Posts Tagged 'data protection'

Selling stolen data is an easy way for cybercriminals to make some quick money on cyber black markets. The following flowchart shows a generic credential-stealing campaign in action. In the last step, the flow is bidirectional. The malware makes a two-way authentication-free connection between the victim and the attacker. This two way connection not only […]

You’ve probably heard of people storing information in “the cloud,” but what does that really mean, and is it safe to put your data there? The cloud is best described as a network of servers offering different functions. Some servers allow you to store and access data, while others provide an online service. You may […]

Lately, McAfee Labs has observed a lot of active samples detected as Trojan Laziok by many security vendors. According to online reports, the Trojan Laziok is dropped via an exploit of the Microsoft Windows Common Controls ActiveX Control Remote Code Execution Vulnerability (CVE-2012-0158), which arrives via a spam email. In contrast, we have identified the […]

In recent days, much has been said and written around the recently disclosed “Venom” vulnerability. It is important to fully understand the real-world severity of vulnerabilities such as Venom. Although the threat is potentially severe and certainly interesting (it is in a class of relatively rare guest escapes from virtual machines), one has to take into […]

Written by Deepak Choudhary There are always risks involved when relying on a third party to send and receive sensitive data over secure network channels. While we recognize the roles of the Public Key Infrastructure (PKI) and third party certificate authority (CA), we also believe that Certificate SSL Pinning can play a key role in […]