Featured Blogs
Mirai Botnet Creates Army of IoT Orcs
This post was based on analysis by Yashashree Gund and RaviKant Tiwari. There is a lot of speculation in the...
Banned Chinese Qvod Lives on in Malicious Fakes
Qvod used to be a popular video player and developer in China. Due to piracy allegations and a threatened fine,...
Cerber Ransomware Evades Detection With Many Components
This blog was co-written by Sapna Juneja. Cerber is a quickly evolving type of malware called crypto-ransomware. Cerber encrypts files...
Mirai, BrickerBot, Hajime Attack a Common IoT Weakness
This blog post was written by Rick Simon. We know that devices in the Internet of Things make enticing targets...
Vulnerable OpenSSL Handshake Renegotiation Can Trigger Denial of Service
OpenSSL, the popular general-purpose cryptographic library that implements SSL/TLS protocols for web authentication, has recently suffered from several vulnerabilities. We...
Further Analysis of WannaCry Ransomware
McAfee Labs has closely monitored the activity around the ransomware WannaCry. Many sources have reported on this attack and its...
Analysis of Chrysaor Keylogging Mechanism Shows Power of Simple Malicious Code
Many attacks on mobile devices use social engineering to initially infect a victim’s system. They download malware and elevate privileges...
Adylkuzz CoinMiner Spreading Like WannaCry
The last few days have been very busy for security teams all around the globe due to the nasty ransomware...
How to Protect Against WannaCry Ransomware in a McAfee Environment
WannaCry is a ransomware family targeting Microsoft Windows. On Friday May 12, a large cyberattack based on this threat was launched. At this time, it is estimated that more than 250,000 computers in 150 countries have been infected, each demanding a ransom payment.
Fake WannaCry ‘Protectors’ Emerge on Google Play
Are Android devices affected by the self-propagating ransomware WannaCry? No—because this threat exploits a vulnerability in Microsoft Windows. This malware...
Misuse of DocuSign Email Addresses Leads to Phishing Campaign
DocuSign, which provides electronic signatures and digital transaction management, reported that email addresses were stolen by an unknown party on...
McAfee Discovers Pinkslipbot Exploiting Infected Machines as Control Servers
This blog was written by Sanchit Karve. McAfee Labs has discovered that banking malware Pinkslipbot (also known as QakBot/QBot) has...
How to Protect Against Petya Ransomware in a McAfee Environment
A new variant of the ransomware Petya (also called Petrwrap) began spreading around the world on June 27. Petya is ransomware that exploits the vulnerability CVE-2017-0144 in Microsoft’s implementation of the Server Message Block protocol. This ransomware encrypts the master boot records of infected Windows computers, making the machines unusable.
LeakerLocker: Mobile Ransomware Acts Without Encryption
We recently found on Google Play a type of mobile ransomware that does not encrypt files. This malware extorts a...
Coming Home To Vote for Marriage Equality
By Chris, Localization Engineer Chris is a localization engineer for McAfee in Cork, Ireland, who is passionate about inclusivity for...
Analyzing a Patch of a Virtual Machine Escape on VMware
This blog was written by Yakun Zhang. A virtual machine is a completely isolated guest operating system installation within a...
Analyzing CVE-2017-9791: Apache Struts Vulnerability Can Lead to Remote Code Execution
Apache Struts is a model-view-controller framework for creating Java web applications. Struts has suffered from a couple of vulnerabilities using...
The Kids are in Charge
By Ribu, Communications Manager Kids are wonderful, aren’t they? And what could be better than having a record-breaking 500 children...
