This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-09T08:12:10+00:00 www.secnews.physaphae.fr McAfee Labs - Editeur Logiciel The not-so Usual Suspects There is a growing trend for attackers to more heavily utilize tools that already exist on a system rather than relying totally on their own custom malware. Using .hta files or its partner in crime, mshta.exe, is an alternative to using macro enabled document for attacks and has been around a […] ]]> 2019-07-29T15:19:01+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/what-is-mshta-how-can-it-be-used-and-how-to-protect-against-it/ www.secnews.physaphae.fr/article.php?IdArticle=1231674 False None None None McAfee Labs - Editeur Logiciel Briefing Over the years, McAfee researchers have observed that certain new top-level Domains (TLDs) are more likely to be abused by cyber criminals for malicious activities than others. Our investigations reveal a negative relationship between the likelihood for abuse and registration price of some TLDs, as reported by the McAfee URL and email intelligence team. […] ]]> 2019-07-26T14:14:04+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/examining-the-link-between-tld-prices-and-abuse/ www.secnews.physaphae.fr/article.php?IdArticle=1225302 False None None None McAfee Labs - Editeur Logiciel Collaborative Initiative Celebrates Helping More Than 200,000 Victims and Preventing More Than 100 million USD From Falling into Criminal Hands Three years ago, on this exact day, the public and private sectors drew a line in the sand against ransomware. At that time, ransomware was becoming one of the most prevalent cyber threats globally. We […] ]]> 2019-07-26T08:00:01+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/no-more-ransom-blows-out-three-birthday-candles-today/ www.secnews.physaphae.fr/article.php?IdArticle=1224564 False Ransomware None None McAfee Labs - Editeur Logiciel You have likely heard that blockchain will disrupt everything from banking to retail to identity management and more. You may have seen commercials for IBM touting the supply chain tracking benefits of blockchain.[i]  It appears nearly every industry is investing in, adopting, or implementing blockchain. Someone has probably told you that blockchain can completely transform […] ]]> 2019-07-23T16:10:05+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/demystifying-blockchain-sifting-through-benefits-examples-and-choices/ www.secnews.physaphae.fr/article.php?IdArticle=1220058 False None None None McAfee Labs - Editeur Logiciel Everyday thousands of people receive emails with malicious attachments in their email inbox. Disguised as a missed payment or an invoice, a cybercriminal sender tries to entice a victim to open the document and enable the embedded macro. This macro then proceeds to pull in a whole array of nastiness and infect a victim's machine. […] ]]> 2019-07-17T04:00:05+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/mcafee-atr-aids-police-in-arrest-of-the-rubella-and-dryad-office-macro-builder-suspect/ www.secnews.physaphae.fr/article.php?IdArticle=1209796 False None None 2.0000000000000000 McAfee Labs - Editeur Logiciel Since early November 2018 McAfee Labs have observed a phishing kit, dubbed 16Shop, being used by malicious actors to target Apple account holders in the United States and Japan. Typically, the victims receive an email with a pdf file attached. An example of the message within the email is shown below, with an accompanying translation: […] ]]> 2019-07-12T13:00:01+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/16shop-now-targets-amazon/ www.secnews.physaphae.fr/article.php?IdArticle=1201918 False None None None McAfee Labs - Editeur Logiciel RDP on the Radar Recently, McAfee released a blog related to the wormable RDP vulnerability referred to as CVE-2019-0708 or “Bluekeep.” The blog highlights a particular vulnerability in RDP which was deemed critical by Microsoft due to the fact that it exploitable over a network connection without authentication. These attributes make it particularly 'wormable' – […] ]]> 2019-06-24T16:50:00+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/rdp-security-explained/ www.secnews.physaphae.fr/article.php?IdArticle=1171293 False Vulnerability None None McAfee Labs - Editeur Logiciel As this blog goes live, Eoin Carroll will be stepping off the stage at Hack in Paris having detailed the latest McAfee Advanced Threat Research (ATR) findings on Process Reimaging.  Admittedly, this technique probably lacks a catchy name, but be under no illusion the technique is significant and is worth paying very close attention to. […] ]]> 2019-06-20T16:04:04+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/why-process-reimaging-matters/ www.secnews.physaphae.fr/article.php?IdArticle=1165693 False Hack,Threat None None McAfee Labs - Editeur Logiciel Process Reimaging Overview The Windows Operating System has inconsistencies in how it determines process image FILE_OBJECT locations, which impacts non-EDR (Endpoint Detection and Response) Endpoint Security Solution's (such as Microsoft Defender Realtime Protection), ability to detect the correct binaries loaded in malicious processes. This inconsistency has led McAfee's Advanced Threat Research to develop a new […] ]]> 2019-06-20T16:00:01+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/in-ntdll-i-trust-process-reimaging-and-endpoint-security-solution-bypass/ www.secnews.physaphae.fr/article.php?IdArticle=1165694 False Threat None None McAfee Labs - Editeur Logiciel McAfee Advanced Threat Research recently released a blog detailing a vulnerability in the Mr. Coffee Coffee Maker with WeMo. Please refer to the earlier blog to catch up with the processes and techniques I used to investigate and ultimately compromise this smart coffee maker. While researching the device, there was always one attack vector that […] ]]> 2019-05-30T16:50:03+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/mr-coffee-with-wemo-double-roast/ www.secnews.physaphae.fr/article.php?IdArticle=1132861 False Vulnerability,Threat None None McAfee Labs - Editeur Logiciel A much overlooked but essential part in financially motivated (cyber)crime is making sure that the origins of criminal funds are obfuscated or made to appear legitimate, a process known as money laundering. 'Cleaning' money in this way allows the criminal to spend their loot with less chance of being caught. In the physical world, for […] ]]> 2019-05-22T14:57:04+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/crypto-currency-laundering-service-bestmixer-io-taken-down-by-law-enforcement/ www.secnews.physaphae.fr/article.php?IdArticle=1119842 False None None None McAfee Labs - Editeur Logiciel During Microsoft's May Patch Tuesday cycle, a security advisory was released for a vulnerability in the Remote Desktop Protocol (RDP). What was unique in this particular patch cycle was that Microsoft produced a fix for Windows XP and several other operating systems, which have not been supported for security updates in years. So why the […] ]]> 2019-05-21T21:09:03+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/rdp-stands-for-really-do-patch-understanding-the-wormable-rdp-vulnerability-cve-2019-0708/ www.secnews.physaphae.fr/article.php?IdArticle=1118793 False Vulnerability None None McAfee Labs - Editeur Logiciel Initial discovery Once again, we have seen a significant new ransomware family in the news. LockerGoga, which adds new features to the tried and true formula of encrypting victims' files and asking for payment to decrypt them, has gained notoriety for the targets it has affected. In this blog, we will look at the findings […] ]]> 2019-04-29T17:10:00+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/lockergoga-ransomware-family-used-in-targeted-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=1097056 False Ransomware None None McAfee Labs - Editeur Logiciel Effective malware is typically developed with intention, targeting specific victims using either known or unknown vulnerabilities to achieve its primary functions. In this blog, we will explore a vulnerability submitted by McAfee Advanced Threat Research (ATR) and investigate a piece of malware that recently incorporated similar vulnerabilities. The takeaway from this blog is the increasing […] ]]> 2019-04-18T20:14:02+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target/ www.secnews.physaphae.fr/article.php?IdArticle=1094125 False Malware,Vulnerability,Threat None None McAfee Labs - Editeur Logiciel 1. Introduction On March 1st, Google published an advisory [1] for a use-after-free in the Chrome implementation of the FileReader API (CVE 2019-5786). Clement Lecigne from Google Threat Analysis Group reported the bug as being exploited in the wild and targeting Windows 7, 32-bit platforms. The exploit leads to code execution in the Renderer process, […] ]]> 2019-03-20T22:36:01+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/analysis-of-a-chrome-zero-day-cve-2019-5786/ www.secnews.physaphae.fr/article.php?IdArticle=1073816 False Threat,Guideline None None McAfee Labs - Editeur Logiciel Earlier this month Check Point Research reported discovery of a 19 year old code execution vulnerability in the wildly popular WinRAR compression tool. Rarlab reports that that are over 500 million users of this program. While a patched version, 5.70, was released on February 26, attackers are releasing exploits in an effort to reach vulnerable […] ]]> 2019-03-14T19:00:05+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/attackers-exploiting-winrar-unacev2-dll-vulnerability-cve-2018-20250/ www.secnews.physaphae.fr/article.php?IdArticle=1070034 False Vulnerability None None McAfee Labs - Editeur Logiciel Email remains a top vector for attackers.  Over the years, defenses have evolved, and policy-based protections have become standard for email clients such as Microsoft Outlook and Microsoft Mail.  Such policies are highly effective, but only if they are maintained as attacker's keep changing their tactics to evade defenses.  For this reason, McAfee endpoint products […] ]]> 2019-03-04T02:00:02+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/mcafee-protects-against-suspicious-email-attachments/ www.secnews.physaphae.fr/article.php?IdArticle=1052081 False None None 5.0000000000000000 McAfee Labs - Editeur Logiciel The Adwind remote administration tool (RAT) is a Java-based backdoor Trojan that targets various platforms supporting Java files. For an infection to occur, the user must typically execute the malware by double-clicking on the .jar file that usually arrives as an email attachment. Generally, infection begins if the user has the Java Runtime Environment installed. […] ]]> 2019-03-01T16:00:01+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/java-vbs-joint-exercise-delivers-rat/ www.secnews.physaphae.fr/article.php?IdArticle=1048119 False Malware,Tool None None McAfee Labs - Editeur Logiciel 2019-02-25T10:10:04+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/your-smart-coffee-maker-is-brewing-up-trouble/ www.secnews.physaphae.fr/article.php?IdArticle=1040889 False None None 5.0000000000000000 McAfee Labs - Editeur Logiciel 2019-02-25T10:09:05+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/whats-in-the-box/ www.secnews.physaphae.fr/article.php?IdArticle=1040736 False None None None McAfee Labs - Editeur Logiciel In collaboration with Bill Siegel and Alex Holdtman from Coveware.   At the beginning of 2019, McAfee ATR published an article describing how the hasty attribution of Ryuk ransomware to North Korea was missing the point. Since then, collective industry peers discovered additional technical details on Ryuk's inner workings, the overlap between Ryuk and Hermes2.1, […] ]]> 2019-02-20T05:01:00+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/ryuk-exploring-the-human-connection/ www.secnews.physaphae.fr/article.php?IdArticle=1033426 False Ransomware None None McAfee Labs - Editeur Logiciel McAfee's Mobile Research team recently learned of a new malicious Android application masquerading as a plugin for a transportation application series developed by a South Korean developer. The series provides a range of information for each region of South Korea, such as bus stop locations, bus arrival times and so on. There are a total […] ]]> 2019-02-04T18:00:01+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/malbus-popular-south-korean-bus-app-series-in-google-play-found-dropping-malware-after-5-years-of-development/ www.secnews.physaphae.fr/article.php?IdArticle=1020147 False Malware None None McAfee Labs - Editeur Logiciel During our continuous hunt for new threats, we discovered a new ransomware family we call Anatova (based on the name of the ransom note). Anatova was discovered in a private peer-to-peer (p2p) network. After initial analysis, and making sure that our customers are protected, we decided to make this discovery public. Our telemetry showed that […] ]]> 2019-01-22T20:43:05+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/happy-new-year-2019-anatova-is-here/ www.secnews.physaphae.fr/article.php?IdArticle=1004371 False Ransomware None None McAfee Labs - Editeur Logiciel Microsoft recently patched a critical flaw in Internet Explorer's scripting engine that could lead to remote code execution. The vulnerability is being exploited in the wild and was originally reported by a researcher from Google's Threat Analysis Group. Microsoft released an out-of-band patch to fix the vulnerability before the normal patch cycle. McAfee products received […] ]]> 2019-01-10T23:27:02+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/ie-scripting-flaw-still-a-threat-to-unpatched-systems-analyzing-cve-2018-8653/ www.secnews.physaphae.fr/article.php?IdArticle=985842 False Vulnerability,Threat,Guideline None None McAfee Labs - Editeur Logiciel Senior analyst Ryan Sherstobitoff contributed to this report. During the past week, an outbreak of Ryuk ransomware shutting down newspaper printing services in the United States has garnered a lot of attention. To determine who was behind the attack many have cited past research that compares code from Ryuk with the older ransomware Hermes to […] ]]> 2019-01-07T23:59:01+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/ryuk-ransomware-attack-rush-to-attribution-misses-the-point/ www.secnews.physaphae.fr/article.php?IdArticle=979911 False Ransomware None None McAfee Labs - Editeur Logiciel Last week the McAfee Advanced Threat Research team posted an analysis of a new wave of Shamoon “wiper” malware attacks that struck several companies in the Middle East and Europe. In that analysis we discussed one difference to previous Shamoon campaigns. The latest version has a modular approach that allows the wiper to be used […] ]]> 2018-12-19T21:45:01+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/shamoon-attackers-employ-new-tool-kit-to-wipe-infected-systems/ www.secnews.physaphae.fr/article.php?IdArticle=955106 False Malware,Tool,Threat None None McAfee Labs - Editeur Logiciel The McAfee Advanced Threat Research team today published the McAfee® Labs Threats Report, December 2018. In this edition, we highlight the notable investigative research and trends in threats statistics and observations gathered by the McAfee Advanced Threat Research and McAfee Labs teams in Q3 of 2018. We are very excited to present to you new […] ]]> 2018-12-19T05:01:01+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/mcafee-labs-threats-report-examines-cybercriminal-underground-iot-malware-other-threats/ www.secnews.physaphae.fr/article.php?IdArticle=953582 False Threat None None McAfee Labs - Editeur Logiciel Destructive malware has been employed by adversaries for years. Usually such attacks are carefully targeted and can be motivated by ideology, politics, or even financial aims. Destructive attacks have a critical impact on businesses, causing the loss of data or crippling business operations. When a company is impacted, the damage can be significant. Restoration can […] ]]> 2018-12-14T20:32:04+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/shamoon-returns-to-wipe-systems-in-middle-east-europe/ www.secnews.physaphae.fr/article.php?IdArticle=946791 False Malware None None McAfee Labs - Editeur Logiciel This post was written with contributions from the McAfee Advanced Threat Research team.   The McAfee Advanced Threat Research team and McAfee Labs Malware Operations Group have discovered a new global campaign targeting nuclear, defense, energy, and financial companies, based on McAfee® Global Threat Intelligence. This campaign, Operation Sharpshooter, leverages an in-memory implant to download […] ]]> 2018-12-12T11:01:00+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/operation-sharpshooter-targets-global-defense-critical-infrastructure/ www.secnews.physaphae.fr/article.php?IdArticle=943038 False Malware,Threat None None McAfee Labs - Editeur Logiciel For the past 18 months, McAfee Labs has been investigating a pay-per-install developer, WakeNet AB, responsible for spreading prevalent adware such as Adware-Wajam and Linkury. This developer has been active for almost 20 years and recently has used increasingly deceptive techniques to convince users to execute its installers. Our report is now available online. During […] ]]> 2018-12-04T05:01:00+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/pay-per-install-company-deceptively-floods-market-with-unwanted-programs/ www.secnews.physaphae.fr/article.php?IdArticle=933372 False None None None McAfee Labs - Editeur Logiciel 2018-11-29T09:00:01+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/mcafee-labs-2019-threats-predictions/ www.secnews.physaphae.fr/article.php?IdArticle=925681 False None None None McAfee Labs - Editeur Logiciel 2018-11-13T05:01:01+00:00 https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/webcobra-malware-uses-victims-computers-to-mine-cryptocurrency/ www.secnews.physaphae.fr/article.php?IdArticle=894110 False Malware None None McAfee Labs - Editeur Logiciel Malware that attacks industrial control systems (ICS), such as the Stuxnet campaign in 2010, is a serious threat. This class of cyber sabotage can spy on, disrupt, or destroy systems that manage large-scale industrial processes. An essential danger in this threat is that it moves from mere digital damage to risking human lives. In this … ]]> 2018-11-08T23:45:02+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/triton-malware-spearheads-latest-generation-of-attacks-on-industrial-systems/ www.secnews.physaphae.fr/article.php?IdArticle=887673 False Malware,Threat None None McAfee Labs - Editeur Logiciel Alexandr Solad and Daniel Hatheway of Recorded Future are coauthors of this post. Rising from the deep, Kraken Cryptor ransomware has had a notable development path in recent months. The first signs of Kraken came in mid-August on a popular underground forum. In mid-September it was reported that the malware developer had placed the ransomware, … ]]> 2018-10-30T21:00:03+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/fallout-exploit-kit-releases-the-kraken-ransomware-on-its-victims/ www.secnews.physaphae.fr/article.php?IdArticle=871305 False Ransomware,Malware None None McAfee Labs - Editeur Logiciel The McAfee Mobile Research team recently found an active phishing campaign using text messages (SMS) that tricks users into downloading and installing a fake voice-message app which allows cybercriminals to use infected devices as network proxies without users' knowledge. If the fake application is installed, a background service starts a Socks proxy that redirects all … ]]> 2018-10-24T13:00:02+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/android-timpdoor-turns-mobile-devices-into-hidden-proxies/ www.secnews.physaphae.fr/article.php?IdArticle=860319 False None None None McAfee Labs - Editeur Logiciel A wall eight feet high with three strands of barbed wire is considered sufficient to deter a determined intruder, at least according to the advice offered by the CISSP professional certification. Although physical controls can be part of a multifaceted defense, an electronic attack affords the adversary time to develop the necessary tools to bypass … ]]> 2018-10-18T04:01:00+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/operation-oceansalt-delivers-wave-after-wave/ www.secnews.physaphae.fr/article.php?IdArticle=852806 False None APT 32 None McAfee Labs - Editeur Logiciel The GandCrab ransomware, which first appeared in January, has been updated rapidly during its short life, with Version 5.0.2 appearing this month. In this post we will examine the latest version and how the authors have improved the code (and in some cases have made mistakes). McAfee gateway and endpoint products are able to protect … ]]> 2018-10-10T23:29:01+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/rapidly-evolving-ransomware-gandcrab-version-5-partners-with-crypter-service-for-obfuscation/ www.secnews.physaphae.fr/article.php?IdArticle=841284 False Ransomware None None McAfee Labs - Editeur Logiciel Cyberattacks have always been, well, cyber. Their immediate effects were on our data, our digital information, and our devices…until they weren't. The interconnected nature of the world and the way it's built in 2018 has brought us exciting and revolutionary innovations, but it has also been leveraged by hackers to extend the impact of a … ]]> 2018-10-09T15:00:01+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/when-the-digital-impacts-the-physical/ www.secnews.physaphae.fr/article.php?IdArticle=838800 False None None None McAfee Labs - Editeur Logiciel As we look over some of the key issues from the newly released McAfee Labs Threats Report, we read terms such as voice assistant, blockchain, billing fraud, and cryptojacking. Although voice assistants fall in a different category, the other three are closely linked and driven by the goal of fast, profitable attacks that result in … ]]> 2018-09-25T04:00:04+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/mcafee-labs-threats-report-highlights-cryptojacking-blockchain-mobile-security-issues/ www.secnews.physaphae.fr/article.php?IdArticle=823054 False None None None McAfee Labs - Editeur Logiciel In response to the explosive increase in cryptomining campaigns in Q4 2017, the Cyber Threat Alliance has formed a cryptomining subcommittee to assess the threat. This committee comprises expert researchers from major cybersecurity companies, including McAfee. The committee has now released “The Illicit Cryptocurrency Joint Analysis,” an in-depth report on the current state of unlawful … ]]> 2018-09-19T13:00:03+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/cyber-threat-alliance-releases-analysis-of-illicit-cryptocurrency-mining/ www.secnews.physaphae.fr/article.php?IdArticle=815404 False Threat None None McAfee Labs - Editeur Logiciel Politics and ransomware. No, it's not a lost single from the Oasis back catalogue, but in fact a relatively recent tactic by ransomware developers looking to exploit the profiles of major politicians to install ransomware on victims' computers. Donald Trump, Angela Merkel, and now Barack Obama all serve as lures for the unsuspecting. Despite its … ]]> 2018-09-18T04:01:03+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/political-figures-differ-online-names-of-trump-obama-merkel-attached-to-ransomware-campaigns/ www.secnews.physaphae.fr/article.php?IdArticle=813259 False Ransomware None None McAfee Labs - Editeur Logiciel   Fortnite: Battle Royale is the hottest video game for kids right now. More than 125 million people have downloaded the game and it’s estimated that 3.4 million play it monthly. But while the last-man-standing battle game is a blast to play, it also has parents asking a lot of questions as their kids spend … ]]> 2018-09-15T14:00:03+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/why-kids-love-playing-fortnite-and-what-parents-need-to-know/ www.secnews.physaphae.fr/article.php?IdArticle=809551 False None None None McAfee Labs - Editeur Logiciel Today we are pleased to announce the grand opening of our dedicated research lab in the Hillsboro, Oregon, office near Portland. ]]> 2018-08-22T17:00:05+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/mcafee-opens-state-of-the-art-security-research-lab-in-oregon/ www.secnews.physaphae.fr/article.php?IdArticle=783039 False None None None McAfee Labs - Editeur Logiciel Eoin Carroll, Charles McFarland, Kevin McGrath, and Mark Bereza contributed to this report.  The Internet of Things promises to make our lives easier. Want to remotely turn lights and appliances on and off and monitor them online? A “smart plug,” a Wi-Fi–connected electric outlet, is one simple method. But IoT devices can turn into attack … ]]> 2018-08-21T04:01:03+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/insight-into-home-automation-reveals-vulnerability-in-simple-iot-product/ www.secnews.physaphae.fr/article.php?IdArticle=783040 False Vulnerability None None McAfee Labs - Editeur Logiciel The latest update to the McAfee® ePolicy Orchestrator® platform offers a new add-in to provide insight into the latest analysis carried out by McAfee Labs and the Advanced Threat Research team. ]]> 2018-08-14T21:49:02+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/mcafee-epo-platform-gains-insight-into-threat-research/ www.secnews.physaphae.fr/article.php?IdArticle=779831 False Threat None None McAfee Labs - Editeur Logiciel A locked Windows 10 device with Cortana enabled on the lock screen allows an attacker with physical access to the device to do two kinds of unauthorized browsing. ]]> 2018-08-14T17:31:04+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/microsoft-cortana-allows-browser-navigation-without-login-cve-2018-8253/ www.secnews.physaphae.fr/article.php?IdArticle=779832 False None None None McAfee Labs - Editeur Logiciel This research is a joint effort by Jay Rosenberg, senior security researcher at Intezer, and Christiaan Beek, lead scientist and senior principal engineer at McAfee. Intezer has also posted this story.  Attacks from the online groups Lazarus, Silent Chollima, Group 123, Hidden Cobra, DarkSeoul, Blockbuster, Operation Troy, and 10 Days of Rain are believed to … ]]> 2018-08-09T13:00:01+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/examining-code-reuse-reveals-undiscovered-links-among-north-koreas-malware-families/ www.secnews.physaphae.fr/article.php?IdArticle=773111 False Malware,Guideline,Medical,Cloud APT 38,APT 37 None McAfee Labs - Editeur Logiciel The GandCrab ransomware first appeared in January and has updated itself rapidly during its short life. It is the leading ransomware threat. The McAfee Advanced Threat Research team has reverse engineered Versions 4.0 through 4.2 of the malware. The first versions (1.0 and 1.1) of this malware had a bug that left the keys in … ]]> 2018-07-31T21:43:01+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/gandcrab-ransomware-puts-the-pinch-on-victims/ www.secnews.physaphae.fr/article.php?IdArticle=761104 False Ransomware,Malware,Threat,Guideline None None McAfee Labs - Editeur Logiciel McAfee Labs has noticed a significant shift by some actors toward using trusted Windows executables, rather than external malware, to attack systems. One of the most popular techniques is a “fileless” attack. Because these attacks are launched through reputable executables, they are hard to detect. Both consumers and corporate users can fall victim to this … ]]> 2018-07-26T13:00:03+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/cactustorch-fileless-threat-abuses-net-to-infect-victims/ www.secnews.physaphae.fr/article.php?IdArticle=754615 False Threat None None McAfee Labs - Editeur Logiciel How often do we get a chance to learn what goes on in the minds of cybercriminals? Two members of McAfee's Advanced Threat Research team recently did, as they attended a court case against two cybercriminal brothers. The brothers, Dennis and Melvin, faced a judge in Rotterdam, in the Netherlands. This case was one of … ]]> 2018-07-13T22:52:00+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/what-drives-a-ransomware-criminal-coinvault-developers-convicted-in-dutch-court/ www.secnews.physaphae.fr/article.php?IdArticle=744631 False Ransomware,Threat None None McAfee Labs - Editeur Logiciel English soccer fans have enthusiastically enjoyed the team's current run in the World Cup, as the tune “Three Lions” plays in their heads, while hoping to end 52 years of hurt. Meanwhile a recent spyware campaign distributed on Google Play has hurt fans of the beautiful game for some time. Using major events as social … ]]> 2018-07-12T13:00:04+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/google-play-users-risk-a-yellow-card-with-android-foulgoal-a/ www.secnews.physaphae.fr/article.php?IdArticle=741774 False None None None McAfee Labs - Editeur Logiciel Thanks to my colleague Christiaan Beek for his advice and contributions. While researching underground hacker marketplaces, the McAfee Advanced Threat Research team has discovered that access linked to security and building automation systems of a major international airport could be bought for only US$10. The dark web contains RDP shops, online platforms selling remote desktop … ]]> 2018-07-11T13:00:00+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/organizations-leave-backdoors-open-to-cheap-remote-desktop-protocol-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=740201 False Threat None None McAfee Labs - Editeur Logiciel Every four years, everyone's head around the globe turns toward the television. The Olympics, the World Cup – world events like these have all eyes viewing friendly competition between nations. Operating under such a big spotlight, these events have been heavily guarded by physical security to ensure no participants or attendees are harmed. But what about … ]]> 2018-07-03T18:28:03+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/cybercrime-in-the-spotlight-how-crooks-capitalize-on-cultural-events/ www.secnews.physaphae.fr/article.php?IdArticle=731234 False None None None McAfee Labs - Editeur Logiciel Are you tired yet of the music track “Despacito”? If you downloaded this ringtone app from Google Play, chances are your answer is a resounding Yes. But it gets worse: The McAfee Mobile Research team recently found 15 apps on Google Play that were uploaded by the AsiaHitGroup Gang. The ringtone app was one of … ]]> 2018-06-28T01:32:01+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/asiahitgroup-returns-with-new-billing-fraud-campaign/ www.secnews.physaphae.fr/article.php?IdArticle=726302 False None None None McAfee Labs - Editeur Logiciel The McAfee Mobile Research team has found a new billing-fraud campaign of at least 15 apps published in 2018 on Google Play. Toll fraud (which includes WAP billing fraud) is a leading category of potentially harmful apps on Google Play, according to the report Android Security 2017 Year in Review. This new campaign demonstrates that … ]]> 2018-06-28T01:31:05+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/asiahitgroup-gang-again-sneaks-billing-fraud-apps-onto-google-play/ www.secnews.physaphae.fr/article.php?IdArticle=726303 False Guideline None None McAfee Labs - Editeur Logiciel In the McAfee Labs Threats Report June 2018, published today, we share investigative research and threat statistics gathered by the McAfee Advanced Threat Research and McAfee Labs teams in Q1 of this year. We have observed that although overall new malware has declined by 31% since the previous quarter, bad actors are working relentlessly to … ]]> 2018-06-27T04:01:00+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/mcafee-labs-threats-report-spotlights-innovative-attack-techniques-cryptocurrency-mining-multisector-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=724818 False Malware,Threat None None McAfee Labs - Editeur Logiciel Time flies when you're fighting cybercrime. Now that's not exactly how the phrase goes, but for us at McAfee, it's hard to believe that we're already almost halfway through 2018. It seems like just yesterday we were predicting the types of cyberthreats we would see throughout this year with our McAfee Labs 2018 Threats Predictions … ]]> 2018-06-26T18:26:02+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/checking-in-halfway-the-mcafee-labs-2018-threats-predictions/ www.secnews.physaphae.fr/article.php?IdArticle=724300 False None None None McAfee Labs - Editeur Logiciel Every week we read about adversaries attacking their targets as part of online criminal campaigns. Information gathering, strategic advantage, and theft of intellectual property are some of the motivations. Besides these, we have seen during the past two years an increase in attacks in which adversaries are not shy of leaving a trail of destruction. … ]]> 2018-06-19T04:01:02+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/apply-mitres-attck-model-to-check-your-defenses/ www.secnews.physaphae.fr/article.php?IdArticle=711592 False None None None McAfee Labs - Editeur Logiciel The McAfee Labs Advanced Threat Research team has been investigating the Windows 10 platform. We have submitted several vulnerabilities already and have disclosed our research to Microsoft. Please refer to our vulnerability disclosure policy for further details or the post from earlier this week on Windows 10 Cortana vulnerabilities. Early last year, a trivial “information leak” … ]]> 2018-06-14T21:34:01+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/unintended-clipboard-paste-function-in-windows-10-leads-to-information-leak-in-rs1/ www.secnews.physaphae.fr/article.php?IdArticle=705865 False None None None McAfee Labs - Editeur Logiciel On May 19 researchers discovered a series of vulnerabilities in the blockchain-based EOS platform that can lead to remote control over participating nodes. Just four days prior, a mining pool server for the IOT platform HDAC was compromised, impacting the vast majority of miners. In January the largest-ever theft of cryptocurrencies occurred against the exchange … ]]> 2018-06-13T13:01:02+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/threat-report-dont-join-blockchain-revolution-without-ensuring-security/ www.secnews.physaphae.fr/article.php?IdArticle=705866 False Guideline None None McAfee Labs - Editeur Logiciel June's “Patch Tuesday” (June 12) is here, but it is likely many Windows 10 users have not yet applied these updates. ]]> 2018-06-12T17:15:02+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/want-to-break-into-a-locked-windows-10-device-ask-cortana-cve-2018-8140/ www.secnews.physaphae.fr/article.php?IdArticle=705867 False None None None McAfee Labs - Editeur Logiciel VPNFilter, a botnet-controlled malware that infects networking devices, was first documented by researchers from Cisco Talos. McAfee Labs also published a blog on May 23 with some initial information. In our last post we discussed the three stages of infection and the devices affected by the malware, and how it can maintain a persistent presence … ]]> 2018-06-06T15:42:02+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/vpnfilter-malware-adds-capabilities-to-exploit-endpoints/ www.secnews.physaphae.fr/article.php?IdArticle=705868 False None VPNFilter None McAfee Labs - Editeur Logiciel VPNFilter is a botnet with capabilities to support both intelligence collection and destructive cyberattack operations. The Cisco Talos team recently notified members of the Cyber Threat Alliance (CTA) of its findings and published this blog. ]]> 2018-05-23T21:28:02+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/vpnfilter-botnet-targets-networking-devices/ www.secnews.physaphae.fr/article.php?IdArticle=705869 False None VPNFilter None McAfee Labs - Editeur Logiciel In early May, researchers disclosed a Mobile malware campaign by a group focused on Middle Eastern targets. This actor was found to be an evolving and sophisticated group using fake Android apps, namely Telegram, to trick users into installing malicious software. They have been active since 2015 and evolved over several campaigns into 2018. On … ]]> 2018-05-21T22:00:02+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/its-a-zoo-out-there-data-analysis-of-alleged-zoopark-dump/ www.secnews.physaphae.fr/article.php?IdArticle=705870 False None None None McAfee Labs - Editeur Logiciel Earlier this year, McAfee researchers predicted in the McAfee Mobile Threat Report that we expect the number of targeted attacks on mobile devices to increase due to their ubiquitous growth combined with the sophisticated tactics used by malware authors. ]]> 2018-05-17T13:31:05+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/malware-on-google-play-targets-north-korean-defectors/ www.secnews.physaphae.fr/article.php?IdArticle=705871 False None None None McAfee Labs - Editeur Logiciel McAfee's Advanced Threat Research team has performed analysis on samples of Syn/Ack ransomware implementing Process Doppelgänging.  For those who are concerned about the potential impact of this ransomware but are currently unable to implement McAfee product protections, we have found a simple but interesting alternative method.  Prior to encryption and ransom, the malware first checks … ]]> 2018-05-11T20:00:01+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/syn-ack-unique-proactive-protection-technique/ www.secnews.physaphae.fr/article.php?IdArticle=705872 False None None None McAfee Labs - Editeur Logiciel That adversaries adopt new techniques is a known fact. However, the speed they include new innovative techniques to bypass end-point security and or evade sandboxing appears to be at an ever-increasing pace. Indeed, adversary adoption is often faster than the InfoSec industry can implement and test effective countermeasures. For example, in December 2017, a tool … ]]> 2018-05-11T15:00:04+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/mcafee-protects-against-doppelganging-technique/ www.secnews.physaphae.fr/article.php?IdArticle=705873 False None None None McAfee Labs - Editeur Logiciel McAfee Advanced Threat Research analysts have uncovered a global data reconnaissance campaign assaulting a wide number of industries including critical infrastructure, entertainment, finance, health care, and telecommunications. This campaign, dubbed Operation GhostSecret, leverages multiple implants, tools, and malware variants associated with the state-sponsored cyber group Hidden Cobra. The infrastructure currently remains active. In this post, … ]]> 2018-04-25T04:01:02+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/analyzing-operation-ghostsecret-attack-seeks-to-steal-data-worldwide/ www.secnews.physaphae.fr/article.php?IdArticle=705875 True Medical APT 38 None McAfee Labs - Editeur Logiciel McAfee Advanced Threat Research analysts have uncovered a global data reconnaissance campaign assaulting a wide number of industries including critical infrastructure, entertainment, finance, health care, and telecommunications. This campaign, dubbed Operation GhostSecret, leverages multiple implants, tools, and malware variants associated with the state-sponsored cyber group Hidden Cobra. The infrastructure currently remains active. (For an extensive … ]]> 2018-04-25T04:01:02+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/global-malware-campaign-pilfers-data-from-critical-infrastructure-entertainment-finance-health-care-and-other-industries/ www.secnews.physaphae.fr/article.php?IdArticle=705874 True Medical APT 38 None McAfee Labs - Editeur Logiciel This post was researched and written with the assistance of Tim Hux, Abhishek Karnik, Asheer Malhotra, and Steve Povolny McAfee Advanced Threat Research team analysts have studied Adobe Flash Player for years because it is a popular target for attacks. As always, we advise customers to remain current with McAfee's latest DAT versions. In this … ]]> 2018-04-17T13:00:00+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/despite-decline-use-adobe-flash-vulnerabilities-will-continue-cause-concern/ www.secnews.physaphae.fr/article.php?IdArticle=705876 False None None None McAfee Labs - Editeur Logiciel The authors thank John Fokker and Marcelo CaroVargas for their contributions and insights. In our upcoming talk at the Cloud Security Alliance Summit at the RSA Conference, we will focus our attention on the insecurity of cloud deployments. We are interested in whether attackers can use compromised cloud infrastructure as viable backup resources as well … ]]> 2018-04-16T16:00:04+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/cloud-clustering-vulnerable-to-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=705877 False None None None McAfee Labs - Editeur Logiciel The increasing popularity of cryptocurrencies has inspired some people to pursue coin mining, essentially making money online. (Mining is the processing of transactions in the digital currency system, in which new transactions are recorded in a digital ledger called the blockchain. Miners help to update the ledger to verify and collect new transactions to be … ]]> 2018-04-11T16:00:01+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/parasitic-coin-mining-creates-wealth-destroys-systems/ www.secnews.physaphae.fr/article.php?IdArticle=705878 False None None None McAfee Labs - Editeur Logiciel The McAfee Advanced Threat Research team recently published an article about threats to automobiles on the French site JournalAuto.com. Connected cars are growing rapidly in number and represent the next big step in personal transportation. ]]> 2018-03-27T19:30:03+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/todays-connected-cars-vulnerable-hacking-malware/ www.secnews.physaphae.fr/article.php?IdArticle=705879 False None None 4.0000000000000000 McAfee Labs - Editeur Logiciel McAfee Labs has recently observed a new variant of ransomware that relies on the open-source program GNU Privacy Guard (GnuPG) to encrypt data. GnuPG is a hybrid-encryption software program that uses a combination of conventional symmetric-key cryptography for speed and public-key cryptography to ease the secure key exchange. Although ransomware using GnuPG to encrypt files … ]]> 2018-03-19T20:29:01+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/ransomware-takes-open-source-path-encrypts-gnu-privacy-guard/ www.secnews.physaphae.fr/article.php?IdArticle=705880 False None None 5.0000000000000000 McAfee Labs - Editeur Logiciel Today McAfee published the McAfee Labs Threats Report: March 2018. The report looks into the growth and trends of new malware, ransomware, and other threats in Q4 2017. McAfee Labs saw on average eight new threat samples per second, and the increasing use of fileless malware attacks leveraging Microsoft PowerShell. The Q4 spike in Bitcoin value prompted cybercriminals to focus on cryptocurrency hijacking through a variety of methods, including malicious Android apps. ]]> 2018-03-12T04:03:03+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/mcafee-labs-threats-report-examines-cryptocurrency-hijacking-ransomware-fileless-malware/ www.secnews.physaphae.fr/article.php?IdArticle=705882 False None None 3.0000000000000000 McAfee Labs - Editeur Logiciel Those who have successfully gained access to medical data have been well rewarded for their efforts. One seller stated in an interview that “someone wanted to buy all the … records specifically,” claiming that the effort had netted US$100,000. ]]> 2018-03-12T04:02:02+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/mcafee-researchers-find-poor-security-exposes-medical-data-to-cybercriminals/ www.secnews.physaphae.fr/article.php?IdArticle=705883 False None None 2.0000000000000000 McAfee Labs - Editeur Logiciel In December 2017 Bitcoin values skyrocketed, peaking at the unprecedented amount of roughly US$19,000 per coin. Unsurprisingly, the market for cryptocurrencies exploded in response. Investors, companies, and even the public found a fresh interest in digital currencies. However, the exciting change in Bitcoin value did not just influence your average wealth seeker. It also influenced … ]]> 2018-03-12T04:01:05+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/mcafee-researchers-analyze-dark-side-of-cryptocurrency-craze-its-effect-on-cybercrime/ www.secnews.physaphae.fr/article.php?IdArticle=705884 False None None 4.0000000000000000 McAfee Labs - Editeur Logiciel This post was prepared with contributions from Asheer Malhotra, Charles Crawford, and Jessica Saavedra-Morales.  On February 28, the McAfee Advanced Threat Research team discovered that the cybercrime group Hidden Cobra continues to target cryptocurrency and financial organizations. In this analysis, we observed the return of Hidden Cobra's Bankshot malware implant surfacing in the Turkish financial … ]]> 2018-03-08T14:00:03+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/hidden-cobra-targets-turkish-financial-sector-new-bankshot-implant/ www.secnews.physaphae.fr/article.php?IdArticle=705885 False Medical APT 38 3.0000000000000000 McAfee Labs - Editeur Logiciel The number of Flash Player exploits has recently declined, due to Adobe's introduction of various measures to strengthen Flash's security. Occasionally, however, an exploit still arises. On January 31, Kr-Cert reported a zero-day vulnerability, identified as CVE-2018-4878, being exploited in the field. (Adobe has released an update to fix this flaw.) We analyzed this vulnerability … ]]> 2018-03-02T19:17:04+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/hackers-bypassed-adobe-flash-protection-mechanism/ www.secnews.physaphae.fr/article.php?IdArticle=705886 False None None 4.0000000000000000 McAfee Labs - Editeur Logiciel This post was written with contributions from Jessica Saavedra-Morales, Thomas Roccia, and Asheer Malhotra.  McAfee Advanced Threat Research analysts have discovered a new operation targeting humanitarian aid organizations and using North Korean political topics as bait to lure victims into opening malicious Microsoft Word documents. Our analysts have named this Operation Honeybee, based on the … ]]> 2018-03-02T13:00:01+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/mcafee-uncovers-operation-honeybee-malicious-document-campaign-targeting-humanitarian-aid-groups/ www.secnews.physaphae.fr/article.php?IdArticle=705887 False None None 2.0000000000000000 McAfee Labs - Editeur Logiciel At the end of January, the Netherlands was plagued by distributed denial of service (DDoS) attacks targeting various financial institutions, tech sites, and the Dutch tax authorities. At the time of the attacks it was unclear who was responsible, and this led to speculation among security experts. Coincidentally, the attacks started a few days after … ]]> 2018-02-22T20:00:01+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/ddos-attacks-netherlands-reveal-teen-gamers-troublesome-path/ www.secnews.physaphae.fr/article.php?IdArticle=705888 False None None 3.0000000000000000 McAfee Labs - Editeur Logiciel The McAfee Advanced Threat Research team recently analyzed a ransomware-as-a-service threat that is available for free and without registration. This malware was first seen in July 2017 with the extension .shifr. It has now appeared in recent detections with the extension .cypher. Ransomware-as-a-Service Ransomware-as-a-service is a cybercrime economic model that allows malware developers to earn money … ]]> 2018-02-16T19:31:01+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/free-ransomware-available-dark-web/ www.secnews.physaphae.fr/article.php?IdArticle=705889 False None None 4.0000000000000000 McAfee Labs - Editeur Logiciel McAfee Advanced Threat Research analysts have discovered a campaign targeting organizations involved with the Pyeongchang Olympics. Attached in an email was a malicious Microsoft Word document with the original file name 농식품부, 평창 동계올림픽 대비 축산악취 방지대책 관련기관 회의 개최.doc (“Organized by Ministry of Agriculture and Forestry and Pyeongchang Winter Olympics”). The primary target of … ]]> 2018-01-06T17:00:03+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/malicious-document-targets-pyeongchang-olympics/ www.secnews.physaphae.fr/article.php?IdArticle=705894 False None None 4.0000000000000000 McAfee Labs - Editeur Logiciel In our recent research, we interviewed the actors behind ransomware campaigns. One of the interesting findings was cybercriminals seemed to have a sense of absolute safety when conducting criminal operations. Cybercrime is an area of crime like no other, perceived as low-risk with high returns, which contributes greatly to its rapid growth. ]]> 2017-12-20T12:00:03+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/advanced-threat-research/ www.secnews.physaphae.fr/article.php?IdArticle=705896 False None None 3.0000000000000000 McAfee Labs - Editeur Logiciel During the preparations for our keynotes at McAfee's recent MPOWER conference, we brainstormed a few topics we wanted to share with the audience. Ransomware was definitely on our agenda, but so much has already been said and written on the subject. What could we add that would be interesting? We hit on the angle: to … ]]> 2017-12-18T05:02:03+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/looking-into-the-world-of-ransomware-actors-reveals-some-surprises/ www.secnews.physaphae.fr/article.php?IdArticle=705898 False None None 4.0000000000000000 McAfee Labs - Editeur Logiciel In the third quarter of 2017, McAfee Labs reports all-time highs of new and total malware. What is causing the increasing numbers of malware that are submitted to us at an average rate of four new malware samples per second? One major trend that continues in Q3 is the abuse of Microsoft Office–related exploits and … ]]> 2017-12-18T05:01:03+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/mcafee-labs-reports-all-time-highs-for-malware-in-latest-count/ www.secnews.physaphae.fr/article.php?IdArticle=705899 False None None 2.0000000000000000 McAfee Labs - Editeur Logiciel Underground cybercrime profits in China have likely already exceeded US$15.1 billion (100 billion Chinese yuan); caused more than $13.8 billion (91.5 billion yuan) worth of damage relating to data loss, identity theft, and fraud; and will grow at an even faster pace as underground hackers expand international business operations to increasingly target foreign businesses, according … ]]> 2017-12-13T22:00:02+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/chinese-cybercriminals-develop-lucrative-hacking-services/ www.secnews.physaphae.fr/article.php?IdArticle=705900 False None None 5.0000000000000000 McAfee Labs - Editeur Logiciel During the past couple of days, we have seen an increase in activity from Emotet. This Trojan downloader spreads by emails that lure victims into downloading a Word document, which contains macros that after executing employ PowerShell to download a malicious payload. We have observed Emotet downloading a variety of payloads, including ransomware, Dridex, Trickbot, … ]]> 2017-12-06T23:00:02+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/emotet-downloader-trojan-returns-in-force/ www.secnews.physaphae.fr/article.php?IdArticle=705901 False None None 2.0000000000000000 McAfee Labs - Editeur Logiciel Welcome to the McAfee Labs 2018 Threats Predictions Report. We find ourselves in a highly volatile stage of cybersecurity, with new devices, new risks, and new threats appearing every day. In this edition, we have polled thought leaders from McAfee Labs and the Office of the CTO. They offer their views on a wide range of threats, including machine learning, ransomware, serverless apps, and privacy issues. ]]> 2017-11-29T08:01:05+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/2018-threats-predictions/ www.secnews.physaphae.fr/article.php?IdArticle=705902 False Guideline None 5.0000000000000000 McAfee Labs - Editeur Logiciel I am a wry observer of vulnerability announcements. CVE-2017-3735-which can allow a small buffer overread in an X.509 certificate-presents an excellent example of the limitations of the Common Vulnerability Scoring System (CVSS). This scoring system is the de facto security industry standard for calculating and exchanging information about the severity of vulnerabilities. The problem is … ]]> 2017-11-24T14:00:05+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/dont-substitute-cvss-for-risk-scoring-system-inflates-importance-of-cve-2017-3735/ www.secnews.physaphae.fr/article.php?IdArticle=705904 False None None 4.0000000000000000 McAfee Labs - Editeur Logiciel The McAfee Mobile Research team recently examined a new threat, Android malware that contains a backdoor file in the executable and linkable format (ELF). The ELF file is similar to several executables that have been reported to belong to the Lazarus cybercrime group. (For more on Lazarus, read this post from our Advanced Threat Research … ]]> 2017-11-20T12:00:03+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/android-malware-appears-linked-to-lazarus-cybercrime-group/ www.secnews.physaphae.fr/article.php?IdArticle=705907 False None APT 38 5.0000000000000000 McAfee Labs - Editeur Logiciel McAfee Advanced Threat Research on Most Hackable Gifts You've probably noticed the recent increase in Internet connected drones, digital assistants, toys, appliances and other devices hitting the market and maybe even showing up in your own home. The sale of these “Internet-of-Things” (IoT) devices is expected to reach 600 million units this year and, unfortunately, … ]]> 2017-11-16T17:17:01+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/iot-devices-gift-keeps-giving-hackers/ www.secnews.physaphae.fr/article.php?IdArticle=705908 False None None 2.0000000000000000 McAfee Labs - Editeur Logiciel This blog post was co-written by Michael Rea. During our monitoring of activities around the APT28 threat group, McAfee Advanced Threat Research analysts identified a malicious Word document that appears to leverage the Microsoft Office Dynamic Data Exchange (DDE) technique that has been previously reported by Advanced Threat Research. This document likely marks the first … ]]> 2017-11-07T18:00:00+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/apt28-threat-group-adopts-dde-technique-nyc-attack-theme-in-latest-campaign/ www.secnews.physaphae.fr/article.php?IdArticle=705910 False None APT 28 4.0000000000000000 McAfee Labs - Editeur Logiciel This blog was co-written by Ramnath Venugopalan. In many organizations the use of self-signed certificates is forbidden by policy. Organizations may ban the use of self-signed certificates for several reasons: It is trivially easy to generate a certificate's key pair without reasonable entropy, to fail protect the private key of the key pair appropriately to … ]]> 2017-11-03T19:00:00+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/self-signed-certificates-secure-so-why-ban/ www.secnews.physaphae.fr/article.php?IdArticle=705911 False None None 3.0000000000000000 McAfee Labs - Editeur Logiciel The McAfee Mobile Research team recently found pirated applications of popular apps distributed on the Google Play store. A pirated app is one distributed usually outside of the official store as a free version of a legitimate app. Paid legitimate applications are leading targets of pirated versions. In this case, however, we found pirated copies … ]]> 2017-11-01T13:00:05+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/pirated-android-apps-abuse-virtualization-to-pose-as-legitimate/ www.secnews.physaphae.fr/article.php?IdArticle=705912 False Guideline None 3.0000000000000000 McAfee Labs - Editeur Logiciel File infector malware adds malicious code to current files. This makes removal tricky because deleting infections results in the loss of legitimate files. Although file infectors were more popular in the 1990s and early 2000s, they still pose a significant threat. The complex disinfection process is usually leveraged by malware authors to ensure systems stay … ]]> 2017-10-31T13:00:02+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/expiro-infects-encrypts-files-to-complicate-repair/ www.secnews.physaphae.fr/article.php?IdArticle=705913 False None None 4.0000000000000000 McAfee Labs - Editeur Logiciel Microsoft Office macros are a popular method of distributing malware. Users can defend themselves against macro attacks by disabling macros. McAfee Labs has now seen a new attack technique using a feature of Office applications that help create dynamic reports. In this post we will explain this technique and offer a method to prevent the … ]]> 2017-10-27T13:00:04+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/configuring-mcafee-ens-and-vse-to-prevent-macroless-code-execution-in-office-apps/ www.secnews.physaphae.fr/article.php?IdArticle=705914 False None None 4.0000000000000000 McAfee Labs - Editeur Logiciel Email phishing campaigns are a popular social engineering technique among hackers. The idea is simple: Craft an email that looks enticing to users and convince them to click on a malicious link or open a malicious attachment. Weight-loss and other health-related phishing emails are common. Package deliveries, bank notices and, in the case of spear … ]]> 2017-10-27T12:59:04+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/code-execution-technique-takes-advantage-of-dynamic-data-exchange/ www.secnews.physaphae.fr/article.php?IdArticle=705915 False None None 3.0000000000000000 McAfee Labs - Editeur Logiciel McAfee Labs has performed frequent analyses of Office-related threats over the years: In 2015, we presented research on the Office OLE mechanism; in 2016 at the BlueHat conference, we looked at the high-level attack surface of Office; and this year at the SYSCAN360 Seattle conference, we presented deep research on the critical Office “Moniker” zero-day vulnerabilities. … ]]> 2017-10-26T13:00:02+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/analyzing-microsoft-office-zero-day-exploit-cve-2017-11826-memory-corruption-vulnerability/ www.secnews.physaphae.fr/article.php?IdArticle=705916 False None None None McAfee Labs - Editeur Logiciel This post was researched and written by Christiaan Beek, Tim Hux, David Marcus, Charles McFarland, Douglas McKee, and Raj Samani. McAfee is currently investigating a ransomware campaign known as BadRabbit, which initially infected targets in Russia and the Ukraine. We are also investigating reports of infected systems in Germany, Turkey, and Bulgaria and will provide updates … ]]> 2017-10-24T22:31:04+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/badrabbit-ransomware-burrows-russia-ukraine/ www.secnews.physaphae.fr/article.php?IdArticle=705917 False None None None