Get cutting-edge security as it happens. McAfee Labs Blog delivers the latest research, analysis and insights into the evolving threat landscape, powered by comprehensive, real-time Global Threat Intelligence and a dedicated team of multidisciplinary researchers. Read our experts’ tips and techniques to help you avoid and defeat the latest malware trends, and view portions of the actual research to stay even more informed.
[March 1: See update at end] Google Code is a well-known platform that provides a collaborative environment for developers working on open source projects. It’s also a target for malware developers. Contrary to what you may think, this is not the first time that Google Code has been used to spread or store malware. (You Read more…
Tags: Android, Android/FakeUpdates, downloader, fake updates, google code, malware, pup
Recently I blogged about some exploit packs. In that post I showed a table that had 10 common malware kits. I listed the vulnerabilities used, referenced by their Common Vulnerabilities & Exposures (CVE) names. There were 45 vulnerabilities in the table. From the data, this idea was taken up by Mila Parkour via her Contagio Read more…
Tags: Cybercrime, data breach, Data Protection, Endpoint Protection, global threat intelligence, identity theft, malware, Network Security, social networking
Today we released our Fourth Quarter 2011 Threat Report, revealing that malware surpassed the our estimate of 75 million unique malware samples last year. Although the release of new malware slowed a bit in Q4, mobile malware continued to increase and recorded its busiest year to date. Malware The overall growth of PC-based malware actually Read more…
Tags: Android, Cybercrime, data breach, Data Protection, Endpoint Protection, enterprise, facebook, global threat intelligence, identity protection, Identity thieves and cybercriminals, malware, mobile security, Network Security, Risk and Compliance, security, social networking, spam
Hacktivism has become very popular in recent years; one of its leading agents is the online community Anonymous. Hacktivist groups use digital tools to perform denial of service (DoS) attacks for pursue political ends or to protest against controversial laws in countries around the world. One of the most common tools they use Low Orbit Read more…
Tags: Android, Anonymous Group, DoS, Hacktivism, pup
Potentially Unwanted Programs (PUPs) are often legitimate software that pose a risk to users’ privacy or systems. A reasonably secure–or privacy-minded–user may want to be informed of the presence of certain PUPs and in some cases remove them. One very common type of PUP is adware, which exists to make revenue through advertising. Some adware Read more…
We suggested earlier that instead of going after the Secure Element chip and the information it keeps safe, attackers would go after the weaker point of the Google Wallet app. Security researcher Joshua Rubin has now created a proof-of-concept app, Google Wallet Cracker, that can recover the Google Wallet PIN on a rooted phone. Once Read more…
Tags: Android, credit card fraud and protection, mobile security
Welcome back to Security 101. Our New Year’s recess is over, and it’s time to offer another lesson. So far we have discussed vulnerabilities and some types of low-interaction attack vectors. In this lesson we shall continue with attack vectors that require medium or high levels of user interaction to succeed. These attack vectors are Read more…
Tags: online security, online threats, vulnerability, web security
Many of you may have already noted this from Google’s home page, but for those not reading the fine print or not using Google: Today is International Safer Internet Day, which will have its 10th anniversary next year (if I counted right). Started in Europe by Insafe with funding from the European Commission, this day has become Read more…
Today Google announced its Bouncer security service for the Android Market. This is a good initial step in protecting Android users. Respect the Bouncer To keep out known troublesome apps, the service performs a malware and spyware scan on all submitted material. It also uses behavioral analysis to determine if a given app is trying Read more…
Tags: Android, Android Market, mobile malware, Rootkits
The ShmooCon security conference takes place in Washington D.C. this weekend. There will be a good number of mobile and embedded talks, covering attacks on and defense of Bluetooth, Android, NFC, RFID, and more. Disposable computers A number of years ago at DefCon a team of penetration testers showed how to infiltrate a corporate network Read more…
Tags: Android, Bluetooth, iphone, mobile security, NFC, RFID, SchmooCon
Posts in McAfee Labs