Election 2020 – Fake Election Websites: Five Tips So You Don’t Get Fooled When you spot a .GOV web domain tacked onto the end of a U.S. election website, that’s a strong sign you can turn to it for trustworthy election information. However, the overwhelming majority of local county election websites fail to use the .GOV domain. Recent research by McAfee found that more than 80% of the 3,089 county election administration websites in the…

October 2020 marks the 17th year of National CyberSecurity Awareness Month, where users and organizations are encouraged to double their efforts to be aware of cybersecurity issues in all their digital dealings—and to take concrete steps to increase their privacy and security as necessary. The Cybersecurity & Infrastructure Security Agency (CISA), in conjunction with the National Cyber Security Alliance (NCSA) has announced a four-week security strategy under the theme “Do Your Part. #BeCyberSmart”. (You can…

Election 2020 – Keep Misinformation from Undermining the Vote On September 22nd, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory about the potential threat from foreign actors and cybercriminals attempting to spread false information. Their joint public service announcement makes a direct statement regarding how this could affect our election: “Foreign actors and cybercriminals could create new websites, change existing websites, and create or share corresponding…

In January 2020, McAfee released the results of a survey establishing the extent of the use of .GOV validation and HTTPS encryption among county government websites in 13 states projected to be critical in the 2020 U.S. Presidential Election. The research was a result of  my concern that the lack of .GOV and HTTPS among county government websites and election-specific websites could allow foreign or domestic malicious actors to potentially create fake websites and use…

Spot Fake News and Misinformation in Your Social Media Feed Where do you get your news? There’s a good chance much of it comes from social media. In 2019, Pew Research found that 55% of American adults said they get their news from social media either “often” or “sometimes,” which is an 8% rise over the previous year. We can visualize what that mix might look like. Some of their news on social media may…

Vulnerabilities in HP Device Manager could be chained to achieve unauthenticated remote command execution. Background On September 25, HP published a security bulletin to address multiple vulnerabilities in HP Device Manager, software that’s used to remotely manage HP Thin Clients. The vulnerabilities were disclosed to HP by security researcher Nick Bloor. As part of a Twitter thread, Bloor warned that a combination of these vulnerabilities would result in “unauthenticated remote command execution as SYSTEM.” On…

Do you know the difference between Hispanic and Latino? What about the traditions that are important parts of the Hispanic culture? Or beloved Spanish or Portuguese phrases that don’t come across in English? McAfee’s team spans 45 countries, making us a team rich in cultural diversity. We are always learning more about each other and celebrate Latin culture year-round. To commemorate Hispanic Heritage Month, which runs from September 15 – October 15, we’ve asked members…

From June to August, part of the McAfee Advanced Threat Research (ATR) team participated in Microsoft’s Azure Sphere Research Challenge.  Our research resulted in reporting multiple vulnerabilities classified by Microsoft as “important” or “critical” in the platform that, to date, have qualified for over $160,000 USD in bounty awards scheduled to be contributed to the ACLU ($100,000), St. Jude’s Children’s Research Hospital ($50,000) and PDX Hackerspace (approximately $20,000). With these contributions, we hope to support and give back both to our local hacker community that has really stepped up to help during the COVID crisis, and also recognize, at a larger scale, the importance…