Detection Effectiveness: the Beat Goes On

In May, we wrote about the breach discovery gap, which is the time it takes IT security practitioners to discover a data breach after their systems have been compromised in a cyberattack. We made this critical point:

Stopping attacks before they breach and narrowing the breach discovery gap require the ability to detect threats at multiple points of attack across the enterprise. High cross-product detection effectiveness stops more attacks before they breach and shortens time to breach discovery and containment. It reduces false positives, which frees up IT security practitioners to focus on real issues, in-progress or imminent.

At the time, we had received a string of third-party test results showing that McAfee products were doing an excellent job detecting threats. But what has happened since that time? Are we continuing to deliver excellent test results?

The answer is most definitely Yes. Here are our most recent third-party test results:

June 2014

In the May-June AV-Test enterprise endpoint test, McAfee VirusScan Enterprise with ePO scored a new all-time high of 17.0 out of 18.0 points, with perfect scores in Protection and Usability. That is a full point higher than the already excellent March-April score of 16.0. McAfee VirusScan Enterprise with ePO has received AV-Test certification in all 18 tests since they began in August 2011.

In the AV-Test consumer endpoint test, McAfee Internet Security received the same high score as in the previous test—17.5 out of 18.0 points—again with perfect scores in Protection and Usability. McAfee Internet Security has now received AV-Test certification in the last 17 AV-Test consumer endpoint tests, dating to October 2011.

July 2014

For the fourth straight time, McAfee scored a perfect 13.0 out of 13.0 points in AV-Test’s July mobile security test. This means that McAfee Mobile Security received a perfect Detection Effectiveness score for Android malware, no false positives, full marks in the category of “important security features”, and perfect scores for performance and usability. McAfee Mobile Security has now achieved certification nine times by AV-Test.

These continuing results underline McAfee’s commitment to superior malware and threat detection, which is foundational to reducing the time to breach discovery and containment. Shortening the time criminals have to operate decreases the theft of intellectual property and customer data. It also reduces remediation costs, business risk, and the potential damage done to reputation, financial prospects, and operations.

Detection effectiveness

For more information about these third-party test results, click here. You can also download an infographic here.

 

The post Detection Effectiveness: the Beat Goes On appeared first on McAfee.

Feds warn first responders of dangerous hacking tool: Google Search

You may already be dorking.

In a restricted intelligence document distributed to police, public safety, and security organizations in July, the Department of Homeland Security warned of a “malicious activity” that could expose secrets and security vulnerabilities in organizations’ information systems. The name of that activity: “Google dorking.”

“Malicious cyber actors are using advanced search techniques, referred to as ‘Google dorking,’ to locate information that organizations may not have intended to be discoverable by the public or to find website vulnerabilities for use in subsequent cyber attacks,” the for-official-use-only Roll Call Release warned. “By searching for specific file types and keywords, malicious cyber actors can locate information such as usernames and passwords, e-mail lists, sensitive documents, bank account details, and website vulnerabilities.”

That’s right, if you’re using advanced operators for search on Google, such as “site:arstechnica.com” or “filetype:xls,” you’re behaving like a “malicious cyber actor.” Some organizations will react to you accessing information they thought was hidden as if you were a cybercriminal, as reporters at Scripps found out last year. Those individuals were accused of “hacking” the website of free cellphone provider TerraCom after discovering sensitive customer data openly accessible from the Internet via a Google search and an “automated “ hacking tool: GNU’s Wget.

Read 8 remaining paragraphs | Comments

DreamHost’s Failure to Keep MySQL Updated Blocks Use of Latest Moodle Version

When it comes to the security of websites, keeping the software running them up to date is an important. While web hosts make a point of emphasizing the need to keep the user added software up to date, up to point of often incorrectly jumping to the conclusion that a website must have been hacked due to outdated software, they often fail to their part by keeping the software running the server up to date. In the case of DreamHost, this now not only means that their servers are not properly secured, but also that recent software can’t be used.

The latest version of Moodle, 2.7, requires at least version 5.5.31 of MySQL. This shouldn’t be a problem as MySQL 5.5 is currently the oldest series supported and version 5.5.31 was released 16 months ago. Unfortunately, while we preparing to do a Moodle upgrade for a client hosted with DreamHost we found that they are still on version 5.1.56. Our client contacted them about this and didn’t get any movement on getting this updated. They were not first, as the issue was brought up in May on a thread on DreamHost forum requesting that MySQL be updated. A DreamHost representative replied in the thread before and after that so they should have be aware that it was mentioned.

While the inability to use the latest version of Moodle is of concern, the larger issue is just how out of date DreamHost leaves the software running on their servers. Support for MySQL 5.1 ended at the end of last year, so they have been running an unsupported version for eight months. If they needed to stick to MySQL 5.1 for some reason, then you would expect that would be running the last version of 5.1, but there not. Instead they are running a version that is over three years out of date (5.1.57 was released in May of 2011) and they didn’t update after either of two subsequent releases with security updates were put out (5.1.62 and 5.1.63).

Twitter Patents Technique To Detect Mobile Malware

So it was discovered that Twitter has been granted a patent which covers detection of mobile malware on websites to protect its user base. The patent was filed back in 2012, but well – as we know these things take time. The method is something like the technology Google uses in Chrome to warn you [...] The post Twitter Patents Technique To...

Read the full post at darknet.org.uk