Search results for 'app:weblogs' matching tag 'McAfee Security'

McAfee's spam report for July

jubo — Mon, 06 Jul 2009 05:00:00 GMT

Today McAfee published its spam report for the month of July with the top 15 spam subject lines by domain. For instance for the .COM domain it gives you this:

Hello
Hi
RE: DISCOUNT 80% 0FF on Pfizer !
Replica Watches
Undelivered Mail Returned to Sender

For more information and other Top 15 subject lines for each major domain (.ORG, .UK, .CN, etc.), as well as the rest of McAfee’s July Spam Report, see McAfee's Avert Labs Blog.

McAfee's Security Journal

jubo — Wed, 29 Oct 2008 05:00:00 GMT

Two weeks ago McAfee released their 5th issue of the McAfee Security Journal, formerly known as "Sage". In this issue it's about social engineering techniques. You can download your copy here.

Olympic attachment?

jubo — Fri, 08 Aug 2008 05:00:00 GMT

Not only the Olympic games have started, but also the malware games related to the Olympics. One of the latest is that if you receive an attachment named as: "ioc_guidelines_for_persons_accredited_at_the_xxix_olympiad.pdf" then delete this immediately. If you open it then it could execute a malicious JavaScript that exploits a patched Adobe Reader vulnerability. And it follows to install a backdoor detected as BackDoor-DMG.

McAfee has named this one: "Exploit-PDF.b"; for more detailed information about it check this article: Exploit-PDF.b.

Aliases:

EXPL_PIDIEF.O (TrendMicro)
Trojan.Pidief.C (Symantec)

If you do not have Adobe Reader version 9 installed, then you can download it from the Adobe Download. Unfortunately it comes with Adobe AIR, which you can uninstall through Windows "Add/Remove Programs". Also, during the installation process you might want to uncheck the option to install the Google toolbar.

McAfee's 5300 Scan Engine Released

jubo — Fri, 01 Aug 2008 05:00:00 GMT

Few days ago McAfee released a new version of their VirusScan Scan Engine. So far only for corporate versions like VSE8.0i and/or VSE8.5i.

You can download it from the McAfee Enterprise download site.

Let The (malware) Games Begin...

jubo — Tue, 15 Apr 2008 05:00:00 GMT

Few days ago the McAfee Avert Labs received an email with a executable flash movie. The attachment was called: "RaceForTibet.exe", which eventually seems to be a keylogger program. Even a log file is being send to a provider in China.

Just want to warn you: never open or run a file that you get from (un)known people. Keep your Windows updated and/or check your version at Microsoft Update, keep your antivirus and/or antispyware updated.

For more (technical) details about the above keylogger program see this topic: Is Malware Writing the Next Olympic Event?

McAfee, Inc. Launches Global S.P.A.M. Experiment

jubo — Wed, 02 Apr 2008 05:00:00 GMT

McAfee, Inc. today announced the launch of its global S.P.A.M. (Spammed Persistently All Month) Experiment. For the month of April, participants from around the world - ranging from homemakers, government executives, and students to retirees - will surf the Web, make online purchases and register for promotions. Participants have been provided with a clean laptop without spam protection and a new email address. Beginning today, they will blog about their experiences daily at http://www.mcafee.com/spamexperiment.

With a proven link between spam and cybercrime, the experiment aims to show the devastating effects of spam.

To track the daily progress of the S.P.A.M. Experiment and read reports from the participants, please visit http://www.mcafee.com/spamexperiment.

Source: McAfee.com

Mass Hack Attack

jubo — Fri, 14 Mar 2008 05:00:00 GMT

Really cool video at the McAfee's Avert Labs blog site about the latest mass hack attack at phpBB web sites. See how it looks like from an end user's perspective: Mass Hack Attack.

Source: McAfee Avert Labs Blog.

WinCE/InfoJack - Trojan disables Windows Mobile Application Installation Security

jubo — Wed, 27 Feb 2008 06:00:00 GMT

From: McAfee Avert Labs Blog

"A Window Mobile PocketPC trojan that disables Windows Mobile application installation security has been discovered in China.
WinCE/InfoJack sends the infected device’s serial number, operating system and other information to the author of the trojan. It also leaves the infected mobile device vulnerable by allowing silent installation of malware. The trojan modifies the infected device’s security setting to allow unsigned applications to be installed without a warning."

Latest antivirus test results

jubo — Wed, 23 Jan 2008 06:00:00 GMT

McAfee not doing so well, Microsoft doing okay. Check out Alex Eckelberry, from Sunbelt, blog with the latest results from Andreas Marx of Av-Test.org. Links to PDF files with the results in the article.

McAfee Trojan Redirect Issue

jubo — Fri, 28 Dec 2007 06:00:00 GMT

Some McAfee customers are redirected to a non-McAfee website or receive an error or blank page when attempting to download or update McAfee software

Summary: on 12/27/07, McAfee learned that a new variant of the DNSChanger Trojan has been released and is infecting computers. This Trojan, which has yet to be named, is affecting a number of security and Internet companies, including McAfee. McAfee has already identified a solution.

Description:

If your system is infected with this Trojan, you may find that your Web browser and other applications which use the Internet are unable to access the intended site, and are instead redirected to unwanted websites or receive a page cannot be displayed error. These errors occur when you attempt to update or install McAfee consumer products or access McAfee websites. The affected McAfee consumer products include McAfee Total Protection, McAfee Internet Security Suite, and McAfee VirusScan Plus.
If you are a new customer and are trying to install McAfee software, the unwanted site may be displayed within the McAfee Download Manager window.
Existing customers may find that product updates fail, and will be unable to receive the latest Virus Definition (DAT) files.

If you are unsure if you are infected, please follow the steps below to verify:

Click on Start, Run, and type cmd.exe.
In the command prompt window, type:

ipconfig /all
If your DNS Servers address displays 85.255.116.189 or 85.255.113.44 your computer has been infected and you should continue to the steps below.

If your DNS Servers do not display 85.255.116.189 or 85.255.113.44, then your computer has not been affected by this Trojan, and you do not need to continue.

Windows Vista computers:

Click Start, Search, type cmd.exe, and press ENTER.
In the Search Results window, right-click cmd.exe and select Run As Administrator.
In the command prompt window, type:

ipconfig /all
Press ENTER.
If your DNS Servers address displays 85.255.116.189 or 85.255.113.44 your computer has been infected and you should continue to the steps below.

If your DNS Servers do not display 85.255.116.189 or 85.255.113.44, then your computer has not been affected by this Trojan, and you do not need to continue.

Solution:

IMPORTANT: You must follow all of the steps below to receive the DAT update which will clean this infection upon the execution of a scan.

Step 1 - Clear the IP Stack

Click Start, Run, type cmd, and press ENTER.
In the command prompt window, type:
netsh int ip reset reset.log
Press ENTER.
Close the command prompt window.

For Windows Vista computers:

Click Start, Search, type cmd.exe, and press ENTER.
In the Search Results window, right-click cmd.exe and select Run As Administrator.
In the command prompt window, type:
netsh int ip reset reset.log
Press ENTER.
Close the command prompt window.

If you are unable to access the Internet or update your McAfee products after performing these steps, see Manually clearing the IP Stack under Additional Information.

Step 2 - Update and scan your system

Right-click the M icon in your taskbar.
Select Updates.
After the update completes, right-click the M icon in your taskbar and select Scan.

Your McAfee consumer product will detect and remove the Trojan.

Source: McAfee FAQs DocumentID: 307223