Recently we discovered a new Android Trojan in the official Google Play market that displays a video downloaded from the Internet--but only if some sensitive information is previously sent to a remote server. The malicious applications are designed for Japanese users and display “trailers” of upcoming video games for Android. Here's one example: Or anime/adult ...
Read Blog
Darkshell is a distributed denial of service (DDoS) botnet targeting Chinese websites. It was found in 2011 and was first analyzed by Arbor Networks. McAfee Labs recently analyzed a few new samples that turned out to be variants of Darkshell, and we found extensive variations in network traffic and control commands. The Darkshell bot follows ...
Read Blog
See March 15 and 16 updates at the end of this blog. ----------------------------------------------------   The March Security Bulletin release from Microsoft was relatively light in volume. Out of the six bulletins released, only one was rated as Critical. And for good reason. MS12-020 includes CVE-2012-0002. This flaw is specific to the Remote Desktop Protocol (RDP) present on ...
Read Blog
[March 1: See update at end] Google Code is a well-known platform that provides a collaborative environment for developers working on open source projects. It's also a target for malware developers. Contrary to what you may think, this is not the first time that Google Code has been used to spread or store malware. (You ...
Read Blog
Hacktivism has become very popular in recent years; one of its leading agents is the online community Anonymous. Hacktivist groups use digital tools to perform denial of service (DoS) attacks for pursue political ends or to protest against controversial laws in countries around the world. One of the most common tools they use Low Orbit ...
Read Blog
Multifunction printers (MFPs) have been common in offices for years. They let employees print, scan, and copy documents. Two separate talks at the 28th Chaos Communications Congress (28c3) show how attackers can infect these trusted office devices. Hacking MFPs In Andrei Costin's presentation "Hacking MFPs," he covered the history of printer and copier hacks from the ...
Read Blog
Yesterday at the 28th Chaos Communications Congress (28C3), in Berlin, security researchers along with Karsten Nohl and Luca Melette showcased a number of flaws and solutions in GSM mobile phone networks. [caption id="attachment_13147" align="aligncenter" width="300"] Karsten Nohl presenting “Defending Mobile Phones” at the 28th Chaos Communications Congress.[/caption] Day 1 Defeating GSM encryption is not new. ...
Read Blog
Recently a critical vulnerability has been identified in Adobe Reader X and Adobe Acrobat X Versions 10.1.1 and earlier for Windows and Mac OS, Reader 9.4.6 and Reader 9.x Versions for Unix. This zero-day vulnerability (CVE-2011-2462) could allow an attacker to execute arbitrary code and silently take the control of a victim's machine. This flaw is currently ...
Read Blog
Digital certificates and certificate authorities have been much in the news recently. Attacks--such as those used by Stuxnet, Duqu, and other malware--involving stolen certificates show an increasingly worrisome new security trend. Certificate authorities have been targeted several times in the recent past with some success. There is a large chunk of known malware signed by ...
Read Blog