Clik here to view.
Setting Up HTTPS for Google App Engine Applications
Thursday, we posted advice on creating a custom domain name for an application developed with Google’s App Engine. In this post, we will learn how to add SSL support and force the App Engine...
View ArticleClik here to view.
‘Cat-Loving’ Mobile Ransomware Operates With Control Panel
Recently the McAfee Labs Mobile Malware Research team found a sample of ransomware for Android with botnet capabilities and a web-based control panel service. The malware is running on a legitimate...
View ArticleClik here to view.
Banload Trojan Targets Brazilians With Malware Downloads
McAfee Labs has recently encountered new variants of the Banload Trojan. Banload has been around since the last decade. This malware generally arrives on a victim’s system through a spam email...
View ArticleClik here to view.
Obfuscated Malware Discovered on Google Play
The McAfee Labs Mobile Malware Research team found early this week on Google Play a set of malware published by the developer account ValerySoftware: Each one of these apps have been downloaded and...
View ArticleClik here to view.
Bing.VC Hijacks Browsers Using Legitimate Applications
Browser hijackers are a type of malware that modifies a web browser’s settings without the user’s permission. Generally a browser hijacker injects unwanted advertising into the browser. It replaces the...
View ArticleClik here to view.
Cerber Ransomware Updates Configuration File
McAfee Labs has recently analyzed Version 2 of Cerber, one of the leading ransomware programs. Cerber infects systems via social media tricks such as spam email with malicious links or documents,...
View ArticleClik here to view.
‘Wildfire’ Ransomware Extinguished by Tool From NoMoreRansom; Unlock Files...
Intel Security and Kaspersky Lab, partners in the project NoMoreRansom, are pleased to announce today the availability of a decryption tool for victims of the Wildfire variant of ransomware. This tool...
View ArticleImprove Protection Against Cyberattacks Through Shared Threat Intelligence
At the RSA Conference 2016 in San Francisco, Chris Young, GM and SVP of Intel Security, said that one of the best ways to improve response time to attacks and overall awareness of attacks and...
View ArticleClik here to view.
Malware Hides in Installer to Avoid Detection
At McAfee Labs we recently observed various threat families using the Nullsoft Scriptable Install System (NSIS). This practice is not new, but our analysis shows that several malware families are...
View ArticleClik here to view.
Tips for Securing SSL Renegotiation
A number of Internet connections require SSL renegotiation, a Secure Sockets Layer/Transport Layer Security process that allows the changing of the details of a handshake after a connection is made...
View ArticleClik here to view.
How to: Testing Android Application Security, Part 3
One of the best ways to develop secure Android applications is to engage in penetration (pen) testing, in effect trying to break into your application just as an attacker might do. This is the third in...
View ArticleMachine Learning, the Unsung Hero in the Latest ‘Threats Report’
The story about ransomware in hospitals in our newly published McAfee Labs Threats Report: September 2016 will probably garner most of the media’s attention, but I think the most interesting story in...
View ArticleClik here to view.
The Quarterly Threats Report: What Does It Mean for You?
The latest edition of the Quarterly Threats Report (QTR) was released this week by McAfee Labs. If you’re not familiar with them, McAfee Labs is our research organization tasked with researching all...
View ArticleClik here to view.
Cryptocurrencies a Target for Cybercriminals, Part 1: the Risks of Innovation
All cryptocurrencies are a target for cybercriminals. Anywhere there is value, criminals, fraudsters, and charlatans will soon follow. Call it the Willie Sutton principle. Sutton, a famous bank robber...
View ArticleClik here to view.
Locky Ransomware Hides Inside Packed .DLL
McAfee Labs has seen a huge increase in Locky ransomware in recent months (discussed in an earlier blog). Locky is aggressively distributed via a JavaScript-based downloader sent as an attachment in...
View ArticleClik here to view.
Cryptocurrencies a Target for Cybercriminals, Part 2: Social Platforms Come Next
One target of cybercriminals is cryptocurrencies, which hold tremendous wealth but are largely anonymous. This limits the attack surface mostly to avenues requiring complex technical approaches....
View ArticleUnregulated at Any Speed: DoT’s Cybersecurity Policy for Self-Driving Cars
Despite headlines, hype, and hysteria, US government rightly chooses cybersecurity guidance over regulation. The Obama administration today unveiled its long-awaited safety policy for self-driving or...
View ArticleClik here to view.
Hardware Hack Bypasses iPhone PIN Security Counter
A security researcher from the University of Cambridge has found a way to hack the iPhone NAND memory hardware to sufficiently bypass an important security feature, allowing a brute-force attack...
View Article‘McAfee Labs Threats Report’ Examines Whether Ransomware Is Coming to a...
Delivering uninterrupted services with immediate access to information is not an easy task. Doing it with legacy systems, a fragmented workforce, and inconsistent security is a monumental job....
View Article‘McAfee Labs Threats Report’ Delves Into Dangers of Data Loss
Data is leaking out of your organization: accidentally or intentionally, by internals or externals, physically or electronically. During the past year, we have performed extensive research to identify...
View Article