Read: "The Hidden Truth Behind Shadow IT: Six Trends Impacting Your Security Posture" report to learn more about how employees are circumventing company policy and deploying unauthorized SaaS applications.
For IT security executives and security-responsible business executives, McAfee Labs’ Q3 Threats Report poses an interesting set of developments that call into question what industry and non-industry...
It’s that time of year again. Yes, I know it seems like we just got past the spooks from Halloween, but the holidays are just around the corner. While we are busy buying gifts and making travel arrangements,...
Get cutting-edge security as it happens. Read our experts’ tips and techniques to help you avoid and defeat the latest malware trends, and view portions of their actual research to stay even more informed.
Recently we caught a malicious sample that exploits a PDF vulnerability–CVE-2013-3346, we believe–and executes after a use-after-free condition occurs. During our analysis we noticed that this PDF sample also exploits a zero-day local Windows vulnerability–CVE-2013-5065–to escalate privilege. This zero-day occurs in NDProxy.sys under Windows XP and 2003. The exploitation of this flaw is similar to […]
WhatsApp has received more than its fair share of hits from Trojans attempting to target its large user base and worldwide popularity, but only a handful of those possesses the threat level of this new discovery that appears to be aimed primarily at Latin America. Recently revoked from Google Play, Android/Balloonpopper is a game that carries […]
In two recent blogs, McAfee Labs described Japanese and Korean Android apps on Google Play that steal a mobile device’s phone number. We have now found two more Japanese chat apps that show similar behavior. These two apps have been downloaded between 10,000 and 50,000 times each. The developers of these apps have manipulated the […]
Update, December 5 The developer of the app Machin Chat has contacted McAfee and reported that the collection of phone numbers was inadvertent and that they have no malicious intent. We have verified that updated code no longer collects phone numbers. The updated app is available on Google Play. (Older versions of the app have […]