Featured Blogs
Nivdort: Data-Stealing Trojan Arrives via Spam
During the past couple of weeks, McAfee Labs has observed a huge increase in spam related to Nivdort, a malicious file...
Malicious Forums Turn Amateur Hackers Into Cybercriminals
Security researchers are aware of forums that offer downloads of malicious software such as keyloggers and remote access tools. Some inexperienced...
Targeted Ransomware No Longer a Future Threat
This post was written by Christiaan Beek and Andrew Furtak. In 2015, McAfee investigated a ransomware campaign that targeted the...
Trillium Toolkit Leads to Widespread Malware
Any aspiring cybercriminal can buy one of many malicious toolkits to craft a downloader and distribute malware. After a time these downloaders...
Macro Malware Associated With Dridex Finds New Ways to Hide
Macro malware is on the upswing and cybercriminals are always searching for new ways to deceive users and evade detection....
5G Networks Pose Cyber Risks, Opportunities
Fifth-generation networking (5G) holds the potential for a massive immersion of technology into the lives of people and businesses. It...
Report Highlights Enterprise Biometric Vulnerabilities, Opportunities
Authentication in the modern enterprise is becoming more difficult. The risks are rising, but adding more security controls can impede...
Criminals are Getting Excited for Tax Filing Season
Cybercriminals are plotting to take advantage of tax season, by fraudulently impersonating consumers and scamming Americans. For the citizens...
Cybersecurity Suffers Due to Human Resources Challenges
The cybersecurity industry is in a state of disrepair. Growing human resource problems put the efforts to secure technology at...
TeslaCrypt Ransomware Arrives via Neutrino Exploit Kit
This post was written by Sriram P. and Varadharajan Krishnasamy. TeslaCrypt is a ransomware family that encrypts files and extorts money...
Hacktivists Turn to Phishing to Fund Their Causes
At McAfee we recently observed a phishing campaign targeting Apple account holders. The link directed the user to a compromised WordPress...
W97M Downloader Serves Vawtrak Malware
McAfee Labs recently found a variant of the W97M macro malware downloader that runs the Vawtrak malware. Although W97M usually...
DHS Accelerates Information Sharing Standards Effort; McAfee to Chair Working Group
This post first appeared at Policy@Intel on March 9. In an effort to accelerate cyber information sharing, and in response...
Convergence and the Future of Cyber Security
CSE 2016 Future of Cyber Security by Matthew Rosenquist from Matthew Rosenquist The security industry is changing. Technology innovation is...
CVE-2016-0153: Microsoft Patches Possible OLE Typo
Recently McAfee Labs discovered an interesting bug in Windows’ OLE implementation, which Microsoft patched this week. Now that the patch...
Macro Malware Employs Advanced Obfuscation to Avoid Detection
Attacks by macro malware carrying ransomware are growing, as we have recently reported on Blog Central here and here. Now McAfee Labs...
CVE-2016-0018: DLL Planting Leads to a Remote Code Execution Vulnerability
DLL planting, also known as DLL side loading, is a popular attack technique today. If we take a look at...
Fake Android Update Delivers SMS, Click Fraud in Europe
McAfee Mobile Research has been monitoring a mobile malware campaign targeting users in Germany, France, and Russia since the beginning...
The Morning After: What Happens to Data Post-Breach?
This post first appeared on the security website Dark Reading. We need consumers and businesses to not simply shrug off...
Server-Side Request Forgery Takes Advantage of Vulnerable App Servers
This blog was written by Kunal Garg. Server-side request forgery is an attack in which an attacker can force a...
Current Campaign Delivers Hundreds of Thousands of Polymorphic Ransomware
You might have been getting out of bed when attackers started sending hundreds of thousands of fake invoices the morning...
Key Lessons From Verizon’s ‘2016 Data Breach Investigations Report’
The annual Data Breach Investigations Report (DBIR) is out and reinforces the value of well-established cybersecurity practices. The good folks...
Sex Sells: Looking at Android Adult Adware Apps
Advertising is one of the primary methods to generate money from mobile devices. Ads can be displayed in the browser...
Can Zealous Security Cause Harm?
Good security requires balancing risks, costs, and usability. Too much or too little of each can be unhealthy and lead...
5 Steps to Enhance Security of Cloud Applications
This blog post was written by Dileep Dasari. When you move applications to the cloud, the attack surface changes while the vulnerabilities...
Attacks on SWIFT Banking System Benefit From Insider Knowledge
In recent months, we’ve seen headlines about the compromise of a bank in Bangladesh from which cybercriminals attempted to steal...
Which Cybersecurity Data Should You Trust?
Limitations of security data We are constantly battered by cybersecurity data, reports, and marketing collateral—and we shouldn’t treat all of this...
