Overcoming Targeted Attacks: A New Approach
Successful targeted attacks bypass security controls and typically cause significant damage to an enterprise. Damages may include reputation, monetary, and intellectual property losses. Many attacks...
View ArticleClik here to view.
Rovnix Downloader Updated with SinkHole and Time Checks
McAfee Labs has found that the latest Rovnix downloader now comes with the capability to check for the sinkholing of its control servers. This relatively new technique makes it difficult to detect the...
View ArticleMcAfee Labs Threat Report Identifies New Mobile Banking, Macro, and Fileless...
The cyber threat landscape often combines something old, something new, something blundered, and something “you.” The third quarter of 2015 provides examples of old threat types repackaged with new...
View ArticlePoor Mobile App Back-End Security Coding Puts Consumer Info at Risk
Mobile apps are convenient and easy to use, but sometimes the developers do not put enough focus on the back end. Big Internet companies, such as Amazon, Facebook, and Google, provide back-end services...
View ArticleMalware Macros Are Back! Social Engineering Drives Macro Malware Levels to...
“Warning: This document contains macros.” A familiar message from the 1990s is back, as attackers find new ways to get people to open documents containing macro malware. This updated threat is targeted...
View ArticleDetecting the Undetectable: The growing sophistication of fileless attacks
Attackers are constantly looking for new ways to evade detection. New malware techniques take advantage of operating system features to inject malicious code into memory or the operating system...
View ArticleClik here to view.
Blockchain Transactions Create Risks for Financial Services
This post was written by Raj Samani and Christiaan Beek of Intel Security, and Shane D. Shook, PhD. Trust is the most valuable commodity in the digital age. Failure to trust the systems or...
View ArticleClik here to view.
SMS Phishing Campaign Spreads in China
Phishing messages and fake websites for stealing users’ credentials are a common occurrence. Recently, however, mobile banking users in China are facing a new wrinkle: phishing texts that appear to...
View ArticleClik here to view.
New TeslaCrypt Ransomware Arrives via Spam
During the last couple of weeks, McAfee Labs has observed a huge increase in spam related to Nemucod, a malicious JavaScript that usually arrives as a .zip attachment and tries to download other...
View ArticleSecurity Predictions for 2016: January #SecChat
The New Year is finally here, bringing with it a bevy of new (and some not-so-new) cybersecurity threats. Ransomware authors are enjoying commercial success with new “as-a-service” models, while...
View ArticleClik here to view.
Typosquatting Attacks Alive and Well–Unfortunately
Typosquatting doesn’t get the attention that it used to, but it remains an effective means for attackers to capitalize on unsuspecting users. Of course, the most effective instances are those that...
View ArticleUpdated BlackEnergy Trojan Grows More Powerful
This post was written by Raj Samani and Christiaan Beek of Intel Security. In late December, a cyberattack caused a power outage in the Ukraine, plunging hundreds of thousands of citizens into darkness...
View ArticleClik here to view.
File-Hosting Site Turns Your File Into Adware
This post was written by Oliver Devane and Mohinder Gill of Intel Security. We recently received a sample from a customer and upon initial analysis it looked like a bundled software installer. Upon...
View ArticleJanuary #SecChat Recap: What Will 2016 Bring for Cybersecurity?
The cybersecurity sector is continually evolving, with new changes affecting the way information is traded and protected. Now that 2016 is in full swing, it’s time to start looking forward to which...
View ArticleClik here to view.
A Case of Mistaken Identity? The Role of BlackEnergy in Ukrainian Power Grid...
Coauthored by Raj Samani, Chief Technology Officer of Intel Security’s Europe, Middle East, and Africa division Recent reports of electricity outages across the Ukraine has led to significant...
View ArticleClik here to view.
HydraCrypt Variant of Ransomware Distributed by Angler Exploit Kit
This post was written with Diwakar Dinkar. McAfee Labs recently came across the new ransomware variant HydraCrypt. Like some previous ransomware variants, HydraCrypt is distributed using the Angler...
View ArticleRansomware Targets Healthcare Sector
When we develop threats predictions at Intel Security, I personally like to conduct some proper research and base my statements on indicators of what we have seen in the field and what we believe will...
View ArticleClik here to view.
Clever Phishing Attacks Target Google, Yahoo, DHL Customers
Last week McAfee Labs received a phishing page that efficiently uses the CSS format of the Gmail login page and appears to be a legitimate Gmail page. When we opened the malformed HTML file we...
View ArticleDoes Anyone Really Care About Mobile Security?
I’ve attended Mobile World Congress a number of times and it is fair to say the concept of the show has evolved over the years. Previously, when someone said “mobile” we thought of physical handsets;...
View ArticleClik here to view.
Intel Security Wins 2015 AV-TEST Award for Best Usability
On February 17, AV-TEST CEO Guido Habicht announced that Intel Security was awarded the AV-TEST BEST USABILITY 2015 AWARD for McAfee Endpoint Security (Versions 8.8 and 10.0). This award is given...
View Article