Cybersecurity firm McAfee announced on Thursday that its board of managers has appointed Peter Leav as the company’s new chief executive officer after Chris Young decided to step down.Leav will take on the role of CEO on February 3 and he will also be appointed to the company’s board of managers. Young will stay on in an advisory role to assist with the tran

The U.S. National Security Agency (NSA) has informed Microsoft that Windows is affected by a potentially serious spoofing vulnerability that could allow hackers to make a malicious file appear to come from a trusted source or conduct man-in-the-middle (MitM) attacks.The NSA reached out to reporters to inform them about the vulnerability before Microsoft rele

Microsoft Security Essentials (MSE) will stop protecting Windows 7 PCs on January 14, 2020, when support for Windows 7 is set to end.Organizations that cannot update their systems from Windows 7 to Windows 10 until January 14 can continue receiving patches for critical and important vulnerabilities for up to another three years if they purchase Extended Secu

The perpetrator was a master of disguise, outfitting himself as an employee to bypass the extensive preventive security controls and flee with the contents of the vault. Fortunately, the building was equipped with strong detection security measures, and the burglar—unaware of the location of a laser tripwire—soon set off a silent alarm. A handful of the best

Security architecture is like the ocean: no one owns it, and it is constantly affected by change. New technologies are introduced, staff changes occur, and as a result, communication suffers. I often see environments where ownership is placed into silos across teams in the enterprise, meaning IT administrators preventing threats may not get the insights unco

Globalization and business transformation have created an incredibly complex worldwide supply chain for almost all manufacturers. Hardware ostensibly manufactured in the U.S. will inevitably include components manufactured in many different locations around the world -- including nations that are in other circumstances described as 'adversary states'.The pot

Vulnerabilities discovered in Kaspersky Secure Connection, Trend Micro Maximum Security, and Autodesk Desktop Application could be exploited for DLL preloading, code execution, and privilege escalation, a security firm has warned.According to SafeBreach, Kaspersky Secure Connection (KSDE), a VPN client used with various Kaspersky applications, including Secu

A recently discovered technique allows ransomware to encrypt files on Windows-based systems without being detected by existing anti-ransomware products, Nyotron security researchers warn.Dubbed RIPlace, the technique allows malware to bypass defenses using the legacy file system "rename" operation, and the security researchers say it is effective even agains

Phoenix Keylogger Attempts to Disable More Than 80 security Products, Exfiltrates Data Direct from MemoryThe Phoenix Keylogger, operating at the cusp of keylogger and infostealer, was launched in July 2019. It is sold as malware-as-a-service (MaaS), and appears to be gaining traction in the criminal underworld.Nocturnus, the research team from Cybereaso

“Do You Want It Done Fast, Or Do You Want It Done Right?” “Yes.” “Help out more with our business objectives.” “Cover an increasing number of endpoints.” “Cut budgets.” “Make it all work without adding staff.” Cybersecurity teams face a lot of conflicting objectives—both within their teams and from upper management. But a May 2019 commissioned study conducte

Fortinet on Monday announced that it has completed the acquisition of San Francisco-based endpoint security company enSilo in an effort to enhance and strengthen its solutions.Through the acquisition, Fortinet adds enSilo’s detection and response technology to its Security Fabric framework, which enables organizations to manage different segments of network

Microsoft is working with PC manufacturing and silicon partners to design devices with a more secure firmware layer.The initiative aims to combat threats that are specifically targeting the firmware and operating system levels with the help of Secured-core PCs, devices that apply security best practices to firmware.These devices, the technology giant explain

An intrusion prevention signature update pushed out this week by Symantec for its Endpoint Protection product has caused many devices to crash and display a so-called blue screen of death (BSOD).After users started complaining on Symantec’s support forums and other websites, the cybersecurity firm released another update to address the issue. The version tha

Microsoft is now providing all of its Defender ATP (Advanced Threat Protection) customers with tamper protection, which is meant to prevent unauthorized changes to security features.The feature was launched as a hardening solution to prevent attacks where malicious applications or threat actors attempt to disable Windows Defender Antivirus, modify real-time

You’ve heard it once; you’ve heard it a hundred times – “secure the cloud.” But what does that phrase mean? On the surface, it’s easy to assume this phrase means using cloud-enabled security products. However, it’s much more than that. Cloud security is about securing the cloud itself through a combination of procedures, policies, and technologies that work