Featured Blogs
CurveBall – An Unimaginative Pun but a Devastating Bug
2020 came in with a bang this year, and it wasn’t from the record-setting number of fireworks on display around the world to celebrate the new year. Instead, just over two weeks into the decade, the security world was rocked by a fix for CVE-2020-0601 introduced in Microsoft’s first patch ...
What CVE-2020-0601 Teaches Us About Microsoft’s TLS Certificate Verification Process
By: Jan Schnellbächer and Martin Stecher, McAfee Germany GmbH This week security researches around the world were very busy working on Microsoft’s major crypto-spoofing vulnerability (CVE-2020-0601) otherwise known as Curveball. The majority of research went into attacks with malicious binaries that are signed with a spoofed Certificate Authority (CA) which ...
Iran Cyber Threat Update
Recent political tensions in the Middle East region have led to significant speculation of increased cyber-related activities. McAfee is on a heightened state of alert to monitor the evolving threats and rapidly implement coverage across all McAfee products as intelligence becomes available. Known campaigns associated with the threat actors from ...
We Be Jammin’ – Bypassing Chamberlain myQ Garage Doors
The idea of controlling your garage door remotely and verifying that everything is secure at home, or having packages delivered directly into your garage is enticing for many people. The convenience that many of these IOT devices provide often persuades consumers away from thinking about the possible security concerns. McAfee ...
The Cloning of The Ring – Who Can Unlock Your Door?
Steve Povolny contributed to this report. McAfee’s Advanced Threat Research team performs security analysis of products and technologies across nearly every industry vertical. Special interest in the consumer space and Internet of Things (IoT) led to the discovery of an insecure design with the McLear NFC Ring a household access ...
The Tradeoff Between Convenience and Security – A Balancing Act for Consumers and Manufacturers
This week McAfee Advanced Threat Research (ATR) published new findings, uncovering security flaws in two popular IoT devices: a connected garage door opener and a “smart” ring, which, amongst many uses, utilizes near field communication (NFC) to open door locks. I’d like to use these cases as examples of a ...
Top Tips to Spot Tech Support Scams
There are number of ways scammers use to target your money or personal details. These scams include support sites for services such as Office365, iCloud, Gmail, etc. They will charge you for the service and steal your credit card details. Software activation scam sites will steal your activation code and they ...
Analysis of LooCipher, a New Ransomware Family Observed This Year
Initial Discovery This year seems to again be the year for ransomware. Notorious attacks were made using ransomware and new families are being detected almost on a weekly basis. The McAfee ATR team has now analyzed a new ransomware family with some special features we would like to showcase. LooCipher ...
McAfee Labs 2020 Threats Predictions Report
With 2019’s headlines of ransomware, malware, and RDP attacks almost behind us, we shift our focus to the cybercrime threats ahead. Cybercriminals are increasing the complexity and volume of their attacks and campaigns, always looking for ways to stay one step ahead of cybersecurity practices – and more often using ...
Spanish MSSP Targeted by BitPaymer Ransomware
Initial Discovery This week the news hit that several companies in Spain were hit by a ransomware attack. Ransomware attacks themselves are not new but, by interacting with one of the cases in Spain, we want to highlight in this blog how well prepared and targeted an attack can be ...
