Archive for the ‘Intel Security’ Category

WhatsApp Gold: Why Upgrading Isn’t Always a Golden Idea

June 14th, 2016

Whether it was the cool sneakers everyone had in grade school, or the latest cell phone release, we always want what’s new and hip. The desire to stay on top of trends and ahead of our friends carries over to our tech, too. We know to be careful when downloading on our mobile devices, but it’s easy to get caught up in a shady upgrade! Software updates are seen as fixes for bugs and improvements in design, but without judging speculatively, that upgrade could very well lead to cyber nightmares like malware.

That’s what happened when users of the popular messaging app, WhatsApp, fell victim to a lookalike sneakily disguised as the real deal. Thousands of users were given the option to download ‘WhatsApp Gold,’ via links spread over texts and social networks. This fake version of the app claimed to offer premium features that were only previously available to celebrities and users of status – ooh, aah! But, instead of premium features, the download actually led to the last feature a user would ever want: malware.

Don’t fall victim to the same cybercrime trickery! Follow these tips to stay golden:

  • Toss It in the Trash: If you receive a message that looks like a scam, delete it, and do not click to investigate. One click can trigger the malware and infect a device within seconds. Mobile users are prompted with so many updates, it can be easy to download without thinking. Move with caution when it comes to clicking shady links.
  • Something Smells Fishy: Don’t just assume that any message you see from a technology provider is legitimate. Cybercrime is thriving like never before, and sadly no one is immune. Rather than clicking the link to see where you end up, do a search on the web. In the WhatsApp Gold case, users could have avoided trouble by heading to the main WhatsApp website to do some investigating. If an app just released an update, the news will be front and center. Forums and blogs (like us!) are also full of the latest hacks; follow the breadcrumbs and see if the update is the real deal.
  • Stick with the App Store You Know and Love: We all love to get a deal, but shopping in third party app stores is a big no-no. These apps aren’t held to the same standards as reputable app stores, and downloading from one is practically asking to have your mobile device hacked.
  • We Have Your Back: Comprehensive security software is the defense you need to protect against hackers. McAfee® Mobile Security, for both Android and iOS offers plenty of protections to keep your mobile device in the clear. Next time you go to download a suspicious app, we’ll stop you in your tracks.

Don’t get caught up in the new and cool; losing your data to a scam is definitely not what the cool kids do!

Looking for more security tips? Make sure to follow @IntelSec_Home on Twitter and like us on Facebook.


The post WhatsApp Gold: Why Upgrading Isn’t Always a Golden Idea appeared first on McAfee.

Posted in app security, consumer, Intel Security, Mobile Security | Comments (0)

The Perfect Storm of Opportunity

September 9th, 2015

I began my ninth day as Channel Chief at Intel Security by connecting with many partners for the first time in our quarterly global partner webcast. These partner discussions and my meetings with Intel leadership this past week underline a perfect storm of opportunity for our partners: a brutal modern threat environment, customer requirements for an integrated solution, and Intel Security leading the way with a platform-based approach.

Both our partners and Intel Security are determined to be our customers’ #1 Security partner, not just by tallying up revenues, but by delivering exceptional customer outcomes. Let me reinforce our strategy to pull this off. There are three key tenants:

Increasing partner profitability
We are laser-focused on instilling two principles in our culture to positively impact partner profitability:

Rules of engagement – Our dealings with partners are based on transparency, consistency, and predictability especially when it comes to sales opportunities. This new pledge to our partners is becoming standard operating procedure at Intel Security.

Simplifying doing business with us –  Time is money and we’ll continue to help you make it easy for  you to sell. Along the way we’ll seek your feedback and share our long term vision.

Accelerating target partners for growth
Our investments and programs will continue to focus on those partners who are investing to grow with us. Managed Security Service Providers and Commercial are prime areas of opportunity. Together we can capture the lion’s share of the market during the shift to managed security services.

Investing in technical and services enablement
In the security space, effective customer outcomes are a must. We are investing in the programs, training, and professional services so Intel Security partners are the best at designing, implementing, and supporting security infrastructure.

You can count on me driving these strategies and principles at Intel Security. You can also count on the commitment from the highest levels in this organization.

Log into the Partner Portal to watch a replay of our quarterly webcast and stay tuned as we move toward our Global Partner Summit in late October.

The post The Perfect Storm of Opportunity appeared first on McAfee.

Posted in Intel Security, Intel Security Channels, McAfee partners | Comments (0)

A Simple and Safe Solution for Remembering Your Passwords, from Intel Security

January 7th, 2015

Passwords – both a blessing and a curse!

When used correctly, they keep you safe and protected from those attempting to steal your personal information. However, with a different password for every site or app, remembering each one becomes a difficult task.

I’ve become all too familiar with the turmoil that a forgotten password can bring. Really, though, who hasn’t? Between personal and work email logins, all corporate and personal social media properties, internal portals, and blog sites (need I go on?), we have a lot of passwords to keep track of.

What if I told you there’s a better way to keep track of all of your passwords in one simple and safe service, alleviating the headache of remembering them at all?

Introducing True Key™ from Intel Security. An easier, safer way to unlock your digital world.  You can download True Key on your phone, tablet or computer and get where you want to go faster – without the hassle of having to remember, or type multiple passwords. True Key unlocks your apps, websites and devices using things unique to you—like your facial features, the devices you own, or a fingerprint, for flexible multi-factor protection.  From there, True Key takes your current passwords and makes them stronger, remembers them and instantly logs you in.

Sayonara, passwords!

Right now, True Key is available in limited release, and for those of you present at CES, we’ll be showing the product details live.

Make sure you stop by the Intel booth #7252 at CES to participate in some exciting demos of our new technology, and anyone who visits will receive a free 1-year premium subscription to True Key!

For more information on this product and the Intel Security events at CES, follow myself and @IntelSec_Home on Twitter, and Like us on Facebook.

The post A Simple and Safe Solution for Remembering Your Passwords, from Intel Security appeared first on McAfee.

Posted in Executive Perspectives, Intel Security, password safety | Comments (0)

Threat Intelligence: Sink or Swim?

January 7th, 2015

The coming flood of threat-intelligence data from the Internet of Things and new classes of endpoints has organizations seriously evaluating their strategies.

Some customers that I speak with are uncertain about the nature, value, and best usage of threat intelligence. The term can mean global threat intelligence (very general), industry threat intelligence (more relevant to you), or local threat intelligence (what your own users, infrastructure, and systems experience). Harnessing any, let alone all, of these intelligence sources creates a big data challenge, now addressable with the combination of innovative threat intelligence platforms and security information and event management (SIEM) systems. Most companies are just getting their strategies in place for threat intelligence and its impact on traditional endpoints. When you factor in the Internet of Things (IoT)  we’ll either drown in the data or find a way to swim.

According to new Forrester research, “One in 10 US online adults has already used a fitness tracker,” and “Today, 68% of global technology and business decision-makers say that wearables are a priority for their firm, with 51% calling it a moderate, high, or critical priority.” (Source: Forrester, Five Urgent Truths About The Future Of Wearables That Every Leader Should Know, December 2014.

The IoT includes connected consumer devices like personal wearables for monitoring health and fitness, thermostats, smoke detectors, and home video monitors. Business systems, such as heating and air conditioning systems, lighting, interior and exterior signage, and transportation sensors, are joining point-of-sale terminals and manufacturing controllers on the IoT. In addition, corporations are dreaming up innovative uses for devices such as smartwatches and silent sensors, whether as services to sell to their customers, or that make their own employees more productive, effective, or safe.

All of these devices process, transmit, and store data, from innocuous to highly personal. They also have vulnerabilities, making them not only potential attack targets but also potential entry points to connected systems. As the newest members of the network, we expect that targeted attacks will increasingly aim at these devices and their vulnerabilities to gain entry to the enterprise.

With devices proliferating and the most mundane becoming network connected, the number of potential backdoors is almost immeasurable. We have already seen networks compromised via their HVAC system, surveillance cameras, or smart meters. Why not through a water pump, light bulb, or door lock?

Vendors are actively working to protect the IoT, with chip-level security, firewalls, gateways, secure boot functions, authentication and access controls, and constraints on application execution. Intelligence from this front line will be critical to reducing time to detection and containment.

The challenge is making sense of this intelligence given the size and expanding scale of the data set. Visualize the number of devices on an electrical grid, manufacturing site, or city neighborhood: There are many more zeros on that number than in your typical enterprise network. Each device, firewall, and gateway will publish information on local behavior. Security messaging buses can quickly carry this info to affected and interested systems, making it available to the appropriate security operations center and incident response team.

And then what?

As networks shift from a majority of human-interface devices (PCs and smartphones) to a majority of machine-to-machine devices, networked systems become more and more industry specific. Threat intelligence and defenses are one aspect of this path, gathering event and context data for vertical industries.

This new flood of data adds to security’s existing big data problem, when security analysts are already being overwhelmed with events and alerts, trying to leverage high performance analytics like Hadoop to find meaning in the masses of information. Log management- oriented SIEM is already giving way to advanced systems that are very proficient at filtering, processing, and evaluating this data, picking out anomalous events for further investigation. The IoT will accelerate this transition and put an even heavier burden on appropriate automation—this year’s “must-have” gift for security operations teams.

Vertical threat intelligence, such as we are seeing with FS-ISAC and from governmental initiatives, will be normalized and correlated with local (my company) and global (the world) threat intelligence to help systems and their people decide what to do.

Vendors will provide device and vertical-industry level threat intelligence, just like they do today for existing endpoints. Your IoT can be protected, but protection will come by thinking about security as an integral part of the infrastructure, not as an afterthought.

Once anomalous behavior is detected and identified as a potential indicator of attack or indicator of compromise, it will be important to share it quickly within a trusted community. With the speed of execution and adaptation of current attacks, keeping a threat private will no longer be acceptable, nor will waiting for security alerts from centralized security teams. It will just take too long to rely on humans to notice and respond to urgent alerts. Instead, community-level information sharing and analysis centers will automatically gather and redistribute threat information to members. The goal remains the same: security practice needs to move from farming all of the data reactively to hunting with it proactively. Shared threat intelligence, linked by a threat intelligence exchange, combines global, national, local, vertical, and targeted threats into a customized, holistic view for each organization.

View the original post on Dark Reading.

The post Threat Intelligence: Sink or Swim? appeared first on McAfee.

Posted in Dark Reading, Executive Perspectives, Intel Security, Internet of things, Security Connected, threat intelligence | Comments (0)