Featured Blogs
McAfee Defender’s Blog: NetWalker
Building Adaptable Security Architecture Against NetWalker NetWalker Overview The NetWalker ransomware, initially known as Mailto, was first detected in August...
McAfee Defender’s Blog: Cuba Ransomware Campaign
Cuba Ransomware Overview Over the past year, we have seen ransomware attackers change the way they have responded to organizations...
McAfee Defenders Blog: Reality Check for your Defenses
Welcome to reality Ever since I started working in IT Security more than 10 years ago, I wondered, what helps...
McAfee COVID-19 Report Reveals Pandemic Threat Evolution
The McAfee Advanced Threat Research team today published the McAfee® Labs COVID-19 Threats Report, July 2020. In this “Special Edition”...
McAfee ATR Threat Report: A Quick Primer on Cuba Ransomware
Executive Summary Cuba ransomware is an older ransomware, that has recently undergone some development. The actors have incorporated the leaking of victim data to increase its impact...
McAfee ATR Thinks in Graphs
0. Introduction John Lambert, a distinguished researcher specializing in threat intelligence at Microsoft, once said these words that changed perspectives:...
McAfee ATR Launches Education-Inspired Capture the Flag Contest!
McAfee’s Advanced Threat Research team just completed its second annual capture the flag (CTF) contest for internal employees. Based on tremendous...
McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service – What The Code Tells Us
Episode 1: What the Code Tells Us McAfee’s Advanced Threat Research team (ATR) observed a new ransomware family in the...
McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service – The All-Stars
Episode 2: The All-Stars Analyzing Affiliate Structures in Ransomware-as-a-Service Campaigns This is the second installment of the McAfee Advanced Threat...
McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service – Follow The Money
Episode 3: Follow the Money This is the third installment of the McAfee Advanced Threat Research (ATR) analysis of Sodinokibi...
McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service – Crescendo
Episode 4: Crescendo This is the final installment of the McAfee Advanced Threat Research (ATR) analysis of Sodinokibi and its...
McAfee ATR Aids Police in Arrest of Rubella & Dryad Office Macro Builder
Everyday thousands of people receive emails with malicious attachments in their email inbox. Disguised as a missed payment or an...
McAfee AMSI Integration Protects Against Malicious Scripts
This blog describes how the AMSI (Antimalware Scan Interface) is used within the various McAfee products, and highlights some of the malware we are able to detect with it.
McAfee Adds Flash Exploit Detection to NSP 8.2
Adobe Flash vulnerabilities and exploits have worried users and security professionals for many years. The situation today remains serious. A...
Malware Takes Advantage of Windows ‘God Mode’
Microsoft Windows has hidden an Easter Egg since Windows Vista. It allows users to create a specially named folder that...
Malware Spreads Through Facebook Tag Scam
McAfee has recently observed a malware spreading through Facebook. This type of malware is not new, but it keeps evolving...
Malware on Google Play Targets North Korean Defectors
Earlier this year, McAfee researchers predicted in the McAfee Mobile Threat Report that we expect the number of targeted attacks on mobile devices to increase due to their ubiquitous growth combined with the sophisticated tactics used by malware authors.
Malware Mystery: JS/Nemucod Downloads Legitimate Installer
JS/Nemucod is the detection name given to a family of malicious JavaScript downloaders that have appeared in spam campaigns since last year....
