Featured Blogs
Fake Cleaning Apps in Google Play: an AutoRun Attack and More
Almost exactly one year ago, Google announced the addition of a “new layer to Android security,” a service codenamed Bouncer...
Evasion Techniques: Encoded JavaScript Attacks PDF Files
Last week I kicked off a series of blogs with a discussion of how an effective IPS solution can fight...
Labs Paper Looks ‘Inside the World of the Citadel Trojan’
Zeus “banking” malware and its variants have been making headlines in recent months. One variant, the Citadel Trojan, has now...
IPS Countermeasures Fight Obfuscation, Evasion
Before the advent of intrusion detection systems (IDS) and intrusion prevention systems (IPS), firewalls served as the primary technology to...
Botnet Control Servers Span the Globe
McAfee Labs has long monitored botnet activities and their control servers as they plague the Internet. With millions of McAfee endpoints...
The Future of Hacktivism and Anonymous
After the publication of the 2013 Threats Predictions from McAfee Labs, I have received many queries regarding our expectation of...
Java Zero-Day Vulnerability Pushes Out Crimeware
This blog was updated on January 14. See the end of the file. A new Java zero-day vulnerability is spreading...
Red Kit an Emerging Exploit Pack
Exploit kits are toolkits that are used to build malware components such as binaries and scripts. They automate the exploitation...
If You Deploy Only Antivirus, It Will Cost You More and Make You Less Secure
Everyone’s looking to shave their IT budgets, manage fewer vendors and streamline. The plethora of low cost and sometimes free...
YouTube Video Scam Targets Facebook Users
Be advised cybercriminals are at it again, leveraging the popularity of Facebook and YouTube to scam consumers.We have seen several...
New Labs Report: ‘Analyzing Project Blitzkrieg’
Project Blitzkrieg, a current attack on US financial institutions, got a lot of media attention following a blog posting by...
Narilam Trojan Targets Iranian Financial Software
Iranian infrastructure has been on the radar of cyberattackers for a couple of years. We have already witnessed organized and...
A Quick Analysis of the Flash Player Opcode-Verifying Code Execution Vulnerability
On October 12, McAfee Labs learned of proof-of-concept code exploiting a newly patched Flash Player vulnerability. Adobe had patched this...
Update: NGRBot Posing as Skype Drops Ransomware With Fake McAfee Logo
This blog was updated on October 15. See the end of this file. We recently received a sample of the...
Multiplatform Fake AV Uses Different GUIs
Since the beginning of October we have seen a variant of fake antivirus malware that belongs to the FakeRean family...
NGRBot Spreads Via Chat
NGRBot is a worm that propagates through chat messengers, the Internet Relay Chat channel, social networking sites etc. It steals...
‘Police Ransomware’ Preys on Guilty Consciences
“Police ransomware” is big business, generating millions of euros for organized criminal groups. In May, at Europol’s headquarters in The...
Facebook Bot Spreads Through Chat Messengers [Updated]
Update from Facebook: The Facebook security team been actively tracking this botnet and providing McAfee AV to the victims (via...
