McAfee Labs Unlocks LeChiffre Ransomware
At McAfee Labs we recently received a low-profile ransomware called LeChiffre. Unlike ransomware that is distributed by a spam campaign or downloaded by other malware, this sample needs to be run...
View ArticleDHS Accelerates Information Sharing Standards Effort; Intel to Chair Working...
This post first appeared at Policy@Intel on March 9. In an effort to accelerate cyber information sharing, and in response to a presidential executive order, the Department of Homeland Security...
View ArticleClik here to view.
Quarterly Threat Report: What Do the Numbers Mean to Me?
Every quarter, the team at McAfee Labs releases a threat report detailing information about the latest trends in malware and cybersecurity. This “Cyber State of the Union” provides a lot of great...
View ArticleConvergence and the Future of Cyber Security
CSE 2016 Future of Cyber Security by Matthew Rosenquist from Matthew Rosenquist The security industry is changing. Technology innovation is eroding the distance between the roles and responsibilities...
View ArticleWhen It Comes To Cyberthreat Intelligence, Sharing Is Caring
This blog was originally posted at Dark Reading on March 31. Shared cyberthreat intelligence will soon be a critical component of security operations, enabling organizations to better protect their...
View ArticleClik here to view.
CVE-2016-0153: Microsoft Patches Possible OLE Typo
Recently McAfee Labs discovered an interesting bug in Windows’ OLE implementation, which Microsoft patched this week. Now that the patch is available, we can discuss this vulnerability, which resides...
View ArticleClik here to view.
Unsubscribing From Unwanted Email Carries Risks
We all receive loads of unwanted email solicitations, warnings, and advertisements. The number can be overwhelming to the point of obnoxiousness. Some days it feels like an unending barrage of...
View ArticleClik here to view.
Macro Malware Employs Advanced Obfuscation to Avoid Detection
Attacks by macro malware carrying ransomware are growing, as we have recently reported on Blog Central here and here. Now McAfee Labs researchers have witnessed a new variant of macro malware that...
View ArticleClik here to view.
Malware Takes Advantage of Windows ‘God Mode’
Microsoft Windows has hidden an Easter Egg since Windows Vista. It allows users to create a specially named folder that acts as a shortcut to Windows settings and special folders, such as control...
View ArticleClik here to view.
CVE-2016-0018: DLL Planting Leads to a Remote Code Execution Vulnerability
DLL planting, also known as DLL side loading, is a popular attack technique today. If we take a look at the list of advisories Microsoft has recently published, it is clear that a large number of...
View ArticleClik here to view.
Fake Android Update Delivers SMS, Click Fraud in Europe
Intel Security Mobile Research has been monitoring a mobile malware campaign targeting users in Germany, France, and Russia since the beginning of the year. Several users have complained in forums and...
View ArticleClik here to view.
Security Best Practices for Azure App Service Web Apps, Part 1
This post was written by Piyush Mittal. Microsoft’s Azure App Service is a fully managed Platform as a Service for developers that provides features and frameworks to quickly and easily build apps for...
View ArticleThe Morning After: What Happens to Data Post-Breach?
This post first appeared on the security website Dark Reading. We need consumers and businesses to not simply shrug off data breaches but to take active measures to protect their data. We are hopeful...
View ArticleClik here to view.
Android Malware Clicker.D!Gen Found on Google Play
Recently the Mobile Malware Research Team of Intel Security found on Google Play a new campaign of Android/Clicker.G in dozens of published malicious apps. This threat targets Russians but the apps are...
View ArticleSecurity Best Practices for Azure App Service Web Apps, Part 2
This post was written by Piyush Mittal. In our previous post on this topic, we learned how to configure custom domain names and certificates for web applications developed using Microsoft’s Azure App...
View ArticleClik here to view.
Current Campaign Delivers Hundreds of Thousands of Polymorphic Ransomware
You might have been getting out of bed when attackers started sending hundreds of thousands of fake invoices the morning of April 27. Between 5:45 am and 11 am Pacific time, the first phase of the...
View ArticleClik here to view.
Server-Side Request Forgery Takes Advantage of Vulnerable App Servers
Server-side request forgery is an attack in which an attacker can force a vulnerable server to trigger malicious requests to third-party servers and or to internal resources. This vulnerability can...
View ArticleClik here to view.
Key Lessons From Verizon’s ‘2016 Data Breach Investigations Report’
The annual Data Breach Investigations Report (DBIR) is out and reinforces the value of well-established cybersecurity practices. The good folks at Verizon have once again published one of the most...
View ArticleClik here to view.
Sex Sells: Looking at Android Adult Adware Apps
Advertising is one of the primary methods to generate money from mobile devices. Ads can be displayed in the browser when you visit a specific website or can appear in free apps. In the case of mobile...
View ArticleClik here to view.
Can Zealous Security Cause Harm?
Good security requires balancing risks, costs, and usability. Too much or too little of each can be unhealthy and lead to unintended consequences. We are entering an era where the risks of connected...
View Article