Blogs

Consumer (534)
Corporate (162)
Enterprise (527)
McAfee Labs (1031)

3G, 2012 London Olympics, Adobe, Advanced Persistent Threat, advanced persistent threats, adware, AET, AMTSO, analysis, Android, Android/FakeToken, Android/FakeUpdates, Android/NickiSpy, Android Bot analysis, Android Dropper, Android Exploit, Android Malware, Android Malware Analysis, Android Market, Android Mobile Malware, Android Rooting Exploit, Android SMS broadcast, Anonymous, Anonymous Group, Antievasion, antivirus, Apple, application security, APT, Arun Sabapathy, attack, attacks, AutoRun malware, AV-TEST.org, Backdoor, banking, banking fraud, Bitcoin, Bluetooth, bot, botnet, botnets, bots, Brazil, bueno, buffer overflow, CanSecWest, Charity Phishing Scams, Chile, chris barton, clickjacking, Compliance, conference, Conficker, Consumer, counter identity theft, credit card fraud and protection, credit card skimming, crimeware, critical infrastructure, cross-site scripting, currency, CVE-2012-0158, Cybercrime, Cyber Security Mom, cyberwar, Darkshell, database security, data breach, Data Protection, Dave DeWalt, DDoS, Deep Defender, DeepSAFE, denial of service, Digital Certificates, distributed denial of service, DoS, DougaLeaker, downloader, downloaders, Duqu, e-gold, eBay, EFF, election, email, Email & Web Security, embedded, encryption, Endpoint Protection, enterprise, Exif, exploit, Exploit for Android, exploits, facebook, fake-av, fake alert, fake anti-virus software, Fake AntiVirus, fake anti virus, fake updates, false, Family Safety, FBI, FIFA, Flash, flashback, free, french, gaming, gaming consoles, global threat intelligence, google, google code, Google Play, government, gratis, GSM, hacker, Hackers, hacking, Hacktivism, Hacktivity, hoax, host intrusion prevention, ICS, identity exposure, identity fraud, identity fraud scams, identity protection, identity theft, Identity thieves and cybercriminals, iframe, in.cgi, industrial control systems, Infrastructure, intellectual property, internet privacy, Internet Safety, in the cloud, IntruShield, iphone, IPS, IRCBOT for android, Japan, java, JavaScript, Kernel 0day vulnerability, king county, labs, LART, law enforcement, Linux, Linux/Exploit:Looter Analysis, Linux and Windows, lizamoon, Lloyds, LOIC, Looter Analysis, luckysploit, LulzSec, mac, mac/OSX, Mac OSX, Mac OS X, Malicious Android Application, Malicious QR Code, malware, Malware Experience, malware forums, Malware research, maps, mass mailing worm, mass sql injection, McAfee, McAfee Identity Protection, McAfee Initiative to Fight Cybercrime, McAfee Labs, McAfee MobileSecurity, McAfee Network Security Platform, McAfee NSP, McCain, Medical identity theft, Microsoft, Microsoft Security Bulletin, MMORPG, Mobile, mobile data protocols, mobile devices and security threats, mobile malware, mobile phone spyware, mobile security, mobile smartphone security, mobile spam, Mother’s day spam, MS12-020, msn spaces, ndr, near field communication, Network Evasions, Network Security, NFC, NickiSpy, Nitol, North Korea, NotCompatible, obama, OLE, olympics, Olympic scams, online banking, online child safety, online credit fraud, online gaming, online gangs, online safety, online security, online shopping, online threats, Open Source, Operation Aurora, Orange, OS/X, outlook, P2P, password stealer, Pastebin, patch, pay-per-install malware, Payload, payment, paypal, PCI, PDF, pedro bueno, peer to peer, Peer to Peer file sharing, personal information over mobile phones, personal information protection, phishing, phishing kits, phishing scams, phishing shareware, pinterest scam, piracy, pornography, Postcode Lottery, PostScript, Potentially unwanted program, predictions, Premium SMS Trojan, Printers, privacy, Public Sector, puget sound, pup, PWN2OWN, pws, Ramnit, RAT, rdp, Records phone conversations, regulations, research, RFID, risk, Risk and Compliance, Rogue Certificates, Rooting Exploit, rootkit, RootkitRemover, Rootkits, RTF, safe surfing, SCADA, scam, scams, scareware, SchmooCon, Search engine optimization, Search engine poisoning, security, Security-as-a-Service, Security 101, seo abuse, Shady RAT, SlowLoris, smartphones, sms, social engineering, social media, social network, social networking, social networks, South Korea, spam, spear, SpyEye, Spyware, sql attacks, SQL Injection, Stealth, Steve Jobs, Stinger, Stuxnet, subscription, Symbian, targeted attacks, Testing, text message, threat, tools, Total Protrection 2012, TPM, traffic manager, trojan, trojan banker, trojans, twitter, urchin.js, USB drives, vbs, vinoo thomas, virus, Viruses, VirusScan Enterprise with ePO 8.8, vista, vulnerability, waledac, water facility, water pumps hacked, water treatment facilities hacked, web, Web 2.0, web security, web threats, white hat hackers, windows, Windows Mobile, World Cup, world of warcraft, worm, Worms, xirtem, xss, Zbot, Zero-Day, ZeroAccess, zeus, zombie, zombie computers, zombies

McAfee Labs :

McAfee Labs

Get cutting-edge security as it happens. McAfee Labs Blog delivers the latest research, analysis and insights into the evolving threat landscape, powered by comprehensive, real-time Global Threat Intelligence and a dedicated team of multidisciplinary researchers. Read our experts’ tips and techniques to help you avoid and defeat the latest malware trends, and view portions of the actual research to stay even more informed.

Subscribe to the McAfee Labs blog.

Posts in McAfee Labs

Android Malware Retest Puts McAfee Mobile Security at Top of Class

Monday, March 19, 2012 at 9:55am by Toralv Dirro

On March 6, the widely recognized institute AV-TEST published a long awaited review of Malware Protection for Android–with really disappointing results for us And the report was widely quoted in the media. An analysis on our side quickly showed that an outdated version of McAfee Mobile Security had been tested. Yesterday AV-TEST announced that they had Read more…

Tags: Android, Android Malware, McAfee MobileSecurity, Mobile, Testing

New Hacker Groups Take Up the Anonymous Banner

Friday, March 16, 2012 at 11:14am by Francois Paget

Did you imagine that the recent arrests of LulzSec members would put a dent in their activities? It seems not, as two new groups have already taken action. We should keep in mind that some of the online actions by Anonymous can be seen as beneficial. Two of their targets have included the pornography industry Read more…

Tags: Anonymous, Hacktivism, LulzSec, pornography

RDP+RCE=Bad News (MS12-020)

Wednesday, March 14, 2012 at 3:18pm by Jim Walter

See March 15 and 16 updates at the end of this blog. —————————————————- The March Security Bulletin release from Microsoft was relatively light in volume. Out of the six bulletins released, only one was rated as Critical. And for good reason. MS12-020 includes CVE-2012-0002. This flaw is specific to the Remote Desktop Protocol (RDP) present on Read more…

Tags: Cyber Security Mom, Cybercrime, data breach, Data Protection, Endpoint Protection, enterprise, global threat intelligence, labs, malware, McAfee Labs, Microsoft Security Bulletin, MS12-020, Network Security, Risk and Compliance

Android Malware Pairs Man-in-the-Middle With Remote-Controlled Banking Trojan

Wednesday, March 14, 2012 at 2:37pm by Carlos Castillo

Based on the Android malware that we’ve seen so far, one of the principal motivations to develop and spread malware on Android is to gain financial profit. We often see deceptive applications that send SMS messages to premium-rate numbers without the user’s consent or that run man-in-the-middle attacks to forward SMS messages to an attacker Read more…

Tags: Android Malware, Android/FakeToken, banking fraud, SpyEye, zeus

Will LulzSec ‘Takedowns’ Put an End to Hacktivism?

Wednesday, March 7, 2012 at 8:31am by David Marcus

The news is circulating of the recent arrests of many of LulzSec’s members. From the Fox News site: “Law enforcement agents on two continents swooped in on top members of the infamous computer hacking group LulzSec early this morning, and acting largely on evidence gathered by the organization’s brazen leader–who sources say has been secretly Read more…

Tags: Anonymous, FBI, hacking, Hacktivism, LulzSec

An Update on DNSChanger and Rogue DNS Servers

Tuesday, March 6, 2012 at 10:48am by Jim Walter

In late 2011, the FBI released documents and data focusing on “Operation Ghost Click.” This malicious operation, leveraging a variety of DNSChanger-type malware, was defined by the FBI as an “international cyber ring that infected millions of computers.” Associated malware samples and events can be traced back several years, and multiple platforms were targeted. To this day many remain Read more…

Tags: Cybercrime, Endpoint Protection, enterprise, global threat intelligence, malware, McAfee, Risk and Compliance

Google Code Projects Host Android Malware

Thursday, March 1, 2012 at 9:54am by Carlos Castillo

[March 1: See update at end] Google Code is a well-known platform that provides a collaborative environment for developers working on open source projects. It’s also a target for malware developers. Contrary to what you may think, this is not the first time that Google Code has been used to spread or store malware. (You Read more…

Tags: Android, Android/FakeUpdates, downloader, fake updates, google code, malware, pup

Another Overview of Exploit Packs

Friday, February 24, 2012 at 5:27am by Francois Paget

Recently I blogged about some exploit packs. In that post I showed a table that had 10 common malware kits. I listed the vulnerabilities used, referenced by their Common Vulnerabilities & Exposures (CVE) names. There were 45 vulnerabilities in the table. From the data, this idea was taken up by Mila Parkour via her Contagio Read more…

Tags: Cybercrime, data breach, Data Protection, Endpoint Protection, global threat intelligence, identity theft, malware, Network Security, social networking

McAfee Q4 Threats Report Shows Malware Surpassed 75 Million Samples in 2011

Tuesday, February 21, 2012 at 12:24pm by David Marcus

Today we released our Fourth Quarter 2011 Threat Report, revealing that malware surpassed the our estimate of 75 million unique malware samples last year. Although the release of new malware slowed a bit in Q4, mobile malware continued to increase and recorded its busiest year to date. Malware The overall growth of PC-based malware actually Read more…

Tags: Android, Cybercrime, data breach, Data Protection, Endpoint Protection, enterprise, facebook, global threat intelligence, identity protection, Identity thieves and cybercriminals, malware, mobile security, Network Security, Risk and Compliance, security, social networking, spam

Android DIY DoS App Boosts Hacktivism in South America

Friday, February 17, 2012 at 8:09am by Carlos Castillo

Hacktivism has become very popular in recent years; one of its leading agents is the online community Anonymous. Hacktivist groups use digital tools to perform denial of service (DoS) attacks for pursue political ends or to protest against controversial laws in countries around the world. One of the most common tools they use Low Orbit Read more…

Tags: Android, Anonymous Group, DoS, Hacktivism, pup