Featured Blogs
Android Phones Vulnerable to Loss of Data, Apps
Recently security researcher Ravi Borgaonkar discussed a vulnerability that caused a Samsung Galaxy SIII to return to a factory reset...
NGRBot Spreads Via Chat
NGRBot is a worm that propagates through chat messengers, the Internet Relay Chat channel, social networking sites etc. It steals...
‘Police Ransomware’ Preys on Guilty Consciences
“Police ransomware” is big business, generating millions of euros for organized criminal groups. In May, at Europol’s headquarters in The...
Facebook Bot Spreads Through Chat Messengers [Updated]
Update from Facebook: The Facebook security team been actively tracking this botnet and providing McAfee AV to the victims (via...
AutoIt and Malware: What’s the Connection?
During the last couple of weeks I’ve come across three malware samples packed using compiled AutoIt scripts, so I decided...
Combating Malware and Advanced Persistent Threats
In the past decade, the security industry has seen a constant rise in the volume of malware and attacks associated...
Operation High Roller Raises Financial Fraud Stakes
Earlier today Guardian Analytics and McAfee released the joint report “Dissecting Operation High Roller,” which describes a new breed of...
‘Bioskits’ Join Ranks of Stealth Malware
We have seen many discussions of the MyBios “Bioskit” discovered at the end of 2011. MyBios was the first malware...
Spreading the Flame: Skywiper Employs ‘Windows Update’
Microsoft has issued Security Advisory 2718704, in which the company disclosed that it recently became aware of the Flamer/Skywiper threat,...
Jumping Into the Flames of Skywiper
There has been quite a bit of analysis and speculation about the Flamer/Skywiper threat. As we started to analyze this...
Evolution of Android Malware: IRCBot Joins the Party
We all know how fast the smart phone market is growing. Along with it, the complexity and the numbers of...
‘Android/NotCompatible’ Looks Like Piece of PC Botnet
A lot of recent attacks on Android users are attributed to fake websites of popular applications such as Cut the...
Pastebin Shares Botnet Source Code
Few days back, we found another Pastebin entry that contains a source which looks to be malicious botnet code. As...
CVE-2012-0158 Exploit in the Wild
Since last week, we have seen many specially crafted files exploiting CVE-2012-0158, a vulnerability in MSCOMCTL.OCX in Microsoft Office and...
Latest SpyEye Botnet Active and Cheaper
On April 16, we found a Pastebin entry selling the latest version of the infamous SpyEye botnet (Version 1.3.48) for...
Digging Into the Nitol DDoS Botnet
Nitol is a distributed denial of service (DDoS) botnet that seems to be small and not widely known. It mostly...
Hacker Leaves Online Trail, Loses Anonymity
Since March 20, the @Anonw0rmer Twitter account has been silent. Its owner, w0rmer, is known as a member of the...
Android Malware Promises Video While Stealing Contacts
Recently we discovered a new Android Trojan in the official Google Play market that displays a video downloaded from the...
Darkshell DDOS Botnet Evolves With Variants
Darkshell is a distributed denial of service (DDoS) botnet targeting Chinese websites. It was found in 2011 and was first...
Android Malware Pairs Man-in-the-Middle With Remote-Controlled Banking Trojan
Based on the Android malware that we’ve seen so far, one of the principal motivations to develop and spread malware...
Google Code Projects Host Android Malware
[March 1: See update at end] Google Code is a well-known platform that provides a collaborative environment for developers working...
Android DIY DoS App Boosts Hacktivism in South America
Hacktivism has become very popular in recent years; one of its leading agents is the online community Anonymous. Hacktivist groups...
Networked Printers at Risk
Multifunction printers (MFPs) have been common in offices for years. They let employees print, scan, and copy documents. Two separate talks...
Fighting Mobile Phone Impersonation and Surveillance
Yesterday at the 28th Chaos Communications Congress (28C3), in Berlin, security researchers along with Karsten Nohl and Luca Melette showcased...
Inside Adobe Reader Zero-Day Exploit CVE 2011-2462
Recently a critical vulnerability has been identified in Adobe Reader X and Adobe Acrobat X Versions 10.1.1 and earlier for...
ZeroAccess Rootkit Launched by Signed Installers
Digital certificates and certificate authorities have been much in the news recently. Attacks–such as those used by Stuxnet, Duqu, and...
French Magazine Suffers Web Hack, Firebombing
To celebrate the recent victory of the Tunisian Islamist party, the French satirical magazine “Charlie Hebdo” published a special issue...
