Clik here to view.
Automatic App Installation from Google Play Poses Big Risk
Android users usually download and install applications from the Google Play store through several interactions with the service–including viewing the app’s description and granting permission requests...
View ArticleClik here to view.
McAfee Cyber Defense Center Zooms In on Middle East
From McAfee’s first Cyber Defense Center (CDC) in Dubai, we closely monitor threats and activities in Europe and the Middle East. Since the Center’s official launch in September 2013, we have seen...
View ArticleClik here to view.
Welcome to the New McAfee Labs Quarterly Threats Report
Starting with the McAfee Labs Threats Report: Fourth Quarter 2013 posted today, we’re taking a fresh approach to its format, content, and supporting materials. We had several things in mind when...
View ArticleClik here to view.
Timeline of Bitcoin Events Demonstrates Online Currency’s Volatility
The buzz about Bitcoin has moved from online circles to mainstream media sources. Last week’s news of the collapse of exchange Mt. Gox got more play than in just the business section. Everyone seems to...
View ArticleClik here to view.
Threats Timeline Tracks Recent Security Breaches
As a supplement to the latest McAfee Labs Threats Report, published this week, we offer this timeline of leading threats that made news in the fourth quarter of 2013. October 3: Adobe reports...
View ArticleClik here to view.
Analyzing the Uroburos PatchGuard Bypass
A few weeks ago G Data Software released a report detailing alleged intelligence agency software. Following the release of that report, BAE Systems published a whitepaper further describing the threat....
View ArticleClik here to view.
Anonymous, Syrian Electronic Army Lead Recent Hacktivist Actions
As a supplement to the latest McAfee Labs Threats Report, published this week, we offer this timeline of leading hacktivist activities that made news in the fourth quarter of 2013. October 3:...
View ArticleClik here to view.
Product Coverage and Mitigation for CVE-2014-1761 (Microsoft Word)
On March 24, Microsoft released Security Advisory 2953095 for Microsoft Word. In-the-wild exploitation of this vulnerability has been observed across limited, targeted attacks. The flaw is a...
View ArticleClik here to view.
Search for Lost Malaysian Airliner Can Lead to Adware
Developers of malware and potentially unwanted programs (PUPs) often prey on our curiosity using social engineering methods to get our attention. A recent case is a video that has become popular on...
View ArticleClik here to view.
Suspicious Mobile App Finds Your Gmail, Facebook, and Twitter Accounts
Today many people use multiple web services, such as social networking and messaging services. Some users explicitly show their identity in these services, but others visit those services separately–as...
View ArticleClik here to view.
Android Trojan Targets Cuba
Cuba has been described as the least connected country in the Western Hemisphere. With trade embargoes limiting the import of new technologies and tight restrictions controlling the usage of the...
View ArticleClik here to view.
Trojan Hides in ROM of Chinese Android Devices
In China, some mobile phone geeks like to refresh their Android machines with images from the Internet. For some mobile phone dealers, this makes good business. They can earn extra money from...
View ArticleClik here to view.
RTF Attack Takes Advantage of Multiple Exploits
This is a joint analysis by Haifei Li, Stanley Zhu, and Jun Xie of McAfee Labs Recently, the rich text format has provoked new interest in the security industry due to a critical RTF zero-day...
View ArticleClik here to view.
A Close Look at RTF Zero-Day Attack CVE-2014-1761 Shows Sophistication of...
A serious RTF zero-day attack has struck recently. McAfee detection solutions were provided a couple of days ago that allowed us to spot in-the-wild attacks. We detected this exploit on Wednesday....
View ArticleClik here to view.
Zbot Botnet Steals Thousands of Credentials
In McAfee Labs we keep a close eye on the Zeus/Zbot/Gamover botnet malware that is responsible of thousands of samples we gather each day. The following graph shows the total number of Zbot samples...
View ArticleClik here to view.
‘Heartbleed’ Vulnerability Opens the Door to SSL Heartbeat Exploits
Update: 4/11/2014 McAfee’s Heartbleed Test tool has been posted and enables users to test sites for the presence of this vulnerability. ———- A recent vulnerability in OpenSSL is causing quite a stir....
View ArticleClik here to view.
iDroid Bot for Sale Taps Into Mobile Wallets
During recent weeks we’ve seen a new botnet kit advertised in several Russian forums. The iDroidbot costs US$1,500 and targets phones running iOS 7.1 and earlier, as well as Android 2.2 and later. The...
View ArticleClik here to view.
iBanking Mobile Trojan Poses as Facebook Token Generator
Mobile banking Trojans have usually pretended to be security applications (for example, Zitmo) or legitimate banking apps (FakeToken or FkSite a.k.a. Perkele) to trick users into installing the...
View ArticleCybercrime Report: Getting Paid and Getting Away With It
Money acts as one of the key drivers for cybercrime. Add to this cybercrime’s lower risk than traditional crime, and there is little wonder that we are witnessing the evolution of crime to the digital...
View ArticleProduct Coverage and Mitigation for CVE-2014-1776 (Microsoft Internet Explorer)
On April 26, Microsoft released Security Advisory 2963983 for Microsoft Internet Explorer. In-the-wild exploitation of this vulnerability has been observed across limited, targeted attacks. The flaw is...
View Article