News

Proofpoint researchers have observed the growing use of the ClickFix social engineering tactic, which lures people into running malicious content on their computer

A phishing email claims to be from the New York Times with a story about an assassination attempt against President-elect Donald Trump

Phishing attacks using DocuSign impersonations targeting state agencies have surged 98% since Nov 8

BeaverTail malware has been used to target tech job seekers through fake recruiters, Palo Alto Networks’ Unit 42 has found

The US Federal Trade Commission is celebrating a halving of unwanted telemarketing and scam calls since 2021

The UK’s National Cyber Security Centre is urging shoppers to stay safe this Christmas after revealing they lost £11.5m to fraudsters in 2023

Zero-day vulnerabilities are more commonly used, according to the Five Eyes:

Key Findings

In 2023, malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks compared to 2022, allowing them to conduct cyber operations against higher-priority targets. In 2023, the majority of the most frequently exploited vulnerabilities were initially exploited as a zero-day, which is an increase from 2022, when less than half of the top exploited vulnerabilities were exploited as a zero-day.

Malicious cyber actors continue to have the most success exploiting vulnerabilities within two years after public disclosure of the vulnerability. The utility of these vulnerabilities declines over time as more systems are patched or replaced. Malicious cyber actors find less utility from zero-day exploits when international cybersecurity efforts reduce the lifespan of zero-day vulnerabilities.

There’s no denying that Generative Artificial Intelligence (GenAI) has been one of the most significant technological developments in recent memory, promising unparalleled advancements and enabling humanity to accomplish more than ever before. By harnessing the power of AI to learn and adapt, GenAI has fundamentally changed how we interact with technology and each other, opening new avenues for innovation, efficiency, and creativity, and revolutionizing nearly every industry, including cybersecurity. As we continue to explore its potential, GenAI promises to rewrite the future in ways we are only beginning to imagine. 

Good Vs. Evil 

Fundamentally, GenAI in and of itself has no ulterior motives. Put simply, it’s neither good nor evil. The same technology that allows someone who has lost their voice to speak also allows cybercriminals to reshape the threat landscape. We have seen bad actors leverage GenAI in myriad ways, from writing more effective phishing emails or texts, to creating malicious websites or code to generating deepfakes to scam victims or spread misinformation. These malicious activities have the potential to cause significant damage to an unprepared world. 

In the past, cybercriminal activity was restricted by some constraints such as ‘limited knowledge’ or ‘limited manpower’. This is evident in the previously time-consuming art of crafting phishing emails or texts. A bad actor was typically limited to languages they could speak or write, and if they were targeting victims outside of their native language, the messages were often filled with poor grammar and typos. Perpetrators could leverage free or cheap translation services, but even those were unable to fully and accurately translate syntax. Consequently, a phishing email written in language X but translated to language Y typically resulted in an awkward-sounding email or message that most people would ignore as it would be clear that “it doesn’t look legit”. 

With the introduction of GenAI, many of these constraints have been eliminated. Modern Large Language Models (LLMs) can write entire emails in less than 5 seconds, using any language of your choice and mimicking any writing style. These models do so by accurately translating not just words, but also syntax between different languages, resulting in crystal-clear messages free of typos and just as convincing as any legitimate email. Attackers no longer need to know even the basics of another language; they can trust that GenAI is doing a reliable job. 

McAfee Labs tracks these trends and periodically runs tests to validate our observations. It has been noted that earlier generations of LLMs (those released in the 2020 era) were able to produce phishing emails that could compromise 2 out of 10 victims. However, the results of a recent test revealed that newer generations of LLMs (2023/2024 era) are capable of creating phishing emails that are much more convincing and harder to spot by humans. As a result, they have the potential to compromise up to 49% more victims than a traditional human-written phishing email1. Based on this, we observe that humans’ ability to spot phishing emails/texts is decreasing over time as newer LLM generations are released: 

 

Figure 1: how human ability to spot phishing diminishes as newer LLM generations are released 

This creates an inevitable shift, where bad actors are able to increase the effectiveness and ROI of their attacks while victims find it harder and harder to identify them. 

Bad actors are also using GenAI to assist in malware creation, and while GenAI can’t (as of today) create malware code that fully evades detection, it’s undeniable that it is significantly aiding cybercriminals by accelerating the time-to-market for malware authoring and delivery. What’s more, malware creation that was historically the domain of sophisticated actors is now becoming more and more accessible to novice bad actors as GenAI compensates for lack of skill by helping develop snippets of code for malicious purposes. Ultimately, this creates a more dangerous overall landscape, where all bad actors are leveled up thanks to GenAI. 

Fighting Back 

Since the clues we used to rely on are no longer there, more subtle and less obvious methods are required to detect dangerous GenAI content. Context is still king and that’s what users should pay attention to. Next time you receive an unexpected email or text, ask yourself: am I actually subscribed to this service? Is the alleged purchase date in alignment with what my credit card charges? Does this company usually communicate this way, or at all? Did I originate this request? Is it too good to be true? If you can’t find good answers, then chances are you are dealing with a scam. 

The good news is that defenders have also created AI to fight AI. McAfee’s Text Scam Protection uses AI to dig deeper into the underlying intent of text messages to stop scams, and AI specialized in flagging GenAI content, such as McAfee’s Deepfake Detector, can help users browse digital content with more confidence. Being vigilant and fighting malicious uses of AI with AI will allow us to safely navigate this exciting new digital world and confidently take advantage of all the opportunities it offers. 

The post The Dark Side of Gen AI appeared first on McAfee Blog.

The holiday season often brings a rush of new gadgets—smartphones, tablets, laptops, and smart home devices—into households. One survey revealed that nearly 199 million U.S. adults planned to purchase tech products and services as gifts for the holiday season. For the tech-savvy among us, it also means becoming the go-to person for setting up, troubleshooting, and securing those shiny new devices. But while it’s great to help your loved ones get the most out of their tech, it’s just as important to ensure they’re protected from digital threats like malware, phishing, and privacy breaches.

This year, step up as the digital IT hero of the holidays by taking proactive measures to safeguard your family’s online life. Here’s a guide to help you create a safer digital environment for your loved ones by setting up their devices with robust cybersecurity protections.

1. Install a VPN for Secure Browsing

One of the first steps in protecting new devices is ensuring that internet connections are secure. A Virtual Private Network (VPN) is essential for safeguarding your family’s data, especially when using public Wi-Fi networks at coffee shops, airports, or hotels. Without a VPN, any data you send or receive—such as login details, personal information, or banking credentials—can be intercepted by cybercriminals using simple hacking tools. A VPN encrypts your internet connection, making it much harder for anyone to spy on or steal your information, even on public networks. This layer of security is crucial to protect your privacy and keep your data safe from potential threats.

How to help:

• • Choose a reliable VPN service that has a user-friendly app. The VPN should undergo independent reviews and audits to guarantee the security of your sensitive information.
  • Set it up on your family’s devices, ensuring it activates automatically when connecting to unsecured networks.
  • Walk your loved ones through how to enable the VPN and why it’s important, encouraging them to use the VPN for any online banking, shopping, or work-related tasks they perform while traveling.

2. Ensure Antivirus Software is Up to Date

Antivirus software plays a crucial role in protecting devices from malware, ransomware, and other cyber threats by continuously scanning for malicious activity and preventing harmful files from executing. It acts as a first line of defense, detecting and removing viruses before they can compromise your system or steal sensitive data.

How to help:

• Install or verify that their devices have a strong, reliable antivirus program that offers 24/7 identity monitoring and alerts and AI-powered security for real-time protection against viruses, hackers, and risky links.
• Look for a security suite that also includes protections on social media, like McAfee+ Social Privacy Manager, which can help you adjust 100+ privacy settings across your social media accounts in just a few clicks.
• Configure it for automatic scans and updates, so they don’t have to worry about remembering to run them manually.

3. Set Up Strong Passwords and Enable Multi-Factor Authentication

Passwords are the first and often most critical line of defense for online accounts, but unfortunately, many people still rely on weak or predictable combinations like “password123” or simple sequences of numbers. These easy-to-guess passwords leave accounts vulnerable to cybercriminals who use automated tools to crack them within minutes.

However, the threat doesn’t stop at weak passwords—data breaches pose an even greater risk. When large-scale breaches occur, they often expose millions of usernames and passwords to the public. Even strong, unique passwords can be compromised if they’ve been leaked in a breach, allowing attackers to use those credentials in credential-stuffing attacks, where they attempt to log in to multiple accounts using the same exposed password.

To counteract this, it’s critical to not only set strong, unique passwords for every account but also to enable multi-factor authentication (MFA) so that even if your password falls into the wrong hands, attackers can’t access your account without a second form of verification.

How to help:

• Choose a reputable password manager that offers features like end-to-end encryption and secure password sharing.
• Set up a master password that is long, memorable, and, most importantly, not shared with any other account. A phrase like “SunsetsOverTheBeach2024!” works well because it’s strong but easy to recall.
• Help your family by reviewing their most important accounts and updating them with newly generated, complex passwords through the password manager.
• Enable MFA on your family’s most critical accounts, especially banking and financial accounts, social media accounts, and email accounts, which are often the key to resetting passwords for other services, making them a high-value target for hackers.

4. Set Up Device and Data Backups

Data loss can be catastrophic, whether it’s due to a hardware failure, theft, or ransomware attack. Setting up automatic backups ensures that your family’s important data—such as photos, videos, and documents—is safe, no matter what happens.

How to help:

• Set up automatic cloud backups for their devices, ensuring critical files are backed up regularly. Most major platforms, like Apple and Google, offer built-in cloud backup services.
• Consider using an external hard drive for an additional layer of backup.
• Walk them through how to restore files from a backup in case of data loss and emphasize the peace of mind this brings.

5. Check for Sketchy Apps and Remove Unnecessary Ones

New devices often come pre-loaded with a myriad of apps, many of which your family members may never use. Some of these could be bloatware or even pose security risks by running in the background and collecting data.

How to help:

• Go through the new device’s installed apps with your family. Uninstall any that aren’t necessary, especially those that seem unfamiliar or have poor ratings.
• Warn your family about downloading apps from unofficial app stores, which often harbor malicious software.
• Encourage them to stick to apps from trusted sources like Google Play or the Apple App Store, and show them how to check app permissions.

By helping your family with these key cybersecurity steps, you’re not just setting up their devices—you’re providing them with the tools and knowledge to stay safe online. As the digital IT hero of the holidays, you’ll empower your loved ones to enjoy their new tech with confidence, knowing their data and privacy are protected.

The post How to Be Your Family’s Digital IT Hero for the Holidays appeared first on McAfee Blog.

The security provider has elevated its warning about a vulnerability affecting firewall management interfaces after observing active exploitation