Water-Cooler Talk

When McAfee acquired Secure Computing, we pretty much all suspected Dave DeWalt was putting lipstick on his pig in an attempt to create a liquidity event for himself.  You could see a lack of integration and R&D investment from the start... much less an understanding of Network Security.  Poor Intel is now stuck holding the goods.  Case in point:

- Current MS Word Document making it's way around the Internet as of 1 hour ago and phoning home to Mother Russia per this Forcepoint Sandbox Report.

- As you'll note in the above report, the outbound call is detected in real-time by Forcepoint as a generic threat:

- What is the threat?  The Forcepoint ACE Engine identifies it as a Dropper File:

- What does Intel/McAfee think about the site?  It's a Shopping site with Minimal Risk from their perspective:

Need help in ripping out your McAfee solution for a true single pane of glass?  Connect w/ESPO Systems and request a free consultation. 

Own Your Network Security?

Cisco has recently changed their Marketing to correspond with their change of leadership/CEO.  Lets test out their current "own your network security" mantra:

1. Microsoft Word documents are propagating across the Internet with malicious macros.  If your users have opened it, they would have seen this:

2. If your users enabled editing (the macro), unbeknownst to them, they would have initiated an outbound HTTP connection to this site in Germany:

3. Question - Would Cisco have enabled you to own your security... or been owned?  Based on what we see below, it looks like you are owned:

In summary, our work can be double checked via this Forcepoint File Sandbox Report.  If you agree with our conclusions, it's likely time to discuss how you can improve your Security Controls.  Learn more about our Forcepoint Services here.