McAfee Labs

Read McAfee Labs blogs for the latest threat research, threat intelligence, and thought leadership from the Advanced Threat Research team.

McAfee Labs

Nemty Ransomware – Learning by Doing

Executive Summary The McAfee Advanced Threat Research Team (ATR) observed a new ransomware family named ‘Nemty’ on 20 August 2019. We are in an era where ransomware developers face multiple struggles, from the great work done by the security community to protect against their malware, to initiatives such as the ...

McAfee Labs

Ransomware Maze

EXECUTIVE SUMMARY The Maze ransomware, previously known in the community as “ChaCha ransomware”, was discovered on May the 29th 2019 by Jerome Segura[1]. The main goal of the ransomware is to crypt all files that it can in an infected system and then demand a ransom to recover the files. ...

McAfee Labs

Staying Safe While Working Remotely

Special thanks to Tim Hux and Sorcha Healy for their assistance. The demand for remote working as a result of the COVID-19 pandemic will invariably place pressures on organizations to ensure the availability of corporate resources in geographic locations outside of corporate control. Such demands go beyond the provision of ...

McAfee Labs

SMBGhost – Analysis of CVE-2020-0796

The Vulnerability The latest vulnerability in SMBv3 is a “wormable” vulnerability given its potential ability to replicate or spread over network shares using the latest version of the protocol (SMB 3.1.1). As of this writing, Microsoft have just released a patch for CVE-2020-0796 on the morning of March 12th. The ...

McAfee Labs

Android/LeifAccess.A is the Silent Fake Reviewer Trojan

The McAfee Mobile Research team has identified an Android malware family dubbed Android/LeifAccess.A that has been active since May 2019. This trojan was discovered globally with localized versions but  has a much higher prevalence in the USA and Brazil. As part of the payload, this trojan can abuse OAuth leveraging ...

McAfee Labs

Multi-tricks HiddenAds Malware

Thousands of HiddenAds Trojan Apps Masquerade as Google Play Apps The McAfee mobile research team has recently discovered a new variant of the HiddenAds Trojan. HiddenAds Trojan is an adware app used to display advertising and collect user data for marketing. The goal of such apps is to generate revenue ...

McAfee Labs

CSI: Evidence Indicators for Targeted Ransomware Attacks – Part II

In our first article we discussed the growing pattern of targeted ransomware attacks where the first infection stage is often an info-stealer kind of malware used to gain credentials/access to determine if the target would be valuable for a ransomware attack. In this second part we will pick up where ...

McAfee Labs

Model Hacking ADAS to Pave Safer Roads for Autonomous Vehicles

The last several years have been fascinating for those of us who have been eagerly observing the steady move towards autonomous driving. While semi-autonomous vehicles have existed for many years, the vision of fleets of fully autonomous vehicles operating as a single connected entity is very much still a thing ...

McAfee Labs

Introduction and Application of Model Hacking

Catherine Huang, Ph.D., and Shivangee Trivedi contributed to this blog. The term “Adversarial Machine Learning” (AML) is a mouthful!  The term describes a research field regarding the study and design of adversarial attacks targeting Artificial Intelligence (AI) models and features.  Even this simple definition can send the most knowledgeable security ...

McAfee Labs

CSI: Evidence Indicators for Targeted Ransomware Attacks – Part I

For many years now I have been working and teaching in the field of digital forensics, malware analysis and threat intelligence. During one of the classes we always talk about Lockard’s exchange principle: “with contact between two items, there will be an exchange”. If we translate that to the digital ...

Subscribe to McAfee Securing Tomorrow Blogs