Network professionals are the front line in cyber-defence by defining and operating the perimeter. While it is only a first layer of static defense, its well worth understanding the wider threat landscape that you are defending against. Many companies publish regular reports and this one is from McAfee.
McAfee Labs Threats Report – April 2017 – Direct Link
Landing page is https://secure.mcafee.com/us/security-awareness/articles/mcafee-labs-threats-report-mar-2017.aspx
Note: Intel has spun McAfee out to a private VC firm in the last few weeks so its possible that we will see a resurgence of the McAfee brand. I’m doubtful that McAfee can emerge but lets wait and see.
Some points I observed when reading this report:
- McAfee wants to tell you about its cloud-based threat intelligence (which all security vendors have now, table stakes)
- The pitch is pretty much identical to any other cloud threat intelligence.
- The big six security companies have formed the Cyber Threat Alliance ( ….to prevent the startups from competing with them ? ) aka. Check Point, Cisco, Fortinet, Intel Security, Palo Alto Networks, Symantec
- Big section on Mirai botnet and how it works.
- Good summary of the different network packet attack modes in Mirai. Nicely laid out with useful information.
- Apparently MacOS malware “due to adware bundling” got a big spike.
- adware bundling is where an app download has malware embedded. Like Oracle’s Java install that attempt to install toolbars into your browser.
