Featured Blogs
Google Play Users Risk a Yellow Card With Android/FoulGoal.A
This blog post was co-written by Irfan Asrar. English soccer fans have enthusiastically enjoyed the team’s current run in the...
What Drives a Ransomware Criminal? CoinVault Developers Convicted
How often do we get a chance to learn what goes on in the minds of cybercriminals? Two members of...
CactusTorch Fileless Threat Abuses .NET to Infect Victims
McAfee Labs has noticed a significant shift by some actors toward using trusted Windows executables, rather than external malware, to...
GandCrab Ransomware Puts the Pinch on Victims
Update: On August 9 we added our analysis of Versions 4.2.1 and 4.3. The GandCrab ransomware first appeared in January...
Examining Code Reuse Reveals Undiscovered Links Among North Korea’s Malware Families
Attacks from the online groups Lazarus, Silent Chollima, Group 123, Hidden Cobra, DarkSeoul, Blockbuster, Operation Troy, and 10 Days of Rain are believed to have come from North Korea. But how can we know with certainty?
80 to 0 in Under 5 Seconds: Falsifying a Medical Patient’s Vitals
With the explosion of growth in technology and its influence on our lives, we have become increasingly dependent on it. The medical field is no exception: Medical professionals trust technology to provide them with accurate information and base life-changing decisions on this data.
Microsoft Cortana Allows Browser Navigation Without Login: CVE-2018-8253
A locked Windows 10 device with Cortana enabled on the lock screen allows an attacker with physical access to the device to do two kinds of unauthorized browsing.
McAfee ePO Platform Gains Insight Into Threat Research
The latest update to the McAfee® ePolicy Orchestrator® platform offers a new add-in to provide insight into the latest analysis carried out by McAfee Labs and the Advanced Threat Research team.
McAfee Opens State-of-the-Art Security Research Lab in Oregon
Today we are pleased to announce the grand opening of our dedicated research lab in the Hillsboro, Oregon, office near Portland.
‘Insight’ into Home Automation Reveals Vulnerability in Simple IoT Product
Eoin Carroll, Charles McFarland, Kevin McGrath, and Mark Bereza contributed to this report. The Internet of Things promises to make...
Political Figures Differ Online: Names of Trump, Obama, Merkel Attached to Ransomware
Politics and ransomware. No, it’s not a lost single from the Oasis back catalogue, but in fact a relatively recent...
Cyber Threat Alliance Releases Analysis of Illicit Cryptocurrency Mining
In response to the explosive increase in cryptomining campaigns in Q4 2017, the Cyber Threat Alliance has formed a cryptomining subcommittee to assess the threat.
‘McAfee Labs Threats Report’ Highlights Cryptojacking, Blockchain, Mobile Security Issues
As we look over some of the key issues from the newly released McAfee Labs Threats Report, we read terms such as voice assistant, blockchain, billing fraud, and cryptojacking.
When the Digital Impacts the Physical
Cyberattacks have always been, well, cyber. Their immediate effects were on our data, our digital information, and our devices…until they...
Ransomware GandCrab Version 5 Partners With Crypter Service for Obfuscation
The GandCrab ransomware, which first appeared in January, has been updated rapidly during its short life, with Version 5.0.2 appearing...
‘Operation Oceansalt’ Delivers Wave After Wave
In the latest findings from the McAfee Advanced Threat Research team, we examine an adversary that was not content with a single campaign, but launched five distinct waves adapted to their separate targets.
Android/TimpDoor Turns Mobile Devices Into Hidden Proxies
The McAfee Mobile Research team recently found an active phishing campaign using text messages (SMS) that tricks users into downloading...
Fallout Exploit Kit Releases the Kraken Ransomware on Its Victims
Alexandr Solad and Daniel Hatheway of Recorded Future are coauthors of this post. Read Recorded Future’s version of this analysis. ...
Pay-Per-Install Company Deceptively Floods Market with Unwanted Programs
For the past 18 months, McAfee Labs has been investigating a pay-per-install developer, WakeNet AB, responsible for spreading prevalent adware...
Triton Malware Spearheads Latest Attacks on Industrial Systems
Malware that attacks industrial control systems (ICS), such as the Stuxnet campaign in 2010, is a serious threat. This class of cyber sabotage can spy on, disrupt, or destroy systems that manage large-scale industrial processes. An essential danger in this threat is that it moves from mere digital damage to ...
McAfee Labs 2019 Threats Predictions Report
Our predictions for 2019 move away from simply providing an assessment on the rise or fall of a particular threat, and instead focus on current rumblings we see in the cybercriminal underground that we expect to grow into trends and subsequently threats in the wild.
‘Operation Sharpshooter’ Targets Global Defense, Critical Infrastructure
This post was written with contributions from the McAfee Advanced Threat Research team. The McAfee Advanced Threat Research team...
Shamoon Returns to Wipe Systems in Middle East, Europe
Destructive malware has been employed by adversaries for years. Usually such attacks are carefully targeted and can be motivated by...
McAfee Labs Threats Report Examines Cybercriminal Underground, IoT Malware, Other Threats
The McAfee Advanced Threat Research team today published the McAfee® Labs Threats Report, December 2018. In this edition, we highlight...
Shamoon Attackers Employ New Tool Kit to Wipe Infected Systems
Last week the McAfee Advanced Threat Research team posted an analysis of a new wave of Shamoon “wiper” malware attacks...
Ryuk Ransomware Attack: Rush to Attribution Misses the Point
Senior analyst Ryan Sherstobitoff contributed to this report. During the past week, an outbreak of Ryuk ransomware that impeded newspaper...
IE Scripting Flaw Still a Threat to Unpatched Systems: Analyzing CVE-2018-8653
Microsoft recently patched a critical flaw in Internet Explorer’s scripting engine that could lead to remote code execution. The vulnerability...
