Featured Blogs
LeakerLocker: Mobile Ransomware Acts Without Encryption
We recently found on Google Play a type of mobile ransomware that does not encrypt files. This malware extorts a...
Leaning into Change with the McAfee Family
With today’s current climate, many companies are building cultures and infrastructures to support working from home (WFH). Like most transitions,...
Learn to Identify and Avoid Malicious Browser Extensions
Browser extensions have become essential parts of how we browse, bank, work, and shop online. From password managers to ad...
Linux Kernel Vulnerability Can Lead to Privilege Escalation: Analyzing CVE-2017-1000112
This blog was written by Krishs Patil. A memory corruption bug in UDP fragmentation offload (UFO) code inside the Linux...
LizaMoon the Latest SQL-Injection Attack
Working in the security industry brings about a myriad of challenges. This is especially true for vendors. We must do...
LockerGoga Ransomware Family Used in Targeted Attacks
Co-authored by Marc RiveroLopez. Initial discovery Once again, we have seen a significant new ransomware family in the news. LockerGoga,...
Locky Ransomware Hides Inside Packed .DLL
McAfee Labs has seen a huge increase in Locky ransomware in recent months (discussed in an earlier blog). Locky is aggressively...
Locky Ransomware Hides Under Multiple Obfuscated Layers of JavaScript
This post was prepared with the invaluable assistance of Rahamathulla Hussain and Girish Kulkarni. During the last couple of weeks,...
Locky Ransomware on Rampage With JavaScript Downloader
Locky is a ransomware family that encrypts victims’ files and demands money to decrypt the files. It has infected many...
Looking Into the World of Ransomware Actors Reveals Some Surprises
During the preparations for our keynotes at McAfee’s recent MPOWER conference, we brainstormed a few topics we wanted to share...
Lumma Stealer on the Rise: How Telegram Channels Are Fueling Malware Proliferation
Authored by: M. Authored by: M, Mohanasundaram and Neil Tyagi In today’s rapidly evolving cyber landscape, malware threats continue to...
Mac ‘Protector’: Another Fake-Alert in Disguise
It’s not breaking news that fake-alert Trojans infections are growing. But it’s worrying for Mac OS X users to find...
Macro Malware Adds Tricks, Uses MaxMind to Avoid Detection
Macro malware continues to evolve and use new tricks to evade detection. This threat is responsible for downloading malicious Trojans...
Macro Malware Associated With Dridex Finds New Ways to Hide
Macro malware is on the upswing and cybercriminals are always searching for new ways to deceive users and evade detection....
Macro Malware Employs Advanced Obfuscation to Avoid Detection
Attacks by macro malware carrying ransomware are growing, as we have recently reported on Blog Central here and here. Now McAfee Labs...
Macro Malware Employs Advanced Sandbox-Evasion Techniques
During the past couple of weeks, McAfee Labs has observed a new variant of macro malware. With this variant when...
Macro Malware Targets Macs
Macro malware has been spreading for years. New techniques arise all the time to hide malicious code and thus increase...
Major HTTP Vulnerability in Windows Could Lead to Wormable Exploit
Today, Microsoft released a highly critical vulnerability (CVE-2021-31166) in its web server http.sys. This product is a Windows-only HTTP server...
Making Moves to Go Green at McAfee Waterloo
By Gurjeet, Software Engineer, Canada “We should protect Mother Earth. If we don’t take care of her, she won’t take...
MalBus Actor Changed Market from Google Play to ONE Store
Authored by: Sang Ryol Ryu and Chanung Pak McAfee Mobile Research team has found another variant of MalBus on an...
MalBus: Popular South Korean Bus App Series in Google Play Found Dropping Malware
McAfee’s Mobile Research team recently learned of a new malicious Android application masquerading as a plugin for a transportation application...
Malicious Document Targets Pyeongchang Olympics
McAfee Advanced Threat Research analysts have discovered a campaign targeting organizations involved with the Pyeongchang Olympics. Attached in an email...
Malicious Forums Turn Amateur Hackers Into Cybercriminals
Security researchers are aware of forums that offer downloads of malicious software such as keyloggers and remote access tools. Some inexperienced...
Malicious PowerPoint Documents on the Rise
Authored by Anuradha M McAfee Labs have observed a new phishing campaign that utilizes macro capabilities available in Microsoft PowerPoint....
Malicious Utility Can Defeat Windows PatchGuard
In 2012, my colleagues Deepak Gupta and Xiaoning Li explained in a white paper how some malware can operate at...
Malware Behaves Oddly in Automated Analysis Environment
While testing malware recently, we got some logs from our automated analysis system showing a few samples that are only...
Malware Hides in Installer to Avoid Detection
At McAfee Labs we recently observed various threat families using the Nullsoft Scriptable Install System (NSIS). This practice is not...
