Featured Blogs
Linux Kernel Vulnerability Can Lead to Privilege Escalation: Analyzing CVE-2017-1000112
This blog was written by Krishs Patil. A memory corruption bug in UDP fragmentation offload (UFO) code inside the Linux...
Expiro Malware Is Back and Even Harder to Remove
File infector malware adds malicious code to current files. This makes removal tricky because deleting infections results in the loss...
McAfee Labs: Faceliker Surge Manipulates Facebook “Likes” to Promote News, Other Content
Criminals excel in manipulating the trust within human relationships, particularly as individuals project themselves into digital realms such as social...
Staying Anonymous on the Blockchain: Concerns and Techniques
With Bitcoin at one point valued at more than $5,000 per unit, cryptocurrencies have excited a lot of interest from...
Taiwan Bank Heist and the Role of Pseudo Ransomware
Widespread reports claim the Far Eastern International Bank in Taiwan has become a victim of hacking. The attacks demonstrate the global nature of cybercrime, with the cybercriminals attempting to wire US$60 million to destinations such as Sri Lanka, Cambodia, and the United States.
Analyzing Microsoft Office Zero-Day Exploit CVE-2017-11826
McAfee Labs has performed frequent analyses of Office-related threats over the years: In 2015, we presented research on the Office...
Tips for Effective Threat Hunting
This blog was co-written by Ramnath Venugopalan. In May, McAfee surveyed more than 700 IT and security professionals around the...
KRACKs Against Wi-Fi Serious But Not End of the World
This blog was written by Brook Schoenfield. On October 12, researcher Mathy Vanhoef announced a set of Wi-Fi attacks that...
ROCA: Which Key-Pair Attacks Are Credible?
This blog was co-written by Brook Schoenfield. In the past two weeks, we have seen two big encryption issues arise:...
KRACKs: Five Observations on WPA Authentication Vulnerability
KRACKs are in the news. McAfee has already discussed these key reinstallation attacks that affect Wi-Fi setups in two posts:...
Code Execution Technique Takes Advantage of Dynamic Data Exchange
Email phishing campaigns are a popular social engineering technique among hackers. The idea is simple: Craft an email that looks...
Configuring McAfee ENS and VSE to Prevent Macroless Code Execution in Office Apps
Microsoft Office macros are a popular method of distributing malware. Users can defend themselves against macro attacks by disabling macros....
Pirate Versions of Popular Apps Infiltrate Google Play via Virtualization
The McAfee Mobile Research team recently found pirated applications of popular apps distributed on the Google Play store. A pirated...
Self-Signed Certificates Can Be Secure, So Why Ban Them?
This blog was co-written by Brook Schoenfield and Ramnath Venugopalan. In many organizations the use of self-signed certificates is forbidden...
New Android Malware Found in 144 GooglePlay Apps
McAfee’s Mobile Research team has found a new Android malware in 144 “Trojanized” applications on Google Play. We named this...
Malware Mines, Steals Cryptocurrencies From Victims
How’s your Bitcoin balance? Interested in earning more? The value of cybercurrency is going up. One way to increase your...
Android Malware Appears Linked to Lazarus Cybercrime Group
This blog was written by Inhee Han. The McAfee Mobile Research team recently examined a new threat, Android malware that...
IoT Devices: The Gift that Keeps on Giving… to Hackers
McAfee Advanced Threat Research on Most Hackable Gifts You’ve probably noticed the recent increase in Internet connected drones, digital assistants,...
