Hackers are targetting critical infrastructure providers, including nuclear power and defense agencies, in what may be a state-sponsored attack that's hiding behind North Korean code. Discovered by McAfee and dubbed "Sharpshooter", the operation has been running since November, largely focusing on US-based or English-speaking …

Infosec personality John McAfee has been found legally "liable" via a default judgment for the death of his neighbour, who was found dead from a gunshot wound to the head in his Belize home in 2012. The ruling (PDF) was made yesterday in a Florida district court as part of a five-year legal battle by Gregory Faull’s estate …

The average business has around 14 improperly configured IaaS instances running at any given time and roughly one in every 20 AWS S3 buckets are left wide open to the public internet. These are among the grim figures rolled out Monday by researchers with McAfee, who say that security practice has not kept up with the rapid …

A privilege escalation flaw in McAfee's True Key software remains open to exploitation despite multiple attempts to patch it. This according to researchers with security shop Exodus Intel, who claim that CVE-2018-6661 was not fully addressed with either of the two patches McAfee released for it. The flaw is an elevation of …

McAfee has pulled a version of its Endpoint Security software after folks reported the antivirus software was crashing their Windows machines. The security giant said it has taken down the August update for Endpoint Security 10.5.4, and is advising anyone who has downloaded it, but not installed, to hold off installing it. " …

A security vulnerability in "smart" power plugs can be exploited to infiltrate local computer networks. The flaw, spotted in Belkin's Wemo Insight smartplugs, would potentially allow an attacker to not only manipulate the plug itself, but also allow hopping to other devices connected to the same Wi-Fi home network. …

Hackers may be able to falsify patient vitals by messing with the traffic on hospital networks. Research from McAfee shows it’s possible to emulate and modify a patient’s vital signs in real time on a medical network using a patient monitor and a central monitoring station. Most patient monitoring systems comprise a minimum …

RoundupThis week you had to deal with AI security panic, fake Fortnite, and, if you use OpenBSD, the end of Intel HyperThread support Here are a few more bits of security news that you might have missed. Ready or not, here comes two-factor Azure log-in Microsoft is going to get its customers using best practices, even if it has to …

UpdatedIBM’s cloud experienced an “unplanned event” that caused its McAfee-as-a-service offering to operate with sub-par performance for nearly a day. “At approximately 0347 AM UTC on June 20, engineers with Compute Infrastructure identified a database issue that necessitated the restoration of a key update repository for McAfee …

McAfee has moved to patch a bug that falls under the “didn’t you get the memo?” category: among other things, its free Security Scan Plus online tool retrieved information over HTTP – that is, in plain text. The potential man-in-the-middle vector exists not in the operation of the free online scan, but in the house ads and UI …

Ransomware scum are investing in customer service processes to get more people paying, according to McAfee's lead scientist and principal engineer Christiaan Beek. Speaking at the RSA Pacific and Japan conference in Singapore today, Beek said that ransomware victims share stories of their experiences handing over bitcoin. If …

Virus-fighting tech renegade John McAfee has settled his lawsuit in the US with Intel over his own name. A judge in Manhattan dismissed both the barmy baron's 2016 lawsuit and Intel's countersuit on Wednesday after they announced they had received agreement over how and when McAfee was allowed to use his own name. The full …

Cisco's adding McAfee's Advanced Threat Defense to platforms supported by its Email Security Appliance platform. The alliance is designed to make integration between the two systems easy – the Advanced Threat Defence (ATD) e-mail connector is a single checkbox in the McAfee UI, plus selecting permitted hosts and the file …

All eyes will be on Microsoft's April patch run - due tomorrow - to see whether Redmond gets ahead of a nasty Word zero-day that popped up last week. The hack exploits Object Linking and Embedding and the FireEye researchers who discovered the bug were working with Microsoft, but were pre-empted by a disclosure from McAfee. …

LOGO WATCHMcAfee is McAfee again: the security company that Intel thought was worth US$7.68bn in 2010 and then sold 51 per cent of for $3.1bn in 2016 is now independent once more. McAfee LLC's new CEO, a chap named Christopher D. Young, has penned a letter setting out his stall. It's a minor masterpiece of ShinyHappyCorpSpeak™, …

The tech world's equivalent of Jarndyce and Jarndyce rolled back into a New York Court last week, with a judge refusing to grant John McAfee an injunction blocking Intel from transferring trademark rights to the name McAfee to a proposed cyber-security spin-off. Intel bought the name "McAfee" when it bought McAfee Associates …

McAfee has taken six months to patch 10 critical vulnerabilities in its VirusScan Enterprise Linux client. And these were nasty bugs as when chained they resulted remote code execution as root. Andrew Fasano, security researcher with MIT Lincoln Laboratory, says attackers can chain the flaws to compromise McAfee Linux clients …

Intel is selling off a majority stake in its security software arm – formerly known as McAfee – to private equity firm TPG, which will rename itself to, er, McAfee. Chipzilla absorbed McAfee Inc in 2010 for $7.68bn, and in 2014 it phased out the McAfee brand name. According to Intel, that software division is today valued at …