Featured Blogs
Android Phones Vulnerable to Loss of Data, Apps
Recently security researcher Ravi Borgaonkar discussed a vulnerability that caused a Samsung Galaxy SIII to return to a factory reset...
Android SpyNote attacks electric and water public utility users in Japan
Authored by Yukihiro Okutomi McAfee’s Mobile team observed a smishing campaign against Japanese Android users posing as a power and...
Android Spyware Targets Security Job Seekers in Saudi Arabia
The Middle East is the new Wild West of mobile malware, especially for targeted attacks and intelligence gathering campaigns. During...
Android/LeifAccess.A is the Silent Fake Reviewer Trojan
The McAfee Mobile Research team has identified an Android malware family dubbed Android/LeifAccess.A that has been active since May 2019....
Android/TimpDoor Turns Mobile Devices Into Hidden Proxies
The McAfee Mobile Research team recently found an active phishing campaign using text messages (SMS) that tricks users into downloading...
Andromeda Botnet Hides Behind AutoIt
Last month, I posted a blog about an increase in the use of AutoIt scripts by malware authors to carry...
Apache Struts at REST: Analyzing Remote Code Execution Vulnerability CVE-2017-9805
Apache Struts, an open-source web development framework, is prone to vulnerabilities. We wrote about CVE-2017-9791 in July. The latest is...
Apple iOS Attack Underscores Importance of Threat Research
The recent discovery of exploit chains targeting Apple iOS is the latest example of how cybercriminals can successfully operate malicious campaigns, undetected,...
Apply MITRE’s ‘ATT&CK’ Model to Check Your Defenses
Every week we read about adversaries attacking their targets as part of online criminal campaigns. Information gathering, strategic advantage, and...
Apps Sending Plain HTTP Put Personal Data at Risk
At the AVAR Conference in November 2014, McAfee Labs presented how to exploit a cross-site scripting vulnerability of the Costco...
Are Virtual Machines the New Gold for Cyber Criminals?
Introduction Virtualization technology has been an IT cornerstone for organization for years now. It revolutionized the way organizations can scale...
AshleyMadison Hack Demonstrates Power of Scam Artists
This blog post was written by Armando Rodriguez. Last month, cybersecurity journalist Brian Krebs broke the news that adult site...
AsiaHitGroup Gang Again Sneaks Billing-Fraud Apps Onto Google Play
The McAfee Mobile Research team has found a new billing-fraud campaign of at least 15 apps published in 2018 on...
AsiaHitGroup Returns With New Billing-Fraud Campaign
Are you tired yet of the music track “Despacito”? If you downloaded this ringtone app from Google Play, chances are...
At McAfee, Protecting Customers Takes Precedence Over Seeking Headlines
One question I often hear is “When will McAfee publish a report on the latest threat?” It seems to be...
Attackers Exploiting WinRAR UNACEV2.DLL Vulnerability (CVE-2018-20250)
Earlier this month Check Point Research reported discovery of a 19 year old code execution vulnerability in the wildly popular...
Attackers Seek to Hack Hardware for Ultimate Control
We are seeing interesting changes in how researchers and attackers are exploring methods to undermine systems and devices. Increasingly, the...
Attacks On Indian Organizations Continue – More Exploits Focused On Events
In November last year, McAfee Labs researchers reported about Operation Mangal, an ongoing targeted attack campaign against several Indian domestic...
