You can feel even more confident that you’ll enjoy life online with us at your side. AV-Comparatives has awarded McAfee as its 2021 Product of the Year.

McAfee makes staying safe simple, and now this endorsement by an independent lab says we protect you best.

Over the course of 2021, AV-Comparatives subjected 17 different online protection products to a series of rigorous tests. Their labs investigated each product’s ability to protect against real-world Internet threats, such as thousands of emerging malicious programs and advanced targeted attacks, along with the ability to provide protection without slowing down the computer.

McAfee topped the field, taking home the award for AV-Comparatives’ Product of the Year thanks to our highest overall scores across the seven different testing periods throughout the year. McAfee further took a Gold Award for the Malware Protection Test, in addition to recognition for its clean, modern, and touch-friendly design and for the way that McAfee Firewall coordinates perfectly with Windows.

“We’re honored by the recognition,” says Chief Technology Officer, Steve Grobman. “The strong reputation that AV-Comparatives carries in the industry cements our place as a leader in online protection.” He goes on to say, “Our work continues. The internet is evolving to be integral to every part of our lives. This creates new opportunities for cyber criminals and drives the evolution of the threat landscape. McAfee is committed to staying one step ahead of these sophisticated threats, ensuring customers can safely utilize the full value of our online world.”

Read the full AV-Comparatives annual report and protect yourself and your family with the year’s top-rated antivirus. Give it a look for yourself with a free 30-day trial of McAfee Total Protection, which includes McAfee’s award-winning anti-malware technology plus identity monitoring, Secure VPN, and safe browsing for an all-in-one online protection.

The post McAfee Wins Product of the Year for Best Online Protection appeared first on McAfee Blogs.

Read More

Rolling Stone is reporting that the UK government has hired the M&C Saatchi advertising agency to launch an anti-encryption advertising campaign. Presumably they’ll lean heavily on the “think of the children!” rhetoric we’re seeing in this current wave of the crypto wars. The technical eavesdropping mechanisms have shifted to client-side scanning, which won’t actually help — but since that’s not really the point, it’s not argued on its merits.

Read More

Benjamin Franklin advised fire-threatened Philadelphians in 1736 that, “An ounce of prevention is worth a pound of cure. Clearly, preventing fires is better than fighting them……”

So, to what extent are we able to protect ourselves from Cybersecurity events? With the alphabet soup of acronyms out there such as NIST, ISO, SOC, CISA, DevSecOps, etc…… protecting your business from Cybersecurity threats can be overwhelming. Making Cybersecurity a priority can save your business down the road.

Threat Actors, once in, may lay dormant for months much like a human virus. The hacker with the persistent access in place will sit in the background infecting as much as possible and gathering as much data as they can. Like a cold, you may feel fine, but you’ll notice things are off a bit. You get tired easier; seem a little sluggish.

The same symptoms will occur in your IT environment as the malware spreads downloading data and expanding across your global network corrupting backups and leaving little options. Once the actor has embedded themselves, they will strike. Ransomware and stolen customer data can put an enterprise out of business for months.

Social engineering

Social engineering is the most prevalent way threat actors find their way into your environment. Disguising themselves as legitimate web sites, email, and customer service entities they depend on people’s kindness, willingness to help and urgency to resolve perceived threats/problems. Training your employees on recognizing these threats is both simple and critical in preventing an intrusion.

Verifying the URL on a link is the quickest and easiest way to determine validity. The safest bet; is if you don’t know who sent it don’t click it. Look up the phone number for the company on an independent site and call them to verify the request. Do not use the number that was embedded in the email. Many businesses or government entities will never call or email you. Getting an unexpected call from the Social Security administration or the IRS will never happen. Instead, they will use traditional mail.

Network design and architecture

Architecting a robust network with multiple layers of firewall protection, redundant pathways for both external and internal and isolating critical data is paramount in limiting the damage done by a threat actor. In the first layer all client data should be completely isolated from external facing equipment. Access to these environment’s should be heavily restricted to a limited number of people and applications.

The next layer is the application layer and should be divided into those applications accessing the data and those processing it. Lastly is the customer facing layers. These will sit on the public internet or companies’ intranet and be most exposed to threats. Utilizing a simple three-layer approach can prevent most leakage points from being exposed. More complex architectures may be needed depending on the industry or the data.

Asset inventory/patches

All assets on the network must be identified and tracked. Assets that are not in the inventory or patched can be Trojan horses themselves. Sitting on the network these assets are easy targets for Threat Actors. Knowing the age of the assets and patch levels is critical. Older assets may be out of maintenance; therefore, they may no longer have patches available and can be easily exploited.

Newer assets may sit unpatched due to the application utilizing them not being able to support the most recent patches. These machines must be isolated and scrutinized more closely. Lastly, having an active patching process of N-1 or better as well as subscribing to the latest threat alerts with your vendors is paramount to making sure you are safely secured.

Backups

Backups of data and applications are necessary to restoring your operations in the event of a ransomware or other intrusions. Since Threat Actors may have been lurking in your environment for months prior to being identified, your backups may be corrupted. If this occurs, once you restore, the Threat Actor will simply shut you down again. It’s imperative to keep the restoration environment isolated until you can scan all restored systems and verify that they are clean prior to going back online.

Budgets

Some intrusions occur due to carelessness or lack of processes and procedures. In others, it is a lack of budgetary foresight creating cyber risk. Technology debt occurs quickly when finances are tight, and decisions are made to put off upgrades and maintenance to save money. “We’ll take care of it next year when things are better”, so they say.

One year quickly becomes three. As long as mission critical applications are functioning as expected, long range planning for them are overlooked. Proper budgetary planning for equipment maintenance & replacements, software patching and application upgrades are an imperative. It must be an integral part of every company’s financial planning process.

Preparedness

Just like with home protection; running fire drills, having home escape plans, regularly testing your security system and maintaining your smoke detectors; you need to do the same with your IT environments. Have a certified third party review your infrastructure and application architecture to ensure it has solid protective layers in place and all sensitive data is isolated. Conduct a review of all security policies, procedures, and training.

Run external and internal penetration tests to see if any holes exist and quickly execute remediation plans. Have a ransomware playbook in place and run preparedness drills. Regularly scan your backups for known malware. Maintain an active asset inventory list and perform quarterly audits of move, adds and changes to ensure nothing is on the network that shouldn’t be there. 

An ounce of prevention

Even with proper grounding, installing smoke detectors, and sprinkler systems; fires still occur. Setting up and maintaining safety and security measures ensures that damage is avoided, minimized, and contained.

To the Threat Actor, data theft, ransomware, and denial of service attacks are a very profitable game. They are patient and will continue to probe until they find a way in. Companies that have fallen behind with updates and upgrades will become easy marks. As an IT leader you must stay one step ahead of them with proper planning and maintenance of your total environment.

Read More

Security exec Chad Kliewer had heard the initial reports of the SolarWinds attack as news about it broke in December 2020, sympathetic to those companies first named as victims of the hack.

To read this article in full, please click here

(Insider Story)

Read More

Here’s a fascinating report: “Bounty Everything: Hackers and the Making of the Global Bug Marketplace.” From a summary:

…researchers Ryan Ellis and Yuan Stevens provide a window into the working lives of hackers who participate in “bug bounty” programs­ — programs that hire hackers to discover and report bugs or other vulnerabilities in their systems. This report illuminates the risks and insecurities for hackers as gig workers, and how bounty programs rely on vulnerable workers to fix their vulnerable systems.

Ellis and Stevens’s research offers a historical overview of bounty programs and an analysis of contemporary bug bounty platforms — ­the new intermediaries that now structure the vast majority of bounty work. The report draws directly from interviews with hackers, who recount that bounty programs seem willing to integrate a diverse workforce in their practices, but only on terms that deny them the job security and access enjoyed by core security workforces. These inequities go far beyond the difference experienced by temporary and permanent employees at companies such as Google and Apple, contend the authors. The global bug bounty workforce is doing piecework — they are paid for each bug, and the conditions under which a bug is paid vary greatly from one company to the next.

Read More

While data-wiping malware is hitting the PCs of multiple Ukrainian organisations, Russia has taken the surprising step of arresting 14 members of the REvil ransomware gang.

Read More