Featured Blogs
Malicious Document Targets Pyeongchang Olympics
McAfee Advanced Threat Research analysts have discovered a campaign targeting organizations involved with the Pyeongchang Olympics. Attached in an email...
Malicious Forums Turn Amateur Hackers Into Cybercriminals
Security researchers are aware of forums that offer downloads of malicious software such as keyloggers and remote access tools. Some inexperienced...
Malicious PowerPoint Documents on the Rise
Authored by Anuradha M McAfee Labs have observed a new phishing campaign that utilizes macro capabilities available in Microsoft PowerPoint....
Malicious Utility Can Defeat Windows PatchGuard
In 2012, my colleagues Deepak Gupta and Xiaoning Li explained in a white paper how some malware can operate at...
Malware Behaves Oddly in Automated Analysis Environment
While testing malware recently, we got some logs from our automated analysis system showing a few samples that are only...
Malware Hides in Installer to Avoid Detection
At McAfee Labs we recently observed various threat families using the Nullsoft Scriptable Install System (NSIS). This practice is not...
Malware Manipulates Procedure Prologue and Epilogue to Evade Security
Techniques used by malware developers to evade detection by security software have changed drastically in recent years. Encryption, packers, wrappers,...
Malware Mines, Steals Cryptocurrencies From Victims
How’s your Bitcoin balance? Interested in earning more? The value of cybercurrency is going up. One way to increase your...
Malware Mystery: JS/Nemucod Downloads Legitimate Installer
JS/Nemucod is the detection name given to a family of malicious JavaScript downloaders that have appeared in spam campaigns since last year....
Malware on Google Play Targets North Korean Defectors
Earlier this year, McAfee researchers predicted in the McAfee Mobile Threat Report that we expect the number of targeted attacks on mobile devices to increase due to their ubiquitous growth combined with the sophisticated tactics used by malware authors.
Malware Spreads Through Facebook Tag Scam
McAfee has recently observed a malware spreading through Facebook. This type of malware is not new, but it keeps evolving...
Malware Takes Advantage of Windows ‘God Mode’
Microsoft Windows has hidden an Easter Egg since Windows Vista. It allows users to create a specially named folder that...
McAfee Adds Flash Exploit Detection to NSP 8.2
Adobe Flash vulnerabilities and exploits have worried users and security professionals for many years. The situation today remains serious. A...
McAfee AMSI Integration Protects Against Malicious Scripts
This blog describes how the AMSI (Antimalware Scan Interface) is used within the various McAfee products, and highlights some of the malware we are able to detect with it.
McAfee ATR Aids Police in Arrest of Rubella & Dryad Office Macro Builder
Everyday thousands of people receive emails with malicious attachments in their email inbox. Disguised as a missed payment or an...
McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service – Crescendo
Episode 4: Crescendo This is the final installment of the McAfee Advanced Threat Research (ATR) analysis of Sodinokibi and its...
McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service – Follow The Money
Episode 3: Follow the Money This is the third installment of the McAfee Advanced Threat Research (ATR) analysis of Sodinokibi...
McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service – The All-Stars
Episode 2: The All-Stars Analyzing Affiliate Structures in Ransomware-as-a-Service Campaigns This is the second installment of the McAfee Advanced Threat...
