, including:
Cloud-based Software-as-a-Service (SaaS) application adoption has exploded in the last decade, but most organizations still rely heavily on private applications hosted in data centers or Infrastructure-as-a-Service) IaaS environments. To date Virtual Private Networks (VPN) have been a quick and easy fix for providing remote users access to sensitive internal applications and data. However, with remote working becoming the new normal and organizations moving towards cloud-first deployments, VPNs are now challenged with providing secure connectivity for infrastructures they weren’t built for, leading to bandwidth, performance, and scalability issues. VPNs also introduce the risk of excessive data exposure, as any remote user with valid login keys can get complete access to the entire internal corporate network and all the resources within.
Enter Zero Trust Network Access, or ZTNA! Built on the fundamentals of “Zero Trust”, ZTNAs deny access to private applications unless the user identity is verified, irrespective of whether the user is located inside or outside the enterprise perimeter. Additionally, in contrast to the excessive implicit trust approach adopted by VPNs, ZTNAs enable precise, “least privileged” access to specific applications based upon the user authorization.
We are pleased to announce the launch of MVISION Private Access, an industry-leading Zero Trust Network Access solution with integrated Data Loss Prevention (DLP) and Remote Browser Isolation (RBI) capabilities. With MVISION Private Access, organizations can enable fast, ubiquitous, direct-to-cloud access to private resources from any remote location and device, allow deep visibility into user activity, enforce data protection over the secure sessions to prevent data misuse or theft, isolate private applications from potentially risky user devices, and perform security posture assessment of connecting devices, all from a single, unified platform.
Here are the key capabilities offered by ZTNA to provide secure access for your remote workforce:
Though ZTNAs are frequently promoted as VPN replacements, nearly all ZTNA solutions share an important drawback with VPNs – lack of data awareness and risk awareness. First-generation ZTNA solutions have categorically focused on solving the access puzzle and have left data security and threat prevention problems unattended. Considering that ubiquitous data awareness and risk assessment are the key tenets of the SASE framework, this is a major shortcoming when you consider how much traffic is going back and forth between users and private applications.
Moreover, the growing adoption of personal devices for work, oftentimes connecting over unsecure remote networks, significantly expands the threat surface and increases the risk of sensitive data exposure and theft due to lack of endpoint, cloud and web security controls.
Addressing these challenges requires ZTNA solutions to supplement their Zero Trust access capabilities with centralized monitoring and device posture assessment, along with integrated data and threat protection.
MVISION Private Access, from McAfee Enterprise, is designed for organizations in need for an all-encompassing security solution that focuses on protecting their ever-crucial data, while enabling remote access to corporate applications. The solution combines the secure access capabilities of ZTNA with the data and threat protection capabilities of Data Loss Prevention (DLP) and Remote Browser Isolation (RBI) to offer the industry’s leading integrated, data-centric solution for private application security, while utilizing McAfee’s industry-leading Endpoint Security solution to derive deep insights into the user devices and validating their security posture before enabling zero trust access.
MVISION Private Access allows customers to immediately apply inline DLP policies to the collaboration happening over the secure sessions for deep data inspection and classification, preventing inappropriate handling of sensitive data and blocking malicious file uploads. Additionally, customers can utilize a highly innovative Remote Browser Isolation solution to protect private applications from risky and untrusted unmanaged devices by isolating the web sessions and allowing read-only access to the applications.
Fig. 1: MVISION Private Access
Private Access further integrates with MVISION Unified Cloud Edge (UCE) to enable defense-in-depth and offer full scope of data and threat protection capabilities to customers from device-to-cloud. Customers can achieve the following benefits from the integrated solution:
Additionally, UCE’s Hyperscale Service Edge, that operates at 99.999% service uptime and is powered by intelligently peered data centers, provides blazing fast, seamless experience to private access users. Authentication via Identity Providers eliminates the risk of threat actors infiltrating the corporate networks using compromised devices or user credentials.
With dozens of ZTNA solutions on the market, we’ve made sure that MVISION Private Access stands out from the crowd with the following:
With MVISION Private Access customers can establish granular, least privileged access to their private applications hosted across cloud and IT environments, from any device and location, while availing all the goodness of McAfee’s leading data and threat protection capabilities to accelerate their business transformation and enable the fastest route to SASE. To learn more, visit www.mcafee.com/privateaccess.
The post Introducing MVISION Private Access appeared first on McAfee Blogs.
This news has been some time in the making, and I’m terrifically excited to share it.
As of July 27th, we take a decisive step forward, one where McAfee places its sole focus on consumers. People like you. This marks the day we officially divest our enterprise business and dedicate ourselves to protecting people so they can freely enjoy life online.
This move reflects years of evolution, time spent re-envisioning what online protection looks like in everyday life—how to make it stronger, easier to use, and most importantly, all the ways it can make you feel safe and help you stay that way.
In the coming days, you’ll see your experience with us evolve dramatically as well. You’ll see advances in our online protection that look, feel, and act in bold new ways. They will put you in decisive control of your identity and privacy, all in a time where both are so infringed upon. And you’ll also see your protection get simpler, much simpler, than before.
Today, I’d like to give you a preview of what’s ahead.
First, these changes are inspired by you. From feedback, research, interviews, and even having some of you invite us into your homes to show us how you live life online, you’ve made it clear what’s working and what isn’t. You’ve also shared what’s on your mind—your thoughts on technology’s rapid growth, the concerns you have for your children, and the times where life online makes you feel vulnerable.
We’re here to change things for the better. And here’s why …
Our lives are more fluid and mobile than ever before. From the palm of our hand, we split the cost of dinner, purchase birthday gifts, dim the lights in our living room, warm up the car on a winter morning, and far more. In many ways, our smartphones are the remote control for our lives. From managing our finances to controlling our surroundings, we’re increasing our use of technology to get things done and make things happen. Could any of us have imagined this when the first smartphones rolled out years ago?
Without question, we’re still plenty reliant on our computers and laptops too. Our recent research showed that we’re looking forward to using them in addition to our phones for telemedicine, financial planning, and plenty of personal shopping—each representing major upticks in usage than in years before, up to 74 percent more in some cases.
Yet what’s the common denominator here? You. Whatever device you’re using, at the center of all that activity is you. You’re the one who’s getting things done, making things happen, or simply passing some time with a show. So, while the device remains important, what’s far more important is you—and the way you’re using your device for ever-increasing portions of your life. Safely. Confidently. Easily.
Taken together, the time to squarely focus on protecting people is now. A new kind of online security is called for, one that can protect you as you go online throughout your day in a nearly constant and seamless fashion. We’ve dedicated ourselves to making that happen. And you’ll soon see what that looks like.
So how can you expect this evolution to take shape? You’ll see it in three significant ways:
1. Personalized experience. We’re building security that protects you effortlessly wherever your day takes you. From device to device, place to place, and all the experiences online in between. Think of our approach to online protection like Netflix, which used to be a physical service where you waited in queue for that next episodic DVD of Lost to get mailed to you. Now your shows follow you and stream anywhere, no matter what device you’re on. It’s the same thing with our security. It will recognize you and protect you whether you’re at home or by the pool on vacation, on your laptop, or your phone, with one consistent experience. Again, it’s all about you. Keeping you protected as you enjoy every perk and convenience of life online.
2. Intelligent experience. The next evolution builds on personalization and takes it a step further. This is security that understands when you and your personal info is at risk and then takes intelligent steps to protect you. This could be your smartphone automatically connecting to VPN when you’re at the airport, keeping you safe from prying eyes on public networks. It could also be alerts to you if your personal info is compromised so you can take steps to protect it. Or it could be a simple suggestion to help keep you safe while browsing, shopping, or banking online. In all, it’s intelligence that helps you stay safe and make safe choices.
3. Simpler experience. With this personalization and intelligence in place, you can protect everyone in your family far more easily than ever. It becomes practically automatic. Regardless of their age, interests, or how much they know about technology, this simplified approach to online security makes smart choices for you and your family wherever possible, steering them clear of threats and keeping everyone safer as a result.
Us at your side. New and existing customers alike will still benefit from McAfee’s award-winning technology as you always have. Further advances and features will roll out to you as part of the regular updates as they become available for your subscription. In all, you’ll always have the latest and greatest benefits of your product with us.
As for our future, expect more to come. Your confidence in us both fuels and informs these leaps ahead. Thank you as always for choosing us for your protection. It allows us to invest in breakthroughs that keep you safe against new and evolving threats, just as we have as a market leader for years.
The new McAfee is focused on you. It’s a bold new world of protection online, where you are in control of your identity and privacy, where you have intelligence that offers right protection in the right moment, where you can simply feel safe, and where you’re ultimately free to enjoy your life online at every turn.
Here’s to what’s next. And I can’t wait for you to experience it.
To stay updated on all things McAfee and on top of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, subscribe to our newsletter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.
The post The New McAfee: A Bold New World of Protection Online appeared first on McAfee Blogs.
Architected for the cloud-first and remote-first deployments, MVISION Cloud Firewall secures access to applications and resources on the internet, accessed from every remote site and location, through a cloud-native service model. The solution inspects end-to-end user traffic – across all ports and protocols, enabling unified visibility and policy enforcement across the organizational footprint. Powered by McAfee Enterprise’s industry leading next-generation intrusion detection and prevention system, contextual policy engine and advanced threat detection platform, and supported by Global Threat Intelligence feeds, MVISION Cloud Firewall proactively detects and blocks emerging threats and malware with a high degree of accuracy, uniquely addressing the security challenges of the modern remote workforce. MVISION Cloud Firewall is an integral component of McAfee Unified Cloud Edge, offering organizations an all-encompassing, cloud-delivered Secure Access Service Edge (SASE) security solution for accelerating their business transformation.
For a long time, firewalls and computer networks were like conjoined twins. Businesses simply could not afford to run an enterprise network without deploying a security system at the edge to create a secure perimeter around their crown jewels. The growing adoption of web-based protocols and their subsequent employment by cybersecurity adversaries for launching targeted malware attacks, often hidden within encrypted traffic, saw the emergence of next-generation firewall (NGFW) solutions. Apart from including stateful firewall and unified threat management services, NGFWs offered multi-layered protection and performed deep packet inspection, allowing organizations greater awareness and control over the applications to counter web-based threats.
But things took a dramatic turn with the introduction of cloud computing. Cloud service providers came up with an offer the organizations could not refuse – unlimited computing power and storage volumes at significantly lower operating costs, along with the option to seamlessly scale business operations without hosting a single piece of hardware on-premises. Hence began the mass exodus of corporate data and applications to the cloud. Left without a fixed network perimeter to protect, the relationship between firewalls and networks entered complicated terms. While the cloud service providers offered a basic level of security functionality, they lacked the muscle power of on-premises firewalls, particularly NGFWs. This was further exacerbated by the ongoing pandemic and the overnight switch of the workforce to remote locations, which introduced the following challenges:
The distributed workforce has expanded the threat landscape at an alarming rate. According to the latest McAfee Labs Threats Reports, the volume of malware threats observed by McAfee Labs averaged 688 threats per minute, an increase of 40 threats per minute (3%) in the first quarter of 2021. While SWGs and CASBs could address the security challenges for web and SaaS traffic, respectively, how could organizations secure the remaining non-web traffic? The answer lies in Firewall-as-a-Service, or FWaaS. FWaaS can be defined as a firewall hosted in the cloud, offering all the NGFW capabilities, including deep packet inspection, application-layer filtering, intrusion prevention and detection, advanced threat protection, among others. While, at the onset, FWaaS may give the impression of lifting and shifting NGFWs to the cloud, their business benefits are far more profound and relevant for the modern workforce, some of which include:
McAfee MVISION Cloud Firewall is a cutting-edge Firewall-as-a-Service solution that enforces centralized security policies for protecting the distributed workforce across all locations, for all ports and protocols. MVISION Cloud Firewall allows organizations to extend comprehensive firewall capabilities to remote sites and remote workers through a cloud-delivered service model, securing data and users across headquarters, branch offices, home networks and mobile networks, with real-time visibility and control over the entire network traffic.
The core value proposition of MVISION Cloud Firewall is characterized by a next-generation intrusion detection and prevention system that utilizes advanced detection and emulation techniques to defend against stealthy threats and malware attacks with industry best efficacy. A sophisticated next-generation firewall application control system enables organizations to make informed decisions about allowing or blocking applications by correlating threat activities with application awareness, including Layer 7 visibility of more than 2000 applications and protocols.
Fig. MVISION Cloud Firewall Architecture
Superior IPS efficacy: MVISION Cloud Firewall delivers superior IPS performance through deep inspection of network traffic and seamless detection and blocking of both known and unknown threats across the network perimeter, data center, and cloud environments. The next-generation IPS engine offers 20% better efficacy than competitive solutions, while far exceeding the detection rates of open-source solutions. The solution combines with MVISION Extended Threat Detection and Response (XDR) to offer superior threat protection by correlating threat intelligence and telemetry across multiple vectors and proactively detecting and resolving adversarial threats before that can lead to any enterprise damage or loss. Additional advantages include inbound and outbound SSL decryption, signature-less malware analysis, high availability, and disaster recovery protection.
End-to-end visibility and optimization: The ability to visualize and control remote user sessions allows MVISION Cloud Firewalls to proactively monitor the end-to-end traffic flow and detect any critical issues observed across user devices, networks, and cloud. This offers network administrators a unified, organization-wide view of deployed assets to pinpoint and troubleshoot issues before the overall network performance and user productivity gets impacted. Optimizing network performance elevates the user experience through reduced session latency while keeping a check on the help desk ticket volumes.
Policy Sophistication: MVISION Cloud Firewall considers multiple contextual factors, such as the device type, security posture of devices, networks and users, and pairs that with application intelligence to define a robust and comprehensive policy lexicon that is more suitable for protecting the modern remote workforce. For example, most NGFWs can permit or block user traffic based on the configured rule set, such as permitting accounting users to access files uploaded on a Teams site. McAfee, on the other hand, utilizes its data protection and endpoint protection capabilities to create more powerful NGFW rules, such as permitting accounting users to access a third-party Teams site only if they have endpoint DLP enabled.
MVISION Cloud Firewall converges with MVISION Unified Cloud Edge to offer an integrated solution comprising of industry best Cloud Access Security Broker (CASB), Secure Web Gateway (SWG), Zero Trust Network Access (ZTNA), unified Data Loss Prevention (DLP) across endpoint, cloud and network, Remote Browser Isolation (RBI) and Firewall-as-a-Service, making McAfee one of the only vendors in the industry that solves the network security puzzle of the SASE framework. With the inclusion of MVISION Cloud Firewall, McAfee Enterprise customers can now utilize a unified security solution to inspect any type of traffic destined to the cloud, web, or corporate networks, while securing the sensitive assets and users across every location.
The post Introducing MVISION Cloud Firewall – Delivering Protection Across All Ports and Protocols appeared first on McAfee Blogs.
There’s a lot of misinformation about Virtual Private Networks, what they do, and the security benefits they offer. For this article, I’d like to do some myth-busting about how a VPN actually works and why you should use one.
A VPN is an app that you install on your device to help keep your personal data safe as you browse the internet
You may have heard that VPN apps live on your device and allow you to connect to the internet securely. What that means is, when you turn your VPN app on, your device makes a secure connection to a specialized computer that routes internet traffic, called a VPN server. You also may have heard that your connection is “wrapped in an encrypted tunnel” which means your device and the server share a secure connection so only you can see what you’re doing on the internet.
Every internet connection (like your cable modem) is assigned a unique set of numbers called an IP address, which is tied to information such as geographic location, ISP, etc. A VPN replaces your actual IP address to make it look like you’ve connected to the internet from a different location: the physical location of the VPN server, rather than your real location. This is just one reason why so many people use VPNs. This can be handy when you want to hide from advertising trackers or protect your search history.
To change your IP address, you simply open your VPN app, select the server location you’d like to connect to, and you’re done. You’re now browsing with a new IP address. If you’d like to make sure your IP has changed, open up a browser and search for “What’s my IP address” and click on one of the results.
When to use a VPN really depends on what you want it for. For example, 39% of users understand public Wi-Fi is unsafe but still do sensitive things, like banking or shopping on public WiFi, so using a VPN when you’re at the airport, or a café is a great use case.
As I mentioned before, a lot of people use a VPN for privacy reasons, like stopping advertisers from tracking them. Searches you perform, or websites you visit won’t be trackable, which means you’ll be able to surprise your spouse with a vacation you researched and planned on a computer you both use. Targeted ads could spoil things if your spouse is bombarded with ads for plane tickets and hotels while they browse.
A VPN protects your search history through the secure connection you share. When you search for a website, or type a URL into your navigation bar, your device sends something called a DNS request, which translates the website into the IP address of the web server; this is how your browser can find the website and serve its content to you. By encrypting your DNS requests, a VPN can hide your search habits and history from those that might use that info as part of building a profile of you. This type of info could be used in a wide variety of ways, from legitimately serving targeted ads to nefarious social engineering.
A VPN can protect your identity by blocking online trackers from following you around the internet. With your VPN on, trackers will think all of your browsing is coming from a different device in a different location. This throws off the profile advertisers try to build because they think you’re someone else.
Another way a VPN can protect your identity is by preventing some types of hacking. Stopping attacks on public WiFi where a bad actor tries to get between you and the website you’re visiting, is just one way VPNs can help. It’s called a Man-in-the-Middle attack, but that’s a subject for another article.
No, a VPN cannot make you anonymous. They help secure what you’re doing, but your ISP still knows when you’re using the internet. They just can’t see what you’re doing, what sites you visit, or how long you’ve been on a site.
Private browsing modes can help protect your privacy, but they’re useful if you share a device with other people and you don’t want them to see your search history. You can read all about the differences in the article I wrote a little while ago.
Apple’s Private Relay is currently in Beta and will be available with an iCloud+ subscription for Safari users on iOS and macOS soon. Private Relay is similar to a VPN in that it changes your IP address so websites you visit can’t tell exactly where you are.
When you turn Private Relay on, your device connects to a server that sends your browsing data to a second server, before it travels through the internet. The reason for the double hop is that first server gives you a new IP address, to make you harder to track, while the second server hides that information from the website you’re browsing. The first server only knows your original IP address, while the second server only knows what you’re browsing, but not your IP.
Private Relay only works with Safari on iOS and macOS. Even if you are using an Apple device, a VPN is still a good idea because it will protect the information that your device sends outside of Safari.
If you’re already a McAfee Total Protection subscriber, you have access to unlimited VPN usage. Protect your personal information, like your banking information and credit cards, from prying eyes with McAfee Total Protection’s Secure VPN. If you haven’t already signed up, now’s the perfect time. McAfee Total Protection provides security for all your devices, giving you peace of mind while you shop, bank, and browse online.
The post What is a VPN and Can it Hide My IP Address? appeared first on McAfee Blogs.
How many rooms in your home contain a smart device? From Peloton bikes to showerheads with Bluetooth speakers, smart home technology is rapidly making its way into every room in every household. In fact, the number of smart households (those that contain smart home technology) in the U.S. is expected to grow to 77.05 million by 2025. But with new technology comes new challenges.
Many product designers rush to get their smart devices to market, treating security as an afterthought and consequentially creating an easy access point for criminals to exploit. Once a hacker taps in to a user’s home network, they could potentially gain access to all the devices connected to the network. And many consumers, amazed by the appliances’ efficiency, are unaware of the risks of interconnectivity. So, how can families prevent criminals from taking peeks into their home?
Let’s take a tour through an average smart home and uncover the security implications of the various devices in each room.
Believe it or not, the security risks of a smart home often apply before you even step foot inside the house. Approximately 21 million U.S. homes have professionally monitored security systems. However, these systems are not immune to hacks. One popular security camera system experienced a series of intrusions where hackers were able to communicate with residents, making inappropriate comments, taunting children, and even demanding a ransom payment for the hacker to leave the system. Some users of another security camera system experienced similar intrusions, with hackers playing vulgar music and cranking the homeowners’ heat up to 90 degrees.
Security cameras are just the beginning. Users control mowers, smart sprinklers, and other outdoor devices remotely with smartphone apps. Although they are meant to make consumers’ lives more convenient, outdoor devices with embedded computers could be at the greatest risk of attack, according to professor of computer science and cybersecurity expert, Dr. Zahid Anwar.
Outdoor devices like garage door openers, wireless doorbells, and smart sprinklers are more vulnerable because they may be easily accessible to someone driving down the street with a computer or other Wi-Fi transmitter. Outdoor smart devices can be used as entry points, allowing hackers to access the entire smart home network. To prevent a stranger from spying on your network, it’s important to check how these products store your data. If the device’s system stores your personal information and is connected to the main home network, there is a possibility that a breach of one device on the network could reveal your data to a hacker.
Once you step foot into a smart home, you’ll likely find a variety of devices adopted by residents for added convenience, including smart TVs, Wi-Fi routers, smart speakers, thermostats, lightbulbs, and personal home assistants — the list goes on! But the fact that these devices are connected to the internet opens the door for cybercriminals to make themselves at home. For example, the FBI issued warnings about the risks of smart TVs, noting that hackers could potentially gain access to an unsecured television and take control by changing channels, adjusting volume levels, and even showing inappropriate content to children.
Additionally, a recent study outlined multiple privacy concerns with a popular virtual assistant, ranging from misleading privacy policies to allowing third parties to change the code of their programs after receiving approval from the device’s parent company. Anupam Das, assistant professor of computer science at North Carolina State University, stated that third party software developers created many of the applications consumers interact with while using the virtual assistant. However, Das and their fellow researchers identified several flaws in the current vetting process that could allow those third parties to gain access to users’ personal information. The virtual assistant’s parent company does not verify the developer responsible for publishing the third-party program, so a cybercriminal could easily register under the name of a trusted developer and create a program that spreads malicious code. For these reasons, it is critical that consumers stay informed on potentially vulnerable entry points left open by device manufacturers so they can take action to better protect their smart home technology and their personal privacy.
Today, it is not so weird to talk to your refrigerator (well, maybe a little). Smart appliances are quickly making their way into consumers’ kitchens. You can control your blender or Instant Pot from your phone and use voice activation with various appliances, further blurring the lines between the physical and the digital. And while smart kitchen appliances empower you to do things like controlling your air fryer from an app and use voice activation to brew your coffee in the morning, living like a Jetson does come with potential security risks. In 2019, McAfee researchers discovered a vulnerability within a Mr. Coffee brand coffee maker that could allow a hacker to access the user’s home network. To prevent criminals from brewing up trouble in your home, ensure that you take measures to secure each of your devices and keep criminals from spying on your network.
For many people, the bedroom is more than just the place where they sleep at night — it is a relaxing sanctuary where they can unwind. It is no wonder that many people have adopted various gadgets to turn their sanctuaries into high-tech hubs for relaxation. Take a smart bed, for example. These mattresses incorporate biometric sensors to help you snooze better, and they connect to a smartphone app that tracks your sleep trends and health metrics. While this technology may provide insight on how you can sleep better, it is important to realize that these devices are collecting data and sending it back to the manufacturer. Often, consumers do not stop to research what specific data is being collected and how it is being used, placing a lot of trust in the device manufacturer to safeguard their private information. But what happens if the company suffers a data breach or ransomware attack? There is a chance that your data might fall into the hands of a hacker. To better protect your online security, understand that enjoying the convenience of connected IoT requires an assessment of where your information is being stored.
There is no denying that IoT devices have upped the convenience of tech users’ lives everywhere. But with these technological rewards comes added risk — cybersecurity risk, that is. The more connected devices you have in your home, the more opportunities criminals have to infiltrate your network and reach other data-rich devices. This can potentially put your private and financial information at risk, not to mention your privacy.
As our reliance on IoT and smart home technology grows, so will the need for users to step up their cybersecurity practices. Follow these tips to help protect your personal data and privacy while still enjoying all that your smart home gadgets have to offer:
1. Secure your Wi-Fi network
Out of the box, most Wi-Fi routers are either not secured or use a default password such as “admin,” making it easy for hackers to poke around and access devices that are connected to your router. To prevent cybercriminals from snooping on your network and the gadgets that are attached to it, secure your Wi-Fi network with a strong password.
A password or passphrase that is long, complex, and unique will discourage attempts to break into your accounts. Try creating a string that is at least 12 characters long, contains a combination of uppercase letters, lowercase letters, symbols, and numbers, and that is unique to each account.
Do your research before investing in a smart device. Ask yourself if the gadget is from a reputable manufacturer. Has the company had previous data breaches, or do they have an excellent reputation for providing secure products? Also, take note of the information your IoT device collects, how vendors use this information and what they release to other users or third parties.
Above all, understand what control you have over your privacy and information usage. It is a good sign if an IoT device allows you to opt-out of having your information collected or lets you access and delete the data it does collect.
In addition to the password/username combo, multi-factor authentication requires that users confirm a collection of things to verify their identity — usually something they have, and a factor unique to their physical being — such as a retina or fingerprint scan. This can prevent a cybercriminal from using credential-stuffing tactics (where they will use email and password combinations to hack into online profiles) to access your network or account if your login details were ever exposed during a data breach.
Stay on top of software updates from your device manufacturer. Available updates are not always advertised, so visit the manufacturer’s website regularly. Additionally, make sure to update mobile apps that pair with your IoT device. Adjust your settings to turn on automatic software updates, so you always have the latest security patches.
Your router is the central hub that connects all the devices in your home, so make sure that it’s secure. After you change the default password and name of your router, ensure that your network name does not give away your address, so hackers can’t locate it. Then check that your router is using an encryption method, like WPA2, which will keep your communications secure.
Additionally, consider setting up a “guest network” for your IoT devices. This is a second network on your router that allows you to keep your computers and smartphones separate from IoT devices. So, if a device is compromised, a hacker still cannot get all the valuable information that is saved on your computers. Check your router’s manual for instructions on how to set up a guest network.
You do not need to go it alone — employ the help of a security solution like McAfee Secure Home Platform, which provides smart security for your home network. By automatically protecting your connected devices through the router, you can feel confident that you have a solid line of defense against online threats.
McAfee Total Protection also includes a robust password management system that creates and saves strong passwords across all your accounts in one centralized location. It also includes home network security to protect your firewall and block hackers from accessing your home network. McAfee Total Protection includes a home network map that allows you to easily identify trusted devices on your network and flag potential intruders.
Recognize that every Wi-Fi connection, every Bluetooth connection, and every connection you make using a wireless connection is subject to hacking. This will help you better understand the risks associated with your smart home devices, and therefore will help you be more equipped to combat them. Remember: a secure home is the smartest home you can have!
The post How to Secure Your Smart Home: A Step-by-Step Guide appeared first on McAfee Blogs.
Over the past year and a half, workers everywhere have gotten used to working from home. They have adopted an entirely new work from home mindset and diverted their weekly commuting hours to other productive and more enjoyable pursuits. As parts of the world return to a “new normal,” another change is on the way: a gradual return to the office.
The hybrid working model is met with mixed reviews from employees and business security teams alike. For some employees, a clearer separation between work and home is a welcome change. CTV News reports 66% of Canadian respondents to an International Workplace Group poll say they are looking forward to splitting their working hours between the office and home.
For business security teams who are just catching their breath after the monumental shift to a remote workforce, they are now gearing up for the new online safety challenges posed by the hybrid work model. According to a VMware Canada Threat Report, 86% of security professionals agree that cyberattacks aimed at their organizations have become more sophisticated since the onset of the pandemic. Additionally, 91% of global respondents cite employees working from home as the cause of cyberattacks. Challenges of the hybrid workforce include the constant back-and-forth of company-issued devices, the lack of control over home office setups, and mixing personal and company devices with company and personal business respectively. For example, if you pay your bills or shop online using your work device, it opens several new avenues for a hacker to walk right onto the corporate network. When your guard is down even a little bit when you are off the clock, you could fall victim to e-skimmers, fake login pages, or phishing scams.
No matter how advanced your company’s threat detection system, hackers know where vulnerabilities lie and are on the hunt to exploit them. Check out these tips to ensure you are not the weak link in your organization.
A virtual private network (VPN) is a service that scrambles online browsing data, making it impossible for nefarious characters to decipher your activity. This is an excellent way to deter hackers from tracking your movements and picking up sensitive pieces of information.
VPNs are essential if you are working in a public area, sharing a wireless network with strangers, or using a Wi-Fi connection that is not password protected. Public Wi-Fi networks are notoriously easy pickings for hackers seeking entry into unsuspecting users’ devices. On the days where you are not in the office, make sure your wireless connection is secure.
While a VPN is an excellent tool, security measures and your accounts are vulnerable without a strong and private password or passphrase to protect them. The gigantic Colonial Pipeline hack is being blamed on a hacker gaining entry through an unused VPN that was not secured with multifactor authentication. Multifactor authentication is an online safety measure where more than one method of identity verification is needed to access the valuable information that lies within password-protected accounts.
Consider using a password manager to organize all your passwords and logins. Password managers remember each pairing so you don’t have to, plus most managers are secured with multifactor authentication. A password manager makes it easier to add variety to your passwords and prevents you from ever having to write them down.
Professionals who travel between their home and an office are likely transporting their devices back and forth, increasing the number of opportunities for devices to be forgotten at either location or in transit. As convenient as it may be, never use your personal device for official business. Even if you pride yourself on sound online safety habits, your company device likely has more defenses ingrained in its hardware than your personal devices.
With your personal devices, you should carefully vet everything you download. With your work-issued devices, this vetting process is even more important as company information is at stake. The Information and Privacy Commissioner of Ontario states that employees should never download applications to their work devices without permission from the IT team. Apps and programs often have security vulnerabilities that could open a gateway for hackers.
Zero Trust is a security philosophy that is exactly what it sounds like: trust no one. Businesses are employing Zero Trust models to greatly limit who has access to sensitive data sources. Adopt your own personal Zero Trust philosophy concerning your passwords, logins, and device access. This means never sharing passwords or log in details, especially over email, instant messenger, or over a video conference. Hackers commonly eavesdrop on all three mediums. Also, even your most trusted coworker could mishandle your passwords and login details, such as writing them down and leaving them in a public place.
A key aspect of the Zero Trust model is only granting employees access to platforms that are vital to their job. Sharing your logins with coworkers who may not be authorized for using that platform undermines all the hard work the IT team does to keep tabs on data access.
Every time you turn on the nightly news, another ransomware attack has hit another organization, each one bigger than the last. This heightened prevalence is a reflection on the wiliness of hackers, but also the number of security holes every company must plug.
There are several vulnerable points of entry in every company, and some of those vulnerabilities are heightened by the hybrid work model. Always heed the advice of your company’s IT team, and make sure to do your part to keep your devices and work information secure.
The post Hybrid Workplace Vulnerabilities: 4 Ways to Promote Online Safety appeared first on McAfee Blogs.
With the increase in online activities due to the COVID-19 pandemic, consumers are potentially becoming exposed to more online threats, and nearly 1 in 3 Americans are not confident in their ability to prevent a cyberattack. Through a partnership with American Express via the Amex Offers Program, McAfee is delighted to offer eligible American Express Card Members personal online security by providing access to comprehensive solutions that protect online security
“Despite the increase in potential risks, consumers plan to continue conducting more and more personal activities online as the post-pandemic new normal comes to fruition,” said Pedro Gutierrez, SVP Global Consumer Sales & Operations at McAfee. “Investing in personal security solutions to protect your online life is a simple way to think security-first, and we’re ecstatic we can now offer these solutions to add value to American Express Card Members.”
The COVID-19 pandemic has forced many regular activities online, with McAfee’s 2021 Consumer Security Mindset Report finding that internet providers saw household internet usage surge anywhere from 40% to 100% as people worked, studied, shopped and entertained themselves at home. Additionally, McAfee found that of consumers that purchased connected devices in 2020, only 50% acted by purchasing security software and only 1 in 4 checked if their security software is up to date.
Through the Amex Offers program, eligible American Express Card Members can receive a statement credit of up to $15 if they spend $45 or more to purchase personal protection solutions at McAfee.com. The statement credit is available to eligible American Express Card Members until August 24th, 2021 and Card Members should check their offers list for additional details on eligibility, offer redemption instructions and applicable limitations.
The post McAfee Partners with American Express to Provide Best-in-Class Security appeared first on McAfee Blogs.
People in their 20s and 30s are losing it online. And by it, I mean money—thanks to digital identity theft.
In its simplest form, your digital identity is made up of a whole host of things that can be traced back to you and who you are. That can range anywhere from photos you post online to online shopping accounts, email accounts to telephone numbers, and bank accounts to your tax ID.
In this way, your digital identity is like dozens upon dozens of puzzle pieces made up of different accounts, ID numbers, and so forth. When put together, they create a picture of you. And that’s why those little puzzle pieces of your identity are such attractive targets for hackers. If they get the right combination of them, you can end up a victim of theft or fraud.
Here’s what’s happening: people in their 20s and 30s were twice as likely than people 40 and over to report losing money while shopping online. That’s according to recent figures from the U.S. Federal Trade Commission (FTC), which also found that people in their 20s to 30s are far more likely to report losing money to fraud. What’s more, they’re also 77% more likely than older people to lose it by way of an email scam.
And it’s no surprise younger adults get targeted this way. They’re far more likely than any other age group to use mobile apps for peer-to-peer payments, transfer money between accounts, deposit checks, and pay bills. In short, there’s a lot of money flowing through the palms of their hands thanks to their phones, as well as their computers.
Protecting yourself from hackers and fraud means protecting your digital identity. And that can feel like a pretty huge task given all the information your digital identity includes. It can be done, though, especially if you think about your identity like a puzzle. A piece here, another piece there, can complete the picture (or complete it just enough) to give a hacker what they need to separate you from your money. Thus, the way to stay safe is to keep those puzzle pieces out of other people’s hands.
It’s actually not that tough. With a few new habits and a couple of apps to help you out, you can protect yourself from the headaches and flat-out pain of fraud. Here’s a list of straightforward things that you can get started on right away:
1. Start with the basics—security software
Protect yourself by protecting your stuff. Installing and using security software on your computers and phones can prevent all kinds of attacks and make you safer while you surf, bank, and shop online. I should emphasize it again—protect your phone. Only about half of people protect their phones even though they use it to hail rides, order food, send money to friends, and more. Going unprotected on your phone means you’re sending all that money on the internet in a way that’s far, far less safe than if you use online protection.
2. Create strong passwords
You hear this one all the time and for good reason—strong, unique passwords offer one of your best defenses against hackers. Never re-use them (or slight alterations of them) across the different platforms and services you use. Don’t forget to update them on the regular (that means at least every 60 days)! While that sounds like a lot of work, a password manager can keep on top of it all for you. And if your platform or service offers the use of two-factor authentication, definitely make use of that. It’s a further layer of security that makes hacking tougher for crooks.
3. Keep up to date with your updates
Updates have a way of popping up on our phones and computers nearly every day, resist the urge to put them off until later. Aside from making improvements, updates often include important security fixes. So, when you get an alert for your operating system or app on your devices, go ahead and update. Think of it as adding another line of defense from hackers who are looking to exploit old flaws in your apps.
4. Think twice when you share
Social media is one place hackers go to harvest personal information because people sometimes have a way of sharing more than they should. With info like your birthday, the name of your first school, your mother’s maiden name, or even the make of your first car, they can answer common security questions that could hack into your accounts. Crank up the privacy settings on your accounts so only friends and family can see your posts—and realize the best defense here is not to post any possibly sensitive info in the first place. Also, steer clear of those “quizzes” that sometimes pop up in your social feeds. Those are other ways that hackers try to gain bits of info that can put your identity at risk.
5. Shred it
Even though so many of us have gone paperless with our bills, identity theft by digging through the trash, or “dumpster diving,” is still a thing. Things like medical bills, tax documents, and checks still might make their way to your mailbox. You’ll want to dispose of them properly when you’re through with them. First, invest in paper shredder. Once you’ve online deposited that check or paid that odd bill, shred it so that any personal or account info on there can’t be read (and can be recycled securely). Second, if you’re heading out of town for a bit, have a friend collect your mail or have the post office put a temporary hold on your mail. That’ll prevent thieves from lifting personal info right from your mailbox while you’re away.
6. Check your credit
Even if you don’t think there’s a problem, go ahead and check your credit. The thing is, someone could be charging things against your name without you even knowing it. Depending on where you live, different credit reporting agencies keep tabs on people’s credit. In the U.S., the big ones are Equifax, Experian, and TransUnion. Also in the U.S., the Fair Credit Reporting Act (FCRA) requires these agencies to provide you with a free credit check at least once every 12 months. Canada, the UK, and other nations likewise offer ways to get a free credit report. Run down your options—you may be surprised by what you find.
As I just mentioned, the quickest way to get sense of what’s happening with your identity is to check your credit. Identity theft goes beyond money. Crooks will steal identities to rent apartments, access medical services, and even get jobs. Things like that can show up on a credit report, such as when an unknown address shows up in a list of your current and former residences or when a company you’ve never worked for shows up as an employer. If you spot anything strange, track it down right away. Many businesses have fraud departments with procedures in place that can help you clear your name if you find a charge or service wrongfully billed under your name.
Other signs are far more obvious. You may find collection agencies calling or even see tax notices appearing in your mailbox (yikes). Clearly, cases like those are telltale signs that something is really wrong. In that case, report it right away:
Likewise, many nations offer similar government services. A quick search will point you in the right direction.
Another step you can take is to ask each credit bureau to freeze your credit, which prevents crooks from using your personal information to open new lines of credit or accounts in your name. Fraud alerts offer another line of protection for you as well, and you can learn more about fraud alerts here.
With so many bits and pieces of information making up your digital identity, a broader way of keeping it safe involves asking yourself a question: what could happen if someone got their hands on this info? Further realizing that even little snippets of unsecured info can lead to fraud or theft in your name helps—even that un-shredded bill or innocuous refund check for a couple of bucks could give a crook the puzzle piece they need. You can keep your digital identity safe by keeping those pieces of info out of other people’s hands.
The post Guide: Protecting Your Digital Identity appeared first on McAfee Blog.
Depending on where your travels take you, you might need a new passport—a COVID-19 vaccine passport.
In an effort to kickstart travel and local economies, these so-called vaccine passports are more accurately a certificate. Such a “passport” can offer proof that the holder has been fully vaccinated against the virus, and there are several of these passports developing in the wings. With all of this in motion, I wanted to give families a look at what’s happening so that they can protect their privacy and identity online.
Broadly speaking, a vaccine passport works like this: information such as name, date of birth, date of vaccination, vaccination type, and vaccination lot number are used to create a digital certificate stored in a smartphone or a physical card. The holder can then offer up that proof of vaccination (or a recent negative test result) to businesses, travel authorities, and the like.
The notion of a vaccine passport has actually been around for a while now, such as the “Yellow Card” issued by the World Health Organization (WHO), which documents vaccination against diseases like cholera and yellow fever for travelers. Note that currently there’s no widely accepted standard for COVID-19 vaccine passports. What’s more, conversations continue around the concerns that come with documenting and sharing vaccine information securely. Understandably, it’s a complex topic.
As of this writing, the European Union has started issuing the “EU Digital Covid Certificate,” which allows its holders to travel throughout the EU freely without quarantine restrictions. The UK has its own version in the works, as do other nations in Asia, along with airline carriers too. In the U.S., “passports” appear to be in development on the state level, rather than on the federal level. For example, the state of New York has its Excelsior Pass program and California has its Digital COVID-19 Vaccine Record available to residents. Private airlines and air travel industry groups have launched their own efforts as well, such as the International Air Travel Association’s IATA Travel Pass.
How these passports are rolled out and how they get used will vary, yet vaccine passports may have an impact on the way people can travel as we recover globally from the pandemic. In some cases, they may even determine if people can attend large events that can help localities reboot their economies and public life in general (i.e., concerts, sporting events, and so on).
The development of vaccine passports and all the rules businesses and local authorities set around them may feel a bit out of our hands. However, in terms of your privacy and your family’s privacy, plenty is still very much in your hands. The common denominator across all these vaccine passports is the exchange of personal information—you and your family’s personal information. And where personal information is shared, hackers are sure to follow. This presents a perfect opportunity for you and your family to review your online privacy practices and close any gaps, whether you plan on traveling or not.
I put together a few things you can do to make sure that you and your family can navigate the future use of these passports with your privacy in mind:
What seems like an innocent celebration of your vaccination could put your personal information at risk. The information captured on these cards varies by nation, region, and locality, with some of the cards containing more information than others. However, even basic info such as birthday, vaccine manufacturer and lot number, location of immunization, or doctor’s name can provide the basis of a scam, such as a phishing email or phishing text message. Likewise, such information could get scooped up by a hacker and used to create phony vaccination credentials. Instead of posting that pic of you and your vaccine card, go with a happy selfie instead. And if you’ve already posted, go ahead and delete the image, better to remove it now and stay safe.
As mentioned above, the uncertainty around vaccine passports, and the general uncertainty around the latter days of the pandemic overall, creates opportunities for hackers and cybercrooks. Just as the early pandemic saw phony offers around miracle cures and today we’re seeing offers for phony vaccination cards, you can bet that scams revolving around vaccine passports will follow. The best advice here is to go to a trusted source for information, like the NHS in the UK or the American Medical Association in the U.S. Granted, cybercrooks will launch their phishing campaigns regardless. Here’s what to do if one heads your way:
In all, if someone is asking for any kind of personal or financial information via an email, text, instant message, or the like, chances are it’s a scam. For more, check out this article on how to spot the warning signs of a phishing attack.
In a time of data breaches large and small, checking your credit regularly is a wise move. Doing so will help you quickly spot issues and help you address them, as companies typically have a clear-cut process for dealing with fraud. You can get a free credit report in the U.S. via the Federal Trade Commission (FTC) and other nations like the UK have similar free offerings as well.
Do the same for your children. They’re targets too. High-value targets at that. Their credit reports are clean, which gives cybercrooks a blank slate to work with. Even more attractive is that child identity theft often goes long unnoticed until years later when the child gets older and rents an apartment or applies for their first credit card.
It’s that simple. Given that these vaccine passports will likely involve a digital certificate stored on a smartphone, app, or possibly other devices, protect them so you can protect yourself. Select comprehensive security software that will protect multiple devices so that everyone in your home is covered.
You can bet that rumors will abound as to who is issuing what “passport”, under what restrictions, and with what implications for traveling, dining out, and visiting shops. All of that amounts to plenty of falsehoods and scams that attempt to rob you of your privacy, identity, and even your money. Turn to trusted news sources known for their even-handed reporting, such as Reuters or the Associated Press, and get your information from there. Knowing what the facts about vaccine passports are in your locality will arm you against fear-based attacks.
A few months back, the FTC posted its own blog about sharing vaccine card photos. It’s a great read, in part because they used a helpful analogy to discuss privacy and identity theft:
Think of it this way — identity theft works like a puzzle, made up of pieces of personal information. You don’t want to give identity thieves the pieces they need to finish the picture.
Likewise, any vaccine passport you acquire will become yet another puzzle piece that you have to protect.
In all, with post-pandemic recovery measures evolving before our eyes, keep an eye on your family’s security. Don’t give away any snippets of info that could be used against you and stay on the lookout for the scams hitting the internet that play on people’s uncertainty and fears. COVID-19 passports may be entirely new, yet they give cybercrooks one more way they can play their old tricks.
The post COVID-19 Vaccine Passports: 5 Security Tips for You and Your Family appeared first on McAfee Blogs.
Small business owners are getting a special deal on their online protection through a partnership between McAfee and Visa. With new ways of working creating online opportunities and risks for small business owners, McAfee and Visa have come together to offer comprehensive protection for a changed business landscape.
Designed to help you minimize costs and unexpected interruptions to your business, McAfee® Security for Visa cardholders provides award-winning antivirus, ransomware, and malware protection for all your company devices including PCs, smartphones, and tablets on all major platforms. Visa Small Business cardholders automatically save up to 40% with a 24-month package and up to 60% with a 12-month offer.
Safety features include:
McAfee’s security savings bundle is also part of Visa’s commerce in a box initiative, which has launched in six U.S. cities (D.C., Detroit, Atlanta, Miami, Los Angeles and Chicago). This program features a curated selection of offers, discounts, and bundles from Visa’s Authorize.net and Visa partners designed to help small businesses with what they need to move their business forward digitally — from accepting digital payments and building an eCommerce site to marketing to their audience in new ways and providing online marketing tools to run and protect their business.
The post Small Businesses Save Up to 60% in McAfee and Visa Partnership appeared first on McAfee Blogs.
Among the many major shifts in lifestyle during the COVID-19 pandemic, the way we used healthcare was one of the most significant. Providers limited in-person visits, elective procedures were delayed, and we avoided hospitals. In response, we went online and started using telehealth and other virtual solutions in ways we never had before.
Our latest consumer mindset survey confirms this was more than a passing trend, showing an almost 50% rise since the beginning of the pandemic in the use of PCs and Mobile devices to access health information, meet virtually with health care providers, and manage prescriptions. Survey respondents also showed they adapted by increasing their usage of smart fitness devices, like Fitbits, to track their personal health.
Navigating the healthcare system and accessing more of our services through the web means more of our personal information is now online. From patient intake forms to test results, a great deal of data about our health, including confidential information like vaccination records, is potentially available. Survey respondents confirmed that they shared and accessed their personal health information across the internet, despite 1/3 or more of respondents having concerns for their privacy and security of their personal information.
This trend hasn’t gone unnoticed by cybercriminals. In fact, the US Department of Health and Human Services is currently investigating nearly 800 health-related data breaches impacting nearly 60 million individuals. All of which is to say that telehealth advances may help us avoid sitting in a doctor’s office, but we need to be more mindful about our security when using these new online services.
Despite the adoption of many telehealth and online health services, security was still a concern for many of our survey respondents. A majority said the primary reason they do not use smart devices for their personal health was because of privacy and security concerns. Fortunately, just as there is preventive medicine, there are also preventive cybersecurity measures we can take to keep our personal data safer online. Here are a few we recommend:
The shift to managing our health online comes with a few safety considerations, but by following the steps above, we can enjoy convenience and access to a healthier life online and off.
The post How to Make Telehealth Safer for a More Convenient Life Online appeared first on McAfee Blogs.
The COVID-19 pandemic forced many of us to quickly adjust to the new normal — case and point, admitted that they switched to digital activities like online banking, social networking, and online shopping in 2020 out of convenience. Research now shows that consumers’ reliance on this technology is here to stay. PwC found that 44% of global consumers now shop more using their smartphones compared to when COVID-19 began. While having the world at your fingertips is convenient, how does this digital lifestyle change expose users to cyber threats, especially attacks on mobile devices?
It’s no secret that cybercriminals tend to manipulate their attacks based on the current trends set by technology users. As you reflect on how increased connectivity affected your everyday life, it’s important to ask yourself what could be lurking in the shadows while using your mobile devices. With more of us relying on our devices there’s plenty of opportunities for hackers. This begs the question, what does mobile security look like in a post-pandemic world?
In addition to the increased adoption of digital devices, we had to figure out how to live our best lives online – from working from home to distance learning to digitally connecting with loved ones. And according to McAfee’s 2021 Consumer Security Mindset Report, these online activities will remain a key part of consumers’ post-pandemic routines. But more time spent online interacting with various apps and services simultaneously increases your chance of exposure to cybersecurity risks and threats. Unsurprisingly, cybercriminals were quick to take advantage of this increase in connectivity. McAfee Labs saw an average of 375 new threats per minute and a surge of cybercriminals exploiting the pandemic through COVID-19 themed phishing campaigns, malicious apps, malware, and more. New mobile malware also increased by 71%, with total malware growing nearly 12% from July 2019 to July 2020. As consumers continue to rely on their mobile devices to complete various tasks, they will also need to adapt their security habits to accommodate for more time spent online.
Here at McAfee, we recognize that the way you and your family live your digital lives has changed. We want to help empower you to protect your online security in your hyper-connected lifestyle. To help provide greater peace of mind while using your mobile devices, follow these tips to help safeguard your security.
When setting up a new device or online account, always change the default credentials to a password or passphrase that is strong and unique. Using different passwords or passphrases for each of your online accounts helps protect the majority of your data if one of your accounts becomes vulnerable. If you are worried about forgetting your passwords, subscribe to a password management tool that will remember them for you.
Remember to physically lock your mobile devices with a security code or using facial recognition as well. This prevents a criminal from unlocking your device and uncovering your personally identifiable information in the event that your phone or laptop is stolen.
Multi-factor authentication provides an extra layer of security, as it requires multiple forms of verification like texting or emailing a secure code to verify your identity. Most popular online sites like Gmail, Dropbox, LinkedIn, Facebook, etc. offer multi-factor authentication, and it takes just a few minutes to set it up. This reduces the risk of successful impersonation by hackers who may have uncovered your credentials.
Hackers tend to lurk in the shadows on public Wi-Fi networks to catch unsuspecting users looking for free internet access on their mobile devices. If you have to conduct transactions on a public Wi-Fi network, use a virtual private network (VPN) like McAfee® Safe Connect to help keep you safe while you’re online.
Be skeptical of text messages claiming to be from companies with peculiar asks or information that seems too good to be true. Instead of clicking on a link within the text, it’s best to go straight to the organization’s website to check your account status or contact customer service.
Some cybercriminals send texts from internet services to hide their identities. Combat this by using the feature on your mobile device that blocks texts sent from the internet or unknown users. For example, you can disable all potential spam messages from the Messages app on an Android device by navigating to Settings, clicking on “Spam protection,” and turning on the “Enable spam protection” switch. Learn more about how you can block robotexts and spam messages on your device.
Prepare your mobile devices for any threat coming their way. To do just that, cover these devices with an extra layer of protection via a mobile security solution, such as McAfee Mobile Security.
COVID-19 changed our relationships with our digital devices, but that does not mean we have to compromise our online security for convenience. Incorporating these tips into your everyday life can help ward off mobile cyber threats and stay a step ahead of hackers.
The post The Future of Mobile in a Post-COVID World & How to Stay Secure appeared first on McAfee Blogs.
Microsoft has shipped an emergency security update affecting most Windows users. This update partially addresses a security vulnerability known as PrintNightmare that could allow remote hackers to take over your system.
PrintNightmare could allow hackers to gain control of your computer. This means hackers could perform malicious activities like installing their own apps, stealing your data, and creating new user accounts.
Microsoft recommends Windows 10, 8.1, and 7 users update their computers through Windows Update as soon as possible. Note that an additional patch will likely be required to fully fix the issue, so expect another update prompt from Microsoft in the days to come.
For extra protection against malware that may result from a hack like this one, we recommend an all-in-one security solution, like McAfee Total Protection or McAfee LiveSafe. If a hacker takes advantage of the exploit and tries to install additional malware, McAfee Total Protection/LiveSafe can help protect against those attempts. Learn more about our online security products here.
PrintNightmare exploits a vulnerability in the Windows Print Spooler service. The step-by-step instructions below will guide you through turning off the service to ensure hackers can no longer exploit the security flaw. The Print Spooler will remain off until the PC is rebooted.
Step 1: Press the Windows key, and type Services, clicking on the Services App
Step 2: Scroll down to the Print Spooler Service
Step 3: Right-click on the Print Spooler Service and click Stop.
The post Microsoft Urges Customers to Update Windows as Soon as Possible appeared first on McAfee Blogs.
The Smartsheet enterprise platform has become an essential part of most organizations, as it has done much to transform the way customers conduct business and collaborate, with numerous services available to increase productivity and innovation. Within the McAfee customer base, customers had expressed their commitment to Smartsheet, but wanted to inject the security pedigree of McAfee to make their Smartsheet environments even stronger.
In June 2021, McAfee MVISION Cloud released support for Smartsheet – providing cornerstone CASB services to Smartsheet through the CASB Connect framework, which makes it possible to provide API-based security controls to cloud services, such as:
Utilizing the CASB Connect framework, McAfee MVISION Cloud becomes an authorized third party to a customer’s Smartsheet Event Reporting service. This is an API-based method for McAfee to ingest event/audit logs from Smartsheet.
These logs contain information about what activities occur in Smartsheet. This information has value; McAfee will see user logon activity, sheet creation, user creation activity, sheet updates, deletions, etc. Overall, over 120 unique items are stored in the activity warehouse where intelligence is inferred from it. When an inference is made (example: Insider Threat), the platform can show all the forensics data that lead to that conclusion. This provides value to the Smartsheet customer since it shows potential threats that could lead to data loss, either unintended by a well-meaning end-user or not.
Policies for content detection are another important use-case. Most McAfee customers will utilize Data Loss Prevention (DLP) across their endpoint devices as well as in the cloud utilizing policies that are important to them. Examples of DLP policies could be uncovering credit card numbers, health records, customer lists, specific intellectual property, price lists, and more. Each customer will have some kind of data that is critical for their business, a DLP policy can be crafted to support finding it.
In Smartsheet, when an event from the Event Reporting service is captured that relates to DLP – a field is updated, a file is uploaded, or a sheet is shared, the DLP service in MVISION Cloud will perform an inspection of the event. Should the content or sharing violate a policy, an incident will be raised with forensic details describing what user performed the action and why the violation was flagged. This is important for customers because it operationalizes security in Smartsheet and other cloud applications that MVISION Cloud protects. The same DLP policies can be utilized across all of their critical cloud services, including Smartsheet.
Lastly, MVISION Cloud integrates with most popular Identity Providers (IDP). Through standards-based authentication, MVISION Cloud can enforce policies such as location and device policies that assure that only authorized users connect to Smartsheet; for regulated industries this can be important to ensure no compliance issues are violated as they conduct business.
Smartsheet enterprise customers benefit significantly from MVISION Cloud’s support. Visibility of user activity, threats and sensitive data give users a chance to further entrench their business processes in a cloud app they want to use. Adding security tools to an enterprise platform like Smartsheet reduces overall risk and gives organizations the confidence to more deeply depend on their critical cloud services.
Trying out Smartsheet and McAfee MVISION Cloud is easy. Contact McAfee directly at cloud@mcafee.com or visit resources related to this blog post:
The post Adding Security to Smartsheet with McAfee CASB Connect appeared first on McAfee Blogs.
We live in a world that thrives on digital connectivity. According to We Are Social, Canadians are now spending half a day more a month online than they did a year ago. Also, 33 million Canadians logged on to the internet at least once a month in 2020. As more people every year are spending hours upon hours online, they are knowingly (and sometimes unknowingly) unsafely releasing their personal information into the digital ether, making them vulnerable to all sorts of cybercrimes. The ramifications range anywhere from malware infection to identity fraud. Better understanding the best practices for online sharing will ensure users can navigate online dangers and safely connect with others.
Here are three ways online users share too much information and how they are placing themselves at risk.
Think about how many websites you visit regularly. How many of these have access to your personal information, such as your email, credit card numbers, and shipping address? Before accepting the option to save your information on file for a “faster checkout experience,” consider the following: A Canadian Internet Registration Authority polled 500 IT security professionals, and a quarter of them experienced a breach of customer data in 2020. Online users cannot afford to take liberties with the information they hand over to online companies, especially if they subscribe to numerous sites.
On a similar note, it is equally inadvisable to hand over information about yourself. Although seemingly harmless, online quizzes may not be as safe as you think. Some quiz questions sound more like security questions such as, “What was the first car you owned?” or “Where did you grow up?” Hackers using spyware can access these answers and anything else you enter on quiz sites to formulate informed guesses at your passwords.
It may seem counterintuitive not to share information on social media, seeing as the purpose of these platforms is to share. However, the problem with social media is that too many people are leaving themselves exposed to hackers due to the specificity of the information they share. More than two-thirds of Canadians are on social media, according to Statista, meaning there are millions of user profiles and newsfeeds brimming with personal information. Specific information such as company details in a new job announcement or your birth date in a celebration post are details hackers can use to impersonate you or break into your accounts. Additionally, cybercriminals can impersonate people in your network or pose as average users and add you as a friend. Hackers will often use this tactic to get close to someone and gather intel to formulate a targeted phishing attempt or identity theft.
While you can take proper precautions to safeguard your personal information, you cannot guarantee that others will do so with the same vigilance. Many do not realize there is more at stake than a loss of privacy when intentionally sharing information, usually login credentials, with others. If your friend you shared your password with is hacked, then a cybercriminal can now access your information as well as theirs. Cybercriminals can then use this information to break into your accounts, hold your data for ransom, and even steal your identity.
Knowing what is safe to share online and how to protect the information that is not is the first step to safeguarding your online presence. Here are four tips to consider before sharing your personal details on websites, social media, and with others:
Always err on the side of caution whenever you visit unknown sites or download applications on your devices. Be aware of what you click on, the ramifications of clicking on a malicious link, or handing over information on an unsecured website. One way to ensure you are visiting a secure website is to look for the padlock icon in the top left corner of your browser. This icon indicates the site and your connection are secure.
Take your internet protection one step further and avoid saving your information on file. If possible, use an alternate payment gateway with verified encryption that does not require inputting your credit card information. This way, your data does not become a liability in the event of a company data breach.
There’s a fine line between sharing too much and sharing just enough on social media. Start taking control of your privacy on social media by adjusting your privacy settings. Unless you are an aspiring social media influencer, it is best to keep your account private and limit your followers to only people you know personally. Do not follow strangers and reject friend requests from strangers. They could turn out to be a hacker.
Take advantage of platform security controls that allow you to control your visible information. For example, you can disable your activity status or geolocations to block other people from tracking your every move or manage the personal data these platforms are allowed to share. Keep in mind that any third-party app with access to these platforms will have varied privacy policies. Read the fine print on their user agreements, as these policies differ depending on the app.
3. Use a VPN
Before hopping online, consider using a virtual private network (VPN) to secure your connection. A VPN allows you to browse the internet with the confidence that your Wi-Fi and any sensitive information you send through this connection is encrypted. In other words, if a hacker intercepts this data, they won’t be able to make any sense of it.
Enabling multi-factor authentication adds an extra layer of protection that makes it nearly impossible for hackers to bypass even if they do manage to steal your credentials.
Also, make sure you create strong passwords or passphrases by following password best practices and ensuring they are long, complex, and varied. Use a password manager with a generator to help you create strong passwords and store them, so you do not have to memorize them. This method also makes it easier and more secure than saving passwords on internet browsers. Further, password managers, like McAfee True Key, make it easy to securely share your credentials with others.
From social media to work to daily activities, peoples’ lives are centralized around their digital devices and online access. Users must learn to care for their information to the same degree one would manage their physical IDs or credit cards. Only then can they carry on their online activities, confident in the knowledge they are doing so securely.
The post The Ultimate Guide to Safe Sharing Online appeared first on McAfee Blogs.
Do you usually read what critics say before deciding to see a movie or read a book? We believe these McAfee MVISION XDR reviews were worth the wait. But rather than simply share a few top-tier analyst blurbs with you, we’d like to walk through what these insights mean to our growing set of customers and how their sec operations will evolve with greater efficiencies.
Extended Detection and Response products, better known as XDR, not only extended the capabilities of EDR platforms, but according to Gartner[1] “ XDR products may be able to reduce the complexity of security configuration and incident response to provide a better security outcome than isolated best-of-breed components.”
Our Enterprise Security Manager (ESM)/SecOps team briefed a top-tier analyst firm on ESM product execution and the MVISION XDR platform in particular. His reaction to our use cases? “These are great and it is useful to have examples that cut across different events, which is illustrative more so than anything. The response to the cuts across various tools, and the proactive configuration aspect with the security score type analysis, is also pretty rare in this market.”
The takeaway: Preventing an incident is much better than cleaning up after the fact. MVISION XDR powered by MVISION Insights offers a unified security posture score from endpoint to cloud, delivering a more robust and comprehensive assessment across your environment. It allows you to drill down on specifics to enhance your security.
“The vendor has stolen a march on some of its competitors, at least in the short term, with this offering. A lot of vendors are aiming to get to an offering comprising threat intel + prioritization + recommendations + automation, but few if any have actually reached that point today.” – Omdia
A top-tier analyst firm mentioned that many EDR vendors today call themselves “Open XDR” vendors, but they do not offer a fully effective XDR product. The analyst sees XDR as a significant opportunity for McAfee to expand the breadth of our product portfolio.
The takeaway: A fully effective XDR product unites security controls to detect and assess comprehensively and prevent erratic movement of advanced threats. A robust product portfolio with an integrated service offering from a platform vendor with a proven track record of integrating security (McAfee) is critical to achieve this.
Noted by a top-tier analyst firm, only McAfee and one other offers data-awareness in the XDR offering. This XDR capability alerts the analyst that the threat impact is targeted at sensitive data.
The takeaway: Many SOCs have siloed tools that hinders their ability to detect and respond quickly and appropriately. SOC’s must prioritize threat intelligence to rapidly make critical decisions.
A top-tier analyst firm believes the primary segments for XDR capabilities are in the three groups to solve problems: 1) Workspace 2) Network 3) Cloud workloads. Giving hardening guidance is good for customers, so any vulnerability exposure and threat scoring are good priorities for MVISION Insights.
The takeaway: McAfee MVISION XDR provides automation that eliminates many manual tasks but more importantly, it empowers SOC analysts to prioritize the threats that matter and stay ahead of adversaries.
A top-tier analyst firm likes our product direction. “Where you’re going with XDR, and with the cloud console — that’s the way to go. It feels like we have crossed the Rubicon of cloud-delivered.”
The takeaway: By going cloud-native, MVISION XDR enables more efficient, better, and faster decisions with automated investigations driven by correlation analysis across multiple vectors. We can provide unified visibility and control of threats across endpoints, networks and the cloud.
| To discover why McAfee MVISION XDR earns rave industry reviews, see our resources on XDR to evolve your security operations to be more efficient and effective. |
Resource: [1] Gartner Innovation Insight for Extended Detection and Response, Peter Firstbrook, Craig Lawson , 8 April 2021
The post The Industry Applauds MVISION XDR – Turning Raves into Benefits appeared first on McAfee Blogs.
Families are hitting the road again. And it’s absolutely no surprise that they’re taking their smartphones with them. Perhaps what is surprising is that so many of them may be hitting the road without any digital or mobile protection.
Our recent research shows that 68% of people in the U.S. said that they’re planning to travel for leisure this year, slightly higher than the international average of 64%.1 However, our research also discovered that nearly half of them don’t use mobile security software to protect themselves or their smartphones.
That lack of protection is a concern, particularly as our April 2021 Threats Report detected a more than 100% increase in attacks aimed at mobile devices. It makes sense that such is the case, as the pandemic led to increased adoption of online activities like banking, shopping, and even doctor visits via telemedicine—often straight from our smartphones.
However, our smartphones can be as vulnerable as any other device (like our computers). Accordingly, with the volumes of valuable data that those activities create on our smartphones, cyber crooks were sure to follow.
The good news is that you can indeed enjoy all of that mobile convenience without worry, even on vacation. No doubt many travelers will do some online banking or even some online food ordering while they’re out and about. Likewise, their kids will be online for stretches of that time too, whether it’s on chat apps like Snapchat, social media like Instagram and TikTok, games like Fortnite and Among Us, or streaming videos. Go ahead, do it all. Just make sure you’re protected before you hit the road.
With that, add mobile protection to your packing list. I’ve put together a shortlist of straightforward things you can do that will help you and your kids stay safe online while on the road this summer.
While the tips above are great for the whole family, the following additional steps are what you can take to protect your children even further:
Tracking your child’s smartphone not only allows you to find it easily if it’s lost or stolen but can also put you at ease by knowing where your child is. Yet it’s important to use location tracking selectively. Not every app needs location tracking to work as intended, even though many apps ask for permission to enable it. Go into the phone’s settings and disable the location features on an app-by-app basis. For example, a weather app doesn’t need your child’s second-by-second location information to work properly, nor should a gaming app need it at all. Likewise, photos taken on a phone can embed location information that can be easily read when shared, revealing plenty about when and where it was taken. In all, enable the location services for only the most necessary of apps like maps.
Use travel as a time to reset
Recent research shows that tweens spend nearly five hours on their screens each day, while teenagers push that up to more than seven hours a day. Some staycation time is a good time to pare back those hours and enjoy the local scenery, even if for a short stretch. You can use your travel time as well to re-establish your phone rules. That way, vacation stays entertaining but doesn’t affect the habits you set into effect back home.
Above and beyond security settings and software, there’s you. Get in the habit of talking with your child for a sense of what they’re doing online. As a mom, I like to ask them about their favorite games, share some funny TikTok clips or cute photos with them, and generally make it a point to be a part of their digital lives. It’s great, because it gives you peace of mind knowing what types of things they are doing or interactions they are having online.
For those of you hitting the road in the coming weeks, enjoy your travels, wherever they take you!
The post Travel Smart: Protecting Your Family’s Smartphones While on Vacation appeared first on McAfee Blogs.
Today we wrap up Mobile World Congress (MWC) 2021. Whether you joined online or attended the hybrid conference in person, one thing is certain: today’s groundbreaking technology is paving the way for our future connectivity. Fittingly, the theme of this year’s event was Connected Impact, representing the role mobile connectivity plays in an ever-changing world, where flexibility and adaptability are critical. Here are four of the key consumer takeaways from this year’s conference:
COVID-19 truly put the power of online connectivity to the test. While 2020 was supposed to be the year of 5G connectivity, this was put on pause as the world faced social and financial uncertainty. Instead, the spotlight fell on legacy technologies to create a new normal for users. Consumers quickly had to figure out how to live their best lives online — from working from home to distance learning to digitally connecting with loved ones.
To help foster online connectivity for all, 5G must step back into the spotlight. Although publicly available 5G networks have been around for two years, it is unlikely that many users see much of a difference between 5G and LTE. For users to feel the impact of 5G, mobile carriers must expand the frequencies at the low and high ends of the spectrum, which is where 5G networks operate.
Qualcomm led the 5G announcements on Monday with the unveiling of its second-generation Qualcomm 5G RAN Platform for Small Cells (FSM200xx). This platform brings major enhancements to radio frequencies and is designed to take millimeter wave performance to more places: indoors, outdoors, and around the globe. According to Qualcomm, these advancements aim to facilitate greater mobile experiences and accelerate 5G performance and availability to users everywhere— thus reshaping opportunities for homes, hospitals, offices and more.
Technology and connectivity played a crucial role in our daily lives in 2020—and therefore, unsurprisingly, spending on health and wellness tech grew by 18.1%. But now, we must ask ourselves what role technology will play post-lockdown.
While they did not have a physical appearance at MWC this year, Samsung provided a sneak of their new wearables: they introduced the One UI Watch user experience, a new interface designed to make the Galaxy Watch and smartphone experience more deeply connected. Samsung also announced its expanded partnership with Google, promising to deliver better performance, longer battery life, and a larger ecosystem of apps to the Galaxy Watch. Although they did not unveil any hardware at MWC, Samsung did ensure that users can expect to see new devices like the Galaxy Z Fold 3 and the Galaxy Watch 4 at their Galaxy Unpacked event happening in July/August of 2021.
2020 also shone a bright light on the key role technology plays in the consumption and distribution of creative arts and entertainment. Lockdown put an even greater responsibility on streaming platforms — and the devices they are accessed on — to deliver content right to people’s homes.
To help meet entertainment consumption needs, Lenovo announced not one, not two, but five new Android tablets during MWC. Its largest tablet is the Yoga Tab 13, which features a built-in kickstand, 13-inch display with 2,160 x 1,350 resolution, up to 12 hours of battery life, and more. Lenovo is pitching this model as its “portable home cinema,” perfect for streaming on the go. It also unveiled the Yoga Tab 11 and the Tab P11 Plus, which are expected to be available in EMEA in July following the Yoga Tab 13’s June release date. For users hoping for a more compact, budget-friendly device, Lenovo also announced the Lenovo Tab M8 and the Lenovo Tab M7. Whichever model you select, one thing it certain — digital devices have and will continue to be instrumental in consumer entertainment.
These exciting announcements are a great representation of what the future holds for mobile technology and greater connectivity. The advancements in mobile connectivity have already made a positive impact on consumer lifestyles, but the rise in popularity of these devices has also caught the attention of cybercriminals looking to exploit consumers’ reliance on this technology.
More time spent online interacting with various apps and services simultaneously increases your chance of exposure to cybersecurity risks and threats. Unsurprisingly, cybercriminals were quick to take advantage of the increase in connectivity throughout 2020. McAfee Labs saw an average of 375 new threats per minute and a surge of hackers exploiting the pandemic through COVID-19 themed phishing campaigns, malicious apps, malware and more. For users to continue to live a connected life, they will need to take greater care of their online safety and ensure that security is top-of-mind in any given situation. Taking these precautions will provide greater peace of mind in the new mobile-driven world.
The post The Future of Mobile: Trends from Mobile World Congress 2021 appeared first on McAfee Blogs.
Here’s to the hashtags, the likes, the followers, the DMs, and the LOLs—June 30th marks Social Media Day, a time to celebrate and reflect on how social media has changed our lives over the years.
Started in 2010 by media and entertainment company Mashable, celebrations have taken on all kinds of forms. Meetups, contests, calls to increase your social circle by one meaningful connection have all marked the date in the past. Yet this year feels like an opportunity to consider just how heavily so many of us have leaned upon social media these past months, particularly in a world where nearly 50% of the global population are social media users to some degree or other.
What’s more, people worldwide spend an average of 145 minutes a day on social media. With users in the Philippines spending three hours and 53 minutes a day and users in the U.S. spending just over two hours a day, that figure can vary widely, yet it’s safe to say that a good portion of our day features time browsing around on social media.
With that, Social Media Day is also a good day to give your social media settings and habits a closer look, all so that you can get the most out of it with less fuss and worry. Whether you’re using Facebook, Instagram, TikTok, or whatnot, here are several things you can do that can help keep you safe and secure out there:
Social media platforms like Facebook, Instagram, and others give you the option of making your profile and posts visible to friends only. Choosing this setting keeps the broader internet from seeing what you’re doing, saying, and posting, which can help protect your privacy.
Be critical of the invitations you receive. Out-and-out strangers could be more than just a stranger, they could be a fake account designed to gather information on users for purposes of cybercrime, or they can be an account designed to spread false information. There are plenty of them too. In fact, in Q1 of 2021 alone, Facebook took action on 1.3 billion fake accounts. Reject such requests.
Nothing says “there’s nobody at home right now” like that post of you on vacation or sharing your location while you’re out on the town. In effect, such posts announce your whereabouts to a broad audience of followers (even a global audience, if you’re not posting privately, as called out above). Consider sharing photos and stories of your adventures once you’ve returned.
It’s a famous saying for a reason. Whether your profile is set to private or if you are using an app with “disappearing” messages and posts (like Snapchat), what you post can indeed be saved and shared again. It’s as simple as taking a screenshot. If you don’t want it out there, forever or otherwise, simply don’t post it.
We’re increasingly accustomed to the warnings about phishing emails, yet phishing attacks happen plenty on social media. The same rules apply. Don’t follow any links you get from strangers by way of instant or direct messengers. And keep your personal information close. Don’t pass out your email, address, or other info as well. Even those so-called “quiz” posts and websites can be ruses designed to steal bits and pieces of personal info that can be used as the basis of an attack.
Some platforms such as Facebook allow users to review posts that are tagged with their profile names. Check your account settings and give yourself the highest degree of control over how and where your tags are used by others. This will help keep you aware of how you’re being mentioned by others and in what way.
Security software can protect you from clicking on malicious links while on social media, strengthen your passwords so your social media account doesn’t get hacked, and boost your online privacy as well. With identity theft a sadly commonplace occurrence today, security software is really a must.
The post Protect Your Social Media Accounts from Hacks and Attacks appeared first on McAfee Blog.
Across the country, Canadians are moving out of cities in droves to stretch their legs and call a larger plot of land home. For those embracing the work-from-home lifestyle, they no longer need to live near metro-area offices in expensive shoebox apartments and condos. According to Statistics Canada, 50,000 people moved out of Toronto and nearly 25,000 people migrated from Montréal to suburban areas from July 2019 to July 2020.
The increased demand for suburban housing is making the Canadian real estate market a mad dash for limited supply. Additionally, some families who are out of work are struggling to keep their homes and are resorting to unsafe measures to keep a roof over their heads.
Leave it to scammers and identity thieves to pounce on a vulnerable situation. Scammers and identity thieves are increasingly taking advantage of unsuspecting homeowners, and in some cases, selling homes without the rightful owners even realizing it.
Be on the lookout for these three Canadian real estate scams.
Foreclosure occurs when a homeowner can no longer afford to pay their mortgage, so the lending institution takes over homeownership with the right to sell it. When homeowners are facing the prospect of having to move out, they may seek dubious loans to help them bridge the gap. Loan fraud is when a scammer pretends to extend a gracious loan. In exchange for the loan, the scammer may ask for the title of the home. With the title in hand, the thief may stop sending loan payments to the homeowner and instead resell or remortgage the property.
Not being able to make mortgage payments is a desperate situation, which causes struggling homeowners to make dramatic decisions. Before agreeing to any type of loan, homeowners must ask themselves if the terms of the loan are too good to be true. In cases of fake loans, they often advertise an incredibly low-interest rate. It is best to trust your financial matters to accredited institutions.
Title fraud is when someone steals the title of the home, usually by impersonating the homeowner. Once they have the title, the thief may attempt to sell the home or apply for a mortgage against it. In March 2021, the Times Colonist reported that a thief impersonated a British Columbian homeowner in order to transfer the home’s title to someone else’s name. Then, the thief tried to sell the home behind the rightful homeowner’s back. It was only when a neighbor alerted the real homeowner about the for-sale sign that they realized that their home could have been sold without their permission.
The best way to defend against title fraud is to keep your personal information as private as possible. Title fraud is closely related to identity theft, and fraudsters may gain access to your personal information through phishing methods. Phishing is a tactic where cybercriminals trick people into giving up personal details, including full names, birthdays, and financial information. Statistics Canada calculates that 34% of Canadians have experienced a phishing attempt since the beginning of the pandemic. This statistic emphasizes the importance of constant vigilance concerning your most sensitive personal information.
Mortgage fraud is a term that can apply to untruthful lenders who attempt to swindle cash from unsuspecting buyers or pitch mortgage terms that fall outside of the buyer’s means. The Financial Services Commission of Ontario lists several warning signs of mortgage fraud. For example, lenders who do not have your best interests in mind may ask for cash fees and upfront payments.
Again, it is best to only trust accredited financial institutions with your mortgages and loans. Research the institution before signing any contract. If the mortgage terms are too good to be true, it probably is. There are several online mortgage calculators that can give you an idea of the type of mortgage you can afford. Before entering any talks with a lender, conduct some research beforehand so you can spot unreasonable terms.
Also, an unscrupulous lender may try to hurry you along but also take a long time responding to your calls and emails. If you feel pressured or unsure at any point, remember that there are plenty of fish in the sea. Ask your friends or family for lender recommendations to make sure that you are not tricked into mortgage fraud, the consequences of which could follow you for years.
The post 3 Canadian Real Estate Scams You Should Know About appeared first on McAfee Blogs.
As Ransomware continues to spread and target organizations around the world, it is critical to leverage threat intelligence data. And not just any threat intelligence but actionable intelligence from MVISION Insights. Fortunately, there are several steps you can take to proactively increase your Endpoint Security to help minimize damage from the next Darkside, WannaCry, Ryuk, or REvil
MVISION Insights provides near real time statistics on the prevalence of Ransomware campaigns and threat profiles detections by country, by sector and in your environment.
Above you can see that although 5ss5c is the most detected ransomware worldwide, in France Darkside and Ryuk have been the most detected campaigns in the last 10 days. You can also sort top campaigns by industry sector.
As you can see above, MVISION Insights measures your overall Endpoint Security score and provides recommendations on which McAfee Endpoint Security features should be enabled for maximum protection.
Then, MVISION Insights assesses out-of-the-box the minimum version of your McAfee Endpoint Security AMcore content necessary to protect against each campaign. As you can see above, two devices have an insufficient coverage against the “CISA-FBI Cybersecurity Advisory on the Darkside Ransomware”. You can then use McAfee ePO to update these two devices.
Below, MVISION Insights provides a link to a KB article for the “Darkside Ransomware profile” with detailed suggestions on which McAfee Endpoint Security rules to enable in your McAfee ePO policies. First, the minimum set of rules to better protect against this ransomware campaign. Second, the aggressive set to fully block the campaign. The second one can create false positives and should only be used in major crisis situations.
MVISION Insights can show you whether you have unresolved detections for specific campaigns. Below you can see that you have an unresolved detection linked the “Operation Iron Ore” threat campaign.
MVISION Insights provides IOCs (Indicators of comprises) which your SOC can use with MVISION EDR to look for the presence of these malicious indicators.
If your SOC has experienced threat hunters MVISION Insights also provides information on the MITRE Tactics, Techniques and Tools linked to this threat campaign or threat profile. This data is also available via the MVISION APIs to integrate with your other SOC tools. In fact, several integrations are already available today with other vendors from the McAfee SIA partnership.
Finally, the ultimate benefit from MVISION Insights is that you can use it to show to your management whether your organization is correctly protected against the latest ransomware attacks.
In summary, you can easily leverage MVISION Insights to proactively increase your protection against ransomware by:
The post How to Proactively Increase Your Protection Against Ransomware with Threat Intelligence appeared first on McAfee Blogs.
Every day you place your personal information in the hands of companies and trust that it will remain safe. However, what happens when external threats jeopardize your personal data security, especially while working remotely?
The transition to remote work environments and consumers’ online habits have made it more difficult for Canadian employees and consumers to protect their personal information. This challenge is primarily due to ransomware. To protect yourself, you need to first understand how cybercriminals take advantage of users’ online behaviors to launch strategic attacks against employees and consumers through the information they glean from stolen company data.
Ransomware has been on the rise this past year with attacks increasing 62% in 2020 according to Statista. In fact, 78% of Canadian cybersecurity professionals said that attacks increased due to employees working remotely in a recent VMware report. Cybercriminals target remote workers primarily through malicious links sent through phishing emails — in fact, over one third of Canadian respondents in a recent survey said they experienced at least one phishing attempt in the last year.
Hackers pose as legitimate organizations and prompt individuals to take action: say you decide to check your personal email on your work laptop during your lunch break. You open a message that claims to be from one of your favorite retailers claiming that you just won $500 in shopping credit – all you need to do is click on the link and fill out your banking information. This is an example of a phishing attack that could not only wreak havoc on your personal security, but your company’s as well. If the link in the message downloads a credential-stealing malware on your work laptop, there is a good chance that your organization’s private data or network could be compromised.
Knowing that many employees will be communicating virtually instead of face-to-face, hackers can take advantage of the remote work environment by posing as employees from finance departments and sending fake invoices for products or services. The goal of these fake invoices is for employees to call a support phone number to investigate, whereby hackers attain credit card numbers or other information they can leverage in spear-phishing scams. Hackers can also spoof phone calls to make it look like it is coming from a legitimate number within the organization. Revealing too much information to an unverified contact is a risk that remote workers must learn to identify and avoid.
Ransomware is always evolving, making it critical to understand the nature of these threats so you can better avoid them.
Cybercriminals are constantly finding new ways to automate their attacks and increase their profits. Here is a look at five active ransomware variants cybercriminals use today—and how they deploy them.
By the end of 2020, McAfee Labs observed a 69% increase in new ransomware, which Cryptodefense largely drove. This virus is similar to CryptoLocker, a trojan virus that spreads through email phishing to infiltrate hard drives and files. Both spread ransomware, use high levels of encryption to compromise users’ files, and claim that these files cannot be decrypted without a decryption key.
Maze ransomware has been active since November of 2019 and is operated by hackers notorious for leaking victim data upon non-payment. Maze operators first gain access to a network by using valid credentials. It will then scan the network for user devices, check these devices for additional credentials, and compromise user files.
In a Ransomware Task Force interview with an affiliate of the REvil/Sodinokibi syndicate, the interviewee revealed that companies with cyber insurance are prime targets since the chances of a payout are high. This ransomware spreads through software vulnerabilities, phishing scams, and exploit kits. Once it infiltrates a device, it spreads through escalated privilege to compromise user files and systems.
Ryuk has been around since August of 2018 and targets large companies, critical infrastructure, and hospitals. This ransomware is almost always spread through a banking trojan called Trickbot, used by hackers to steal financial and banking credentials. The operators behind this ransomware demand higher ransoms compared to other groups. They also use opensource tools and manual hacking techniques to bypass detection and infiltrate private networks.
The operators behind SamSam ransomware gain access through Windows servers using a Microsoft protocol that allows remote connections to other computers. Operators will then elevate their privilege to include admin rights once inside a network to infect servers with malware, requiring no action or authorization on the victim’s part.
Ransomware can affect anyone, regardless of whether you are an employee or a customer of a targeted company. Keep these tips in mind to reduce your risk of a ransomware attack and know what steps to take if you fall victim.
Phishing emails are one of the most common methods a hacker will use to infect devices and spread ransomware. They will send links through seemingly legitimate emails to trick users into clicking on them and downloading malicious files. Knowing how to spot one is the first step to prevent infection. If you receive an email you suspect is a phishing scam, start by analyzing its structure: common indicators of a phishing scam may include:
Once you identify a phishing email, don’t click on any links or download attachments. Simply delete it and carry on with your day.
Keep in mind that the cybercriminals behind Maze ransomware gained access to private networks through valid credentials. Hackers typically obtain these credentials through a “password spray” technique where they attempt to log in to accounts using a list of commonly used passwords. However, hackers have a higher chance of guessing valid passwords if they are too short or not complex enough. Additionally, a hacker is more likely to infiltrate multiple accounts if they share the same password.
Strong passwords help ensure that a hacker cannot access your private network, gain administrative rights to your device, or infect another device you are connected to. Create a password that is strong enough to withstand simple guess-and-check attempts by making them long, difficult, and unique. Multi-phrased passwords or passphrases also help to prevent hackers from breaking into your accounts, such as “P3anutbutter&J3lly.” Avoid reusing passwords across multiple accounts and change them periodically, especially after an account has been breached. Even if a hacker does steal your credentials, multi-factor authentication adds an extra validation layer to prohibit unauthorized sign-in attempts.
Your device is more susceptible to ransomware and viruses without the right security tools to help mitigate the chances of infection. Avoid the risk of a ransomware attack by employing a quality security solution like McAfee Total Protection. A holistic security solution can help you stay vigilant of cyber threats by monitoring for ransomware viruses in addition to malware and spyware. Security software can also monitor your internet connection and network traffic through regular scans to flag malicious activity and provide guidance on how to sidestep these threats. If a hacker attempts to launch an attack on your device, you can rest assured your security software will promptly alert you of the intrusion.
In addition to social engineering tactics, hackers will leverage vulnerabilities in software to create a back door through which they can infiltrate user devices. A way to keep cyber criminals out is to keep your software applications and devices up to date. This includes the apps on your mobile device as well as apps on your desktop. Regular updates ensure that the proper security patches are implemented, the right bugs are fixed and that hackers cannot exploit these vulnerabilities.
If worse comes to worst and your device is infected with ransomware, the first thing to do is isolate the device and disconnect from shared networks. Disconnecting the infected device ensures that ransomware cannot spread to other devices on that same network.
Immediately gather evidence on what type of malware you are dealing with so you can accurately report it to authorities and determine what your options are for remediation. You can then choose to remove it or wipe your system completely which is the most assured way to eliminate ransomware from your device. Afterwards you can reinstall your operating system and, provided you perform regular backups, restore your files to a previous version.
No one is truly out of the danger zone when hackers strike. Ransomware is on the rise, and online users must understand how to bypass these viruses to avoid the ramifications of a compromised device. By understanding online security best practices, users can safeguard their online presence and defend against ransomware threats.
To stay updated on all things McAfee and on top of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, subscribe to our newsletter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.
The post 5 Ransomware Threats Canadians Need to Know appeared first on McAfee Blogs.
If you have a tween or teen, you’ve likely heard a lot of excited chatter about Roblox. With a reported 150 million users, there’s a good chance your child has the Roblox site on their phone, tablet, PC, or Xbox. In fact, in 2020, Roblox estimated that over half of kids in the U.S. under 16 had used the forum. However, as with all digital destinations, the fun of Roblox is not without some safety concerns.
Roblox is an online gaming forum (not an app or game as one might assume) where users can create and share games or just play games. Kids can play Roblox games with friends they know or join games with unknown players. Roblox hosts an infinite number of games (about 20 million), which makes it a fun place to build and share creations, chat, and make friends. Game creators can also make significant money if their games take off.
A huge component of Roblox is its social network element that allows users to chat and have meetups. During quarantine, Roblox added its own private space for users to host virtual private birthday parties and social gatherings.
Like any site or app, Roblox is safe if you take the time to optimize parental controls (both in-forum and personal software), monitor your child’s use, and taking basic precautions you’re your child starts using the forum. Especially with kids drawn to gaming communities, it’s important to monitor conversations they can be having with anyone, anywhere.
Roblox security tip: Adjust settings to prohibit strangers’ from friending an account. Consider watching your child play a few games and how he or she interacts or wanders through the app. Pay close attention to the chat feature. Keep the conversation open, so your child feels comfortable sharing online concerns with you.
If you have your child’s login information, you can easily view their activity history in a few vulnerable areas including private and group chats, friends list, games played, games created, and items purchased. It’s also a good idea to make sure their birthdate is correct since Roblox automatically filters chats and game content for users under 13. Roblox has a separate login for parents of younger kids that allows you to go in and view all activities.
As always, the best way to keep your child safe on Roblox or any other site or app is to take every opportunity for open, honest conversation about personal choices and potential risks online. Oh, and sitting down to play their favorite games with them — is always the best seat in the house.
The post What is Roblox and is It Safe for Kids? appeared first on McAfee Blogs.
Over the last year, our relationship with digital technology has changed completely, and probably irrevocably. The pandemic has been bruising in many different ways, but it has been clear from the very start how important the internet has been as a tool to help us through it. Even just a few years ago, the behavioural shifts it enabled would not have been possible. From offices running on videoconferencing, to essential retail moving online, to digitally-delivered healthcare, many online tools that were once seen as promising growth areas or quality-of-life improving luxuries have come into their own as vital parts of everyday life.
Every big change in how we use technology, however, is followed sooner or later by a development in how we approach security and safety. This was true when the emergence of personal computers and ATMs led to education campaigns around the importance of PIN and password vigilance. It was true when the commoditisation of internet access created the need for consumer antivirus protection. It was even true when the automobile was first introduced, with cities rushing to introduce traffic signaling to manage that new high-speed flow.
Soon, then, we should expect to see another step in our collective attitude to security and privacy. What will that look like? For me, it should rest on a new sense of what is being protected, and new expectations about how that protection happens.
To explain why, it’s worth understanding what the process of finding and fixing cybersecurity issues looks like. The first line of defence against attacks always happens during product development, when coders and engineers try to ensure that what they are creating is not vulnerable. The nature of cybersecurity, however, is that some problems will inevitably occur in finished products. That’s why there are also teams of people who analyse these products, independently testing whether they are truly safe.
At McAfee, our enterprise Advanced Threat Research (ATR) team has a long history and a strong track record of doing this testing. Often, the ATR team’s work is very similar to what people might imagine when they think of a ‘cybersecurity researcher’: it’s unpicking highly complex systems and tracing international criminal organisations responsible for attacks.
A lot of this work is much closer to home, though, and increasingly it deals with finding vulnerabilities not just in apps and computers, but in devices that few would think of as being a potential risk. The rise of the smart home means that many household items, from luxuries like exercise machines to basics like wall clocks, can also be internet-connected computers, tapping into the network to make life easier and better in a myriad of ways.
The ‘internet of things’, or IoT, has been a tech catchphrase for a long time, but it’s now a daily consumer reality too, with thermostats and air conditioners, security cameras and door locks, fridges and coffee machines all offering enhanced experiences through online connectivity. The security challenge lies in the fact that most people would view items like these just as a thermostat or as a door lock – not as a computer which requires protection. How, after all, do you install an antivirus service on a fridge?
Combined with the increase of online activity we’ve all experienced over the last year, this requires more than widening consumers’ current thinking about security to include more devices. It requires a whole new approach. When the average household had one or two computers, it made sense to think of cybersecurity in terms of protecting the device. When any item in a home could also be an internet access point, we need to start thinking instead in terms of protecting people and families.
A big part of that will be expecting more of the companies who design and supply these devices. When the ATR team – or another threat research team – finds a flaw in a consumer device, step one is always to contact the manufacturer and work with them to fix it before malicious actors spot the opportunity. Many businesses behave responsibly, responding openly and collaboratively, developing a solution, and rolling it out as quickly as possible. Not all businesses are so conscientious. How businesses react to security problems should be a much bigger part of how we choose what to purchase.
Going back to the car, the traffic light was not the final safety innovation we saw. Over the last century, growing regulations and awareness led to a situation where, today, purchasers are likely to inspect a vehicle’s safety ratings before handing over their cash. In just the same way, attitudes to cybersecurity need to keep evolving – and soon, we may even be asking car manufacturers about how they respond to vulnerability disclosures.
The pandemic was a leap forward in how far digitalised our lives have become. Companies and customers alike now need to think carefully about what we need to talk about when we talk about making our online lives safe, secure, and private.
The post Homes, Not Just Devices: The New Consumer Cybersecurity appeared first on McAfee Blogs.
FreshRSS 