McAfee Labs

Read McAfee Labs blogs for the latest threat research, threat intelligence, and thought leadership from the Advanced Threat Research team.

McAfee Labs

Fighting new Ransomware Techniques with McAfee’s Latest Innovations

In 2021 ransomware attacks have been dominant among the bigger cyber security stories. Hence, I was not surprised to see that McAfee’s June 2021 Threat report is primarily focused on this topic. This report provides a large range of statistics using the McAfee data lake behind MVISION Insights, including the ...

McAfee Labs

An Overall Philosophy on the Use of Critical Threat Intelligence

The overarching threat facing cyber organizations today is a highly skilled asymmetric enemy, well-funded and resolute in his task and purpose.   You never can exactly tell how they will come at you, but come they will.  It’s no different than fighting a kinetic foe in that, before you fight, you ...

McAfee Labs

REvil Ransomware Uses DLL Sideloading

This blog was written byVaradharajan Krishnasamy, Karthickkumar, Sakshi Jaiswal Introduction Ransomware attacks are one of the most common cyber-attacks among organizations; due to an increase in Ransomware-as-a-service (RaaS) on the black market. RaaS provides readily available ransomware to cyber criminals and is an effective way for attackers to deploy a ...

McAfee Labs

Hancitor Making Use of Cookies to Prevent URL Scraping

This blog was written by Vallabh Chole & Oliver Devane Over the years, the cybersecurity industry has seen many threats get taken down, such as the Emotet takedown in January 2021. It doesn’t usually take long for another threat to attempt to fill the gap left by the takedown. Hancitor ...

McAfee Labs

Zloader With a New Infection Technique

This blog was written by Kiran Raj & Kishan N. Introduction In the last few years, Microsoft Office macro malware using social engineering as a means for malware infection has been a dominant part of the threat landscape. Malware authors continue to evolve their techniques to evade detection. These techniques ...

McAfee Labs

New Ryuk Ransomware Sample Targets Webservers

Executive Summary Ryuk is a ransomware that encrypts a victim’s files and requests payment in Bitcoin cryptocurrency to release the keys used for encryption. Ryuk is used exclusively in targeted ransomware attacks. Ryuk was first observed in August 2018 during a campaign that targeted several enterprises. Analysis of the initial ...

McAfee Labs

Fuzzing ImageMagick and Digging Deeper into CVE-2020-27829

Introduction: ImageMagick is a hugely popular open source software that is used in lot of systems around the world. It is available for the Windows, Linux, MacOS platforms as well as Android and iOS. It is used for editing, creating or converting various digital image formats and supports various formats ...

McAfee Labs

Analyzing CVE-2021-1665 – Remote Code Execution Vulnerability in Windows GDI+

Introduction Microsoft Windows Graphics Device Interface+, also known as GDI+, allows various applications to use different graphics functionality on video displays as well as printers. Windows applications don’t directly access graphics hardware such as device drivers, but they interact with GDI, which in turn then interacts with device drivers. In ...

McAfee Labs

McAfee Labs Report Highlights Ransomware Threats

The McAfee Advanced Threat Research team today published the McAfee Labs Threats Report: June 2021. In this edition we introduce additional context into the biggest stories dominating the year thus far including recent ransomware attacks. While the topic itself is not new, there is no question that the threat is ...

McAfee Labs

A New Program for Your Peloton – Whether You Like It or Not

Executive Summary  The McAfee Advanced Threat Research team (ATR) is committed to uncovering security issues in both software and hardware to help developers provide safer products for businesses and consumers. As security researchers, something that we always try to establish before looking at a target is what our scope should be. More specifically, we often assume well-vetted ...

Subscribe to McAfee Securing Tomorrow Blogs