International Women’s Day serves as an important reminder that each and every one of us plays a role in recognizing and addressing gender bias. Together, we can make a difference in creating a more equitable world for all.
At McAfee, we know that genuine change requires continuous commitment. And while we’re proud of the efforts we’re making as a company – from being the first cybersecurity company to achieve global pay parity (and maintain it), to expanded time off for new parents, to a woman on every hiring panel to help remove bias – we know there is more to do.
This International Women’s Day and beyond, McAfee team members around the globe share how they’ll continue to advance inclusion and gender equality by actively working to #BreakTheBias.
JaffarSadhik
Software Quality Engineer (India) A gender equal world starts with a change. A change within families, a change with perspectives, a change among society!
|
|
Arathi Program Manager (Canada) I am helping to #BreakTheBias by teaching my son that both boys and girls, men and women can do it all.
|
|
Krupali
Sr Market Research Analyst (USA) We need to think differently. Women have, are and will always be quintessential architects of society. Together we can #BreakTheBias
|
|
Ambareen Software Engineer (UK) Collectively we can all #BreakTheBias! I am doing my part and learning from my mum and helping the next generation believe in themselves irrespective of gender.
|
|
Kevin Real Estate & Workplace Strategy (Ireland) Equality can only be achieved if diversity, difference and qualities of woman are truly valued. We must work together to acknowledge and #BreakTheBias.
|
|
Darya Channel Marketing (Australia) Bias against anyone for simply being different, limits our growth and is a significant waste of talent, energy and happiness. I commit to taking an active role in questioning perceptions to do my part to influence change.
|
|
Natalia Software Sales (Canada) I will help #BreakTheBias by raising and supporting a strong independent young adult and setting an example for her. I do so by choosing my career path while leading and growing personally and professionally!
|
|
Winnie Talent Acquisition Partner (Australia) I will #BreakTheBias by addressing and challenging gender stereotypes.
|
|
Aisling Senior People Partner (Ireland) I will help #BreakTheBias by encouraging conversations around diversity, challenging myself and others to consider where we can make changes that will have a positive impact.
|
Join McAfee and millions of others around the world in celebrating International Women’s Day by sharing how you’ll #BreakTheBias.
Interested in building your career at a company that helps women thrive? Search our openings!
The post McAfee Teammates Share How They’ll Help #BreakTheBias this International Women’s Day appeared first on McAfee Blog.
Who loves tax season besides accountants? Scammers.
Emotions can run high during tax time. Even if you’re pretty sure you did everything right, you may still have a few doubts kicking around. Did I file correctly? Did I claim the right deductions? Will I get audited? As it turns out, these are the very same anxieties that criminals use as the cornerstone of their attacks.
So yes, crooks indeed love tax season. Particularly online. And they’ll bait your digital world with several proven types of scams in an effort to cash in on what can be a somewhat uncertain time.
The good news is that you have plenty of ways to protect yourself from these scams. Let’s look at what scammers typically have in store, along with some practical advice to protect yourself as you file your taxes—things you can do to keep crooks out of your business this tax season. Don’t delay, download McAfee’s tax season security guide to avoid the latest tax scams.
First, know that you’re probably doing a good job with your taxes. Less than 2% of returns get audited and most discrepancies or adjustments can get handled easily if you address them promptly.
Still, the wariness of the IRS and intricate tax laws makes for ripe pickings when it comes to hackers, who prey on people’s fear of audits and penalties. Common scams include fake emails, phone calls from crooks posing as IRS agents, and even robocalls that threaten jail time.
What are crooks looking to do with their scams? Several things:
As if we didn’t have enough to worry about at tax time without crooks in the mix.
Investigating the landscape even more closely, we can turn to the authority itself, as the IRS has published its most recent top 12 tax season scams, a broad list that includes:
|
|
For a comprehensive look at each one of these scams, and for ways, you can steer clear of them, check our Guide to IRS & Tax Season Scams. However, there are some common threads to many of these scams.
For starters, plenty of tax scams involve crooks posing as an IRS employee, perhaps via a phone call or email, to glean personal information from you, or to demand payment—sometimes under the threat of penalties or even jail time. Crooks won’t hesitate to use strong-arm tactics like these and play on your fears. The good news is that such tactics are typically a sign that the contact isn’t legitimate. In fact, a quick way to spot a scam is to know what the IRS won’t do when they contact you. From the IRS.gov website, the IRS will not:
What will the IRS do? Usually, the IRS will first mail a notification to any taxpayer who owes taxes. IRS collection employees might call on the phone or make an unannounced visit to your home or business. If they require payment, the payment will always be to the U.S. Treasury. Read about other ways to know what the IRS won’t do when they contact you.
Scammers won’t limit themselves to posing as the IRS. They’ll act as an imposter in several other ways as well. For example, they may pose as a popular do-it-yourself tax brand, a tax preparer, or even as a phony charitable organization that promises any donations you make are tax-deductible.
Here, they may send you phony emails or direct messages or even ring you up with bogus telemarketing or robocalls designed to steal personal information.
In the cases where the scammers reach you online, the emails and messages they send will vary in their tone and polish—in other words, how authentic they appear. Some will look nearly legitimate and cause even the most hardened of digital skeptics to click on a phony link or download a sketchy attachment. Others, well, will look clearly like spam, complete with spelling and grammatical errors, along with clumsy use of logos, layouts, and design.
Taken together, both are ways that scammers get people to visit sites designed to compromise personal information … or to download malware like keyloggers that skim account passwords and ransomware that encrypt a victim’s files hold them hostage for a price.
Social media attacks also made the IRS Dirty Dozen. In a social media attack, scammers harvest information from social media profiles and turn it against their victims. Per the IRS, because “social media enables anyone to share information with anyone else on the Internet, scammers use that information as ammunition for a wide variety of scams. These include emails where scammers impersonate someone’s family, friends, or co-workers.”
With those personal details gleaned from social media, scammers will send phony links to scam sites, promote bogus charities, or flat-out ask for money or gift cards to “help them out” at tax time.
No question that bogus emails, messages, and phone calls remain a popular way for scammers to steal personal and financial information. Spam emails, messages, and the malicious links associated with them abound this time of year as well. It’s always to keep a critical eye open for these, and it’s particularly true during tax season.
View all emails with attachments and links with suspicion, even if they appear to come from a person, business, or brand you know. Confirm attachments with the people you know before opening. And if you receive a message or alert about an account of yours, visit that company or organization’s website directly to enquire into the status of your account rather than taking a chance by clicking on a link that could send you to a phony website.
One way to protect yourself from an identity thief from claiming a return in your name is to file yours before they do. In fact, many victims of identity theft find out they’ve been scammed when they receive an IRS notification that their tax claim has already been filed. Simply put, file early.
Here’s another tool that can help you fight identity theft. And get this: it’s not only helpful, but it’s also free. Through the Federal Trade Commission, you are entitled to a free copy of your credit report from each of the three major credit reporting companies once every 12 months. In this report, you can find inaccuracies in your credit or evidence of all-out identity theft.
Keep in mind that you get one report from each of the reporting companies each year. That works out to three reports total in one year. Consider this: if you request one report from one credit reporting company every four months, you can spread your free credit report coverage across the whole year.
As with much of the guidance we offer around social media, one of the best ways to prevent such social media tax attacks is to make your profiles private so that only friends and family can see them. That way, scammers will have a far more difficult time reaching you. Moreover, consider paring back the information you share in your social media profiles, like your alma maters, birthday, mother’s maiden name, pet names—any personal information that a scammer may use to compromise your accounts or the security questions associated with them.
Protecting your devices with comprehensive online protection software can help block the phishing emails and suspicious links that make up many of these tax attacks. Likewise, it can further protect you from ransomware attacks like mentioned above. Additionally, our online Protection Score looks for weak spots in your protection and helps you shore them up, such as if discovers that your info was compromised or part of a data breach. From there, it guides you through the steps to correct the problem.
Further, consider online protection software that offers identity theft protection as well. A strong identity theft protection package offers cyber monitoring that scans the dark web to detect misuse of your personal info. With our identity protection service, we help relieve the burden of identity theft if the unfortunate happens to you with $1M coverage for lawyer fees, travel expenses, lost wages, and more.
The IRS offers steps you can take in the event you suspect fraud or theft. Their current resources include:
As mentioned above, you can get even more up to speed on the different tricks hackers are using by downloading our Guide to IRS & Tax Season Scams. It’s free, and it offers more ways you can protect your identity and information this tax season and year ‘round.
The post The IRS “Dirty Dozen” – Top Tax Season Scams to Steer Clear of This Year appeared first on McAfee Blog.
nas-1200
Passwords: we entrust our most important data to these strings of letters, numbers, and special characters. So, we should make sure our passwords are words or phrases that we can easily remember, right? While this might be the most convenient option, there are more secure ways to digitally lock up your most sensitive personally identifiable information (PII). In celebration of World Password Day, we’re diving into how you can practice top-notch password security without compromising convenience.1
Over the years, the password has remained a good first line of defense against cyberattacks. However, most of us tend to choose passwords based on memorable things from our lives, like family names or our pets’ birthdays. As it turns out, these details are easy for hackers to find on social media sites like Facebook or LinkedIn. It’s also human nature to opt for convenience, and for many people that means setting easy-to-remember and easy-to-guess passwords. Plus, out of convenience, people often reuse passwords across multiple accounts and services. The downside is that if one account becomes compromised, all accounts become compromised.
As an alternative to single-word passwords, many security experts advocate for passphrases over passwords. Passphrases are longer strings of words and characters that are easier for you to remember and harder for nefarious software and cybercriminals to guess than random strings of upper and lowercase letters, numbers and symbols. But, according to a study, the average American internet user was projected to have 300 online accounts by 2022.2 Can you imagine memorizing 300 different passphrases? We can all agree that sounds pretty unrealistic, so users tend to look for other solutions.
If the answer is yes, you may want to reconsider, as there are several risks associated with this practice. Although it’s convenient to have your browser save your passwords, they tend to do a lousy job of safeguarding your passwords, credit card numbers and personal details, such as your name and address.
Let’s take Google Chrome, for example. Unlike most dedicated password managers, Chrome doesn’t use a primary password to encrypt all your credentials. (Note that some browsers do use one, and are therefore more secure, though you’ll still need to trust your browser provider.) This makes your Chrome-stored passwords relatively weak to “local” attacks. For example, if someone gets hold of—or guesses—your Windows password, they can then see all the logins stored in your browser’s password manager.
Another consideration to note is that the security of all your accounts is tied to your browser account’s security. Let’s say you use the sync option to make your credentials available on all your devices. This means that logins are stored in the cloud and, though encrypted, if someone manages to hack into your browser account, they will gain access to all your logins.
What can you do to help ensure your online profiles are kept safe without spending hours managing a complex list of passwords? Here are some easy ways to lock down your digital life without sacrificing convenience:
A password manager is a software application that stores your passwords and other sensitive information. You can install it on computers or mobile devices and store all passwords in an encrypted file (or database). The best option is to use a password manager like McAfee True Key to store and create strong, random passwords for each site you visit. You’ll have one primary password that grants access to the rest of them—ideally, a long and random passphrase that you can remember. Once everything is set up, it should be seamless. As you log in to new sites, the password manager will offer to save your credentials for later use.
One of the best ways to protect your accounts against unauthorized access is to turn on two-factor authentication for every site that offers it. Using two-factor authentication means a site will prompt you for a unique security code, in addition to your password, whenever you log in to an account for which you have enabled this feature.
Two-factor authentication adds an extra layer of security by requiring another form of identification after you enter your username and password. Some services send a temporary passcode over a text message. Others require the user to approve login attempts from new devices using an app. If someone steals your device or gains access to your account details, they’re out of luck unless they also have access to this second piece of information. Two-factor authentication is available on a wide range of websites and can help keep your accounts safe from would-be hackers, so you should always use it when available.
A VPN, or virtual private network, encrypts your data and masks your online behavior from snooping third parties. When you go to a website, your computer connects to the server where the site is hosted, and that website can see a certain amount of data about you and your computer. With a VPN, you connect to a private server first, which scrambles your data and makes it more difficult for digital eavesdroppers to track what you’re doing online.
VPNs can provide users with greater peace of mind when on the go. Say you’re traveling on a business trip and need to connect to the Wi-Fi network provided by your hotel. Shifty characters often lurk on unprotected, free networks (such as those provided by hotels, coffee shops, airports, etc.) to lift PII from people handling sensitive emails, making banking transactions, or shopping online. encrypts your online activity with bank-grade encryption to protect your data from prying eyes. With a premium paid plan, you can protect up to five devices at once and enjoy unlimited data protection.
With your growing number of accounts all requiring passwords—emails, social media profiles, online banking—it’s no wonder that people tend to reuse passwords across multiple sites. This may be convenient, but it creates significant security risks if a suspicious actor manages to obtain one of your passwords and attempts to use it elsewhere. That’s why having strong passwords matters.
Do yourself a favor and opt for a dedicated password manager that will auto-save and store your credentials for you, so you only have one password to remember. Who says security and simplicity can’t coexist?
The post This World Password Day, Here’s How a Password Manager Can Simplify Your Life appeared first on McAfee Blog.
Passwords: we entrust our most important data to these strings of letters, numbers, and special characters. So, we should make sure our passwords are words or phrases that we can easily remember, right? While this might be the most convenient option, there are more secure ways to digitally lock up your most sensitive personally identifiable information (PII). In celebration of World Password Day, we’re diving into how you can practice top-notch password security without compromising convenience.1
Over the years, the password has remained a good first line of defense against cyberattacks. However, most of us tend to choose passwords based on memorable things from our lives, like family names or our pets’ birthdays. As it turns out, these details are easy for hackers to find on social media sites like Facebook or LinkedIn. It’s also human nature to opt for convenience, and for many people that means setting easy-to-remember and easy-to-guess passwords. Plus, out of convenience, people often reuse passwords across multiple accounts and services. The downside is that if one account becomes compromised, all accounts become compromised.
As an alternative to single-word passwords, many security experts advocate for passphrases over passwords. Passphrases are longer strings of words and characters that are easier for you to remember and harder for nefarious software and cybercriminals to guess than random strings of upper and lowercase letters, numbers and symbols. But, according to a study, the average American internet user was projected to have 300 online accounts by 2022.2 Can you imagine memorizing 300 different passphrases? We can all agree that sounds pretty unrealistic, so users tend to look for other solutions.
If the answer is yes, you may want to reconsider, as there are several risks associated with this practice. Although it’s convenient to have your browser save your passwords, they tend to do a lousy job of safeguarding your passwords, credit card numbers and personal details, such as your name and address.
Let’s take Google Chrome, for example. Unlike most dedicated password managers, Chrome doesn’t use a primary password to encrypt all your credentials. (Note that some browsers do use one, and are therefore more secure, though you’ll still need to trust your browser provider.) This makes your Chrome-stored passwords relatively weak to “local” attacks. For example, if someone gets hold of—or guesses—your Windows password, they can then see all the logins stored in your browser’s password manager.
Another consideration to note is that the security of all your accounts is tied to your browser account’s security. Let’s say you use the sync option to make your credentials available on all your devices. This means that logins are stored in the cloud and, though encrypted, if someone manages to hack into your browser account, they will gain access to all your logins.
What can you do to help ensure your online profiles are kept safe without spending hours managing a complex list of passwords? Here are some easy ways to lock down your digital life without sacrificing convenience:
A password manager is a software application that stores your passwords and other sensitive information. You can install it on computers or mobile devices and store all passwords in an encrypted file (or database). The best option is to use a password manager like McAfee True Key to store and create strong, random passwords for each site you visit. You’ll have one primary password that grants access to the rest of them—ideally, a long and random passphrase that you can remember. Once everything is set up, it should be seamless. As you log in to new sites, the password manager will offer to save your credentials for later use.
One of the best ways to protect your accounts against unauthorized access is to turn on two-factor authentication for every site that offers it. Using two-factor authentication means a site will prompt you for a unique security code, in addition to your password, whenever you log in to an account for which you have enabled this feature.
Two-factor authentication adds an extra layer of security by requiring another form of identification after you enter your username and password. Some services send a temporary passcode over text message. Others require the user to approve login attempts from new devices using an app. If someone steals your device or gains access to your account details, they’re out of luck unless they also have access to this second piece of information. Two-factor authentication is available on a wide range of websites and can help keep your accounts safe from would-be hackers, so you should always use it when available.
A VPN, or virtual private network, encrypts your data and masks your online behavior from snooping third parties. When you go to a website, your computer connects to the server where the site is hosted, and that website can see a certain amount of data about you and your computer. With a VPN, you connect to a private server first, which scrambles your data and makes it more difficult for digital eavesdroppers to track what you’re doing online.
VPNs can provide users with greater peace of mind when on the go. Say you’re traveling on a business trip and need to connect to the Wi-Fi network provided by your hotel. Shifty characters often lurk on unprotected, free networks (such as those provided by hotels, coffee shops, airports, etc.) to lift PII from people handling sensitive emails, making banking transactions, or shopping online. McAfee Safe Connect VPN encrypts your online activity with bank-grade encryption to protect your data from prying eyes. With a premium paid plan, you can protect up to five devices at once and enjoy unlimited data protection.
With your growing number of accounts all requiring passwords—emails, social media profiles, online banking—it’s no wonder that people tend to reuse passwords across multiple sites. This may be convenient, but it creates significant security risks if a suspicious actor manages to obtain one of your passwords and attempts to use it elsewhere. That’s why having strong passwords matters.
Do yourself a favor and opt for a dedicated password manager that will auto-save and store your credentials for you, so you only have one password to remember. Who says security and simplicity can’t coexist?
The post This World Password Day, Here’s How a Password Manager Can Simplify Your Life appeared first on McAfee Blog.
Sometimes in order to move forward effectively, it’s good to take stock of where we’ve been. In this blog, we’ll review a concept that has been foundational to networking and cybersecurity from the beginning: the session. Why focus on the session? As the philosophy of Zero Trust is adopted more broadly in the security industry, it’s important to understand the building blocks of access. The session is a fundamental component of access to any resource.
To get things started, let’s start with a definition. A simple definition of a session might be: “a period of time devoted to a particular activity.” Not so bad, but the complexity for internet and network security springs from scoping the “particular activity.”
The internet exists on top of a standardized suite of protocols that govern how data can be transmitted or exchanged between different entities. This suite, now generally referred to as the TCP/IP stack, is comprised of four distinct layers that delineate how data flows between networked resources. This is where the scoping of a session becomes obscure. The “particular activity” could refer to the network layer, which is responsible for establishing communications between the actual physical networks. Or, perhaps the activity refers to the Internet layer, which ensures the packets of data reach their destinations across network boundaries. The activity could also be the transport layer, responsible for the reliability of end-to-end communication across the network. It could also be referencing the application layer, the highest layer of the TCP/IP stack, which is responsible for the interface and protocols used by applications and users. For the familiar, these layers were originally defined in the OSI model.
This layering framework works well for establishing the distinct session types and how we can begin to protect them. However, the rise of cloud-based services means we must now also look at how sessions are defined in relation to the cloud — especially as we look to provide security and access controls. At the application layer, we now have client devices with web browsers and applications that communicate to a cloud service. Additionally, cloud services can be one or a combination of SaaS, PaaS and IaaS, each defining their own session and thus access.
With all the different classes of sessions, there are different mechanisms and protocols by which authentication and authorization are employed to eventually provide that access. All sessions use some type of account or credential to authenticate and evaluate a set of variables to determine authorization or access. Some of these variables may also be similar across different sessions. For example, an enterprise may evaluate the device’s security posture (e.g. it is running the latest OS patches) as a variable to grant access at both the network and application layer. Similarly, the same username and password may be used across different session layers.
However, each layer might also use distinct and specific variables to evaluate the appropriate access level. For instance, the network interface layer may want to ensure cryptographic compliance of the network interfaces. A cloud service may evaluate geographical or regional compliance. The common practice today is to have every session layer act alone to make its own access decision.
Let’s take a step back and review.
Now, let’s explore something new: what if the variables and access evaluation outcomes were shared seamlessly across session layers?
What if recent network context and activity were used to inform cloud access decisions? Or, recent user access decisions across the network layers be used to inform cloud application controls? Think about the enhanced resilience provided if network-based risk signal like packet information could be appropriately mapped and shared with the cloud application layer. Sharing information across session boundaries provides more robust fulfillment of Zero Trust principles by striving to evaluate security context as holistically as possible at the time of access.
In order to build a future where security decisions are informed by broader and continuous context, we’ll need tools and protocols that help us bridge tools and map data across them. To provide improved access and security, both the bridge and the correct mapping must be in place. It’s one thing to get the data transferred to another tool, it’s quite another to map that data into relevance for the new tool. For example, how do we map a privileged application credential to a device? And, then how do we map relevant context across systems?
The good news is that work is starting to enable a future where regardless of session definition, security context can be mapped and shared. Protocols such as the Shared Signals and Events and the Open Policy Agent are evolving to enable timely and dynamic signal sharing between tools, but they are nascent and broader adoption is required. Cisco has already contributed a technical reference architecture as a guide for Shared Signals and Events. We hope that by accelerating the adoption of these standards the industry gets one step closer to actively sharing relevant security context across OSI layers. While the road ahead won’t be easy, we think the sharing signals will make for a more resilient and robust security future.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
The SASE landscape is full of vendors. So full, in fact, that the entire SASE vendor market grew 37% in just a year between 2020 and 2021. It’s clear that SASE is on the top of everyone’s minds. Why? SASE is the evolution of networking and security – an architecture that converges them into a single, cloud delivered service. This streamlined approach is key to securing and connecting the always-on, work-from-anywhere modern work model.
Traditional, siloed security solutions aren’t equipped to handle all the challenges that come along with a multi-environment IT reality. The accelerated transition to hybrid work has increased complexity in managing security and connectivity. Businesses face increased cloud adoption, bring-your-own-device connectivity, increasingly complex cybersecurity threats, and the constant change. Businesses have struggled to keep up with the gaps in coverage, and tech vendors have hurried in to fill the space with cloud security and networking options. But not all SASE solutions are created equal.
In the rush to compete in the market for the future of networking and security, vendors positioned themselves as SASE without offering a truly integrated approach that’s critical to SASE success. Many vendors offer cloud security solutions with no native or integrated SD-WAN networking capability. Others aren’t backed with robust threat intelligence that enable them to effectively deliver on threat detection and prevention. Some don’t offer the flexibility and scalability that businesses need to adopt cloud-delivered security. Many don’t offer open, integrated management platforms. Plus, most organizations face monumental complexity – the exact opposite of what SASE should deliver – due to using several different vendors for different security functions.
Dell’Oro Group, the trusted source for market information in the telecommunications, enterprise networks, and data center IT infrastructure industries, recognized Cisco as the SASE Market Share Leader in 2021, with 19% of the total market share by revenue.
“Cisco was the SASE market share leader because of the combined strength of their networking (SD-WAN) and security capabilities (including secure web gateway, cloud access security broker, and zero trust network access),” said Mauricio Sanchez, Research Director, Network Security, and SASE & SD-WAN at Dell’Oro Group.
At Cisco, we began our journey by pioneering network connectivity and offering innovative tech solutions; today, we have the most SD-WAN market share and secure 100% of Fortune 100 companies. From that foundation, we’ve been able to build and deliver award-winning cloud security solutions that, when combined with our networking services, create a robust, complete SASE architecture.
Cisco’s SASE approach combines networking, client connectivity, security, and internet and cloud intelligence capabilities and helps organizations:
The benefits of a SASE model are unlocked by working with a single vendor who can bring together best-in-class networking, security, and internet and cloud intelligence—while offering the flexibility and investment protection to transition to the cloud at your pace.
While Cisco provides a comprehensive SASE framework, we know that everyone’s journey to the cloud is different. Organizations, especially now, are shifting and refining their strategies, particularly when it comes to cybersecurity and the increase of both the number and type of threats that businesses see every day. Cisco can help organizations make the most of their existing security and networking investments, while also offering increased and amplified functionality across their security infrastructure. Wherever you are on your journey to SASE, Cisco Secure has the unparalleled experience and reputation that can support you on your next steps.
Check out our SASE demo to find out how Cisco delivers a simple, secure, and scalable approach to SASE.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Eighty-one percent of organizations told Gartner they have a multi-cloud strategy. As more organizations subscribe to cloud offerings for everything from hosted data centers to enterprise applications, the topology of the typical IT environment grows increasingly complex.
Now add the proliferation of hybrid work environments, the rapid ascendance of Internet of Things (IoT) devices, and an increasingly sophisticated and malicious cyber threat landscape, and it becomes immediately clear that protecting the integrity of your IT ecosystem is now a next-level problem.
In an unpredictable world, organizations everywhere are investing in initiatives that will infuse resilience into every aspect of their business, from finance to supply chains. To protect those investments, we believe they also need to invest in security resilience — the ability to protect your business against threats and disruption, and to respond to changes confidently so you can emerge even stronger.
This requires a next-level solution.
That’s why we’re building the Cisco Security Cloud — a global, cloud-delivered, integrated platform that secures and connects organizations of any shape and size. This cloud-native service is aimed at helping you protect users, devices and applications across your entire ecosystem. It will be a comprehensive, integrated set of services designed to scale with your business.
The Cisco Security Cloud will directly address these challenges by bringing together the depth and breadth of the Cisco security portfolio, and is:
We have been on this journey for years. We at Cisco Secure have been delivering key components of this security cloud, and those solutions already protect 840,000 networks, 67 million mailboxes and 87 million endpoints for customers the world over.
And today at the RSA Conference, we’re taking the next step by announcing our latest innovations addressing four key areas:
Today we are announcing Cisco’s turnkey Secure Access Service Edge (SASE) offering, Cisco+ Secure Connect Now, to simplify how organizations connect and protect users, devices, data, and applications, anywhere. Built on the Meraki platform, and available as a subscription, it unifies security and networking operations, as well as client connectivity and visibility into a single cloud-native solution, that can be set up in minutes.
Cisco is continuing to build out continuous trusted access solutions that that constantly verify user and device identity, device posture, vulnerabilities, and indicators of compromise. To evaluate risk after authentication, location information is critical, but we think GPS data is too intrusive. So today we are introducing a new patent-pending Wi-Fi Fingerprint capability (available in Public Preview this summer) to understand user location without compromising location privacy. We are also announcing new Session Trust Analysis capabilities to evaluate risk after login by using open standards for shared signals and events. We will unveil the first integration of this technology with a demo of Duo MFA and Box this week.
As organizations become more interconnected as ecosystems, and attacks become more sophisticated and personalized, it is no longer adequate to evaluate risk and threats generically across the industry. Organizations need deeper levels of advice and expertise. We are excited to launch the new Talos Intelligence On-Demand service, available now, offering custom research on the threat landscape unique to each organization. Talos Intelligence on Demand can assist with custom research, and brief our customers on the unique risks, threats, and mitigation strategies for their organizations.
Simplification is critical to driving better security efficacy. To that end, we are excited to announce the new Cisco Secure Client (available this summer), combining AnyConnect, Secure Endpoint, and Umbrella, to simplify how administrators and users manage endpoints. This follows the launch of the new cloud-delivered Secure Firewall Management Center, which unifies management for both cloud and on-premise firewalls.
There is more work to be done, of course, and today’s announcements at the RSA Conference are the latest advances in support of this vision. We will continue working on all aspects of the Security Cloud to improve our customers’ security resilience in the face of unprecedented change and increasing threats. Because next-level problems deserve next-level solutions.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
At the outset of their federal criminal trial for hijacking vast swaths of Internet addresses for use in large-scale email spam campaigns, three current or former executives at online advertising firm Adconion Direct (now Amobee) have pleaded guilty to lesser misdemeanor charges of fraud and misrepresentation via email.
In October 2018, prosecutors in the Southern District of California named four Adconion employees — Jacob Bychak, Mark Manoogian, Petr Pacas, and Mohammed Abdul Qayyum — in a ten-count indictment (PDF) on felony charges of conspiracy, wire fraud, and electronic mail fraud.
The government alleged that between December 2010 and September 2014, the defendants engaged in a conspiracy to identify or pay to identify blocks of Internet Protocol (IP) addresses that were registered to others but which were otherwise inactive.
Prosecutors said the men also sent forged letters to an Internet hosting firm claiming they had been authorized by the registrants of the inactive IP addresses to use that space for their own purposes.
All four defendants pleaded not guilty when they were charged back in 2018, but this week Bychak, Manoogian and Qayyum each entered a plea deal.
“The defendants’ jobs with Adconion were to acquire fresh IP addresses and employ other measures to circumvent the spam filters,” reads a statement released today by the U.S. Attorney for the Southern District of California, which said the defendants would pay $100,000 in fines each and perform 100 hours of community service.
“To conceal Adconion’s ties to the stolen IP addresses and the spam sent from these IP addresses, the defendants used a host of DBAs, virtual addresses, and fake names provided by the company,” the statement continues. “While defendants touted ties to well-known name brands, the email marketing campaigns associated with the hijacked IP addresses included advertisements such as ‘BigBeautifulWomen,’ ‘iPhone4S Promos,’ and ‘LatinLove[Cost-per-Click].'”
None of the three plea agreements are currently available on PACER, the online federal court document clearinghouse. However, PACER does show that on June 7 — the same day the pleas were entered by the defendants — the government submitted to the court a superseding set of just two misdemeanor charges (PDF) of fraud in connection with email.
Another document filed in the case says the fourth defendant — Pacas — accepted a deferred prosecution deal, which includes a probationary period and a required $50,000 “donation” to a federal “crime victims fund.”
There are fewer than four billion so-called “Internet Protocol version 4” or IPv4 addresses available for use, but the vast majority of them have already been allocated. The global dearth of available IP addresses has turned them into a commodity wherein each IP can fetch between $15-$25 on the open market.
This has led to boom times for those engaged in the acquisition and sale of IP address blocks, but it has likewise emboldened those who specialize in absconding with and spamming from dormant IP address blocks without permission from the rightful owners.
In May, prosecutors published information about the source of some IP address ranges from which the Adconion employees allegedly spammed. For example, the government found the men leased some of their IP address ranges from a Dutch company that’s been tied to a scandal involving more than four million addresses siphoned from the African Network Information Centre (AFRINIC), the nonprofit responsible for overseeing IP address allocation for African organizations.
In 2019, AFRINIC fired a top employee after it emerged that in 2013 he quietly commandeered millions of IPs from defunct African entities or from those that were long ago acquired by other firms, and then conspired to sell an estimated $50 million worth of the IPs to marketers based outside Africa.
“Exhibit A” in a recent government court filing shows that in 2013 Adconion leased more than 65,000 IP addresses from Inspiring Networks, a Dutch network services company. In 2020, Inspiring Networks and its director Maikel Uerlings were named in a dogged, multi-part investigation by South African news outlet MyBroadband.co.za and researcher Ron Guilmette as one of two major beneficiaries of the four million IP addresses looted from AFRINIC by its former employee.
Exhibit A, from a May 2022 filing by U.S. federal prosecutors.
The address block in the above image — 196.246.0.0/16 — was reportedly later reclaimed by AFRINIC following an investigation. Inspiring Networks has not responded to requests for comment.
Prosecutors allege the Adconion employees also obtained hijacked IP address blocks from Daniel Dye, another man tied to this case who was charged separately. For many years, Dye was a system administrator for Optinrealbig, a Colorado company that relentlessly pimped all manner of junk email, from mortgage leads and adult-related services to counterfeit products and Viagra. In 2018, Dye pleaded guilty to violations of the CAN-SPAM Act.
Optinrealbig’s CEO was the spam king Scott Richter, who changed the name of the company to Media Breakaway after being successfully sued for spamming by AOL, Microsoft, MySpace, and the New York Attorney General Office, among others. In 2008, this author penned a column for The Washington Post detailing how Media Breakaway had hijacked tens of thousands of IP addresses from a defunct San Francisco company for use in its spamming operations.
The last-minute plea deals by the Adconion employees were reminiscent of another recent federal criminal prosecution for IP address sleight-of-hand. In November 2021, the CEO of South Carolina technology firm Micfo pleaded guilty just two days into his trial, admitting 20 counts of wire fraud in connection with an elaborate network of phony companies set up to obtain more than 700,000 IPs from the American Registry for Internet Numbers (ARIN) — AFRINIC’s counterpart in North America.
Adconion was acquired in June 2014 by Amobee, a Redwood City, Calif. online ad platform that has catered to some of the world’s biggest brands. Amobee’s parent firm — Singapore-based communications giant Singtel — bought Amobee for $321 million in March 2012.
But as Reuters reported in 2021, Amobee cost Singtel nearly twice as much in the last year alone — $589 million — in a “non-cash impairment charge” Singtel disclosed to investors. Marketing industry blog Digiday.com reported in February that Singtel was seeking to part ways with its ad tech subsidiary.
One final note about Amobee: In response to my 2019 story on the criminal charges against the Adconion executives, Amobee issued a statement saying “Amobee has fully cooperated with the government’s investigation of this 2017 matter which pertains to alleged activities that occurred years prior to Amobee’s acquisition of the company.”
Yet as the government’s indictment points out, the alleged hijacking activities took place up until September 2014, which was after Amobee’s acquisition of Adconion Direct in June 2014. Also, the IP address ranges that the Adconion executives were prosecuted for hijacking were all related to incidents in 2013 and 2014, which is hardly “years prior to Amobee’s acquisition of the company.”
Amobee has not yet responded to requests for comment.