Big name companies have made public this week some major security flaws in their devices. While it is not uncommon for companies to disclose information on potential vulnerabilities, this week the sheer number growing rapidly seems shocking.
Microsoft is trying to prevent the outbreak of a computer system bug. A serious flaw in Windows 7, Windows XP, and Windows Server 2003 and 2008 systems. Which can be exploited to create malware that is capable of automatically spreading from one vulnerable machine to another. Microsoft is urging those running older Windows systems to patch their machines. However, Windows 8 and Windows 10 are immune from the threat.
Intel found a susceptibility in every chip manufactured since 2011, which using 4 different bugs would steal data from victims processor. Cisco’s 1001-X router can be compromised using 2 different bugs, which would gain access to the router, then to administrative privileges on the device. This poses some wide range implications with just how marketed both commercial and residential Cisco products are. WhatsApp, an encrypted messenger service owned by Facebook has its own vulnerabilities by hackers implanting spyware onto a victims phone via Voice Call (even without you answering the call).
Luckily, these companies let it be known that they will be releasing patches, or make sure you download the latest version for your peace of mind.
Some hackers are getting creative in getting into people’s system by leveraging USB cables that have a Wifi Card in them which hallway the hacker the ability to access remotely and be in your local system. Once in the hacker can browse the network and servers at their leisure to capture any intellectual property without anyone knowing. The only left over signature would be the local device the USB cable is plugged into. It’s important to be mindful of the USB devices your are leveraging in your business community to ensure a better degree of security. There are also system tools that can be installed on all systems to notify your local admin when a device of this nature is within the network.
Law enforcement has dismantled the Andromeda malware family, which has been infecting computers since 2011. With the help of partners—including the FBI, Microsoft, and others—Europol intercepted the internet traffic between Andromeda-infected computers and the command servers to which the malware was communicating. All that traffic was then “sinkholed” and redirected to servers under the investigators’ control, giving law enforcement a detailed view of the malware’s activities. “According to Microsoft, during 48 hours of sinkholing, approximately 2 million unique Andromeda victim IP addresses from 223 countries were captured,” Europol said.
Andromeda infections happened through attachments from spam email campaigns, tainted downloads from bootleg media websites, and through exploit kits running over hacked websites, according to security firm Avast. Once a computer was infected, Andromeda also acted as a keylogger or a form grabber to steal user IDs and passwords. In addition, it could remotely take control over a PC.
“Andromeda was also sometimes used to download up to 80 other malware families onto infected victim computers,” according to The Shadowserver Foundation, a group of security experts that also helped dismantle the Andromeda botnet.
The main targets of the malware include North America, Asia, and Romania, among others.
Security firm ESET has a free tool that anyone can use to check if they have Andromeda (also known as Wauchos) secretly running on their computer. Systems found infected with Andromeda tend to contain other malware, according to security researchers.
ESET also noted that Andromeda was sold to cyber criminals in underground internet forums. “There is always a possibility that someone will reuse the Andromeda kit to build a new botnet,” the company said in an email.
For the original content, please visit:
Today McAfee announced that it has agreed to acquire Skyhigh Networks Inc., however, the amount has not yet been disclosed for the cybersecurity business.
Campbell-based Skyhigh had raised more than $106 million in venture funding and was valued at about $400 million after its last round in 2016, according to PitchBook Data. Its investors include Thomvest Ventures, Sequoia Capital, Greylock Partners and Salesforce Ventures.
The move came about roughly eight months after McAfee was spun out of Intel Corp. Intel got $3.1 billion but kept a 49 percent stake in the new company.
“Skyhigh Networks had the foresight five years ago to realize that cybersecurity for cloud environments could not be an impediment to, or afterthought of, cloud adoption,” Young said in the deal’s announcement. “They pioneered an entirely new product category called cloud access security broker (CASB) that analysts describe as one of the fastest growing areas of information security investments of the last five years – where Skyhigh continues to innovate and lead.”
Gupta said of the deal: “McAfee will provide global scale to further accelerate Skyhigh’s growth, with the combined company providing leading technologies and solutions across cloud and endpoint security – categories Skyhigh and McAfee respectively helped create, and the two architectural control points for enterprise security.”
For the original content, please visit: https://www.bizjournals.com/sanjose/news/2017/11/27/mcafee-to-buy-skyhigh-networks.html?ana=e_me_set1&s=newsletter&ed=2017-11-27&u=J%2BnMUGqJ76RaytOwAEIZRA05b0c11e&t=1511810588&j=79241841