Author: Asad Yaseen

Passwords. We need them for almost everything nowadays. Entering our phones, our computers, social media, and almost any website that involves a credit card purchase or includes personal details. Every time we start a new account on a password-protected site or system, we’re prompted to create a password. We’re usually urged to make it a strong one, sometimes even forced to make it (#$uPeR*) complicated, but oftentimes we’re always thinking one of two things: 1….

Detrimental lies are not new. Even misleading headlines and text can fool a reader.  However, the ability to alter reality has taken a leap forward with “deepfake” technology which allows for the creation of images and videos of real people saying and doing things they never said or did. Deep learning techniques are escalating the technology’s finesse, producing even more realistic content that is increasingly difficult to detect. Deepfakes began to gain attention when a…

Election 2020 – How to Spot Phony Deepfake Videos this Election Maybe you’ve seen videos where Robert Downey Jr. and other cast members of The Avengers follow the yellow brick road after they swap faces with the cast of 1939’s The Wizard of Oz. Or how about any of the umpteen videos where the face of actor Nicolas Cage is swapped with, well, everybody, from the cast of Friends to Forrest Gump. They’re funny, uncanny,…

CVE-2020-16898: “Bad Neighbor” CVSS Score: 8.8 Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C OverviewToday, Microsoft announced a critical vulnerability in the Windows IPv6 stack, which allows an attacker to send maliciously crafted packets to potentially execute arbitrary code on a remote system. The proof-of-concept shared with MAPP (Microsoft Active Protection Program) members is both extremely simple and perfectly reliable. It results in an immediate BSOD (Blue Screen of Death), but more so, indicates the likelihood of exploitation for those who can manage…

Securing documents before cloud Before the cloud, organizations would collaborate and store documents on desktop/laptop computers, email and file servers. Private cloud use-cases such accessing and storing documents on intranet web servers and network attached storage (NAS) improved the end-user’s experience. The security model followed a layered approach, where keeping this data safe was just as important as not allowing unauthorized individuals into the building or data center. This was followed by a directory service…

2020 has seen cloud adoption accelerate with Microsoft Teams as one of the fastest growing collaboration apps, McAfee customers use of Teams increased by 300% between January and April 2020. When we looked into Teams use in more detail in June, we found these statistics, on average, in our customer base:   Teams Created                                                                 367 Members added to Teams                                      6,526 Number of Teams Meetings                              106,000 3rd Party Apps added to Teams                                 185 Guest users…

For many, Amazon Prime Day is an opportunity to score some great deals. For hackers, Amazon’s annual discount shopping campaign is an opportunity to target unsuspecting shoppers with phishing scams. In fact, researchers at McAfee Labs previously uncovered a phishing kit specifically created to steal personal information from Amazon customers in America and Japan just in time for last year’s Amazon Prime Day.  Let’s dive into the details of how this phishing kit worked and what you can do to protect yourself while hunting…

If you are someone who works for a cloud service provider in the business of federal contracting, you probably already have a good understanding of FedRAMP. It is also likely that our regular blog readers know the ins and outs of this program. For those who are not involved in these areas, however, this acronym may be more unfamiliar. Perhaps you have only heard of it in passing conversation with a few of your expert…

SANTA CLARA, Calif., Oct. 13, 2020 /PRNewswire/ — Palo Alto Networks (NYSE: PANW) today announced Prisma™ Cloud 2.0 which includes four new cloud security modules, enhancing its standing as the industry’s only comprehensive Cloud Native Security Platform (CNSP). A CNSP is designed to secure multi- and hybrid-cloud environments and cloud native applications integrating security across the full DevOps lifecycle. This announcement integrates Aporeto and builds on the November 2019 introduction of Palo Alto Networks Prisma Cloud….