McAfee Labs

Read McAfee Labs blogs for the latest threat research, threat intelligence, and thought leadership from the Threat Research team.

REvil Ransomware Uses DLL Sideloading
This blog was written byVaradharajan Krishnasamy, Karthickkumar, Sakshi Jaiswal Introduction Ransomware attacks are one of the most...
Hancitor Making Use of Cookies to Prevent URL Scraping
This blog was written by Vallabh Chole & Oliver Devane Over the years, the cybersecurity industry has...
Zloader With a New Infection Technique
This blog was written by Kiran Raj & Kishan N. Introduction In the last few years, Microsoft...
New Ryuk Ransomware Sample Targets Webservers
Executive Summary Ryuk is a ransomware that encrypts a victim’s files and requests payment in Bitcoin cryptocurrency...
Fuzzing ImageMagick and Digging Deeper into CVE-2020-27829
Introduction: ImageMagick is a hugely popular open source software that is used in lot of systems around...
Analyzing CVE-2021-1665 – Remote Code Execution Vulnerability in Windows GDI+
Introduction Microsoft Windows Graphics Device Interface+, also known as GDI+, allows various applications to use different graphics...
McAfee Labs Report Highlights Ransomware Threats
The McAfee Advanced Threat Research team today published the McAfee Labs Threats Report: June 2021. In this...
A New Program for Your Peloton – Whether You Like It or Not
Executive Summary  The McAfee Advanced Threat Research team (ATR) is committed to uncovering security issues in both software and hardware...
Are Virtual Machines the New Gold for Cyber Criminals?
Introduction Virtualization technology has been an IT cornerstone for organization for years now. It revolutionized the way...
Scammers Impersonating Windows Defender to Push Malicious Windows Apps
Summary points: Scammers are increasingly using Windows Push Notifications to impersonate legitimate alerts Recent campaigns pose as...
DarkSide Ransomware Victims Sold Short
Over the past week we have seen a considerable body of work focusing on DarkSide, the ransomware...
Major HTTP Vulnerability in Windows Could Lead to Wormable Exploit
Today, Microsoft released a highly critical vulnerability (CVE-2021-31166) in its web server http.sys. This product is a...
13 - 24 of 659
Back to top