Recently we have seen a spike in a Visual Basic 6-compiled AutoRun worm family. The family is both client- and server-side polymorphic. (For more on this family, refer to our VIL and Advisory entri
Author: McAfee Labs
The winter of 2013 seems to be “zero-day” season. Right after my colleague Haifei Li analyzed the powerful Flash zero day last week, Adobe sent a security alert for another zero-day att
On February 7, Adobe issued a security bulletin warning of zero-day attacks that leverage two Flash vulnerabilities. One (CVE-2013-0634) is related to ActionScript regular expression handling. (Som
Almost exactly one year ago, Google announced the addition of a “new layer to Android security,” a service codenamed Bouncer that was intended to provide automated scanning of the Andro