McAfee Labs
Read McAfee Labs blogs for the latest threat research, threat intelligence, and thought leadership from the Threat Research team.
New Android Malware Campaigns Evading Detection Using Cross-Platform Framework .NET MAUI
Mar 24, 2025 | 8 MIN READ
Patch Now: Simple Office ‘Protected View’ Bypass Could Have Big Impact
Protected View is a security feature of Microsoft Office. According to research from MWR Labs, Protected View mode...Trojanized Pokémon GO Android App Found in the Wild
Pokémon GO is a new mobile game that allows fans to “catch” Pokemons in the real world...Business Email Compromise Hurts Your Organization
As many workers do today, you probably get emails from your boss asking you to perform various...June #SecChat Recap: Findings from the 2016 Verizon DBIR
This year’s highly anticipated Verizon 2016 Data Breach Investigations Report (Verizon DBIR) analyzed cybersecurity findings from 100,000...Macro Malware Adds Tricks, Uses MaxMind to Avoid Detection
Macro malware continues to evolve and use new tricks to evade detection. This threat is responsible for...JavaScript-PHP Joint Exercise Delivers Nemucod Ransomware
The ransomware Nemucod has been very prevalent in the last few months. Nemucod’s habit of frequently changing...Microsoft’s June Patch Kills Potential CFG Bypass
After applying Microsoft’s June patch, we noticed some interesting changes that prevent a security bypass of Windows’...‘Thrones’ Jon Snow Appears to Employ Neutrino Exploit Kit
This blog post was written by Kalpesh Mantri. You read that right. Jon Snow appears to be...Experts Discuss the 2016 Verizon DBIR: June #SecChat
Cybersecurity in 2016 has been full of sensational headlines. Ransomware has shut down multiple hospitals, millions of...Zcrypt Expands Reach as ‘Virus Ransomware’
McAfee has recently seen a new kind of ransomware–Zcrypt—that can self-replicate. This “virus ransomware” arrives via email...Threat Actors Employ COM Technology in Shellcode to Evade Detection
COM (Component Object Model) is a technology in Microsoft Windows that enables software components to communicate with...Locky Ransomware Hides Under Multiple Obfuscated Layers of JavaScript
This post was prepared with the invaluable assistance of Rahamathulla Hussain and Girish Kulkarni. During the last...
