Featured Blogs
McAfee Labs Detects Zero-Day Exploit Targeting Microsoft Office
Last Thursday morning (October 31), our Advanced Exploit Detection System (AEDS), which we discussed in an earlier post, detected a...
Periodic Connections to Control Server Offer New Way to Detect Botnets
A number of recent botnets and advanced threats use HTTP as their primary communications channel with their control servers. McAfee...
Quarian Group Targets Victims With Spearphishing Attacks
This blog post was written by Rahul Mohandas. The current generation of targeted attacks are getting more sophisticated and evasive....
Hacking Summit Names Nations With Cyberwarfare Capabilities
In 2009, I read with great interest a paper published in the Journal of International Security Affairs titled The Art...
Ramnit Malware Creates FTP Network From Victims’ Computers
This blog post was written by Vikas Taneja. The Ramnit worm appeared in 2010. Within a year more than eight...
Vertexnet Botnet Hides Behind AutoIt
Recently we found some new malware samples using AutoIt to hide themselves. On further analysis we found that those sample...
Andromeda Botnet Hides Behind AutoIt
Last month, I posted a blog about an increase in the use of AutoIt scripts by malware authors to carry...
Cidox Trojan Spoofs HTTP Host Header to Avoid Detection
Lately, we have seen a good number of samples generating some interesting network traffic through our automated framework. The HTTP...
Android App Contains Windows Worm
When developers are unaware of security they open the door to threats against their customers and users. We are not...
Java Back Door Acts as Bot
The current threat landscape is often driven by web-based malware and exploit kits that are regularly updated with newly found...
Bitcoin Miners Use AutoIt-Complied Programs With Antianalysis Code
Last year, my colleague Itai Liba blogged about the association between malware and AutoIt, a very convenient environment for malware...
Japanese One-Click Scammers Abuse Mobile Traffic Exchange Service
McAfee has been monitoring and reporting extensively on one-click-fraud malware for Android in Japan this year. These attacks, primarily on...
Introducing App Reputation for Android Apps
McAfee has always been in the forefront of finding new ways to secure our customers against threats and risks posed...
Android Master-Key Malware Already Blocked by McAfee Mobile Security
The Android Master Key vulnerability, which was first reported by BlueBox Security, has been big news this month. McAfee explained...
Malware Manipulates Procedure Prologue and Epilogue to Evade Security
Techniques used by malware developers to evade detection by security software have changed drastically in recent years. Encryption, packers, wrappers,...
Adult Voice-Service Apps on Google Play Japan Charge Users Without Notice
McAfee has reported on increasing fraudulent Android applications on Google Play in Japan this year, including one-click fraud applications and...
New Zero-Day Attack Copies Earlier Flash Exploitation
Late on July 10, Microsoft released a blog post disclosing that they were aware of a zero-day attack in the...
Styx Exploit Kit Takes Advantage of Vulnerabilities
Web-based malware has increased over the last few years due to an abrupt spike in new exploit kits. These kits...
Mobile Malware Plays Hide and Seek
Android/Obad.A is mobile malware that has been described as very complex. Truly it is one of the most complex we’ve...
Syrian Crisis Reminds Us to Beware of ‘Charity’ Scams
The dismal situation in Syria has gained considerable sympathy in the rest of the world. Unfortunately, playing on our emotions...
Fraudulent Adult Dating Services Turn 10 Years Old, Still Evolving
McAfee Mobile Research monitors adult one-click-fraud applications on Google Play that are targeted at Japanese users. Although the attackers appeared...
Phishing Attack Replaces Android Banking Apps With Malware
Mobile devices are also increasingly being used to manage a critical and important asset for all of us: our money....
Delving Deeply Into a Bitcoin Botnet
Bitcoin is a virtual decentralized currency that was created in 2009 by developer Satoshi Nakamoto, who described the currency in...
Bank Account Logins for Sale, Courtesy of Citadel Botnet
Financial theft is one of the most lucrative forms of cybercrime. Malware authors continue to deliver sophisticated tools and techniques...
Travnet Botnet Controls Victims With Remote Admin Tool
The malicious binary behind the Travnet botnet has been updated. The new code has a new compression algorithm, steals the...
Emerging ‘Stack Pivoting’ Exploits Bypass Common Security
[This blog was primarily written by Xiaoning Li of McAfee Labs, with assistance from Peter Szor of McAfee Labs.] In...
Tracking PDF Usage Poses a Security Problem
Update on May 2 Adobe has confirmed this vulnerability and has scheduled a patch release for May 14. Looking...
