Featured Blogs
The McAfee Adventures of a Middle School Teacher
By Lori, AVID Teacher, Haggard Middle School I knew when I met you an adventure was going to happen. –...
Stefan’s Tale: A 17-Year Journey to McAfee
By Stefan, Senior Security Consultant in Sydney, Australia. When I was younger, I wanted to be a policeman and help...
Linux Kernel Vulnerability Can Lead to Privilege Escalation: Analyzing CVE-2017-1000112
This blog was written by Krishs Patil. A memory corruption bug in UDP fragmentation offload (UFO) code inside the Linux...
First 30 Days at McAfee: Pups at Work, VR and Pledge Wall
By Beth, HR Communication Specialist in Plano, Texas. For the last six consecutive years, The Dallas Morning News has recognized...
McAfee Labs: Faceliker Surge Manipulates Facebook “Likes” to Promote News, Other Content
Criminals excel in manipulating the trust within human relationships, particularly as individuals project themselves into digital realms such as social...
Apache Struts at REST: Analyzing Remote Code Execution Vulnerability CVE-2017-9805
Apache Struts, an open-source web development framework, is prone to vulnerabilities. We wrote about CVE-2017-9791 in July. The latest is...
Microsoft Kills Potential Remote Code Execution Vulnerability in Office (CVE-2017-8630)
Recently the McAfee IPS Research Team informed Microsoft about a potential remote code execution vulnerability in Office 2016 that McAfee...
Android Click-Fraud App Repurposed as DDoS Botnet
The McAfee Mobile Research Team tracks the behavior of Android click-fraud apps. We have detected multiple implementations, including recent examples...
Emotet Trojan Acts as Loader, Spreads Automatically
Since the middle of July, McAfee has observed new updates of the Emotet, a Trojan that was first discovered in...
Android Banking Trojan MoqHao Spreading via SMS Phishing in South Korea
Last month, a number of users started posting on South Korean sites screenshots of suspicious SMS messages phishing texts (also...
Android Click-Fraud Apps Briefly Return to Google Play
Click-fraud apps frequently appear on Google Play and third-party markets. They are sometimes hard to identify because the malicious behavior...
Smishing Campaign Steals Banking Credentials in U.S.
The McAfee Mobile Research team recently found an active smishing campaign, using SMS messages, that targets online banking users in...
The New Intern-Net
By Cristina, Channel Team Intern in Plano, Texas. As a college student today, it often feels like it’s essential to...
DEFCON – Connected Car Security
Sometime in the distant past, that thing in your driveway was a car. However, the “connected car is already the...
Everyday Hero: 5 Questions with McAfee Labs’ Paula Greve
iWith cybersecurity experts taking center stage this week at the Black Hat conference in Las Vegas, the world is watching...
Analyzing CVE-2017-0190: WMF Flaws Can Lead to Data Theft, Code Execution
CVE-2017-0190 is a recently patched vulnerability related to Windows metafiles (WMFs), a portable image format mainly used by 16-bit Windows...
Darknet Markets Will Outlive AlphaBay and Hansa Takedowns
On June 20, law enforcement took over the Hansa marketplace after investigations that began in 2016. On July 5, police...
The Kids are in Charge
By Ribu, Communications Manager Kids are wonderful, aren’t they? And what could be better than having a record-breaking 500 children...
Analyzing CVE-2017-9791: Apache Struts Vulnerability Can Lead to Remote Code Execution
Apache Struts is a model-view-controller framework for creating Java web applications. Struts has suffered from a couple of vulnerabilities using...
Analyzing a Patch of a Virtual Machine Escape on VMware
This blog was written by Yakun Zhang. A virtual machine is a completely isolated guest operating system installation within a...
Coming Home To Vote for Marriage Equality
By Chris, Localization Engineer Chris is a localization engineer for McAfee in Cork, Ireland, who is passionate about inclusivity for...
LeakerLocker: Mobile Ransomware Acts Without Encryption
We recently found on Google Play a type of mobile ransomware that does not encrypt files. This malware extorts a...
How to Protect Against Petya Ransomware in a McAfee Environment
A new variant of the ransomware Petya (also called Petrwrap) began spreading around the world on June 27. Petya is ransomware that exploits the vulnerability CVE-2017-0144 in Microsoft’s implementation of the Server Message Block protocol. This ransomware encrypts the master boot records of infected Windows computers, making the machines unusable.
McAfee Discovers Pinkslipbot Exploiting Infected Machines as Control Servers
This blog was written by Sanchit Karve. McAfee Labs has discovered that banking malware Pinkslipbot (also known as QakBot/QBot) has...
Misuse of DocuSign Email Addresses Leads to Phishing Campaign
DocuSign, which provides electronic signatures and digital transaction management, reported that email addresses were stolen by an unknown party on...
Fake WannaCry ‘Protectors’ Emerge on Google Play
Are Android devices affected by the self-propagating ransomware WannaCry? No—because this threat exploits a vulnerability in Microsoft Windows. This malware...
How to Protect Against WannaCry Ransomware in a McAfee Environment
WannaCry is a ransomware family targeting Microsoft Windows. On Friday May 12, a large cyberattack based on this threat was launched. At this time, it is estimated that more than 250,000 computers in 150 countries have been infected, each demanding a ransom payment.
