Featured Blogs
Cyber Threat Alliance Releases Analysis of Illicit Cryptocurrency Mining
In response to the explosive increase in cryptomining campaigns in Q4 2017, the Cyber Threat Alliance has formed a cryptomining subcommittee to assess the threat.
Cyber Criminals Gain in Sophistication With Integrity Attacks
One constant in cybersecurity is the continual rise of sophistication and creativity of attackers. In 2016, we will see a...
CVE-2020-17051: Remote kernel heap overflow in NFSv3 Windows Server
CVSS Score: 9.8 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Overview Microsoft released a patch today for a critical vulnerability (CVE-2020-17051) in the Windows NFSv3 (Network File System) server. NFS is typically...
CVE-2020-16898: “Bad Neighbor”
CVE-2020-16898: “Bad Neighbor” CVSS Score: 8.8 Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Overview Today, Microsoft announced a critical vulnerability in the Windows IPv6 stack,...
CVE-2016-0153: Microsoft Patches Possible OLE Typo
Recently McAfee Labs discovered an interesting bug in Windows’ OLE implementation, which Microsoft patched this week. Now that the patch...
CVE-2016-0018: DLL Planting Leads to a Remote Code Execution Vulnerability
DLL planting, also known as DLL side loading, is a popular attack technique today. If we take a look at...
CVE-2012-0158 Exploit in the Wild
Since last week, we have seen many specially crafted files exploiting CVE-2012-0158, a vulnerability in MSCOMCTL.OCX in Microsoft Office and...
CurveBall – An Unimaginative Pun but a Devastating Bug
Enterprise customers looking for information on defending against Curveball can find information here. 2020 came in with a bang this...
Current Campaign Delivers Hundreds of Thousands of Polymorphic Ransomware
You might have been getting out of bed when attackers started sending hundreds of thousands of fake invoices the morning...
CSI: Evidence Indicators for Targeted Ransomware Attacks – Part II
In our first article we discussed the growing pattern of targeted ransomware attacks where the first infection stage is often...
CSI: Evidence Indicators for Targeted Ransomware Attacks – Part I
For many years now I have been working and teaching in the field of digital forensics, malware analysis and threat...
CryptoWall V3 and V4 Protection for McAfee Customers
Updated, November 6: Since October 30, the release date of the Cyber Threat Alliance report on CryptoWall Version 3, we...
CryptoWall Ransomware Built With RC4 Bricks
Last month many Internet users were suddenly forced to trade in Bitcoins. This was not for general purposes–they were paying...
Cryptocurrency Laundering Service, BestMixer.io, Taken Down by Law Enforcement
A much overlooked but essential part in financially motivated (cyber)crime is making sure that the origins of criminal funds are...
Cryptocurrencies a Target for Cybercriminals, Part 2: Social Platforms Come Next
One target of cybercriminals is cryptocurrencies, which hold tremendous wealth but are largely anonymous. This limits the attack surface mostly...
Cryptocurrencies a Target for Cybercriminals, Part 1: the Risks of Innovation
All cryptocurrencies are a target for cybercriminals. Anywhere there is value, criminals, fraudsters, and charlatans will soon follow. Call it...
Crypto Scammers Exploit: Elon Musk Speaks on Cryptocurrency
By Oliver Devane Update: In the past 24 hours (from time of publication) McAfee has identified 15 more scam sites...
Crypto Scam: SpaceX Tokens for Sale
Authored by: Neil Tyagi Scam artists know no bounds—and that also applies to stealing your cryptocurrency. Crypto scams are like...
Critical Office Zero-Day Attacks Detected in the Wild
At McAfee, we have put significant efforts in hunting attacks such as advanced persistent threats and “zero days.” Yesterday, we...
Criminals are Getting Excited for Tax Filing Season
Cybercriminals are plotting to take advantage of tax season, by fraudulently impersonating consumers and scamming Americans. For the citizens...
Creating a Custom Domain Name with a Google App Engine Application
Google’s App Engine is a Platform as a Service (PaaS) for developers that provides features and frameworks to quickly and...
Cracked Software or Cyber Trap? The Rising Danger of AsyncRAT Malware
Authored by Neil Tyagi In cybersecurity, threats constantly evolve, and new ways to exploit unsuspecting users are being found. One...
COVID-19 Threat Update – now includes Blood for Sale
Although the use of global events as a vehicle to drive digital crime is hardly surprising, the current outbreak of...
COVID-19 – Malware Makes Hay During a Pandemic
Special thanks to Prajwala Rao, Oliver Devane, Shannon Cole, Ankit Goel and members of Malware Research for their contribution and...
Convergence and the Future of Cyber Security
CSE 2016 Future of Cyber Security by Matthew Rosenquist from Matthew Rosenquist The security industry is changing. Technology innovation is...
Conquering Fear at McAfee
By Radhika, Director of Global Consumer Product Marketing. With the U.S. school year beginning, I’ve been in touch with the...
Configuring McAfee ENS and VSE to Prevent Macroless Code Execution in Office Apps
Microsoft Office macros are a popular method of distributing malware. Users can defend themselves against macro attacks by disabling macros....
