Featured Blogs
KRACKs: Five Observations on WPA Authentication Vulnerability
KRACKs are in the news. McAfee has already discussed these key reinstallation attacks that affect Wi-Fi setups in two posts:...
Code Execution Technique Takes Advantage of Dynamic Data Exchange
Email phishing campaigns are a popular social engineering technique among hackers. The idea is simple: Craft an email that looks...
Configuring McAfee ENS and VSE to Prevent Macroless Code Execution in Office Apps
Microsoft Office macros are a popular method of distributing malware. Users can defend themselves against macro attacks by disabling macros....
Pirate Versions of Popular Apps Infiltrate Google Play via Virtualization
The McAfee Mobile Research team recently found pirated applications of popular apps distributed on the Google Play store. A pirated...
Self-Signed Certificates Can Be Secure, So Why Ban Them?
This blog was co-written by Brook Schoenfield and Ramnath Venugopalan. In many organizations the use of self-signed certificates is forbidden...
New Android Malware Found in 144 GooglePlay Apps
McAfee’s Mobile Research team has found a new Android malware in 144 “Trojanized” applications on Google Play. We named this...
Malware Mines, Steals Cryptocurrencies From Victims
How’s your Bitcoin balance? Interested in earning more? The value of cybercurrency is going up. One way to increase your...
Android Malware Appears Linked to Lazarus Cybercrime Group
This blog was written by Inhee Han. The McAfee Mobile Research team recently examined a new threat, Android malware that...
IoT Devices: The Gift that Keeps on Giving… to Hackers
McAfee Advanced Threat Research on Most Hackable Gifts You’ve probably noticed the recent increase in Internet connected drones, digital assistants,...
Lazarus Cybercrime Group Moves to Mobile Platform
When it comes to describing cyberattacks, the word sophisticated is used a lot. Whether to explain yet another “advanced” campaign...
Don’t Substitute CVSS for Risk: Scoring System Inflates Importance of CVE-2017-3735
This blog was co-written by Brook Schoenfield and Damian Quiroga. I am a wry observer of vulnerability announcements. CVE-2017-3735—which can...
McAfee Labs 2018 Threats Predictions Previews Five Cybersecurity Trends
Welcome to the McAfee Labs 2018 Threats Predictions Report. We find ourselves in a highly volatile stage of cybersecurity, with new devices, new risks, and new threats appearing every day. In this edition, we have polled thought leaders from McAfee Labs and the Office of the CTO. They offer their ...
Should I Worry About AVGater, Which Exploits Some Security Products?
This blog was written by Brook Schoenfield. On November 10, a researcher reported the vulnerability AVGater, which affects some antimalware...
Looking Into the World of Ransomware Actors Reveals Some Surprises
During the preparations for our keynotes at McAfee’s recent MPOWER conference, we brainstormed a few topics we wanted to share...
McAfee Labs Reports All-Time Highs for Malware in Latest Count
In the third quarter of 2017, McAfee Labs reports all-time highs of new and total malware. What is causing the...
Chinese Cybercriminals Develop Lucrative Hacking Services
Underground cybercrime profits in China have likely already exceeded US$15.1 billion (100 billion Chinese yuan); caused more than $13.8 billion...
Operation Dragonfly Analysis Suggests Links to Earlier Attacks
On September 6, Symantec published details of the Dragonfly campaign, which targeted dozens of energy companies throughout 2017. This attack...
McAfee Labs Advanced Threat Research Aids Arrest of Suspected Cybercrime Gang
In our recent research, we interviewed the actors behind ransomware campaigns. One of the interesting findings was cybercriminals seemed to have a sense of absolute safety when conducting criminal operations. Cybercrime is an area of crime like no other, perceived as low-risk with high returns, which contributes greatly to its ...
Malicious Document Targets Pyeongchang Olympics
McAfee Advanced Threat Research analysts have discovered a campaign targeting organizations involved with the Pyeongchang Olympics. Attached in an email...
Decyphering the Noise Around ‘Meltdown’ and ‘Spectre’
The McAfee Advanced Threat Research (ATR) Team has closely followed the attack techniques that have been named Meltdown and Spectre...
North Korean Defectors and Journalists Targeted Using Social Networks and KakaoTalk
Recently, South Korean media wrote about North Korean refugees and journalists being targeted by unknown actors using KakaoTalk (a popular...
Twitter Accounts of US Media Under Attack by Large Campaign
A previously reported campaign purportedly carried out by Turkish hacker group “Ayyildiz Tim” targeting high-profile, verified Twitter accounts with the purpose of spreading Turkish political propaganda appears to have escalated within the last 24 hours. McAfee Advanced Threat Research has investigated the new events and discovered the following.
Gold Dragon Widens Olympics Malware Attacks, Gains Permanent Presence on Victims’ Systems
McAfee Advanced Threat Research (ATR) recently released a report describing a fileless attack targeting organizations involved with the Pyeongchang Olympics. The attack used a PowerShell implant that established a channel to the attacker’s server to gather basic system-level data. What was not determined at that time was what occurred after ...
Lazarus Resurfaces, Targets Global Banks and Bitcoin Users
McAfee Advanced Threat Research (ATR) analysts have discovered an aggressive Bitcoin-stealing phishing campaign by the international cybercrime group Lazarus that uses sophisticated malware with long-term impact.
Free Ransomware Available on Dark Web
The McAfee Advanced Threat Research team recently analyzed a ransomware-as-a-service threat that is available for free and without registration. This malware...
DDoS Attacks in the Netherlands Reveal Teen Gamers on Troublesome Path
At the end of January, the Netherlands was plagued by distributed denial of service (DDoS) attacks targeting various financial institutions,...
How Hackers Bypassed an Adobe Flash Protection Mechanism
The number of Flash Player exploits has recently declined, due to Adobe’s introduction of various measures to strengthen Flash’s security....
