Featured Blogs
ROCA: Which Key-Pair Attacks Are Credible?
This blog was co-written by Brook Schoenfield. In the past two weeks, we have seen two big encryption issues arise:...
KRACKs Against Wi-Fi Serious But Not End of the World
This blog was written by Brook Schoenfield. On October 12, researcher Mathy Vanhoef announced a set of Wi-Fi attacks that...
Tips for Effective Threat Hunting
This blog was co-written by Ramnath Venugopalan. In May, McAfee surveyed more than 700 IT and security professionals around the...
Conquering Fear at McAfee
By Radhika, Director of Global Consumer Product Marketing. With the U.S. school year beginning, I’ve been in touch with the...
Taiwan Bank Heist and the Role of Pseudo Ransomware
Widespread reports claim the Far Eastern International Bank in Taiwan has become a victim of hacking. The attacks demonstrate the global nature of cybercrime, with the cybercriminals attempting to wire US$60 million to destinations such as Sri Lanka, Cambodia, and the United States.
Staying Anonymous on the Blockchain: Concerns and Techniques
With Bitcoin at one point valued at more than $5,000 per unit, cryptocurrencies have excited a lot of interest from...
The McAfee Adventures of a Middle School Teacher
By Lori, AVID Teacher, Haggard Middle School I knew when I met you an adventure was going to happen. –...
Stefan’s Tale: A 17-Year Journey to McAfee
By Stefan, Senior Security Consultant in Sydney, Australia. When I was younger, I wanted to be a policeman and help...
Linux Kernel Vulnerability Can Lead to Privilege Escalation: Analyzing CVE-2017-1000112
This blog was written by Krishs Patil. A memory corruption bug in UDP fragmentation offload (UFO) code inside the Linux...
First 30 Days at McAfee: Pups at Work, VR and Pledge Wall
By Beth, HR Communication Specialist in Plano, Texas. For the last six consecutive years, The Dallas Morning News has recognized...
McAfee Labs: Faceliker Surge Manipulates Facebook “Likes” to Promote News, Other Content
Criminals excel in manipulating the trust within human relationships, particularly as individuals project themselves into digital realms such as social...
Apache Struts at REST: Analyzing Remote Code Execution Vulnerability CVE-2017-9805
Apache Struts, an open-source web development framework, is prone to vulnerabilities. We wrote about CVE-2017-9791 in July. The latest is...
Microsoft Kills Potential Remote Code Execution Vulnerability in Office (CVE-2017-8630)
Recently the McAfee IPS Research Team informed Microsoft about a potential remote code execution vulnerability in Office 2016 that McAfee...
Android Click-Fraud App Repurposed as DDoS Botnet
The McAfee Mobile Research Team tracks the behavior of Android click-fraud apps. We have detected multiple implementations, including recent examples...
Emotet Trojan Acts as Loader, Spreads Automatically
Since the middle of July, McAfee has observed new updates of the Emotet, a Trojan that was first discovered in...
Android Banking Trojan MoqHao Spreading via SMS Phishing in South Korea
Last month, a number of users started posting on South Korean sites screenshots of suspicious SMS messages phishing texts (also...
Android Click-Fraud Apps Briefly Return to Google Play
Click-fraud apps frequently appear on Google Play and third-party markets. They are sometimes hard to identify because the malicious behavior...
Smishing Campaign Steals Banking Credentials in U.S.
The McAfee Mobile Research team recently found an active smishing campaign, using SMS messages, that targets online banking users in...
The New Intern-Net
By Cristina, Channel Team Intern in Plano, Texas. As a college student today, it often feels like it’s essential to...
DEFCON – Connected Car Security
Sometime in the distant past, that thing in your driveway was a car. However, the “connected car is already the...
Everyday Hero: 5 Questions with McAfee Labs’ Paula Greve
iWith cybersecurity experts taking center stage this week at the Black Hat conference in Las Vegas, the world is watching...
Analyzing CVE-2017-0190: WMF Flaws Can Lead to Data Theft, Code Execution
CVE-2017-0190 is a recently patched vulnerability related to Windows metafiles (WMFs), a portable image format mainly used by 16-bit Windows...
Darknet Markets Will Outlive AlphaBay and Hansa Takedowns
On June 20, law enforcement took over the Hansa marketplace after investigations that began in 2016. On July 5, police...
The Kids are in Charge
By Ribu, Communications Manager Kids are wonderful, aren’t they? And what could be better than having a record-breaking 500 children...
Analyzing CVE-2017-9791: Apache Struts Vulnerability Can Lead to Remote Code Execution
Apache Struts is a model-view-controller framework for creating Java web applications. Struts has suffered from a couple of vulnerabilities using...
Analyzing a Patch of a Virtual Machine Escape on VMware
This blog was written by Yakun Zhang. A virtual machine is a completely isolated guest operating system installation within a...
Coming Home To Vote for Marriage Equality
By Chris, Localization Engineer Chris is a localization engineer for McAfee in Cork, Ireland, who is passionate about inclusivity for...
