Featured Blogs
Android Master-Key Malware Already Blocked by McAfee Mobile Security
The Android Master Key vulnerability, which was first reported by BlueBox Security, has been big news this month. McAfee explained...
Android Phishing Scam Using Malware-as-a-Service on the Rise in India
Authored by ZePeng Chen and Wenfeng Yu McAfee Mobile Research Team has observed an active scam malware campaign targeting Android...
Android Phones Vulnerable to Loss of Data, Apps
Recently security researcher Ravi Borgaonkar discussed a vulnerability that caused a Samsung Galaxy SIII to return to a factory reset...
Android SpyNote attacks electric and water public utility users in Japan
Authored by Yukihiro Okutomi McAfee’s Mobile team observed a smishing campaign against Japanese Android users posing as a power and...
Android Spyware Targets Security Job Seekers in Saudi Arabia
The Middle East is the new Wild West of mobile malware, especially for targeted attacks and intelligence gathering campaigns. During...
Android/LeifAccess.A is the Silent Fake Reviewer Trojan
The McAfee Mobile Research team has identified an Android malware family dubbed Android/LeifAccess.A that has been active since May 2019....
Android/TimpDoor Turns Mobile Devices Into Hidden Proxies
The McAfee Mobile Research team recently found an active phishing campaign using text messages (SMS) that tricks users into downloading...
Andromeda Botnet Hides Behind AutoIt
Last month, I posted a blog about an increase in the use of AutoIt scripts by malware authors to carry...
Apache Struts at REST: Analyzing Remote Code Execution Vulnerability CVE-2017-9805
Apache Struts, an open-source web development framework, is prone to vulnerabilities. We wrote about CVE-2017-9791 in July. The latest is...
Apple iOS Attack Underscores Importance of Threat Research
The recent discovery of exploit chains targeting Apple iOS is the latest example of how cybercriminals can successfully operate malicious campaigns, undetected,...
Apply MITRE’s ‘ATT&CK’ Model to Check Your Defenses
Every week we read about adversaries attacking their targets as part of online criminal campaigns. Information gathering, strategic advantage, and...
Apps Sending Plain HTTP Put Personal Data at Risk
At the AVAR Conference in November 2014, McAfee Labs presented how to exploit a cross-site scripting vulnerability of the Costco...
Are Virtual Machines the New Gold for Cyber Criminals?
Introduction Virtualization technology has been an IT cornerstone for organization for years now. It revolutionized the way organizations can scale...
AshleyMadison Hack Demonstrates Power of Scam Artists
This blog post was written by Armando Rodriguez. Last month, cybersecurity journalist Brian Krebs broke the news that adult site...
AsiaHitGroup Gang Again Sneaks Billing-Fraud Apps Onto Google Play
The McAfee Mobile Research team has found a new billing-fraud campaign of at least 15 apps published in 2018 on...
AsiaHitGroup Returns With New Billing-Fraud Campaign
Are you tired yet of the music track “Despacito”? If you downloaded this ringtone app from Google Play, chances are...
Astaroth: Banking Trojan Abusing GitHub for Resilience
by Harshil Patel and Prabudh Chakravorty *EDITOR’S NOTE: Special thank you to the GitHub team for working with us on...
At McAfee, Protecting Customers Takes Precedence Over Seeking Headlines
One question I often hear is “When will McAfee publish a report on the latest threat?” It seems to be...
