Posts Tagged 'global threat intelligence'

Driven by the misfortune of many, Cyber Threat Intelligence exchange and consumption is becoming more proliferated, accessible and standardized. Together with legacy security technologies like Firewall, IPS and Vulnerability Assessment tools, SIEMs have used threat intelligence initially for the most common use-case of detection and – unique for SIEM – as context during attacks. However, […]

“Distrust and caution are the parents of security”–Benjamin Franklin A recent threat targeting Chinese users of Mac OS X and iPhone came to light yesterday. The malware, called WireLurker, is distributed by the Chinese third-party app store Maiyadi. Since the threat’s discovery, more than 400 applications containing the Trojan were identified at the store. Two […]

How many times today have you used the internet? And from how many different devices? I’m guessing the answer to both questions is “A lot”. The simple fact is that the internet is as indispensable as the roads we drive on. Some even claim Wi-Fi should be included alongside food and safety in Maslow’s Hierarchy […]

Recently, the McAfee Advanced Exploit Detection System (AEDS) has delivered some interesting RTF files to our table. These RTFs have executables “attached” to the documents. Usually, some words in the documents try to convince users to click and run the attachments. The following figure shows the point at which a user clicks on the attachment. […]

McAfee product coverage and mitigations for malware or indicators associated with the recent attacks (a.k.a. Dragonfly, Energetic Bear, Havex/SYSMain) on industrial control systems (ICS’s) are listed below. The Havex remote access tool is common across these associated attacks or campaigns–including Dragonfly. We have seen Havex in ICS-specific targeted campaigns. It can detect and affect ICS- […]