Featured Blogs
Are Virtual Machines the New Gold for Cyber Criminals?
Introduction Virtualization technology has been an IT cornerstone for organization for years now. It revolutionized the way organizations can scale...
Apps Sending Plain HTTP Put Personal Data at Risk
At the AVAR Conference in November 2014, McAfee Labs presented how to exploit a cross-site scripting vulnerability of the Costco...
Apply MITRE’s ‘ATT&CK’ Model to Check Your Defenses
Every week we read about adversaries attacking their targets as part of online criminal campaigns. Information gathering, strategic advantage, and...
Apple iOS Attack Underscores Importance of Threat Research
The recent discovery of exploit chains targeting Apple iOS is the latest example of how cybercriminals can successfully operate malicious campaigns, undetected,...
Apache Struts at REST: Analyzing Remote Code Execution Vulnerability CVE-2017-9805
Apache Struts, an open-source web development framework, is prone to vulnerabilities. We wrote about CVE-2017-9791 in July. The latest is...
Andromeda Botnet Hides Behind AutoIt
Last month, I posted a blog about an increase in the use of AutoIt scripts by malware authors to carry...
Android/TimpDoor Turns Mobile Devices Into Hidden Proxies
The McAfee Mobile Research team recently found an active phishing campaign using text messages (SMS) that tricks users into downloading...
Android/LeifAccess.A is the Silent Fake Reviewer Trojan
The McAfee Mobile Research team has identified an Android malware family dubbed Android/LeifAccess.A that has been active since May 2019....
Android Spyware Targets Security Job Seekers in Saudi Arabia
The Middle East is the new Wild West of mobile malware, especially for targeted attacks and intelligence gathering campaigns. During...
