Computer security firm McAfee has filed for an initial public offering (IPO) on the NASDAQ market in a move that could see Intel totally divest itself of the company it acquired in 2010. 
Enterprise IT companies have been dominating IPOs in 2020 and McAfeee hopes that the market’s enthusiasm for IT companies will extend to its offering. It is looking to raise capital at around $8 billion valuation but it could go higher.
Intel acquired McAfee for a record $7.7 billion 10 years ago as former Intel CEO Paul Otellinni initiated a strategy to improve enterprise security across hardware and software. 
However, Intel struggled to integrate the company —  renamed as Intel Security — and decided to spin it out under the original McAfee name. In April 2017 Intel sold a 51% stake to TPG Capital at a $4.2 billion valuation — losing nearly half its initial value.  
Intel could regain some of its losses if the IPO does well. The recent Snowflake IPO was expected to start trading at around $75 to $85 but the IT cloud firm started trading at $245 a share before finishing its opening day at $120. Snowflake’s bankers were criticized for leaving too much money on the table by mispricing demand for the shares.
McAfee’s revenues for 2019 were $2.64 billion up 9.4 percent from $2.41 billion in 2018.
McAfee has been acquiring smaller cybersecurity companies to strengthen its portfolio of products and services. It will trade under the ticker symbol $MCFE.

Tech Earnings More

Image: SIgnal
Phone scanning and data extraction company Cellebrite is facing the prospect of app makers being able to hack back at the tool, after Signal revealed it was possible to gain arbitrary code execution through its tools. Cellebrite tools are used to pull data out of phones the user has in their possession.”By including a specially formatted but otherwise innocuous file in an app on a device that is then scanned by Cellebrite, it’s possible to execute code that modifies not just the Cellebrite report being created in that scan, but also all previous and future generated Cellebrite reports from all previously scanned devices and all future scanned devices in any arbitrary way (inserting or removing text, email, photos, contacts, files, or any other data), with no detectable timestamp changes or checksum failures,” Signal CEO Moxie Marlinspike wrote.”This could even be done at random, and would seriously call the data integrity of Cellebrite’s reports into question.” Usually, when vulnerabilities of this type are found, the issue is disclosed to the maker of the software to fix, but since Cellebrite makes a living from undisclosed vulnerabilities, Marlinspike raised the stakes. “We are of course willing to responsibly disclose the specific vulnerabilities we know about to Cellebrite if they do the same for all the vulnerabilities they use in their physical extraction and other services to their respective vendors, now and in the future,” he said. The Signal CEO said that Cellebrite contains “many opportunities for exploitation” and he thought they should have been more careful when creating the tool.

For instance, Cellebrite bundles FFmpeg DLLs from 2012. Since that year, FFmpeg has had almost 230 vulnerabilities reported. Marlinspike also pointed out that Cellebrite is bundling two installers from Apple to allow the tools to extract data when an iOS device is used. “It seems unlikely to us that Apple has granted Cellebrite a license to redistribute and incorporate Apple DLLs in its own product, so this might present a legal risk for Cellebrite and its users,” he said. In a video dripping with references to the movie Hackers, Marlinspike showed an exploit in action, before rattling a sabre in the direction of Cellebrite. “In completely unrelated news, upcoming versions of Signal will be periodically fetching files to place in app storage. These files are never used for anything inside Signal and never interact with Signal software or data, but they look nice, and aesthetics are important in software,” he said. “We have a few different versions of files that we think are aesthetically pleasing, and will iterate through those slowly over time. There is no other significance to these files.” Marlinspike said he was incredibly lucky to have found a Cellebrite tool package laying on the ground while going for a walk. In December, Marlinspike lashed out at Cellebrite claims that it could crack Signal’s encryption. “Cellebrite posted something with a lot of detail, then quickly took it down and replaced it with something that has no detail,” Marlinspike wrote at the time. “This is not because they ‘revealed’ anything about some super advanced technique they have developed (remember, this is a situation where someone could just open the app and look at the messages). They took it down for the exact opposite reason: it made them look bad. “Articles about this post would have been more appropriately titled ‘Cellebrite accidentally reveals that their technical abilities are as bankrupt as their function in the world.'” Related Coverage More

Lance Whitney/ZDNETGoogle today uses Play Protect to scan your Android device for malicious or suspicious apps, but nasty and clever apps can still sneak past and infect your device with malware or spyware. Now, a new option possibly coming to Android 15 or a future version of the OS will try to quarantine potentially hostile apps.Spotted and tested by Android Authority writer Mishaal Rahman, the app quarantining feature first popped up in Android 14 QPR2 Beta 1 in November 2023. This suggests that Google started testing the feature in an Android 14 beta with potential plans to roll it out in Android 15 or beyond.Unfortunately, Google has pulled the developer page for “Quarantined Apps,” according to Rahman. While the setting that would support app quarantining at the OS level still exists, there’s not even a command line option to quarantine an app. Furthermore, neither the Google Play Store nor Google Play Services apps request any type of permissions for app quarantining.Also: The top six Android 15 features I’m most excited aboutAs such, Rahman speculates that the feature may not appear in Android 15, but a future release instead. Regardless of the timing, here’s how the feature would work, based on Rahman’s early testing.Quarantining an app would be similar to suspending it, which is how Google’s Digital Wellbeing tool prevents you from using an app as a way to avoid distractions. A quarantined app would still be visible on the home screen launcher and in the Settings screen on your Android device, but certain aspects or features would be disabled. More

Remote working has put people at risk of being targeted by cyber criminals because home networks are rarely set up with enterprise-level security in mind. But a new tool could give home workers the same protections against cyberattacks as they’re used to in the office.
The UK’s National Cyber Security Centre’s (NCSC) Protective Domain Name Service (PDNS) has been active since 2017, helping to keep public sector workers as safe as possible from cyberattacks – and now there’s a version for remote workers.

More on privacy

PDNS is designed to stop the use of DNS for spreading and operating malware, ransomware and other cyber threats by preventing the browser from finding websites that have been identified as malicious – ultimately, if you’re working from a public sector building, your computer is protected by PDNS.
SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)
However, the COVID-19 pandemic forced many employers to send their their employees to work from home and the public sector is no different in that regard, with remote working suddenly becoming the new norm.
That meant that government employees suddenly found themselves outside of protected networks and more vulnerable to hackers and malware because they’re not protected by PDNS at home – so their networks could find and connect to malicious sites if the user was exposed to one.
With this in mind, the NCSC – in partnership with Nominet – released a free tool that enables remote workers across the public sector to stay safe with PDNS from home.

The PDNS Digital Roaming application for Windows 10 detects when a device is being used outside of an enterprise network and redirects DNS traffic to PDNS using an encrypted DNS over HTTPS (DoH) protocol. It offers users the same protections against malware and other cyber threats as they’d have when connecting from the corporate network.
SEE: How do we stop cyber weapons from getting out of control?
PDNS Digital Roaming is available to all public sector staff, even if they weren’t using it on enterprise networks previously. The NCSC notes that PDNS isn’t a VPN but a “lightweight application” that encrypts and redirects DNS traffic to keep users safe.
“By installing it on their device, staff can ensure that their DNS traffic is being directed to the PDNS and is thus protected by this innovative service,” said David Carroll, MD of Nominet’s NTX Cyber division.
“Solutions like the PDNS help to secure the critical infrastructure that our nation relies on, the organisations that house our most personal records, and the institutions that we turn to in our hours of most need,” he added.
MORE ON CYBERSECURITY More

Deloitte has made another acquisition in the cybersecurity space, announcing Tuesday that it has scooped up Baltimore-based digital risk protection company Terbium Labs. The tax and auditing giant said Terbium Labs’ services — which include a digital risk protection platform that aims to helps organizations detect and remediate data exposure, theft, or misuse — will join Deloitte’s cyber practice and bolster its Detect & Respond offering suite.

Terbium Labs’ digital risk platform leverages AI, machine learning, and patented data fingerprinting technologies to identify illicit use of sensitive data online. Deloitte said that adding the Terbium Labs business to its portfolio would enable the company to offer clients another way to continuously monitor for data exposed on the open, deep, or dark web.”Finding sensitive or proprietary data once it leaves an organization’s perimeter can be extremely challenging,” said Kieran Norton, Deloitte Risk & Financial Advisory’s infrastructure solution leader, and principal. “Advanced cyber threat intelligence, paired with remediation of data risk exposure requires a balance of advanced technology, keen understanding of regulatory compliance and fine-tuning with an organization’s business needs and risk profile.” Terbium Labs is Deloitte’s third cyber-related acquisition in 2021 as the company aims to bolster its existing cybersecurity offerings that aid clients in threat management and intelligence. Deloitte previously bought cyber threat hunting provider Root9B and cloud security posture management provider CloudQuest. Deloitte stands as one of the largest private companies in the US, selling tax, auditing, consulting, and cybersecurity advisory services to major governments and large Fortune 500 multinationals. The financial terms of the Terbium Labs deal were not disclosed.

Digital transformation More