Featured Blogs
Iranian Keylogger Marmoolak Enters via Backdoor
Targeted attacks have several stages, sometimes called the APT kill chain. At McAfee Labs we prefer the model described by...
Is This Your Photo? No, It’s SMS Spam With Mobile Malware
One of the most important concerns of Internet users is privacy. For this reason one of the most effective phishing...
It’s a Zoo Out There! Data Analysis of Alleged ZooPark Dump
In early May, researchers disclosed a Mobile malware campaign by a group focused on Middle Eastern targets. This actor was...
January 2014 #SecChat Wrap-up — Threat Predictions
Threats seem to be top of mind for the masses of late—with three large-scale attacks on major brands already this...
Japanese Banking Trojan Shifu Combines Malware Tools
In recent weeks, McAfee Labs has analyzed a recently discovered banking Trojan that combines elements from multiple malware tools. Shifu...
Japanese Chat App for Android Steals Phone Numbers
Update, December 5 The developer of the app Machin Chat has contacted McAfee and reported that the collection of phone...
Japanese One-Click Scammers Abuse Mobile Traffic Exchange Service
McAfee has been monitoring and reporting extensively on one-click-fraud malware for Android in Japan this year. These attacks, primarily on...
Java Back Door Acts as Bot
The current threat landscape is often driven by web-based malware and exploit kits that are regularly updated with newly found...
Java Zero-Day Vulnerability Pushes Out Crimeware
This blog was updated on January 14. See the end of the file. A new Java zero-day vulnerability is spreading...
JAVA-VBS Joint Exercise Delivers RAT
The Adwind remote administration tool (RAT) is a Java-based backdoor Trojan that targets various platforms supporting Java files. For an...
JavaScript Apps on Google Play Steal Korean Phone Numbers
In a recent blog, McAfee Labs reported on suspicious JavaScript-based Android chat applications for Japanese users. These apps were found...
JavaScript-PHP Joint Exercise Delivers Nemucod Ransomware
The ransomware Nemucod has been very prevalent in the last few months. Nemucod’s habit of frequently changing its delivery mechanism...
Jet Database Engine Flaw May Lead to Exploitation: Analyzing CVE-2018-8423
In September 2018, the Zero Day Initiative published a proof of concept for a vulnerability in Microsoft’s Jet Database Engine....
Jumping Into the Flames of Skywiper
There has been quite a bit of analysis and speculation about the Flamer/Skywiper threat. As we started to analyze this...
June #SecChat Recap: Findings from the 2016 Verizon DBIR
This year’s highly anticipated Verizon 2016 Data Breach Investigations Report (Verizon DBIR) analyzed cybersecurity findings from 100,000 incidents and 2,260...
Key Lessons From Verizon’s ‘2016 Data Breach Investigations Report’
The annual Data Breach Investigations Report (DBIR) is out and reinforces the value of well-established cybersecurity practices. The good folks...
Knock, Knock – Who’s There?
A Windows Linux Subsystem Interop Analysis Following our research from Evil Twins and Windows Linux Subsystem, interoperability between different WSL...
Know Your Superpower: Brenda’s McAfee Journey
Our How I Got Here series spotlights the stories of McAfee team members who have successfully grown their careers. Read more about...
KRACKs Against Wi-Fi Serious But Not End of the World
This blog was written by Brook Schoenfield. On October 12, researcher Mathy Vanhoef announced a set of Wi-Fi attacks that...
KRACKs: Five Observations on WPA Authentication Vulnerability
KRACKs are in the news. McAfee has already discussed these key reinstallation attacks that affect Wi-Fi setups in two posts:...
Labs Paper Looks ‘Inside the World of the Citadel Trojan’
Zeus “banking” malware and its variants have been making headlines in recent months. One variant, the Citadel Trojan, has now...
Latest SpyEye Botnet Active and Cheaper
On April 16, we found a Pastebin entry selling the latest version of the infamous SpyEye botnet (Version 1.3.48) for...
Lazarus Cybercrime Group Moves to Mobile Platform
When it comes to describing cyberattacks, the word sophisticated is used a lot. Whether to explain yet another “advanced” campaign...
Lazarus Resurfaces, Targets Global Banks and Bitcoin Users
McAfee Advanced Threat Research (ATR) analysts have discovered an aggressive Bitcoin-stealing phishing campaign by the international cybercrime group Lazarus that uses sophisticated malware with long-term impact.
LeakerLocker: Mobile Ransomware Acts Without Encryption
We recently found on Google Play a type of mobile ransomware that does not encrypt files. This malware extorts a...
Leaning into Change with the McAfee Family
With today’s current climate, many companies are building cultures and infrastructures to support working from home (WFH). Like most transitions,...
Linux Kernel Vulnerability Can Lead to Privilege Escalation: Analyzing CVE-2017-1000112
This blog was written by Krishs Patil. A memory corruption bug in UDP fragmentation offload (UFO) code inside the Linux...
