Other Blogs

McAfee Labs

Evasion Techniques: Encoded JavaScript Attacks PDF Files

Last week I kicked off a series of blogs with a discussion of how an effective IPS solution can fight obfuscation techniques by malware. This week, we’ll look at how JavaScript poses a danger when combined with PDF files. One of the easiest and most powerful ways to customize PDF ...

McAfee Labs

Labs Paper Looks ‘Inside the World of the Citadel Trojan’

Zeus “banking” malware and its variants have been making headlines in recent months. One variant, the Citadel Trojan, has now taken the spotlight with the news of its withdrawal from the open crimeware market. Recently the author of Citadel, Aquabox, has been banned from a large online forum that sells ...

McAfee Labs

IPS Countermeasures Fight Obfuscation, Evasion

Before the advent of intrusion detection systems (IDS) and intrusion prevention systems (IPS), firewalls served as the primary technology to help organizations block unwanted traffic. With application-layer protocols lacking detection, attackers were able to disguise malicious traffic and remotely exploit applications. To stop these kinds of attacks, the security industry ...

McAfee Labs

Botnet Control Servers Span the Globe

McAfee Labs has long monitored botnet activities and their control servers as they plague the Internet.  With millions of McAfee endpoints and network security appliances sending information to McAfee Global Threat Intelligence (GTI) in the cloud, coupled with a vast collection of malicious binary and proactive research, McAfee Labs has a clear view ...

McAfee Labs

The Future of Hacktivism and Anonymous

After the publication of the 2013 Threats Predictions from McAfee Labs, I have received many queries regarding our expectation of a possible slowdown in Anonymous activity this year. Some readers agreed, while others were more skeptical. With this blog, I will attempt to explain these positions. The Anonymous signature Today, ...

McAfee Labs

Java Zero-Day Vulnerability Pushes Out Crimeware

This blog was updated on January 14. See the end of the file. A new Java zero-day vulnerability is spreading malicious files to infect unprotected users. The threat is dangerous: Just browsing a malicious page or clicking a malicious link in spam is enough to cause an infection when combined ...

Executive Perspectives

The 3 R’s: Riches, Ruins & Regulations

We previously wrote about what it means to be a security-obligated executive – how to identify threat warning signs and prep against cyber-attacks. Historically either the C-suite and the security teams haven’t spoken at all, or security teams haven’t spoken to execs in a simple enough language to be understood. ...

McAfee Labs

Red Kit an Emerging Exploit Pack

Exploit kits are toolkits that are used to build malware components such as binaries and scripts. They automate the exploitation of client-side vulnerabilities, targeting browsers and programs. These exploit kits provide an effective way for cybercriminals to distribute malware without the users consent. Among these kits, the Blackhole exploit kit ...

McAfee Labs

If You Deploy Only Antivirus, It Will Cost You More and Make You Less Secure

Everyone’s looking to shave their IT budgets, manage fewer vendors and streamline. The plethora of low cost and sometimes free AV products is an enticing option to lower the cost to secure any business. Some free antivirus programs do an acceptable job of detecting, blocking and removing certain kinds of ...

McAfee Labs

YouTube Video Scam Targets Facebook Users

Be advised cybercriminals are at it again, leveraging the popularity of Facebook and YouTube to scam consumers.We have seen several scams in the past spreading through Facebook promising of some leaked video of celebrities, or free Facebook T-shirts etc. The malware authors are making money by pay-per-click with these techniques. ...

Subscribe to McAfee Securing Tomorrow Blogs