McAfee Labs

Read McAfee Labs blogs for the latest threat research, threat intelligence, and thought leadership from the Advanced Threat Research team.

McAfee Labs

What’s in the Box? Part II: Hacking the iParcelBox

Package delivery is just one of those things we take for granted these days. This is especially true in the age of Coronavirus, where e-commerce and at-home deliveries make up a growing portion of consumer buying habits. In 2019, McAfee Advanced Threat Research (ATR) conducted a vulnerability research project on ...

McAfee Labs

RagnarLocker Ransomware Threatens to Release Confidential Information

EXECUTIVE SUMMARY The RagnarLocker ransomware first appeared in the wild at the end of December 2019 as part of a campaign against compromised networks targeted by its operators. The ransomware code is small (only 48kb after the protection in its custom packer is removed) and coded in a high programming ...

McAfee Labs

OneDrive Phishing Awareness

There are number of ways scammers use to target personal information and, currently, one example is, they are taking advantage of the fear around the virus pandemic, sending phishing and scam emails to Microsoft OneDrive users, trying to profit from Coronavirus/COVID-19. They will pretend to be emailing from government, consulting, ...

McAfee Labs

How To Use McAfee ATP to Protect Against Emotet, LemonDuck and PowerMiner

Introduction This blog describes how McAfee ATP (Adaptive Threat Protection) rules are used within McAfee Endpoint Security products. It will help you understand how ATP Rules work and how you can utilize them to prevent infections from prevalent malware families such as Emotet, LemonDuck and PowerMiner. Please read through the ...

McAfee Labs

ENS 10.7 Rolls Back the Curtain on Ransomware

Ransomware protection and incident response is a constant battle for IT, security engineers and analysts under normal circumstances, but with the number of people working from home during the COVID-19 pandemic that challenge reaches new heights. How do you ensure an equivalent level of adaptable malware protection on or off ...

McAfee Labs

Cybercriminals Actively Exploiting RDP to Target Remote Organizations

The COVID-19 pandemic has prompted many companies to enable their employees to work remotely and, in a large number of cases, on a global scale. A key component of enabling remote work and allowing employees to access internal corporate resources remotely is Remote Desktop Protocol (RDP), which allows communication with ...

McAfee Labs

COVID-19 – Malware Makes Hay During a Pandemic

Special thanks to Prajwala Rao, Oliver Devane, Shannon Cole, Ankit Goel and members of Malware Research for their contribution and monitoring of related threats As COVID-19 continues to spread across the world, it is no surprise that malware authors are exploiting the pandemic. McAfee recently released blogs around Covid-19 related ...

McAfee Labs

Tales From the Trenches; a Lockbit Ransomware Story

In collaboration with Northwave As we highlighted previously across two blogs, targeted ransomware attacks have increased massively over the past months. In our first article, we discussed the growing pattern of targeted ransomware attacks where the primary infection stage is often an info-stealer kind of malware used to gain credentials/access to ...

McAfee Labs

MalBus Actor Changed Market from Google Play to ONE Store

McAfee Mobile Research team has found another variant of MalBus on an education application, developed by a South Korean developer. In the previous Malbus case, the author distributed the malware through Google Play, but new variants are distributed via the ONE Store in much the same way. ONE Store is ...

McAfee Labs

Transitioning to a Mass Remote Workforce – We Must Verify Before Trusting

While not a new practice, the sheer volume of people required to adhere to social distancing best practices means we now have a mass workforce working remotely. Most enterprises and SMBs can support working remotely today but many IT departments are not equipped to scale to the numbers currently required. ...

Subscribe to McAfee Securing Tomorrow Blogs