Featured Blogs
New Exploit of Sandworm Zero-Day Could Bypass Official Patch
Update of October 25: Some comments posted after we published this report suggest that our proof-of-concept exploit will trigger the...
Chinese Trojan Hooks Macs, iPhones
“Distrust and caution are the parents of security”–Benjamin Franklin A recent threat targeting Chinese users of Mac OS X and...
Bypassing Microsoft’s Patch for the Sandworm Zero Day, the Root Cause
On October 21, we warned the public that a new exploitation method could bypass Microsoft’s official patch (MS14-060, KB3000869) for...
Exploit Kits Improve Evasion Techniques
Exploit kits are toolkits that malicious developers use to take advantage of client-side vulnerabilities, targeting web browsers and programs that...
Win32/Syndicasec Used In Targeted Attacks Against Indian Organizations
During the last couple of months, we’ve observed several RTF exploits that target Indian organizations. The first RTF exploit was...
At McAfee, Protecting Customers Takes Precedence Over Seeking Headlines
One question I often hear is “When will McAfee publish a report on the latest threat?” It seems to be...
Is This Your Photo? No, It’s SMS Spam With Mobile Malware
One of the most important concerns of Internet users is privacy. For this reason one of the most effective phishing...
InstallCube: How Russian Programmers Turn Adware Into Cash
We often observe applications bundled with ad-displaying programs to generate revenue for those products. These are not necessarily unethical, but...
McAfee Adds Flash Exploit Detection to NSP 8.2
Adobe Flash vulnerabilities and exploits have worried users and security professionals for many years. The situation today remains serious. A...
Slow File Infector Spies on Victims
Sourabh Kadam contributed to this blog. In the middle of 2012 McAfee Labs observed the complex malware XDocCrypt infecting documents,...
Apps Sending Plain HTTP Put Personal Data at Risk
At the AVAR Conference in November 2014, McAfee Labs presented how to exploit a cross-site scripting vulnerability of the Costco...
The Rise of Backdoor-FCKQ (CTB-Locker)
By Raj Samani (@Raj_Samani) and Christiaan Beek (@ChristiaanBeek) In the McAfee Labs Threats Report published in November 2014, Senior Vice...
Steamstealer Attacks Victims via Chat
During the last few months, McAfee Labs has seen an increase in Steamstealer samples. The following chart shows the recent...
Amazon Gift Card Malware Spreading via SMS
McAfee Labs recently published its Hacking the Human OS report, which details a number of ways in which cybercriminals rely...
Attacks On Indian Organizations Continue – More Exploits Focused On Events
In November last year, McAfee Labs researchers reported about Operation Mangal, an ongoing targeted attack campaign against several Indian domestic...
Teslacrypt Joins Ransomware Field
A newly crafted ransomware, Teslacrypt, has arrived in the malware genre that encrypts user files using AES encryption and demands...
POS Malware Uses Time-Stamp Check to Evade Detection
This blog post was written by Kumaraguru Velmurugan. Point of sale (POS) attacks appear to have gained in popularity during...
Takedown Stops Polymorphic Botnet
Several global law enforcement agencies—with assistance from McAfee —this week successfully dismantled the “Beebone” botnet behind a polymorphic worm known...
