McAfee Labs

McAfee Labs is one of the leading sources for threat research, threat intelligence, and cybersecurity thought leadership. See our blog for more information.

Subscribe to McAfee Labs Blogs

More from McAfee Labs

McAfee Labs

McAfee Discovers Pinkslipbot Exploiting Infected Machines as Control Servers; Releases Free Tool to Detect, Disable Trojan

This blog was written by Sanchit Karve. McAfee Labs has discovered that banking malware Pinkslipbot (also known as QakBot/QBot) has used infected machines as control servers since April 2016, even after its capability to steal personal and financial data from the infected machine has been removed by a security product. ...

McAfee Labs

Further Analysis of WannaCry Ransomware

McAfee Labs has closely monitored the activity around the ransomware WannaCry. Many sources have reported on this attack and its behavior, including this post by McAfee’s Raj Samani and Christiaan Beek and this post by Steve Grobman. In the last 24 hours, we have learned more about this malware. These ...

McAfee Labs

Mirai, BrickerBot, Hajime Attack a Common IoT Weakness

This blog post was written by Rick Simon. We know that devices in the Internet of Things make enticing targets for attack. They are often insecure and can act as open windows into trusted networks. Cybercriminals are capitalizing on that more and more each day, gathering hundreds of thousands of ...

Enterprise

Pen Testing Android Apps, Part 5: Analyzing the Heap Dump

This blog was written by Kunal Garg. One of the best ways to develop secure Android applications is to engage in penetration (pen) testing, in effect trying to break into your application just as an attacker might do. This is the fifth in a series of posts on pen testing ...

Data Security

‘Aha’ Moments From the ‘Verizon 2017 Data Breach Investigations Report’

This blog post was written by Rick Simon. The annual Verizon Data Breach Investigations Report (DBIR) was published today. Once again, it is a hefty report that is sure to become one of the most referenced data breach reports in the world. That is because Verizon’s analysis is based on ...

Enterprise

Update: Technical McAfee Detail On DoubleAgent

Cedric Cochin teamed with Brook Schoenfield on this article Updated March 29, 2017 McAfee has been investigating the impact of the so-called “DoubleAgent zero-day” technique of Windows debugging capabilities announced on 22 March 2017. This injection technique uses a Microsoft Windows debugging feature that requires administrative privileges.  On the fly debugging ...

McAfee Labs

Analyzing a Fresh Variant of the Dorkbot Botnet

This blog post was written by Sudhanshu Dubey. At McAfee Labs, we have recently observed a new variant of the Dorkbot botnet. Dorkbot is a well-known bot, famous for its various capabilities including backdoor, password stealing, and other malicious behavior. Dorkbot relies on social networking as its infection vector. In ...

McAfee Labs

Analyzing KillDisk Ransomware, Part 2: Variants and Screen Unlocking

This blog post was written by Sudhanshu Dubey. At McAfee Labs we recently analyzed the ransomware KillDisk. In part 1 of this analysis, we discussed the basics of the malware and its whitelisting to protect itself. In this part, we will provide more information about the malware’s internals, this variant, and steps ...

McAfee Labs

With Release of Windows 10, Questions About BitLocker Arise Again

This post was written by Ted Pan. For those of you who were around during the original release of Microsoft’s BitLocker, previously known as Secure Startup, you will remember that it was meant to completely eliminate the necessity for third-party security software. Yes, BitLocker was going to secure our machines ...

McAfee Labs

Analyzing KillDisk Ransomware, Part 1: Whitelisting

This blog post was written by Sudhanshu Dubey. At McAfee Labs we recently analyzed the ransomware KillDisk. We will share our analysis in two parts: the first, this article, contains general information about the malware and its whitelisting technique; the second part will appear soon with an analysis of its ...

Subscribe to McAfee Securing Tomorrow Blogs