International Women’s Day serves as an important reminder that each and every one of us plays a role in recognizing and addressing gender bias. Together, we can make a difference in creating a more equitable world for all.

At McAfee, we know that genuine change requires continuous commitment. And while we’re proud of the efforts we’re making as a company – from being the first cybersecurity company to achieve global pay parity (and maintain it), to expanded time off for new parents, to a woman on every hiring panel to help remove bias – we know there is more to do.

This International Women’s Day and beyond, McAfee team members around the globe share how they’ll continue to advance inclusion and gender equality by actively working to #BreakTheBias.

JaffarSadhik

Software Quality Engineer (India)

A gender equal world starts with a change. A change within families, a change with perspectives, a change among society!

Arathi

Program Manager (Canada)

I am helping to #BreakTheBias by teaching my son that both boys and girls, men and women can do it all.

Krupali

Sr Market Research Analyst (USA)

We need to think differently. Women have, are and will always be quintessential architects of society. Together we can #BreakTheBias

Ambareen
Software Engineer (UK)

Collectively we can all #BreakTheBias! I am doing my part and learning from my mum and helping the next generation believe in themselves irrespective of gender.

Kevin
Real Estate & Workplace Strategy (Ireland)

Equality can only be achieved if diversity, difference and qualities of woman are truly valued. We must work together to acknowledge and #BreakTheBias.

Darya
Channel Marketing (Australia) 

Bias against anyone for simply being different, limits our growth and is a significant waste of talent, energy and happiness. I commit to taking an active role in questioning perceptions to do my part to influence change.

Natalia
Software Sales (Canada)

I will help #BreakTheBias by raising and supporting a strong independent young adult and setting an example for her. I do so by choosing my career path while leading and growing personally and professionally!

Winnie
Talent Acquisition Partner (Australia)

I will #BreakTheBias by addressing and challenging gender stereotypes. 

Aisling
Senior People Partner (Ireland)

I will help #BreakTheBias by encouraging conversations around diversity, challenging myself and others to consider where we can make changes that will have a positive impact.

Join McAfee and millions of others around the world in celebrating International Women’s Day by sharing how you’ll #BreakTheBias.

Interested in building your career at a company that helps women thrive? Search our openings!

The post McAfee Teammates Share How They’ll Help #BreakTheBias this International Women’s Day appeared first on McAfee Blog.

Read More

US locks up COVID Relief fraudster who spent thousands on collectible trading card

Read More

Patient and employee data in care of Duncan Regional Hospital exposed in security incident

Read More

Google LLC today announced that it has signed a definitive agreement to acquire Mandiant Inc., a leader in dynamic cyber defense and response. The deal is an all-cash transaction valued at approximately $5.4 billion, inclusive of Mandiant’s net cash, and will see Mandiant join Google Cloud as the latter enhances its security operations suite. The acquisition is subject to customary closing conditions, including the receipt of Mandiant stockholder and regulatory approvals, and is expected to close later this year.

Mandiant acquisition complements Google Cloud’s security offering

The acquisition of Mandiant will complement Google Cloud’s existing security suite, Google said in a press release, which includes:

To read this article in full, please click here

Read More

Google announces intent to buy cybersecurity firm for approximately $5.4bn

Read More

Embracing change and collaboration are key to government-backed DSbD initiative, which aims to transform UK’s approach to cybersecurity

Read More

Security researchers have found several vulnerabilities affecting many models of APC Smart-UPS uninterruptible power supplies that could be exploited to take over the devices. UPS devices are used across many industries to keep mission-critical devices running in case of power loss.

“Two of these are remote code execution (RCE) vulnerabilities in the code handling the cloud connection, making these vulnerabilities exploitable over the Internet,” researchers from security firm Armis, who found the flaws, said in a report. The company has dubbed the vulnerabilities TLStorm because they’re located in the TLS implementation used in cloud-connected Smart-UPS devices.

To read this article in full, please click here

Read More

Yet another method of surveillance:

Radar can detect you moving closer to a computer and entering its personal space. This might mean the computer can then choose to perform certain actions, like booting up the screen without requiring you to press a button. This kind of interaction already exists in current Google Nest smart displays, though instead of radar, Google employs ultrasonic sound waves to measure a person’s distance from the device. When a Nest Hub notices you’re moving closer, it highlights current reminders, calendar events, or other important notifications.

Proximity alone isn’t enough. What if you just ended up walking past the machine and looking in a different direction? To solve this, Soli can capture greater subtleties in movements and gestures, such as body orientation, the pathway you might be taking, and the direction your head is facing — ­aided by machine learning algorithms that further refine the data. All this rich radar information helps it better guess if you are indeed about to start an interaction with the device, and what the type of engagement might be.

[…]

The ATAP team chose to use radar because it’s one of the more privacy-friendly methods of gathering rich spatial data. (It also has really low latency, works in the dark, and external factors like sound or temperature don’t affect it.) Unlike a camera, radar doesn’t capture and store distinguishable images of your body, your face, or other means of identification. “It’s more like an advanced motion sensor,” Giusti says. Soli has a detectable range of around 9 feet­ — less than most cameras­ — but multiple gadgets in your home with the Soli sensor could effectively blanket your space and create an effective mesh network for tracking your whereabouts in a home.

“Privacy-friendly” is a relative term.

These technologies are coming. They’re going to be an essential part of the Internet of Things.

Read More

Critical vulnerabilities in a software agent that’s used for remote management could allow hackers to execute malicious code and commands on thousands of medical and other types of devices from healthcare, manufacturing and other industries. Patches have been issued by the software agent’s developer, but most of the affected device vendors will need to release their own updates.

In the meantime, users should mitigate the risks by doing network segmentation and blocking some of the communication ports that can be used to exploit the vulnerabilities.

Seven vulnerabilities on the Axeda platform

Seven flaws ranging in severity from critical to medium were discovered in the Axeda platform by researchers from Forescout and CyberMDX. Axeda was a standalone solution, but is now owned by computer software and services company PTC, which develops solutions for the industrial IoT market.

To read this article in full, please click here

Read More

Businesses today have many tools in their security stack and security teams find themselves spending too much time managing the tools and not enough time tackling business-critical projects. Security tool overload creates internal challenges and distracts from the primary business mission. How can companies better protect themselves while staying on track to achieve goals?

 Let’s take a look at how working with a managed security service provider (MSSP) to manage your extended detection and response (XDR) solution can improve security coverage in busy and complex environments.

Much like secure access service edge (SASE) combines several network security protections, XDR combines network and endpoint detection and response capabilities with endpoint protection and security orchestration, automation, and response (SOAR). As with SASE, the devil is in the details.

XDR as a service helps you scale

One material way to simplify security is to enlist the aid of an MSSP. These experts have a deep understanding of how the tools work, and they have broad experience installing and running a variety of products and platforms in different customer environments.

XDR provides protection, detection, and response across the security ecosystem

While AT&T’s USM-based XDR is vendor-agnostic, it features a unique integration with SentinelOne, one of the leading vendors in the endpoint detection and response space. SentinelOne consolidates multiple endpoint security solutions, including next generation antivirus, pre-execution protection, and AI-based detection and response, into a single agent. The USM Anywhere integration with SentinelOne powered by the SentinelOne Advanced AlienApp allows the SOC analyst to terminate malicious processes, quarantine infected devices, and even roll back events to keep endpoints in a constant clean state. All this is achieved from a single pane of glass with the USM Anywhere platform.

Services based on AT&T’s USM Anywhere and SentinelOne bring broad visibility into your environment through their ability to interoperate with many security tools utilizing AT&T’s AlienApp integrations. These connections across your environment pull events and security intelligence into one centralized hub for further correlation and add context to help you respond faster to investigations and threats. With an extensive and evolving library of AlienApps, you will not need to rip and replace your current infrastructure; as you grow or change, your security can too.

Intelligence is key

Threat intelligence is critical for accurate detections and reducing false positives. This is one of the strengths of the USM Anywhere-based solutions—they include access to AT&T’s unique perspective as a service provider and operator of one of the largest networks in the world.

It starts with the world’s largest open threat intelligence community, AT&T Alien Labs Open Threat Exchange (OTX), feeding in data from researchers around the globe. Additional machine learning and security analytics help correlate the data and provide context so threats can be identified faster and more accurately. However, the biggest advantage is the AT&T Alien Labs researchers who, in combination with the OTX platform, can discover infrastructure and tools used by threat actors to host their operations and launch ransomware and other sophisticated cyberattacks. By concentrating on threat actor tactics, techniques, and procedures (TTPs), this approach provides early-stage, more predictive identification of threats, which means higher-fidelity detection of evolving threats.

Highly contextualized and correlated data is automatically maintained and fed into the award-winning USM platform, along with AlienApp intelligence for data analysis across your growing business.

Vendor lock-in, or multi-vendor integration?

One approach to addressing security tool complexity is to “go all in” with one vendor. The argument here is that standardizing on one vendor’s approach is better because the tools were designed to work together. However, the truth is that often each vendor’s products are more a collection of acquired technology than an integrated solution, and roadmaps for consolidation frequently stretch to the horizon. Not to mention that vendors tend to be leaders in one type of tech but followers in most other areas.

Another approach to consider is an open XDR solution. This approach brings together two important existing solutions: advanced security information and event management (SIEM) platforms with correlation engines, and endpoint detection and response agents. They also have deep integrations with third-party tools such as firewalls, SaaS/IaaS clouds, SASE solutions, and more. These integrations make responding to incidents, and automating responses, quick and easy. With this approach, you are free to choose the best security vendors with the confidence that they can be used together without the need for you to replace your entire stack.

Conclusion

There are no quick fixes for most of our modern security challenges, but one clear way to simplify things is to select products and services that are well integrated and offer the flexibility to mix and match critical components. By relying on MSSPs, organizations can reduce the need for both staff and subject matter expertise. Since detection and response has a significant learning curve, businesses can also realize significant savings and rest assured that their network is guarded by professionals. AT&T’s USM-based XDR brings together our strongest resources to help you improve your time to detect, respond, and recover from threats. Leverage our advanced security analytics, leading endpoint security, deep integrations with industry-leading vendors, and world-class 24×7 support to drive efficiencies in your security operations and help you find and quickly act on true threats to your business.

To learn more, visit AT&T Cybersecurity MSSP Partner Program (att.com)

Read More