Clik here to view.
Top 3 Phishing Attacks Use Similar Tricks
Phishing scams are immensely popular and we see millions of phishing messages everyday. Today we offer the top three phishing scams that attempt to steal your web mail credentials. Web Mail Scam This...
View ArticleClik here to view.
Middle-East Developer of SpyGate Struts His Stuff Online
Malware authors have a tendency to conceal themselves so that they can continue their actions uninterrupted. However, we have observed the opposite trend when some authors, who like to show their...
View ArticleWhat you need to know about the Bash Bug aka Shellshock
European security researcher Stéphane Chazelashas discovered a critical vulnerability in the command-line shell known as Bash, or GNU Bourne-again Shell, the most widely deployed shell for Unix-based...
View ArticleDealing with the Bash Bug
By Brad Antoniewicz and Raj Samani Headlines across multiple media outlets are sounding the alarm on a new vulnerability affecting Linux and Unix systems. Nicknamed “Shellshock,” the vulnerability is...
View ArticleMcAfee Founds Cyber Threat Alliance With Industry Partners
As the largest dedicated security vendor, McAfee’s goal is to help customers and consumers feel secure in the digital world. It’s certainly not simple, and it’s challenging to keep up with the bad...
View ArticleFree Mobile Apps = Compromises On User Safety?
Free mobile apps may introduce security risks that need to be addressed. While businesses need to find ways of monetizing when consumers are not ready to pay directly for using an app, monetization...
View ArticleNew Exploit of Sandworm Zero-Day Could Bypass Official Patch
Update of October 25: Some comments posted after we published this report suggest that our proof-of-concept exploit will trigger the UAC (User Account Control) on Windows. We did not observe this...
View ArticleDefence-in-depth, more than a buzzword
Beyond the relentless headlines of data breaches, credit card theft, and many other cybersecurity-related stories lies a very simple explanation. Sometimes it’s as simple as an employee clicking on a...
View ArticleClik here to view.
Chinese Trojan Hooks Macs, iPhones
“Distrust and caution are the parents of security”–Benjamin Franklin A recent threat targeting Chinese users of Mac OS X and iPhone came to light yesterday. The malware, called WireLurker, is...
View ArticleClik here to view.
Bypassing Microsoft’s Patch for the Sandworm Zero Day: a Detailed Look at the...
On October 21, we warned the public that a new exploitation method could bypass Microsoft’s official patch (MS14-060, KB3000869) for the infamous Sandworm zero-day vulnerability. As Microsoft has...
View ArticleClik here to view.
Bypassing Microsoft’s Patch for the Sandworm Zero Day: Even ‘Editing’ Can...
This is the second part of our analysis of the Sandworm OLE zero-day vulnerability and the MS14-060 patch bypass. Check out the first part here. Microsoft’s Patch From our previous analysis we’ve...
View ArticleClik here to view.
New Exploit Kits Improve Evasion Techniques
Exploit kits are toolkits that malicious developers use to take advantage of client-side vulnerabilities, targeting web browsers and programs that can be accessed through browsers. The most common...
View ArticleClik here to view.
Operation Mangal: Win32/Syndicasec Used In Targeted Attacks Against Indian...
During the last couple of months, we’ve observed several RTF exploits that target Indian organizations. The first RTF exploit was found by McAfee researchers on August 21. Subsequently, we saw multiple...
View ArticleClik here to view.
At Intel Security, Protecting Customers Takes Precedence Over Seeking Headlines
One question I often hear is “When will Intel Security (McAfee) publish a report on the latest threat?” It seems to be a hot trend today for security companies to offer reports with topics such as...
View ArticleClik here to view.
Is This Your Photo? No, It’s SMS Spam With Mobile Malware
One of the most important concerns of Internet users is privacy. For this reason one of the most effective phishing attacks is to claim that someone’s video or photo is public; thus the victim cannot...
View ArticleClik here to view.
McAfee Customers Protected from Regin Malware Since 2011
Protecting customers take precedence over seeking headlines – this was the title of a recent blog by our very own Christiaan Beek into the priorities of the team. Yet, within 72 hours we were awoken...
View ArticleClik here to view.
Behavior Analysis Stops Romanian Data-Stealing Campaign
In a recent press announcement, McAfee and Europol’s European Cyber Centre announced a cooperation of our talents to fight cybercrime. In general these joint operations are related to large malware...
View ArticleClik here to view.
McAfee Labs Threats Report Takes Another Step Forward
In September, we invited readers of the McAfee Labs Threats Report to complete a short survey and let us know what they think about the report. Here’s what we learned. Readers are most interested in...
View ArticleClik here to view.
Spyware Vendors Find New Ways to Deliver Mobile Apps
With mobile devices an essential part of our lives and privacy, we must protect that privacy against a form of mobile “spyware” that is openly sold and distributed and that threatens our privacy by...
View ArticleHow Do I Defend Against Threats in the Latest McAfee Labs Report?
McAfee Labs provides important information about threats in a variety of ways, from our McAfee Global Threat Intelligence service that feeds into many of our products, to published Threat Reports, our...
View Article