USN-5821-1 fixed a vulnerability in wheel and pip. Unfortunately,
it was missing a commit to fix it properly in pip.
We apologize for the inconvenience.
Original advisory details:
Sebastian Chnelik discovered that wheel incorrectly handled
certain file names when validated against a regex expression.
An attacker could possibly use this issue to cause a
denial of service.
Hubert Kario discovered that GnuTLS had a timing side-channel when handling
certain RSA messages. A remote attacker could possibly use this issue to
recover sensitive information.
Post-quantum cryptography is still a few years from reaching required system capability levels. But organizations can take steps now to prepare. […]
Multi-layered, well-funded cybersecurity systems are unable to protect enterprises in the US and Europe from cyberattacks, according to a report by automated security validation firm Pentera.
The report, which was based on a survey of 300 CIOs, CISOs and security executives to get insights on their current IT and security budgets and cybersecurity validation practices, noted that the financial slowdown has had a minimal impact on cybersecurity budgets.
“We’re seeing more organizations increase the cadence of pentesting, but what we really need to achieve is continuous validation across the entire organization,” Aviv Cohen, chief marketing officer of Pentera, said in a press note. “Annual pentesting assessments leave security teams in the dark most of the year regarding their security posture. Security teams need up-to-date information about their exposure using automated solutions for their security validation.”
We created McAfee+ so people can be safe and feel safe online, particularly in a time where there’s so much concern about identity theft and invasions of online privacy—and reviewers have given it top marks as a result.
With data breaches, spam texts and calls, companies collecting and selling personal info, and suspicious charges cropping up on billing statements becoming so commonplace nowadays, it can seem like there’s little you can do to prevent it. Yet that’s far from the case. McAfee+ offers protection that puts you in control of your identity and privacy, all while protecting your devices from viruses and threats.
Reviewers of McAfee+ recognize the need for this kind of protection today, and here’s what three leading consumer PC publications had to say about McAfee+ and how strongly its protection stacks up.
Tech Advisor’s review opened with the big picture, that staying safe online protection calls for new tools that put you in charge of your privacy and identity. Of McAfee+, Tech Advisor said, “This feels like the beginning of a new era of cybersecurity where the customer is no longer helpless to unwanted intrusion, and McAfee+ makes sure they have the tools to use that new-found power.”
With that, they went on to say that McAfee+ is, “a complete cybersecurity package that goes beyond simply blocking nasties to offer a complete holistic ring of steel for everything you do online.”
Top features they called out include Lost Wallet support, which will help you cancel your cards and order replacements from a single screen. Moreover, they applauded our Identity Theft and Restoration Coverage which is “the sort of identity protection that you’d normally see from an insurance company.”
Our industry-first Protection Score also racked up points with Tech Advisor, which really latched onto the idea of improving their score. “We actually found chasing points quite compulsive – and most importantly, it means that you don’t need to worry about how any of the features we’re about to look at work, what they do, or even what they’re called – McAfee+ does all that for you, making it great, not just for tech-heads, but seniors, kids, and the less-tech-savvy alike.”
In their summary of McAfee+, Tech Advisor expressed our approach to online protection well by saying, “the future of safety online is holistic, and McAfee has come up with a package that reflects the realities of modern-day living.”
The PC Mag review gave McAfee+ a thorough walkthrough with a particular focus on its privacy and identity features, saying, “McAfee+ is now the most complete product in the McAfee line, and its combination of unlimited device protection with identity theft remediation is quite appealing.”
It highlighted our Personal Data Cleanup feature that scans some of the riskiest data broker sites and shows you which ones are selling your personal info and provides guidance for removing it—and further touched on our Identity Theft and Restoration Coverage that, “offers full identity monitoring and identity theft remediation rivaling that of many competing products, and you can now extend protection to your family.”
The review also put McAfee’s Credit Monitoring, Credit Lock, and Security Freeze features through the paces as well, which help you keep an eye on changes to your credit score, report, and accounts with timely notifications and guidance so you can take action to tackle identity theft.
PC Mag also called out the unlimited device coverage that protects all devices in your household, McAfee’s excellent third-party test scores for antivirus protection, and unlimited VPN—all adding up to a four-star review and an “Excellent” rating.
Like Tech Advisor, Trusted Reviews focused on the broader nature of online protection today, that it calls for much more than an antivirus. It calls for identity and privacy protection as well, and “McAfee+ Advanced is very much a do-it-all service.”
Notably, along the same lines, the review mentioned that the “new McAfee Plus tiers are among very few mainstream internet security suites to offer data broker removal services in the UK and Europe.” As mentioned above, our Personal Data Cleanup can help you spot and remove personal information from data broker sites, which bad actors of all stripes use to commit scams and identity theft. A couple of examples—scammers use data brokers to create lists of people that they can send spammy texts and calls, and thieves can also use data broker sites to harvest info that can help them commit identity theft.
Trusted Reviews also highlighted the unlimited number of devices and how it’s helpful for households with a lot of hardware to protect. The core antivirus was highlighted as well, in that “[t]he performance for McAfee Plus Advanced in recent lab tests has been excellent. It detected all malware with no false positives in AV-TEST’s latest Windows consumer antivirus test.”
The company’s push into identity protection and recovery in the UK is almost beyond the score of my anti-malware focus on these reviews, but it’s a useful toolkit to have on hand, and its data broker listing removal service is very welcome indeed.
Drop by our product page for more about McAfee+, including our new Family plans that include personalized protection for each member of the family. With several tiers and degrees of protection available across all our plans, you can get the level of privacy, identity, and device protection that’s right for you and everyone in your household.
The post The Reviews are In—McAfee+ Earns Top Marks from Review Sites appeared first on McAfee Blog.
CRYSTALS-Kyber is one of the public-key algorithms currently recommended by NIST as part of its post-quantum cryptography standardization process.
Researchers have just published a side-channel attack—using power consumption—against an implementation of the algorithm that was supposed to be resistant against that sort of attack.
The algorithm is not “broken” or “cracked”—despite headlines to the contrary—this is just a side-channel attack. What makes this work really interesting is that the researchers used a machine-learning model to train the system to exploit the side channel.
We’re so excited to announce our 2023 Partner of the Year awards. These annual awards recognize AT&T Cybersecurity partners that demonstrate excellence in growth, innovation, and implementation of customer solutions based on our AT&T USM Anywhere platform.
AT&T Cybersecurity’s 2023 Global Partner of the Year award goes to Cybersafe Solutions! Cybersafe Solutions experienced incredible growth in 2022 and we’re thrilled to be partnering with their team to help customers orchestrate and automate their security.
In addition to Cybersafe Solutions as our Global Partner of the Year, we’re proud to recognize seven other partners who demonstrated excellence in 2022. See below for the full list of winners and their feedback regarding their partnership with AT&T Cybersecurity.
“I am humbled and honored to accept AT&T’s 2023 Global Partner of the Year Award. Throughout our partnership, we have worked together to develop a comprehensive solution that enables Cybersafe to continuously monitor our customers’ networks to identify and mitigate threats rapidly. Sincere thanks to the entire AT&T team on contributing to this success. We are truly excited for what the future holds!”
-Mark Petersen, Vice President of Sales
“Arete is honored to be named AT&T Cybersecurity’s New Partner of the Year. Our complementary partnership combines unique threat intelligence from AT&T’s USM Anywhere SIEM platform with Arete’s XDR platform to provide our clients with faster threat detection and greater clarity. We look forward to a future of continued growth together as we work to transform the way organizations prepare for, respond to, and prevent cybercrime.”
-Joe Mann, CEO
“The cybersecurity threat landscape is growing in complexity—calling for greater collaboration across the IT channel ecosystem and between MSPs and their customers to stay secure. Together with AT&T Cybersecurity we are empowering channel partners with the knowledge and solutions needed to better protect their house and their customers from cyber attacks. It is an honor to be recognized three years in a row as AT&T Cybersecurity’s Distributor of the Year.”
-Eric Kohl, Vice President, Security and Networking
These awards recognize partners that had the highest sales bookings in each of the 4 regions during last year.
“We are honored to be recognized as AT&T Cybersecurity’s North American Partner of the Year and look forward to our continued partnership and delivering leading-edge security solutions to our shared clients. Coretelligent and AT&T Cybersecurity are a best-in-class pairing that provides the robust and secure cybersecurity management and monitoring that enterprises need to defend against the extreme threats of today’s cyber landscape.”
-Kevin J. Routhier, Founder and CEO
“We are thrilled to be announced as AT&T’s Cybersecurity EMEA Partner of the year for 2023. We’ve thoroughly enjoyed working with AT&T of the course of the past year and we’re so thankful that our dedication has paid off. We’d love to thank everyone at AT&T and Softcat who has worked with us on various projects during this period.”
– Aoibhín Hamill, Cyber Managed Services Advisor
“We are thrilled and honored to receive the prestigious AT&T Cybersecurity APAC Partner of the Year award! This recognition is a testament to our team’s hard work and commitment to delivering exceptional cybersecurity solutions to our clients. At Vigilant Asia, we strive to be at the forefront of innovation and this award affirms our efforts. Here’s to more partnership success!”
-Victor Cheah, CEO
“GMS is thrilled to be named Latin American Partner of the Year for 2023. Having previously garnered this distinguished award, our partnership with AT&T Cybersecurity only gets stronger as time goes on. AT&T’s continued innovation is central to our value proposition, and we feel privileged to work so closely with a company that shares our commitment to providing optimal security for our customers throughout the Andean region.”
-Esteban Lubensky, Executive President
Predictions on whether or when the global economy will fall into a recession continue to swirl. Even if one doesn’t hit anytime soon, economic volatility, more cautious corporate spending plans, and employee layoffs are already in play. For security chiefs, such news portends a tougher road ahead.
CISOs have never had an easy time — they’ve certainly faced inordinate challenges in recent years working to secure an ever-expanding and more distributed technology and data landscape. At the same time, they’ve had to contend with bad actors who have become more organized, better resourced, and increasingly sophisticated. Yet history has shown that a poor economy can bring on additional challenges and risks, making an already uphill battle even more difficult and security leaders should be bracing for that scenario ahead.
Companies rightly see much promise for future revenues and productivity by building and participating in emerging digital ecosystems — but most have not given enough consideration to the risks and threats inherent in such ecosystems. According to the TCS Risk & Cybersecurity Study, cyber threats within digital ecosystems may be an enterprise blind spot.
Santha Subramoni, global head, cybersecurity business unit at Tata Consultancy Services
