Thomas Roccia is senior security researcher on the Advanced Threat Research team. He works on threat intelligence, tracking cybercrime campaigns and collaborating with law enforcement agencies. In a previous role, Thomas worked on the McAfee Foundstone team, performing worldwide incident response, malware hunting, and penetration testing. He has helped customers during major outbreaks and managed highly critical situations. Thomas has developed workshops, training courses, presentations, he leads the Unprotect Project, an open-source database dedicated to malware evasion techniques. His work in security research includes threat intelligence, malware, reverse engineering, vulnerabilities as well as innovation and patenting. He speaks regularly at security conferences.

Thomas Roccia Blog Feed

More from Thomas Roccia

McAfee Labs

McAfee ATR Threat Report: A Quick Primer on Cuba Ransomware

Executive Summary  Cuba ransomware is an older ransomware, that has recently undergone some development. The actors have incorporated the leaking of victim data to increase its impact...

McAfee Labs

Operation Diànxùn: Cyberespionage Campaign Targeting Telecommunication Companies

In this report the McAfee Advanced Threat Research (ATR) Strategic Intelligence team details an espionage campaign, targeting telecommunication companies, dubbed...

McAfee Labs

Babuk Ransomware

Executive Summary Babuk ransomware is a new ransomware threat discovered in 2021 that has impacted at least five big enterprises,...

McAfee Labs

Cybercriminals Actively Exploiting RDP to Target Remote Organizations

The COVID-19 pandemic has prompted many companies to enable their employees to work remotely and, in a large number of...

McAfee Labs

Evolution of Malware Sandbox Evasion Tactics – A Retrospective Study

Executive Summary Malware evasion techniques are widely used to circumvent detection as well as analysis and understanding. One of the...

McAfee Labs

Jet Database Engine Flaw May Lead to Exploitation: Analyzing CVE-2018-8423

In September 2018, the Zero Day Initiative published a proof of concept for a vulnerability in Microsoft’s Jet Database Engine....

McAfee Labs

McAfee ATR Aids Police in Arrest of Rubella & Dryad Office Macro Builder

Everyday thousands of people receive emails with malicious attachments in their email inbox. Disguised as a missed payment or an...

McAfee Labs

Shamoon Attackers Employ New Tool Kit to Wipe Infected Systems

Last week the McAfee Advanced Threat Research team posted an analysis of a new wave of Shamoon “wiper” malware attacks...

McAfee Labs

Shamoon Returns to Wipe Systems in Middle East, Europe

Destructive malware has been employed by adversaries for years. Usually such attacks are carefully targeted and can be motivated by...

McAfee Labs

Triton Malware Spearheads Latest Attacks on Industrial Systems

Malware that attacks industrial control systems (ICS), such as the Stuxnet campaign in 2010, is a serious threat. This class of cyber sabotage can spy on, disrupt, or destroy systems that manage large-scale industrial processes. An essential danger in this threat is that it moves from mere digital damage to ...

Subscribe to McAfee Securing Tomorrow Blogs