Featured Blogs
Seeing Through Darkleech Obfuscation: a Quick Hack to Iframes
This blog post was written by Kalpesh Mantri. Darkleech is an Apache module on the dark web that distributes malware....
Android Banking Trojan ‘SpyLocker’ Targets More Banks in Europe
Since the discovery of the Android banking Trojan SpyLocker, McAfee has closely monitored this threat. SpyLocker first appeared disguised as...
Android Spyware Targets Security Job Seekers in Saudi Arabia
The Middle East is the new Wild West of mobile malware, especially for targeted attacks and intelligence gathering campaigns. During...
Trillium Exploit Kit Update Offers ‘Security Tips’
McAfee Labs has previously blogged about the Trillium Exploit Kit Version 3.0, which is commonly used to create and distribute malware....
Threat Actors Employ COM Technology in Shellcode to Evade Detection
COM (Component Object Model) is a technology in Microsoft Windows that enables software components to communicate with each other; it...
Locky Ransomware Hides Under Multiple Obfuscated Layers of JavaScript
This post was prepared with the invaluable assistance of Rahamathulla Hussain and Girish Kulkarni. During the last couple of weeks,...
Trojanized Propaganda App Uses Twitter to Infect, Spy on Sympathizers
The Mobile Malware Research Team of McAfee has discovered in recent weeks a number of new threats in the Middle...
‘Thrones’ Jon Snow Appears to Employ Neutrino Exploit Kit
This blog post was written by Kalpesh Mantri. You read that right. Jon Snow appears to be back from the...
Experts Discuss the 2016 Verizon DBIR: June #SecChat
Cybersecurity in 2016 has been full of sensational headlines. Ransomware has shut down multiple hospitals, millions of credentials have been...
JavaScript-PHP Joint Exercise Delivers Nemucod Ransomware
The ransomware Nemucod has been very prevalent in the last few months. Nemucod’s habit of frequently changing its delivery mechanism...
June #SecChat Recap: Findings from the 2016 Verizon DBIR
This year’s highly anticipated Verizon 2016 Data Breach Investigations Report (Verizon DBIR) analyzed cybersecurity findings from 100,000 incidents and 2,260...
Business Email Compromise Hurts Your Organization
As many workers do today, you probably get emails from your boss asking you to perform various tasks. You may...
Trojanized Pokémon GO Android App Found in the Wild
Pokémon GO is a new mobile game that allows fans to “catch” Pokemons in the real world using augmented reality...
Patch Now: Simple Office ‘Protected View’ Bypass Could Have Big Impact
Protected View is a security feature of Microsoft Office. According to research from MWR Labs, Protected View mode is a strong...
Phishing Attacks Employ Old but Effective Password Stealer
A few months ago we received a sample from a customer that turned out to be a password stealer (PWS). One...
McAfee Teams With Industry, Law Enforcement to Thwart ‘Shade’ Ransomware
McAfee, Europol, Kaspersky Lab, and Dutch police have taken down the Shade ransomware botnet and captured encryption keys to unlock...
Taking Steps to Fight Back Against Ransomware
Ransomware is an attack in which malware encrypts files and extorts money from victims. It has become a favorite among...
Bing.VC Hijacks Browsers Using Legitimate Applications
Browser hijackers are a type of malware that modifies a web browser’s settings without the user’s permission. Generally a browser hijacker...
Active iOS Smishing Campaign Stealing Apple Credentials
McAfee Mobile Research recently found an active phishing campaign targeting iOS users via SMS messages. The message tells users that their Apple...
Setting Up HTTPS for Google App Engine Applications
Thursday, we posted advice on creating a custom domain name for an application developed with Google’s App Engine. In this...
Banload Trojan Targets Brazilians With Malware Downloads
McAfee Labs has recently encountered new variants of the Banload Trojan. Banload has been around since the last decade. This...
‘Cat-Loving’ Mobile Ransomware Operates With Control Panel
Recently the McAfee Labs Mobile Malware Research team found a sample of ransomware for Android with botnet capabilities and a...
Obfuscated Malware Discovered on Google Play
The McAfee Labs Mobile Malware Research team found early this week on Google Play a set of malware published by...
Malware Hides in Installer to Avoid Detection
At McAfee Labs we recently observed various threat families using the Nullsoft Scriptable Install System (NSIS). This practice is not...
Wildfire Ransomware Extinguished by Tool From NoMoreRansom
McAfee and Kaspersky Lab, partners in the project NoMoreRansom, are pleased to announce today the availability of a decryption tool...
Improve Protection Against Cyberattacks Through Shared Threat Intelligence
This blog post was written by Rick Simon. At the RSA Conference 2016 in San Francisco, Chris Young, GM and...
Locky Ransomware Hides Inside Packed .DLL
McAfee Labs has seen a huge increase in Locky ransomware in recent months (discussed in an earlier blog). Locky is aggressively...
