Featured Blogs
Phishing Android Malware Targets Taxpayers in India
Authored by ChanUng Pak McAfee’s Mobile Research team recently found a new Android malware, Elibomi, targeting taxpayers in India. The malware steals sensitive financial and private information via phishing by pretending...
Phishing Threat Uses UTF-8 BOM in ZIP Signature to Evade Detection
This blog was written by Sanchit Karve. Last week, we noticed thousands of malware files in the wild that employ...
Phishing Campaigns featuring Ursnif Trojan on the Rise
Authored by Jyothi Naveen and Kiran Raj McAfee Labs have been observing a spike in phishing campaigns that utilize Microsoft...
Phishing Attacks Employ Old but Effective Password Stealer
A few months ago we received a sample from a customer that turned out to be a password stealer (PWS). One...
Phishing Attack Replaces Android Banking Apps With Malware
Mobile devices are also increasingly being used to manage a critical and important asset for all of us: our money....
Periodic Connections to Control Server Offer New Way to Detect Botnets
A number of recent botnets and advanced threats use HTTP as their primary communications channel with their control servers. McAfee...
Peeling Back the Layers of RemcosRat Malware
Authored by Preksha Saxena McAfee labs observed a Remcos RAT campaign where malicious VBS files were delivered via phishing email....
PDF Phishing: Beyond the Bait
By Lakshya Mathur & Yashvi Shah Phishing attackers aim to deceive individuals into revealing sensitive information for financial gain, credential...
Pay-Per-Install Company Deceptively Floods Market with Unwanted Programs
For the past 18 months, McAfee Labs has been investigating a pay-per-install developer, WakeNet AB, responsible for spreading prevalent adware...
Patch Now: Simple Office ‘Protected View’ Bypass Could Have Big Impact
Protected View is a security feature of Microsoft Office. According to research from MWR Labs, Protected View mode is a strong...
Pastebin Shares Botnet Source Code
Few days back, we found another Pastebin entry that contains a source which looks to be malicious botnet code. As...
Password-Protected Attachment Serves Ransomware
Attacks by macro malware carrying ransomware are growing, as we have recently reported. Since early March we have seen macro...
Parasitic Coin Mining Creates Wealth, Destroys Systems
The increasing popularity of cryptocurrencies has inspired some people to pursue coin mining, essentially making money online. (Mining is the...
Overcoming Targeted Attacks: a New Approach
Successful targeted attacks bypass security controls and typically cause significant damage to an enterprise. Damages may include reputation, monetary, and...
Our Experiences Participating in Microsoft’s Azure Sphere Bounty Program
From June to August, part of the McAfee Advanced Threat Research (ATR) team participated in Microsoft’s Azure Sphere Research Challenge. Our research resulted...
Organizations Leave Backdoors Open to Cheap Remote Desktop Protocol Attacks
While researching underground hacker marketplaces, the McAfee Advanced Threat Research team has discovered that access linked to security and building automation systems of a major international airport could be bought for only US$10.
Operation North Star: Summary Of Our Latest Analysis
McAfee’s Advanced Threat Research (ATR) today released research that uncovers previously undiscovered information on how Operation North Star evaluated its...
Operation North Star: Behind The Scenes
Executive Summary It is rare to be provided an inside view on how major cyber espionage campaigns are conducted within...
