McAfee Mobile Research Team discovered a new Android backdoor dubbed Xamalicious that can take full control of the device and perform fraudulent actions. The malware has been implemented with Xamarin, an open-source framework that allows building Android and iOS apps with .NET and C#. Xamalicious relies on social engineering to gain accessibility privileges, then it…

With a total install base of over 1.4 million, the extensions can modify cookies on ecommerce websites so that their creator receives affiliate payments for the purchased items, without the victim’s knowledge. The five malicious extensions help users watch Netflix shows together (Netflix Party and Netflix Party 2, with a combined install base of 1.1…

McAfee released a report examining cybercriminal activity related to malware and the evolution of cyber threats in Q2 2020. During this period, there was an average of 419 new threats per minute as overall new malware samples grew by 11.5%. A significant proliferation in malicious Donoff Microsoft Office documents attacks propelled new PowerShell malware up…

Determining the true impact of a cyber attack has always and will likely be one of the most challenging aspects of this technological age. In an environment where very limited transparency on the root cause and the true impact is afforded we are left with isolated examples to point to the direct cost of a…

Hackers are using hidden mobile apps, third-party login and counterfeit gaming videos to target consumers, according to McAfee. Last year, hackers targeted consumers with a wide variety of methods, from backdoors to mining cryptocurrencies. Hackers have expanded the ways of hiding their attacks, making them increasingly difficult to identify and remove, which makes it seem…

IaaS is now the fastest growing area of the cloud due to the speed, cost and reliability with which organizations can create and deploy applications, according to McAfee. The results of the survey demonstrate that 99 percent of IaaS misconfigurations go unnoticed—indicating awareness around the most common entry point to new “Cloud-Native Breaches” (CNB) is…

There was a time when companies were hesitant about their IT and security teams using automation to discharge some of their duties. “I think much of that was due to the feeling that if a task was automated and something went wrong, IT was not in control and did not have as much visibility,” Candace…