Charles McFarland

Charles McFarland is a Senior Research Scientist. He has been working in the security industry since 2006, focusing on technical training and specialized in encryption technologies before moving on to threat intelligence research. In past research, he has focused on underground markets, and actor behavior. Currently, he is focused on Ransomware campaigns and the actors behind them.

Twitter: @CGMcFarland

Subscribe to Charles McFarland Blogs

More from Charles McFarland

McAfee Labs

Jet Database Engine Flaw May Lead to Exploitation: Analyzing CVE-2018-8423

In September 2018, the Zero Day Initiative published a proof of concept for a vulnerability in Microsoft’s Jet Database Engine. Microsoft released a patch in October 2018. We investigated this flaw at that time to protect our customers. We were able to find some issues with the patch and reported ...

McAfee Labs

Demystifying Blockchain: Sifting Through Benefits, Examples and Choices

You have likely heard that blockchain will disrupt everything from banking to retail to identity management and more. You may have seen commercials for IBM touting the supply chain tracking benefits of blockchain.[i]  It appears nearly every industry is investing in, adopting, or implementing blockchain. Someone has probably told you ...

McAfee Labs

Cyber Threat Alliance Releases Analysis of Illicit Cryptocurrency Mining

In response to the explosive increase in cryptomining campaigns in Q4 2017, the Cyber Threat Alliance has formed a cryptomining subcommittee to assess the threat.

McAfee Labs

Threat Report: Don’t Join Blockchain Revolution Without Ensuring Security

On May 19 researchers discovered a series of vulnerabilities in the blockchain-based EOS platform that can lead to remote control over participating nodes. Just four days prior, a mining pool server for the IOT platform HDAC was compromised, impacting the vast majority of miners. In January the largest-ever theft of ...

McAfee Labs

It’s a Zoo Out There! Data Analysis of Alleged ZooPark Dump

In early May, researchers disclosed a Mobile malware campaign by a group focused on Middle Eastern targets. This actor was found to be an evolving and sophisticated group using fake Android apps, namely Telegram, to trick users into installing malicious software. They have been active since 2015 and evolved over ...

McAfee Labs

Syn/Ack Unique Proactive Protection Technique

McAfee’s Advanced Threat Research team has performed analysis on samples of Syn/Ack ransomware implementing Process Doppelgänging.  For those who are concerned about the potential impact of this ransomware but are currently unable to implement McAfee product protections, we have found a simple but interesting alternative method.  Prior to encryption and ...

Enterprise

The Ripple Effect of the Hansa Takedown

For nearly a decade we have witnessed the systemic rise and fall “dark net” markets. Each time a site is taken down by law enforcement, we see other, opportunistic ones capitalize on buyers looking for new places to purchase illegal goods. Last year we explored the takedowns of the popular ...

McAfee Labs

McAfee Researchers Analyze Dark Side of Cryptocurrency Craze: Its Effect on Cybercrime

In December 2017 Bitcoin values skyrocketed, peaking at the unprecedented amount of roughly US$19,000 per coin. Unsurprisingly, the market for cryptocurrencies exploded in response. Investors, companies, and even the public found a fresh interest in digital currencies. However, the exciting change in Bitcoin value did not just influence your average ...

Enterprise

Exploring the Correlation Between Bitcoin’s Boom and Evrial’s Capabilities

Many of the stealthiest cyberthreats out there spawn on underground forums, as malware authors leverage the space to sell unique variants to fellow criminals. And now there’s a new addition to the underground scene. Meet Evrial: a powerful, information-stealing Trojan which is currently for sale for 1,500 Rubles or $27 ...

McAfee Labs

Code Execution Technique Takes Advantage of Dynamic Data Exchange

Email phishing campaigns are a popular social engineering technique among hackers. The idea is simple: Craft an email that looks enticing to users and convince them to click on a malicious link or open a malicious attachment. Weight-loss and other health-related phishing emails are common. Package deliveries, bank notices and, ...

Subscribe to McAfee Securing Tomorrow Blogs