Featured Blogs
Phishing Threat Uses UTF-8 BOM in ZIP Signature to Evade Detection
This blog was written by Sanchit Karve. Last week, we noticed thousands of malware files in the wild that employ...
Multiple Java Exploits Hide in a Jar (File)
Exploits of the Java Runtime Environment (JRE) have been extensively used in drive-by-download toolkits such as Blackhole and Red Kit....
VSkimmer Botnet Targets Credit Card Payment Terminals
April 2 This blog has been updated with McAfee’s NSP detection. See end of blog. While monitoring a Russian underground...
Travnet Trojan Could Be Part of APT Campaign
This blog post was written by Vikas Taneja. Attackers use all kinds of attack vectors to steal sensitive information from...
An Overview of Messaging Botnets
In the quarterly McAfee Threats Reports we offer our readers some charts on the prevalence of messaging botnets. For the...
Android Malware Goes Bollywood
We already know that mobile malware is growing at a fantastic rate, but we now see a new trend that...
Malware Behaves Oddly in Automated Analysis Environment
While testing malware recently, we got some logs from our automated analysis system showing a few samples that are only...
Digging Into the Sandbox-Escape Technique of the Recent PDF Exploit
As promised in our previous blog entry for the recent Adobe Reader PDF zero-day attack, we now offer more technical...
Analyzing the First ROP-Only, Sandbox-Escaping PDF Exploit
The winter of 2013 seems to be “zero-day” season. Right after my colleague Haifei Li analyzed the powerful Flash zero...
Fake Cleaning Apps in Google Play: an AutoRun Attack and More
Almost exactly one year ago, Google announced the addition of a “new layer to Android security,” a service codenamed Bouncer...
