Featured Blogs
Setting Up HTTPS for Google App Engine Applications
Thursday, we posted advice on creating a custom domain name for an application developed with Google’s App Engine. In this...
Server-Side Request Forgery Takes Advantage of Vulnerable App Servers
This blog was written by Kunal Garg. Server-side request forgery is an attack in which an attacker can force a...
Self-Signed Certificates Can Be Secure, So Why Ban Them?
This blog was co-written by Brook Schoenfield and Ramnath Venugopalan. In many organizations the use of self-signed certificates is forbidden...
Seeing Through Darkleech Obfuscation: a Quick Hack to Iframes
This blog post was written by Kalpesh Mantri. Darkleech is an Apache module on the dark web that distributes malware....
Security on Silicon the Next Big Step in Cyber Protection
With the growth of the Internet of Things, going from 15 billion to 200 billion devices by 2020, and the...
Securing Space 4.0 – One Small Step or a Giant Leap? Part 2
McAfee Advanced Threat Research (ATR) is collaborating with Cork Institute of Technology (CIT) and its Blackrock Castle Observatory (BCO) and...
Securing Space 4.0 – One Small Step or a Giant Leap? Part 1
McAfee Advanced Threat Research (ATR) is collaborating with Cork Institute of Technology (CIT) and its Blackrock Castle Observatory (BCO) and...
Scammers Impersonating Windows Defender to Push Malicious Windows Apps
Summary points: Scammers are increasingly using Windows Push Notifications to impersonate legitimate alerts Recent campaigns pose as a Windows Defender...
Scammers Follow the Rebranding of Twitter to X, to Distribute Malware
Authored by: Vallabh Chole and Yerko Grbic On July 23rd, 2023, Elon Musk announced that the social networking site, Twitter...
Scammers are Exploiting Ukraine Donations
Authored by Vallabh Chole and Oliver Devane Scammers are very quick at reacting to current events, so they can generate...
Satanbot Employs VBScript to Create Botnet
Malware is on the rise. At the beginning of 2008, our malware collection had 10 million samples. Today we have...
Ryuk, Exploring the Human Connection
In collaboration with Bill Siegel and Alex Holdtman from Coveware. At the beginning of 2019, McAfee ATR published an...
Ryuk Ransomware Attack: Rush to Attribution Misses the Point
Senior analyst Ryan Sherstobitoff contributed to this report. During the past week, an outbreak of Ryuk ransomware that impeded newspaper...
RTF Zero-Day Attack CVE-2014-1761 Shows Sophistication of Attackers
A serious RTF zero-day attack has struck recently. McAfee detection solutions were provided a couple of days ago that allowed...
RTF Attack Takes Advantage of Multiple Exploits
This is a joint analysis by Haifei Li, Stanley Zhu, and Jun Xie of McAfee Labs Recently, the rich text...
Rovnix Downloader Updated with SinkHole and Time Checks
McAfee Labs has found that the latest Rovnix downloader now comes with the capability to check for the sinkholing of...
Rooting Exploit for Android Works Silently
In our last blog about Android malware, we discussed the expanding threat landscape for Android malware. Recently, we received an...
ROCA: Which Key-Pair Attacks Are Credible?
This blog was co-written by Brook Schoenfield. In the past two weeks, we have seen two big encryption issues arise:...
