Featured Blogs
CSI: Evidence Indicators for Targeted Ransomware Attacks – Part I
For many years now I have been working and teaching in the field of digital forensics, malware analysis and threat...
CSI: Evidence Indicators for Targeted Ransomware Attacks – Part II
In our first article we discussed the growing pattern of targeted ransomware attacks where the first infection stage is often...
Current Campaign Delivers Hundreds of Thousands of Polymorphic Ransomware
You might have been getting out of bed when attackers started sending hundreds of thousands of fake invoices the morning...
CurveBall – An Unimaginative Pun but a Devastating Bug
Enterprise customers looking for information on defending against Curveball can find information here. 2020 came in with a bang this...
CVE-2012-0158 Exploit in the Wild
Since last week, we have seen many specially crafted files exploiting CVE-2012-0158, a vulnerability in MSCOMCTL.OCX in Microsoft Office and...
CVE-2016-0018: DLL Planting Leads to a Remote Code Execution Vulnerability
DLL planting, also known as DLL side loading, is a popular attack technique today. If we take a look at...
CVE-2016-0153: Microsoft Patches Possible OLE Typo
Recently McAfee Labs discovered an interesting bug in Windows’ OLE implementation, which Microsoft patched this week. Now that the patch...
CVE-2020-16898: “Bad Neighbor”
CVE-2020-16898: “Bad Neighbor” CVSS Score: 8.8 Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Overview Today, Microsoft announced a critical vulnerability in the Windows IPv6 stack,...
CVE-2020-17051: Remote kernel heap overflow in NFSv3 Windows Server
CVSS Score: 9.8 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Overview Microsoft released a patch today for a critical vulnerability (CVE-2020-17051) in the Windows NFSv3 (Network File System) server. NFS is typically...
Cyber Criminals Gain in Sophistication With Integrity Attacks
One constant in cybersecurity is the continual rise of sophistication and creativity of attackers. In 2016, we will see a...
Cyber Threat Alliance Releases Analysis of Illicit Cryptocurrency Mining
In response to the explosive increase in cryptomining campaigns in Q4 2017, the Cyber Threat Alliance has formed a cryptomining subcommittee to assess the threat.
Cybercrime ‘Highlights’ of First Quarter 2014
As a supplement to the next McAfee Labs Threats Report, which will appear next month, we offer this timeline of...
Cybercrime in the Spotlight: How Crooks Capitalize on Cultural Events
Every four years, everyone’s head around the globe turns toward the television. The Olympics, the World Cup – world events like...
Cybercriminals Actively Exploiting RDP to Target Remote Organizations
The COVID-19 pandemic has prompted many companies to enable their employees to work remotely and, in a large number of...
Cybersecurity Suffers Due to Human Resources Challenges
The cybersecurity industry is in a state of disrepair. Growing human resource problems put the efforts to secure technology at...
Darknet Markets Will Outlive AlphaBay and Hansa Takedowns
On June 20, law enforcement took over the Hansa marketplace after investigations that began in 2016. On July 5, police...
Darkshell DDOS Botnet Evolves With Variants
Darkshell is a distributed denial of service (DDoS) botnet targeting Chinese websites. It was found in 2011 and was first...
DarkSide Ransomware Victims Sold Short
Over the past week we have seen a considerable body of work focusing on DarkSide, the ransomware responsible for the...
