Featured Blogs
Misuse of DocuSign Email Addresses Leads to Phishing Campaign
DocuSign, which provides electronic signatures and digital transaction management, reported that email addresses were stolen by an unknown party on...
Fake WannaCry ‘Protectors’ Emerge on Google Play
Are Android devices affected by the self-propagating ransomware WannaCry? No—because this threat exploits a vulnerability in Microsoft Windows. This malware...
How to Protect Against WannaCry Ransomware in a McAfee Environment
WannaCry is a ransomware family targeting Microsoft Windows. On Friday May 12, a large cyberattack based on this threat was launched. At this time, it is estimated that more than 250,000 computers in 150 countries have been infected, each demanding a ransom payment.
Adylkuzz CoinMiner Spreading Like WannaCry
The last few days have been very busy for security teams all around the globe due to the nasty ransomware...
Analysis of Chrysaor Keylogging Mechanism Shows Power of Simple Malicious Code
Many attacks on mobile devices use social engineering to initially infect a victim’s system. They download malware and elevate privileges...
Further Analysis of WannaCry Ransomware
McAfee Labs has closely monitored the activity around the ransomware WannaCry. Many sources have reported on this attack and its...
Vulnerable OpenSSL Handshake Renegotiation Can Trigger Denial of Service
OpenSSL, the popular general-purpose cryptographic library that implements SSL/TLS protocols for web authentication, has recently suffered from several vulnerabilities. We...
Mirai, BrickerBot, Hajime Attack a Common IoT Weakness
This blog post was written by Rick Simon. We know that devices in the Internet of Things make enticing targets...
Cerber Ransomware Evades Detection With Many Components
This blog was co-written by Sapna Juneja. Cerber is a quickly evolving type of malware called crypto-ransomware. Cerber encrypts files...
Banned Chinese Qvod Lives on in Malicious Fakes
Qvod used to be a popular video player and developer in China. Due to piracy allegations and a threatened fine,...
Mirai Botnet Creates Army of IoT Orcs
This post was based on analysis by Yashashree Gund and RaviKant Tiwari. There is a lot of speculation in the...
Critical Office Zero-Day Attacks Detected in the Wild
At McAfee, we have put significant efforts in hunting attacks such as advanced persistent threats and “zero days.” Yesterday, we...
Ransomware Families Use NSIS Installers to Avoid Detection, Analysis
Malware families are constantly seeking new ways to hide their code, thwart replication, and avoid detection. A recent trend for...
Analyzing a Fresh Variant of the Dorkbot Botnet
This blog post was written by Sudhanshu Dubey. At McAfee Labs, we have recently observed a new variant of the...
Analyzing CVE-2017-3731: Truncated Packets Can Cause Denial of Service in OpenSSL
OpenSSL is a popular open-source library for SSL and is used by various software and companies across the world. In...
Spora Ransomware Infects ‘Offline’—Without Talking to Control Server
Spora is a ransomware family that encrypts victims’ files and demands money to decrypt the files. It has infected many...
Macro Malware Targets Macs
Macro malware has been spreading for years. New techniques arise all the time to hide malicious code and thus increase...
Analyzing KillDisk Ransomware, Part 2: Variants and Screen Unlocking
This blog post was written by Sudhanshu Dubey. At McAfee Labs we recently analyzed the ransomware KillDisk. In part 1 of...
