ESET researchers identified an active StrongPity campaign distributing a trojanized version of the Android Telegram app, presented as the Shagle app – a video-chat service that has no app version
The post StrongPity espionage campaign targeting Android users appeared first on WeLiveSecurity
ESET researchers discovered a spearphishing campaign targeting Japanese political entities a few weeks before the House of Councillors elections, and in the process uncovered a previously undescribed MirrorFace credential stealer
The post Unmasking MirrorFace: Operation LiberalFace targeting Japanese political entities appeared first on WeLiveSecurity
ESET researchers analyzed a supply-chain attack abusing an Israeli software developer to deploy Fantasy, Agrius’s new wiper, with victims including the diamond industry
The post Fantasy – a new Agrius wiper deployed through a supply‑chain attack appeared first on WeLiveSecurity
ESET researchers uncover Dolphin, a sophisticated backdoor extending the arsenal of the ScarCruft APT group
The post Who’s swimming in South Korean waters? Meet ScarCruft’s Dolphin appeared first on WeLiveSecurity
ESET researchers spot a new ransomware campaign that goes after Ukrainian organizations and has Sandworm's fingerprints all over it
The post RansomBoggs: New ransomware targeting Ukraine appeared first on WeLiveSecurity
Malicious apps used in this active campaign exfiltrate contacts, SMS messages, recorded phone calls, and even chat messages from apps such as Signal, Viber, and Telegram
The post Bahamut cybermercenary group targets Android users with fake VPN apps appeared first on WeLiveSecurity
It’s important to know that not all websites are safe to visit. In fact, some sites may contain malicious software (malware) that can harm your computer or steal your personal contact information or credit card numbers.
Phishing is another common type of web-based attack where scammers try to trick you into giving them your personal information, and you can be susceptible to this if you visit a suspicious site.
Identity theft is a serious problem, so it’s important to protect yourself when browsing the web. Online security threats can be a big issue for internet users, especially when visiting new websites or following site links.
So how can you tell if you’re visiting a safe website or an unsafe website? You can use a few different methods. This page discusses key things to look for in a website so you can stay safe online.
When you’re visiting a website, a few key indicators can help determine whether the site is safe. This section explores how to check the URL for two specific signs of a secure website.
“Https” in a website URL indicates that the website is safe to visit. The “s” stands for “secure,” and it means that the website uses SSL (Secure Sockets Layer) encryption to protect your information. A verified SSL certificate tells your browser that the website is secure. This is especially important when shopping online or entering personal information into a website.
When you see “https” in a URL, the site is using a protocol that encrypts information before it’s sent from your computer to the website’s server. This helps prevent anyone from intercepting and reading your sensitive information as it’s transmitted.
The padlock icon near your browser’s URL field is another indicator that a webpage is safe to visit. This icon usually appears in the address bar and means the site uses SSL encryption. Security tools and icon and warning appearances depend on the web browser.
Let’s explore the cybersecurity tools on the three major web browsers:
Overall, the ”https” and the locked padlock icon are good signs that your personal data will be safe when you enter it on a website. But you can ensure a website’s security is up to par in other ways. This section will explore five in-depth methods for checking website safety.
McAfee WebAdvisor is a free toolbar that helps keep you safe online. It works with your existing antivirus software to provide an extra layer of protection against online threats. WebAdvisor also blocks unsafe websites and lets you know if a site is known for phishing or other malicious activity. In addition, it can help you avoid online scams and prevent you from accidentally downloading malware. Overall, McAfee WebAdvisor is a useful tool that can help you stay safe while browsing the web.
When you’re browsing the web, it’s important to be able to trust the websites you’re visiting. One way to determine if a website is trustworthy is to look for trust seals. Trust seals are logos or badges that indicate a website is safe and secure. They usually appear on the homepage or checkout page of a website.
There are many types of trust seals, but some of the most common include the Better Business Bureau (BBB) seal, VeriSign secure seal, and the McAfee secure seal. These seals indicate that a third-party organization has verified the website as safe and secure.
While trust seals can help determine whether a website is trustworthy, it’s important to remember that they are not foolproof. Website owners can create a fake trust seal, so it’s always important to do your own research to ensure a website is safe before entering personal information.
Another way to determine if a website is safe to visit is to check for a privacy policy. A privacy policy is a document that outlines how a website collects and uses personal information. It should also state how the site protects your data from being accessed or shared by scammers, hackers, or other unauthorized individuals.
If a website doesn’t have a privacy policy, that’s a red flag that you shouldn’t enter any personal information on the site. Even if a website does have a privacy policy, it’s important to read it carefully so you understand how the site uses your personal data.
It’s important to do some preliminary research before visiting a new website, especially if you’re shopping online or entering personal data like your address, credit card, or phone number. One way to determine if a website is safe and trustworthy is to check third-party reviews. Several websites provide reviews of other websites, so you should be able to find several reviews for any given site.
Trustpilot is one example of a website that provides reviews of other websites.
Look for common themes when reading reviews. If most of the reviews mention that a website is safe and easy to use, it’s likely that the site is indeed safe to visit. However, if a lot of negative reviews mention problems with viruses or malware, you might want to avoid the site.
You can also analyze the website design when deciding whether a website is safe to visit. Look for spelling errors, grammatical mistakes, and anything that appears off. If a website looks like it was made in a hurry or doesn’t seem to be well-designed, that’s usually a red flag that the site might not be safe.
Be especially careful of websites that have a lot of pop-ups. These sites are often spammy or contain malware. Don’t download anything from a website unless you’re absolutely sure it’s safe. These malicious websites rarely show up on the top of search engine results, so consider using a search engine to find what you’re looking for rather than a link that redirects you to an unknown website.
If you’re unsure whether a website is safe to visit, download McAfee WebAdvisor for free. McAfee WebAdvisor is a program that helps protect you from online threats, such as malware and viruses. It also blocks pop-ups and other intrusive ads so you can browse the web without worry. Plus, it’s completely free to download and use.
Download McAfee WebAdvisor now and stay safe while browsing the web.
The post How to Tell Whether a Website Is Safe or Unsafe appeared first on McAfee Blog.
Since releasing SecureX orchestration, we’ve regularly published two types of content for our customers to import and use: atomic actions and workflows. Atomic actions are small, re-usable functions that allow you to do simple things like isolating an endpoint in Cisco Secure Endpoint. Workflows are more complex combinations of activities, often made up of multiple atomic actions, that accomplish a broader objective. One of our most popular workflows fetches blog posts from Talos and then conducts an investigation into each post using a customer’s SecureX-integrated products. As of this blog post’s publishing, we’ve released 75 workflows. So, let’s talk about what’s new…
In the past, when you wanted to communicate with SecureX APIs, you had to go through a multi-step process to generate an API client, use that API client to get a token, and then refresh the token every 10 minutes. This process wasn’t exactly simple, so in April we released the new SecureX Token account key. This special type of account key allows you to integrate with SecureX APIs without creating an API client, generating a token, or worrying about when the token expires. Simply use a SecureX target in conjunction with a SecureX Token account key and the platform takes care of the tokens. For more information about this update and how to take advantage of this new functionality, check out our documentation. Keep in mind that if your orchestration tenant was created prior to April 2022, you may need to create a SecureX Token.
Now that we have SecureX Token account keys and customers have been using them for a few months, we decided it was time to update all of our previously published workflows to be fully compatible with the new account key type. All 24 workflows using SecureX APIs have now been updated to leverage SecureX Tokens. For more information about Cisco-published workflows, check out our workflow list.
Since Cisco Secure Firewall is almost always deployed on-premises and behind a firewall, integrating it with SecureX orchestration in the cloud has required the use of a SecureX orchestration remote. Not all of our customers are interested in deploying an on-premises virtual machine or they lack a VMware ESXi deployment within which to run the VM. Now, with the release of the SecureX Security Services Exchange (SSE) API proxy, you can integrate your SSE-registered FMC devices with orchestration workflows without the need for additional remotes or virtual machines. To show how this works and highlight how easy this integration is, we re-released five of our existing FMC workflows with support for the SSE API proxy:
To stay updated on what’s new with SecureX, check out the following resources:
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Since 1996, United Nations members have commemorated Nov. 16 as International Day of Tolerance. As a word, tolerance can mean different things to different people and cultures. The UN defines tolerance as: “respect, acceptance and appreciation of the rich diversity of our world’s cultures, our forms of expression and ways of being human.” I define it slightly differently. To me, tolerance is acceptance. Tolerance is inclusion. Tolerance is humanity. Tolerance is letting people be and live authentically as they choose.
Being able to live authentically is key. It’s about creating an environment for everyone to fit in and feel a sense of belonging. In a way, this means obfuscating the “standard” and stop paying attention to the degrees of variation from it. Tolerance is a step one in that process and a critical step toward a more diverse and tolerant world.
But if this is the goal, I say we have lots of work left in promoting this within our workforce, especially in the cybersecurity industry. I wrote extensively about this in a blog last year on why diversity matters so much to create stronger cybersecurity organizations. I pointed out that cybersecurity as a technology is multi-faceted and constantly changing. So, it would make sense that a highly diverse organization would provide different perspectives and more creative solutions to these challenges.
Even in the face of this logical goal of creating more diverse workforces, legacy recruiting, education, and even hiring practices are holding us back as an industry. I’ll look at one workforce populations specifically, women in cybersecurity. Currently, women constitute less than 25 percent of the workforce in cybersecurity. Of course, this is inclusive of all roles in cybersecurity meaning that I think it’s fair to say that the percentage of women in technical cybersecurity roles (e.g., software and hardware engineering) would be much lower. That’s discouraging, especially when there are still more than 700,000 cybersecurity positions that remain unfilled, many of them being high-paying roles.
Perhaps the more important question is “why?” The International Information System Security Certification Consortium (ISC2) commissioned a study to examine this issue closely and came up with some important conclusions that I’ll summarize.
In promoting the International Day of Tolerance, Secretary-General Ban Ki-moon listed three ways we as a global society can be more tolerant: education, inclusion, and opportunities. As it happens, those are also exactly the approaches required to create more diverse workforces.
Of the three, I believe education (the earlier the better) is key as it’s foundational to being able to take advantage of inclusion and opportunities. Yes, we must continue to invest in STEM education and encourage more girls and minorities to take part. But the harder challenge is to somehow overcome the perception issue among large parts of these populations that the STEM field is not for them.
I believe that will require an investment in time and interaction in the form of mentoring and community outreach. For example, the Cisco Women in Technology employee resource organization that I’m proud to be the executive sponsor for, started a coding bootcamp targeting underrepresented populations. There will be many more bootcamps next year including weeklong camps in the summer. We need more of this, much more and I know there are many companies in cybersecurity who have similar aspirations and programs.
So, on this International Day of Tolerance, I ask my fellow cybersecurity professionals to at least think of ways they can influence someone in an underrepresented population to explore a career in the STEM field including cybersecurity. Take part in local volunteer activities at a school, especially in an inner-city one, like the kind that the Cisco Networking Academy is renowned for. Join and be an active participant in one of many cybersecurity organizations and affinity groups. Become a sponsor and a mentor to a girl or a minority and help encourage them to get ready to join this exciting and lucrative industry.
But whatever you do, get started. Author and activist Rachel Cargle spoke to us earlier this year as part of our Black History Month celebration about what it means to show up with purpose toward addressing many injustices that still exist today. “There’s an incredible disconnect here between humanity and dignity and all of this stuff in the country, and that should hopefully push you to action,” she said. Indeed, as these are issues that have existed for decades, and we will not solve them in a day, a month, or even a year. But if we don’t start, I’m afraid that the diversity issues that I’ve highlighted will be much the same in the International Day of Tolerance for years to come.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
The word is out! Cisco Secure Endpoint’s effectiveness is off the charts in protecting your enterprise environment.
This is not just a baseless opinion; however, the facts are rooted in actual test results from the annual AV-Comparative EPR Test Report published in October 2022. Not only did Secure Endpoint knock it out of the park in enterprise protection; but Cisco Secure Endpoint obtained the lowest total cost of ownership (TCO) per agent at $587 over 5 years. No one else was remotely close in this area. More to come on that later.
If you are not familiar with the “AV-Comparatives Endpoint Prevention and Response Test is the most comprehensive test of EPR products ever performed. The 10 products in the test were subjected to 50 separate targeted attack scenarios, which used a variety of different techniques.”
These results are from an industry-respected third-party organization that assesses antivirus software and has just confirmed what we know and believe here at Cisco, which is our Secure Endpoint product is the industry’s best of the best.
Look for yourself at where we landed. That’s right, Cisco Secure Endpoint smashed this test, we are almost off the quadrant as one of the “Strategic Leaders”.
We ended up here for a combination of reasons, with the top being our efficacy in protecting our customers’ environments in this real-world test that emulates multi-stage attacks similar to MITRE’s ATT&CK evaluations which are conducted as part of this process (click here for an overview of MITRE ATT&CK techniques). Out of all the 50 scenarios tested, Secure Endpoint was the only product that STOPPED 100% of targeted threats toward enterprise users, which prevented further infiltration into the organization.
In addition, this test not only assesses the efficacy of endpoint security products but also analyzes their cost-effectiveness. Following up on my earlier remarks about achieving the lowest cost of ownership, the graph below displays how we stacked up against other industry players in this space including several well-known vendors that chose not to display their names due to poor results.
These results provide a meaningful proof point that Cisco Secure Endpoint is perfectly positioned to secure the enterprise as well as secure the future of hybrid workers.
Enriched with built-in Extended Detection and Response (XDR) capabilities, Cisco Secure Endpoint has allowed our customers to maintain resiliency when faced with outside threats.
As we embark on securing “what’s next” by staying ahead of unforeseen cyber threats of tomorrow, Cisco Secure Endpoint integration with the complete Cisco Secure Solutions portfolio allows you to move forward with the peace of mind that if it’s connected, we can and will protect it.
Now that you have seen how effective Secure Endpoint is with live real-world testing, try it for yourself with one of our live instant demos. Click here to access instructions on how to download and install your demo account for a test drive.
Click here to see what analysts, customers, and third-party testing organizations have to say about Cisco Secure Endpoint Security efficacy, easy implementation and overall low total cost of ownership for their organization —and stay ahead of threats.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Just a few years ago when the topic of supporting offsite workers arose, some of the key conversation topics were related to purchase, logistics, deployment, maintenance and similar issues. The discussions back then were more like “special cases” vs. today’s environment where supporting workers offsite (now known as the hybrid workforce) has become a critical mainstream topic.
Now with the bulk of many organization’s workers off-premise, the topic of security and the ability of a security vendor to help support an organization’s hybrid workers has risen to the top of the selection criteria. In a soon to be released Cisco endpoint survey, it’s not surprising that the ability of a security vendor to make supporting the hybrid workforce easier and more efficient was the key motivating factor when organizations choose security solutions.
Today, when prospects and existing customers look at Cisco’s ability to support hybrid workers with our advanced security solution set and open platform, it’s quite clear that we can deliver on that promise. But, yes, good tools make it easier and more efficient, but the reality is that running a SOC or any security group, large or small, still takes a lot of work. Most organizations not only rely on advanced security tools but utilize a set of best practices to provide clarity of roles, efficiency of operation, and for the more prepared, have tested these best practices to prove to themselves that they are prepared for what’s next.
Knowing that not all organizations have this degree of security maturity and preparedness, we gathered a couple of subject matter experts together to discuss 5 areas of time-tested best practices that, besides the advanced tools offered by Cisco and others, can help your SOC (or small security team) yield actionable insights and guide you faster, and with more confidence, toward the outcomes you want.
In this webinar you will hear practical advice from Cisco technical marketing and a representative from our award winning Talos Threat Intelligence group, the same group who have created and are maintaining breach defense in partnership with Fortune 500 Security Operating Centers (SOC) around the globe.
You can expect to hear our 5 Best Practices recommendations on the following topics;
Check out our webinar to find out how you can become more security resilient and be better prepared for what’s next.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels