Tag Archives: McAfee

McAfee CEO Chris Young steps down, Peter Leav to take over

Chris Young is out as McAfee CEO, and Peter Leav is in.

McAfee appointed Leav to the role of CEO on Friday, succeeding Young, who “has decided to step down” according to a statement from the cybersecurity vendor.

McAfee said Young will remain in an advisory role during the transition period and will become a senior advisor at TPG Capital, which acquired a majority stake in the vendor from Intel in 2016. Leav will be appointed to the cybersecurity company’s board of managers when he joins on Feb. 3.

Leav has CEO experience in his most recent two roles at BMC Software and Polycom. He also previously held leadership roles at NCR Corporation and Motorola.

As McAfee CEO, Young led the initiative to spin out the company from Intel, after joining the chip maker two years earlier and serving as senior vice president and general manager of Intel Security Group. Intel had purchased McAfee in 2010 for $7.7 billion in an effort to beef up its security presence. TPG maintains a 51% stake in McAfee, while the other 49% belongs to other stakeholders including Thoma Bravo and Intel.

Eric Parizo, senior analyst at Ovum, called the move “absolutely shocking,” adding that, “While McAfee characterized the change as being Young’s decision to step down, there’s little doubt that Young was essentially fired.”

Parizo credited Young for much of the progress the vendor has made in recent years. “It’s unfortunate because Young has been the architect of a largely successful multiyear effort to renovate McAfee top to bottom,” he said. “From the launch of its MVISION cloud-based product portfolio to its new brand and revamped go-to-market strategy, McAfee today is more competitive than it’s been in years, thanks to Young’s efforts.”

Parizo also said Leav’s appointment could spell out TPG’s future plans for McAfee.

“Leav is a veteran technology executive, but his expertise lies in resuscitating struggling companies like BMC and Polycom and ultimately preparing them for sale,” he said. “I expect the same pattern to play out here; making a sale or other transaction involving McAfee increasingly likely. Even an acquisition by or combination with NortonLifeLock, which seemed farfetched until yesterday, is no longer out of the realm of possibility.”

Go to Original Article
Author:

McAfee launches security tool Mvision Cloud for Containers

Cybersecurity company McAfee on Tuesday announced McAfee Mvision Cloud for Containers, a product intended to help organizations ensure security and compliance of their cloud container workloads.

Mvision Cloud for Containers integrates container security with McAfee’s cloud access security broker (CASB) and cloud security posture management (CSPM) tools, according to the company.

“Data could … move between SaaS offerings, IaaS custom apps in various CPSs, containers and hybrid clouds. We want security to be consistent and predictable across the places data live and workloads are processed. Integrating CASB and CSPM allows McAfee to provide consistent configuration policies and DLP/malware scanning that does not restrict the flexibility of the cloud,” said John Dodds, a director of product management at McAfee.

According to Andras Cser, vice president and principal analyst for security and risk management at Forrester, when it comes to evaluating a product like Mvision, it’s worth looking at factors such as “price, cost of integration, level of integration between acquired components and coverage of the client’s applications.”

Mvision Cloud uses the zero-trust model application visibility and control capabilities by container security startup NanoSec for container-based deployments in the cloud. McAfee acquired NanoSec in September in a move to expand its container cloud security offerings.

Mvision Cloud for Containers builds on the existing McAfee Mvision Cloud platform, integrating cloud security posture management and vulnerability scanning for container workloads so that security policies can be implemented across different forms of cloud IaaS workloads, according to the company.

Other features of McAfee Mvision Cloud for Containers include:

  • Cloud security posture management: Ensures the container platforms run in accordance with Center for Internet Security and other compliance standards by integrating configuration audit checks to container workloads.
  • Container images vulnerability scanning: Identifies weak or exploitable elements in container images to reduce the application’s risk profile.
  • DevOps integration: Ensures compliance and secures container workloads; executes security audits and vulnerability scanning to identify risk and send security incidents and feedback to developers within the build process; and monitors and prevents configuration drift on production deployments of the container workloads.

Go to Original Article
Author:

McAfee details rise in blockchain threats, cryptocurrency attacks

A new McAfee report on blockchain threats shows

cryptomining
malware grew more than 600% in the first

quarter
this year.

McAfee’s “Blockchain Threat Report” details the massive increase in

cyberattacks
against cryptocurrency owners, exchanges and other companies leveraging blockchain as the value of those cryptocurrencies has surged over the last year. Steve Povolny, head of advanced threat research at McAfee, said the intent of the report is to create a baseline for the industry as it deals with increased blockchain threats that use many of the same attack techniques and methods of the last five to 10 years.

“We’ve seen an explosion in cryptocurrency value recently,” Povolny said. “Hundreds of them were created in a very short time, and now we’re seeing threat actors trying to capitalize on that value.”

While attackers have learned to adopt different attack methods that target both consumers and businesses, according to McAfee researchers, the four major attack vectors include familiar threats like phishing, malware, implementation vulnerabilities

and
technology. Phishing is the most familiar blockchain attack due to its prevalence and success rate, the researchers wrote. Malware, meanwhile, has exploded over the last year; the report shows the total

cryptomining
malware
samples increased 629% quarter-over-quarter in Q1 of this year. The report also notes that malware developers began to shift from ransomware to cryptocurrency mining in the last six months with “ransomware attacks declining 32% in Q1 2018 from Q4 2017 while coin mining increased by 1,189%.”

Technology attacks, as explained by the researchers, are threats like dictionary attacks that are used against cryptocurrency private keys. Lastly, implementation vulnerabilities refer to flawed deployments of blockchain technology; the report cites examples such as the 2017 attack on blockchain startup Iota, where attackers exploited cryptographic vulnerabilities to created hash collisions and forged signatures, which enabled the hackers to steal coins from users’ digital wallets. Povolny stressed these vulnerabilities are not flaws with blockchain itself, which has proved to be secure so far.

The “Blockchain Threat Report” states, “In most cases, the consumers of blockchain technology are the easiest targets. Due to a widespread start-up mentality, in which security often takes a backseat to growth, cryptocurrency companies often fall in this category.”

Povolny said the issue of security within cryptocurrency and blockchain creates a two-sided problem. The first side revolves around the companies that initially rushed to capitalize on cryptocurrency but didn’t complete basic security checks and risk assessments; those shortcomings, which include a lack of proper access controls,

make
them easy targets for threat actors, he said. The second side is the financial motivation, as many cryptocurrencies’ values reached all-time highs in late 2017, when Bitcoin was valued at almost $20,000 per coin, thus catching the attention of hackers. This two-sided cryptocurrency problem created a continuous cycle that resulted in the development of wallets and ledgers being built without a complete understanding of security risks or an implementation of security around the programs, McAfee researchers claim.

The report also notes that “recovering from cryptocurrency theft is more difficult and complicated than with most other currencies due to their decentralized nature.” In order to secure a network, a tailored risk assessment should be conducted.

As industries begin to implement their own blockchain technology, users should prepare for continued development of new technologies by cybercriminals to further compromise them, McAfee researchers wrote. However, since there is not a clear understanding of where these risks are,

trust
may be placed in unwarranted blockchain applications. In order to keep cryptocurrency wallets safe, Povolny recommends storing them locally on a computer that lacks network accessibility and notes that we may not see people flock to a currency like this again.

Despite the increase in threats, Povolny said the surge in cryptocurrency startups and blockchain deployments is expected to continue.

McAfee acquires cloud access security broker Skyhigh Networks

McAfee is acquiring cloud access security broker Skyhigh Networks in an effort to strengthen its cloud security portfolio.

Financial terms of the acquisition agreement were not disclosed. The Skyhigh Networks deal marks McAfee’s first major acquisition since it was spun off from Intel last year. The chipmaker purchased McAfee in 2010 for $7.7 billion and later rebranded the company as Intel Security. Last year, Intel sold a majority stake in McAfee to private equity firm TPG Capital for $3.1 billion.

Skyhigh Networks, which was founded in 2011, emerged as a leading player in the cloud access security broker (CASB) space and was one of the last remaining stand-alone companies in that market. During that span, Skyhigh earned significant investments from venture capital firms, as well was notable patents for its CASB model.

Since splitting off from Intel, McAfee has identified cloud security as a focal point for the business. During the company’s MPOWER Cybersecurity Summit last spring, McAfee CEO Chris Young said endpoint devices and cloud services were the “control points” where enterprises will need to put most of their security efforts in the future.

“McAfee is placing our bets on where we believe those environments are best modernized — where endpoint and cloud serve as the architectural control points linked by the security operations center with actionable threat intelligence, analytics and orchestration, and enabled by an open ecosystem,” Young wrote in an open letter posted Monday. “McAfee started its legacy in endpoint; Skyhigh in cloud.”

McAfee said Skyhigh will become part of the company’s new cloud security business unit, with Skyhigh CEO Rajiv Gupta running the unit. Gupta wrote in a blog post that joining McAfee will give Skyhigh more resources to invest in its technology roadmap.

Skyhigh earlier this year expanded its CASB model, which had traditionally focused on securing enterprise user connections to third-party SaaS applications, to include infrastructure as a service (IaaS). The company introduced two new products, Skyhigh for Custom Apps and Skyhigh for IaaS Platforms, to extend the company’s discovery services and security controls beyond SaaS.

The two companies said the acquisition is expected to close “shortly” following regulatory approvals and the completion of other customary closing conditions.