Featured Blogs
LizaMoon the Latest SQL-Injection Attack
Working in the security industry brings about a myriad of challenges. This is especially true for vendors. We must do...
LockerGoga Ransomware Family Used in Targeted Attacks
Co-authored by Marc RiveroLopez. Initial discovery Once again, we have seen a significant new ransomware family in the news. LockerGoga,...
Locky Ransomware Hides Inside Packed .DLL
McAfee Labs has seen a huge increase in Locky ransomware in recent months (discussed in an earlier blog). Locky is aggressively...
Locky Ransomware Hides Under Multiple Obfuscated Layers of JavaScript
This post was prepared with the invaluable assistance of Rahamathulla Hussain and Girish Kulkarni. During the last couple of weeks,...
Locky Ransomware on Rampage With JavaScript Downloader
Locky is a ransomware family that encrypts victims’ files and demands money to decrypt the files. It has infected many...
Looking Into the World of Ransomware Actors Reveals Some Surprises
During the preparations for our keynotes at McAfee’s recent MPOWER conference, we brainstormed a few topics we wanted to share...
Lumma Stealer on the Rise: How Telegram Channels Are Fueling Malware Proliferation
Authored by: M. Authored by: M, Mohanasundaram and Neil Tyagi In today’s rapidly evolving cyber landscape, malware threats continue to...
Mac ‘Protector’: Another Fake-Alert in Disguise
It’s not breaking news that fake-alert Trojans infections are growing. But it’s worrying for Mac OS X users to find...
Macro Malware Adds Tricks, Uses MaxMind to Avoid Detection
Macro malware continues to evolve and use new tricks to evade detection. This threat is responsible for downloading malicious Trojans...
Macro Malware Associated With Dridex Finds New Ways to Hide
Macro malware is on the upswing and cybercriminals are always searching for new ways to deceive users and evade detection....
Macro Malware Employs Advanced Obfuscation to Avoid Detection
Attacks by macro malware carrying ransomware are growing, as we have recently reported on Blog Central here and here. Now McAfee Labs...
Macro Malware Employs Advanced Sandbox-Evasion Techniques
During the past couple of weeks, McAfee Labs has observed a new variant of macro malware. With this variant when...
Macro Malware Targets Macs
Macro malware has been spreading for years. New techniques arise all the time to hide malicious code and thus increase...
Major HTTP Vulnerability in Windows Could Lead to Wormable Exploit
Today, Microsoft released a highly critical vulnerability (CVE-2021-31166) in its web server http.sys. This product is a Windows-only HTTP server...
Making Moves to Go Green at McAfee Waterloo
By Gurjeet, Software Engineer, Canada “We should protect Mother Earth. If we don’t take care of her, she won’t take...
MalBus Actor Changed Market from Google Play to ONE Store
Authored by: Sang Ryol Ryu and Chanung Pak McAfee Mobile Research team has found another variant of MalBus on an...
MalBus: Popular South Korean Bus App Series in Google Play Found Dropping Malware
McAfee’s Mobile Research team recently learned of a new malicious Android application masquerading as a plugin for a transportation application...
Malicious Cookie Stuffing Chrome Extensions with 1.4 Million Users
Authored by Oliver Devane and Vallabh Chole September 9, 2022 Update: Since the original publication of this blog on August...
Malicious Document Targets Pyeongchang Olympics
McAfee Advanced Threat Research analysts have discovered a campaign targeting organizations involved with the Pyeongchang Olympics. Attached in an email...
Malicious Forums Turn Amateur Hackers Into Cybercriminals
Security researchers are aware of forums that offer downloads of malicious software such as keyloggers and remote access tools. Some inexperienced...
Malicious PowerPoint Documents on the Rise
Authored by Anuradha M McAfee Labs have observed a new phishing campaign that utilizes macro capabilities available in Microsoft PowerPoint....
Malicious Utility Can Defeat Windows PatchGuard
In 2012, my colleagues Deepak Gupta and Xiaoning Li explained in a white paper how some malware can operate at...
Malware Behaves Oddly in Automated Analysis Environment
While testing malware recently, we got some logs from our automated analysis system showing a few samples that are only...
Malware Hides in Installer to Avoid Detection
At McAfee Labs we recently observed various threat families using the Nullsoft Scriptable Install System (NSIS). This practice is not...
Malware Manipulates Procedure Prologue and Epilogue to Evade Security
Techniques used by malware developers to evade detection by security software have changed drastically in recent years. Encryption, packers, wrappers,...
Malware Mines, Steals Cryptocurrencies From Victims
How’s your Bitcoin balance? Interested in earning more? The value of cybercurrency is going up. One way to increase your...
Malware Mystery: JS/Nemucod Downloads Legitimate Installer
JS/Nemucod is the detection name given to a family of malicious JavaScript downloaders that have appeared in spam campaigns since last year....
