Featured Blogs
New Zero-Day Attack Copies Earlier Flash Exploitation
Late on July 10, Microsoft released a blog post disclosing that they were aware of a zero-day attack in the...
Next Targets for Cybercriminals: the Long Term (Part 2)
In the previous post in this series, I outlined how cybercriminals will use the holiday season to victimize unwary consumers...
Next Targets for Cybercriminals: the Short Term (Part 1)
Knowing what cybercriminals are targeting today is easy. Their attacks are loud, impactful, and have the elegance of a...
NGRBot Spreads Via Chat
NGRBot is a worm that propagates through chat messengers, the Internet Relay Chat channel, social networking sites etc. It steals...
Nivdort: Data-Stealing Trojan Arrives via Spam
During the past couple of weeks, McAfee Labs has observed a huge increase in spam related to Nivdort, a malicious file...
No More Ransom Blows Out Three Birthday Candles Today
Collaborative Initiative Celebrates Helping More Than 200,000 Victims and Preventing More Than 100 million USD From Falling into Criminal Hands...
No Winners at QR Code Roulette
Last year a friend had a bright idea for a party game that involved a series of QR codes in...
North Korean Defectors and Journalists Targeted Using Social Networks and KakaoTalk
Recently, South Korean media wrote about North Korean refugees and journalists being targeted by unknown actors using KakaoTalk (a popular...
Obfuscated Malware Discovered on Google Play
The McAfee Labs Mobile Malware Research team found early this week on Google Play a set of malware published by...
Office 365 Users Targeted by Voicemail Scam Pages
McAfee Labs has been observing a new phishing campaign using a fake voicemail message to lure victims into entering their Office 365 email credentials.
Olympics Has Fallen – A Misinformation Campaign Featuring a Voice Cloned Elon Musk
Authored by Lakshya Mathur and Abhishek Karnik As the world gears up for the 2024 Paris Olympics, excitement is building,...
On Drovorub: Linux Kernel Security Best Practices
Intro In a U.S. government cyber security advisory released today, the National Security Agency and Federal Bureau of Investigation warn...
One Team Member Selflessly Provides Relief to COVID-19’s Front Line
By: Heiko, Senior Security Engineer, Germany I never could have imagined that what started as a national duty to volunteer...
One-Click Fraud Variant on Google Play in Japan Steals User Data
Last week McAfee Labs reported a series of “one-click fraud” malware on Google Play in Japan. We have been monitoring...
One-Click Scammers Still Targeting Japanese Smartphone Users
Last year we saw an attack targeting Android device users in which more than 2,400 malicious one-click fraud apps were...
OneDrive Phishing Awareness
There are number of ways scammers use to target personal information and, currently, one example is, they are taking advantage...
Operation (노스 스타) North Star A Job Offer That’s Too Good to be True?
Executive Summary We are in the midst of an economic slump [1], with more candidates than there are jobs, something...
Operation Diànxùn: Cyberespionage Campaign Targeting Telecommunication Companies
In this report the McAfee Advanced Threat Research (ATR) Strategic Intelligence team details an espionage campaign, targeting telecommunication companies, dubbed...
Operation Dragonfly Analysis Suggests Links to Earlier Attacks
On September 6, Symantec published details of the Dragonfly campaign, which targeted dozens of energy companies throughout 2017. This attack...
Operation Dragonfly Imperils Industrial Protocol
Recent headlines (here and here) may have struck fear into those living near major energy installations due to references about...
Operation High Roller Raises Financial Fraud Stakes
Earlier today Guardian Analytics and McAfee released the joint report “Dissecting Operation High Roller,” which describes a new breed of...
Operation North Star: Behind The Scenes
Executive Summary It is rare to be provided an inside view on how major cyber espionage campaigns are conducted within...
Operation North Star: Summary Of Our Latest Analysis
McAfee’s Advanced Threat Research (ATR) today released research that uncovers previously undiscovered information on how Operation North Star evaluated its...
Organizations Leave Backdoors Open to Cheap Remote Desktop Protocol Attacks
While researching underground hacker marketplaces, the McAfee Advanced Threat Research team has discovered that access linked to security and building automation systems of a major international airport could be bought for only US$10.
Our Experiences Participating in Microsoft’s Azure Sphere Bounty Program
From June to August, part of the McAfee Advanced Threat Research (ATR) team participated in Microsoft’s Azure Sphere Research Challenge. Our research resulted...
Overcoming Targeted Attacks: a New Approach
Successful targeted attacks bypass security controls and typically cause significant damage to an enterprise. Damages may include reputation, monetary, and...
Parasitic Coin Mining Creates Wealth, Destroys Systems
The increasing popularity of cryptocurrencies has inspired some people to pursue coin mining, essentially making money online. (Mining is the...
