All Blogs / Technology / Security / Popular


Top 3 Phishing Attacks Use Similar Tricks

Phishing scams are immensely popular and we see millions of phishing messages everyday. Today we offer the top three phishing scams that attempt to steal your web mail credentials. Web Mail Scam This scam starts with an email that appears to come from Administrator or Helpdesk and requests that you validate or update your account. Show More Summary

Quarian Targeted-Attack Malware Evades Sandbox Detection

Last year, we blogged about the actor known as Quarian, who is involved in targeted attacks. This individual or group has been active since at least 2011 and has targeted government agencies. The attacks use spear phishing campaigns with crafted.pdf and.doc files as bait for unsuspecting users. Show More Summary

BackOff Malware Uses Encryption to Hide Its Intentions

Often we see malware authors using encryption or obfuscation along with other techniques to modify the static contents of malware. They do this to evade static-based clustering and detection even though the behavior is the same. In many cases obfuscation also helps hide the threat’s malicious intentions from security researchers. Show More Summary

ZebrAttack Creates Data Breach via Mobile OS, App Vulnerabilities

At the AVAR conference in November, with the help of coauthor and independent security researcher Song Li, we will present our findings of an emerging mobile threat vector. We have found that in a group of popular retail apps, such as...Show More Summary

Checking the Pulse of McAfee Labs Threats Reports

In March, we wrote about changes that we were making to the McAfee Labs Threats Reports. Those changes included both format and content improvements. We wanted to make the Threats Reports more engaging, easier to understand, and simpler to navigate. Show More Summary

CelebGate: a Long, Dangerous List of Celebrities

During the past few days, the media has been abuzz with the massive celebrity photo leak nicknamed CelebGate 2014. The story started on August 31 when the first nude pictures appeared on a 4chan board. An alarming list of victims has been posted. Show More Summary

Detection Effectiveness: the Beat Goes On

In May, we wrote about the breach discovery gap, which is the time it takes IT security practitioners to discover a data breach after their systems have been compromised in a cyberattack. We made this critical point: Stopping attacks...Show More Summary

Brazilian PUP Campaign MegaRapido Shows Unwanted Behavior

Some applications go too far in their attempt to get installed on users systems. Many of these fall into the potential unwanted program (PUP) category. One of these is MegaRapido, which primarily targets Brazilians. A recent sample we tested tries to connect to protectmedia.net, which is already marked as suspicious by McAfee SiteAdvisor. Show More Summary

Beware of Impostor Android Apps Using Fake ID

Recently discovered, an Android vulnerability called Fake ID allows apps to impersonate other apps by copying their identity. Each app has its own unique identity, as defined by the developers, after they create their public/private key pair. Show More Summary

Trust Is the Most Valuable Asset

The most valuable asset for actors in cyberspace is trust. It is an important ingredient in successful business operations as well as in good governance. Trust and security are closely intertwined. One cannot exist without the other....Show More Summary

Adobe Flash Player Installer Scams Reappear on Google Play

Adobe Flash Player has been a boon to Android malware creators for a long time. These developers have taken advantage of Flash’s popularity to create premium SMS Trojans and droppers, as well as other types of malware. McAfee Labs has detected a common scam app–Android/Fladstep.B–on the Google Play store since the end of 2013. Show More Summary

Yahoo Ads Serve Mobile Fake Alerts

“Android Armour,” a malicious knockoff of Armor For Android, has been circulating for some time with no end in sight, perhaps due in part to advertisements over Yahoo’s ad network.  I happened to recently be served a couple myself.  The...Show More Summary

Trailing the Trojan njRAT

One Trojan that just won’t go away is the remote access tool njRAT. Microsoft recently took down a leading domain associated with the malware, but that action did not come off as smoothly as the company hoped. We closely track this remote access tool (RAT) and see a rise in its popularity every year. The … The post Trailing the Trojan njRAT appeared first on McAfee Blogs.

Chinese Worm Infects Thousands of Android Phones

Last weekend, it was reported in China that an SMS worm was wildly spreading among Android mobile phones, with more than 500,000 devices infected. The malware spread by sending SMS texts to a phone’s contacts with a message body such as: XXX????http://cdn..com/down/4279139/XXshenqi.com This malware is much more than just a worm. Show More Summary

Android App SandroRAT Targets Polish Banking Users via Phishing Email

Europe is currently under attack by spammers trying to get control of Android devices. In Germany the distribution method is via SMS (text) messages, as you can read in this recent McAfee Labs post, while in Poland there is an ongoing email spam campaign distributing a new variant of an Android remote access tool (RAT). Show More Summary

‘DHL’ SMS Spam Distributes Android Malware in Germany

One of the most common methods for distributing PC malware is the use of email spam messages that pose as tracking notifications from popular delivery companies such as DHL Express, FedEx, or UPS. The reason for this popularity is the malware’s effectiveness. Show More Summary

Malicious Utility Can Defeat Windows PatchGuard

In 2012, my colleagues Deepak Gupta and Xiaoning Li explained in a white paper how some malware can operate at the kernel level to bypass Microsoft’s security for 64-bit Windows systems. Today a small utility program named KPP-Destroyer can be found online. Show More Summary

Dropping Files Into Temp Folder Raises Security Concerns

Recently, the McAfee Advanced Exploit Detection System (AEDS) has delivered some interesting RTF files to our table. These RTFs have executables “attached” to the documents. Usually, some words in the documents try to convince users to click and run the attachments. Show More Summary

W32/Worm-AAEH Replaces Cryptor With One Used by Dofoil Downloaders

The W32/Worm-AAEH family (aliases: Beebone, VObfus, Changeup) of Trojans/downloaders/worms has been notorious for consistently morphing itself and switching control servers since June 2009. In June 2013, the AAEH worm made its biggest cosmetic...Show More Summary

Targeted Attacks on French Company Exploit Multiple Word Vulnerabilities

Spear phishing email is a major worry to any organization. Messages that appear legitimate and specific fool us more often than random phishing attempts. Exploits that use patched vulnerabilities delivered via spear phishing email are...Show More Summary

Copyright © 2015 Regator, LLC