Featured Blogs
Farewell to the SHA-1 Hash Algorithm
Rest in peace SHA-1. Like all security controls, they are valuable only for a certain time. SHA-1, a legacy hashing...
Next Targets for Cybercriminals: the Short Term (Part 1)
Knowing what cybercriminals are targeting today is easy. Their attacks are loud, impactful, and have the elegance of a...
Next Targets for Cybercriminals: the Long Term (Part 2)
In the previous post in this series, I outlined how cybercriminals will use the holiday season to victimize unwary consumers...
How to Protect Against OpenSSL 1.1.0a Vulnerability CVE-2016-6309
This blog post was written by Rock Liu. Recently the OpenSSL security library gained a fix for a critical security...
“Trojanization” of Legit Apps on the Rise
McAfee today released its McAfee Labs Threats Report: December 2016. The report’s third key topic illustrates how attackers are creating...
2016: A Year at Ransom
This week’s McAfee Labs Threats Report: December 2016 provides an overview of how ransomware has evolved over the course of 2016, and...
Shamoon Rebooted in Middle East, Part 2
Last week we provided some initial analysis on recent attacks targeting organizations in the Middle East. The attack has hallmarks...
Did You Forget to Patch Your IP Camera?
IP cameras are usually “purchase, install, and don’t touch” devices. But in the current climate of cyberattacks, they now require...
An Overview of Malware Self-Defense and Protection
Many malware authors spend a great deal of time and effort to develop complex code. Their success depends on a...
‘Popcorn Time’ Ransomware Sure to Cause Indigestion
In early December the new ransomware “Popcorn Time” was discovered. It gives the victim the option of paying the ransom...
Turkish Instagram Password Stealers Found on Google Play
McAfee’s mobile malware research team has found several Instagram password stealers on the Google Play store. (Google has since removed...
Digging Into a Windows Kernel Privilege Escalation Vulnerability: CVE-2016-7255
This blog was written by Stanley Zhu. The Windows kernel privilege escalation vulnerability CVE-2016-7255 has received a lot of media...
Top Tips for Securing Home Cameras
Installing a home surveillance camera system can add great benefits but also may introduce new risks to privacy and network...
Trojanized Photo App on Google Play Signs Up Users for Premium Services
Mobile apps usually have names that give some indication of their function. In one recent case, however, we found a...
Stopping Malware With a Fake Virtual Machine
As we explained in a previous post, some advanced malware can detect a virtual environment such as a sandbox to...
Analyzing KillDisk Ransomware, Part 2: Variants and Screen Unlocking
This blog post was written by Sudhanshu Dubey. At McAfee Labs we recently analyzed the ransomware KillDisk. In part 1 of...
Analyzing CVE-2016-9311: NTPD Vulnerability Can Lead to Denial of Service
The network time protocol synchronizes time across various devices on a network. The network time protocol daemon (NTPD) is an...
Macro Malware Targets Macs
Macro malware has been spreading for years. New techniques arise all the time to hide malicious code and thus increase...
Analyzing CVE-2017-3731: Truncated Packets Can Cause Denial of Service in OpenSSL
OpenSSL is a popular open-source library for SSL and is used by various software and companies across the world. In...
Analyzing a Fresh Variant of the Dorkbot Botnet
This blog post was written by Sudhanshu Dubey. At McAfee Labs, we have recently observed a new variant of the...
Ransomware Families Use NSIS Installers to Avoid Detection, Analysis
Malware families are constantly seeking new ways to hide their code, thwart replication, and avoid detection. A recent trend for...
Critical Office Zero-Day Attacks Detected in the Wild
At McAfee, we have put significant efforts in hunting attacks such as advanced persistent threats and “zero days.” Yesterday, we...
Mirai Botnet Creates Army of IoT Orcs
This post was based on analysis by Yashashree Gund and RaviKant Tiwari. There is a lot of speculation in the...
Banned Chinese Qvod Lives on in Malicious Fakes
Qvod used to be a popular video player and developer in China. Due to piracy allegations and a threatened fine,...
Cerber Ransomware Evades Detection With Many Components
This blog was co-written by Sapna Juneja. Cerber is a quickly evolving type of malware called crypto-ransomware. Cerber encrypts files...
Mirai, BrickerBot, Hajime Attack a Common IoT Weakness
This blog post was written by Rick Simon. We know that devices in the Internet of Things make enticing targets...
Vulnerable OpenSSL Handshake Renegotiation Can Trigger Denial of Service
OpenSSL, the popular general-purpose cryptographic library that implements SSL/TLS protocols for web authentication, has recently suffered from several vulnerabilities. We...
