Featured Blogs
Trillium Exploit Kit Update Offers ‘Security Tips’
McAfee Labs has previously blogged about the Trillium Exploit Kit Version 3.0, which is commonly used to create and distribute malware....
Trillium Toolkit Leads to Widespread Malware
Any aspiring cybercriminal can buy one of many malicious toolkits to craft a downloader and distribute malware. After a time these downloaders...
Triton Malware Spearheads Latest Attacks on Industrial Systems
Malware that attacks industrial control systems (ICS), such as the Stuxnet campaign in 2010, is a serious threat. This class of cyber sabotage can spy on, disrupt, or destroy systems that manage large-scale industrial processes. An essential danger in this threat is that it moves from mere digital damage to ...
Trojan Hides in ROM of Chinese Android Devices
In China, some mobile phone geeks like to refresh their Android machines with images from the Internet. For some mobile...
Trojanized Photo App on Google Play Signs Up Users for Premium Services
Mobile apps usually have names that give some indication of their function. In one recent case, however, we found a...
Trojanized Pokémon GO Android App Found in the Wild
Pokémon GO is a new mobile game that allows fans to “catch” Pokemons in the real world using augmented reality...
Trojanized Propaganda App Uses Twitter to Infect, Spy on Sympathizers
The Mobile Malware Research Team of McAfee has discovered in recent weeks a number of new threats in the Middle...
Trust Is the Most Valuable Asset
The most valuable asset for actors in cyberspace is trust. It is an important ingredient in successful business operations as...
Turkish ‘Delete Virus’ Targets Facebook Users
Facebook continues to be a favorite target for attackers to spread fake wall-post messages or fake scams. Most of the...
Turkish Instagram Password Stealers Found on Google Play
McAfee’s mobile malware research team has found several Instagram password stealers on the Google Play store. (Google has since removed...
Twitter Accounts of US Media Under Attack by Large Campaign
A previously reported campaign purportedly carried out by Turkish hacker group “Ayyildiz Tim” targeting high-profile, verified Twitter accounts with the purpose of spreading Turkish political propaganda appears to have escalated within the last 24 hours. McAfee Advanced Threat Research has investigated the new events and discovered the following.
Two Pink Lines
Depending on your life experiences, the phrase (or country song by Eric Church) “two pink lines” may bring up a...
Typosquatting Attacks Alive and Well–Unfortunately
Typosquatting doesn’t get the attention that it used to, but it remains an effective means for attackers to capitalize on unsuspecting...
U.S. Battleground County Website Security Survey
Today McAfee released the results of a survey of county websites and county election administration websites in the 13 states...
Unfolding the Mystery of Cerber Ransomware’s Random File Extension
This blog post was written by Sudhanshu Dubey. In an earlier blog, we discussed the evolution of the popular Cerber...
Unintended Clipboard Paste Function in Windows 10 Leads to Information Leak in RS1
The McAfee Labs Advanced Threat Research team has been investigating the Windows 10 platform. We have submitted several vulnerabilities already...
Unmasking AsyncRAT New Infection Chain
Authored by Lakshya Mathur & Vignesh Dhatchanamoorthy AsyncRAT, short for “Asynchronous Remote Access Trojan,” is a sophisticated piece of malware...
Unregulated at Any Speed: DoT’s Cybersecurity Policy for Self-Driving Cars
Despite headlines, hype, and hysteria, US government rightly chooses cybersecurity guidance over regulation. The Obama administration today unveiled its long-awaited...
Unsubscribing From Unwanted Email Carries Risks
We all receive loads of unwanted email solicitations, warnings, and advertisements. The number can be overwhelming to the point...
Update on the Beebone Botnet Takedown
On April 8, the takedown operation for the polymorphic botnet known as Beebone successfully concluded. This action redirected traffic from...
Update: NGRBot Posing as Skype Drops Ransomware With Fake McAfee Logo
This blog was updated on October 15. See the end of this file. We recently received a sample of the...
Updated BlackEnergy Trojan Grows More Powerful
In late December, a cyberattack caused a power outage in the Ukraine, plunging hundreds of thousands of citizens into darkness...
Using Expert Rules in ENS to Prevent Malicious Exploits
Expert Rules are text-based custom rules that can be created in the Exploit Prevention policy in ENS Threat Prevention. Learn more about which threats they can help block.
Variant of Pony Botnet Pickpockets Bitcoin Users
Last month the Pony Botnet became a household name when it was revealed that it had stolen more than two...
VaultCrypt Ransomware Hides Its Traces While Stealing Web Credentials
Since the beginning of the year we have seen a spike in ransomware including the emergence of new ransomware families....
Verizon Report Foreshadows Breaches Originating With IoT Devices
This blog post was written by Rick Simon. Today, Verizon released its 2015 Data Breach Investigations Report (DBIR). As Verizon...
Vertexnet Botnet Hides Behind AutoIt
Recently we found some new malware samples using AutoIt to hide themselves. On further analysis we found that those sample...
