Featured Blogs
Analyzing a Fresh Variant of the Dorkbot Botnet
This blog post was written by Sudhanshu Dubey. At McAfee Labs, we have recently observed a new variant of the...
Analysis of LooCipher, a New Ransomware Family Observed This Year
Co-authored by Marc RiveroLopez. Initial Discovery This year seems to again be the year for ransomware. Notorious attacks were made...
Analysis of Chrysaor Keylogging Mechanism Shows Power of Simple Malicious Code
Many attacks on mobile devices use social engineering to initially infect a victim’s system. They download malware and elevate privileges...
Analysis of a Chrome Zero Day: CVE-2019-5786
1. Introduction On March 1st, Google published an advisory [1] for a use-after-free in the Chrome implementation of the FileReader...
An Overview of Messaging Botnets
In the quarterly McAfee Threats Reports we offer our readers some charts on the prevalence of messaging botnets. For the...
An Overview of Malware Self-Defense and Protection
Many malware authors spend a great deal of time and effort to develop complex code. Their success depends on a...
An Overall Philosophy on the Use of Critical Threat Intelligence
The overarching threat facing cyber organizations today is a highly skilled asymmetric enemy, well-funded and resolute in his task and...
An Inside Look into Microsoft Rich Text Format and OLE Exploits
There has been a dramatic shift in the platforms targeted by attackers over the past few years. Up until 2016,...
Amazon Gift Card Malware Spreading via SMS
McAfee Labs recently published its Hacking the Human OS report, which details a number of ways in which cybercriminals rely...
All Work and No Play? Not at McAfee!
By Srinidhi, Software Quality Engineer There’s more to life than work. It’s a commonly held and often stated view, but companies...
Agent Tesla’s Unique Approach: VBS and Steganography for Delivery and Intrusion
Authored by Yashvi Shah Agent Tesla functions as a Remote Access Trojan (RAT) and an information stealer built on the...
Adylkuzz CoinMiner Spreading Like WannaCry
The last few days have been very busy for security teams all around the globe due to the nasty ransomware...
Adult Voice-Service Apps on Google Play Japan Charge Users Without Notice
McAfee has reported on increasing fraudulent Android applications on Google Play in Japan this year, including one-click fraud applications and...
Adobe Flash Player Installer Scams Reappear on Google Play
Adobe Flash Player has been a boon to Android malware creators for a long time. These developers have taken advantage...
Additional Analysis into the SUNBURST Backdoor
Executive Summary There has been considerable focus on the recent disclosures associated with SolarWinds, and while existing analysis on the...
Active iOS Smishing Campaign Stealing Apple Credentials
McAfee Mobile Research recently found an active phishing campaign targeting iOS users via SMS messages. The message tells users that their Apple...
Access Token Theft and Manipulation Attacks – A Door to Local Privilege Escalation
Executive Summary Many malware attacks designed to inflict damage on a network are armed with lateral movement capabilities. Post initial...
A Year in Review: Threat Landscape for 2020
As we gratefully move forward into the year 2021, we have to recognise that 2020 was as tumultuous in the...
A Quick Analysis of the Flash Player Opcode-Verifying Code Execution Vulnerability
On October 12, McAfee Labs learned of proof-of-concept code exploiting a newly patched Flash Player vulnerability. Adobe had patched this...
A New Program for Your Peloton – Whether You Like It or Not
Executive Summary The McAfee Advanced Threat Research team (ATR) is committed to uncovering security issues in both software and hardware to help developers...
A New Android Banking Trojan Masquerades as Utility and Banking Apps in India
Authored by Dexter Shin Over the years, cyber threats targeting Android devices have become more sophisticated and persistent. Recently, McAfee...
A Glance Into the Neutrino Botnet
Lately, we have seen a number of communications through our automated framework from the Neutrino botnet. While analyzing this botnet,...
A Future Beyond Mobile Devices; Trusting the Promises of Mobile World Congress
More than 100,000 people descended upon Mobile World Congress (MWC) last week to watch experts from around the world discuss...
A Field Trip to McAfee’s World of Cyber
By: Amanda Steger, Senior Director & Sandra Chin, Engineering Operations Manager Educating the next generation of cybersecurity heroes has always...
A Dummies Guide to ‘Insider Trading’ via Botnet, Part 2
This post, the second of two parts, was written by Christiaan Beek, Raj Samani, and Shane Shook. In our first post,...
A Dummies Guide to ‘Insider Trading’ via Botnet
This post, the first of two parts, was written by Raj Samani, Christiaan Beek, and Shane Shook. Want to spread...
A Case of Mistaken Identity? The Role of BlackEnergy in Ukrainian Power Grid Disruption
Recent reports of electricity outages across the Ukraine has led to significant speculation regarding the specific malware that was used...
