Featured Blogs
Examining the Link Between TLD Prices and Abuse
This blog was written by Charlie Feng. Briefing Over the years, McAfee researchers have observed that certain new top-level Domains...
Clop Ransomware
This new ransomware was discovered by Michael Gillespie on 8 February 2019 and it is still improving over time. This...
Jet Database Engine Flaw May Lead to Exploitation: Analyzing CVE-2018-8423
In September 2018, the Zero Day Initiative published a proof of concept for a vulnerability in Microsoft’s Jet Database Engine....
The Twin Journey, Part 1
Summary and Introduction: The recent changes in Windows 10, aiming to add case sensitivity (CS) at directory level, have prompted...
From Building Control to Damage Control: A Case Study in Industrial Security Ft. Delta
Management. Control. It seems that you can’t stick five people in a room together without one of them trying to...
Avaya Deskphone: Decade-Old Vulnerability Found in Phone’s Firmware
Avaya is the second largest VOIP solution provider (source) with an install base covering 90% of the Fortune 100 companies...
MoqHao Related Android Spyware Targeting Japan and Korea Found on Google Play
The McAfee mobile research team has found a new type of Android malware for the MoqHao phishing campaign (a.k.a. XLoader...
The Twin Journey, Part 2: Evil Twins in a Case In-sensitive Land
In the first of this 3-part blog series, we covered the implications of promoting files to “Evil Twins” where they...
The Twin Journey, Part 3: I’m Not a Twin, Can’t You See my Whitespace at the End?
In this series of 3 blogs (you can find part 1 here, and part 2 here), so far we have...
Analyzing and Identifying Issues with the Microsoft Patch for CVE-2018-8423
Introduction As of July 2019, Microsoft has fixed around 43 bugs in the Jet Database Engine. McAfee has reported a...
Apple iOS Attack Underscores Importance of Threat Research
The recent discovery of exploit chains targeting Apple iOS is the latest example of how cybercriminals can successfully operate malicious campaigns, undetected,...
How Visiting a Trusted Site Could Infect Your Employees
The Artful and Dangerous Dynamics of Watering Hole Attacks A group of researchers recently published findings of an exploitation of multiple...
McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service – What The Code Tells Us
Episode 1: What the Code Tells Us McAfee’s Advanced Threat Research team (ATR) observed a new ransomware family in the...
McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service – The All-Stars
Episode 2: The All-Stars Analyzing Affiliate Structures in Ransomware-as-a-Service Campaigns This is the second installment of the McAfee Advanced Threat...
McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service – Follow The Money
Episode 3: Follow the Money This is the third installment of the McAfee Advanced Threat Research (ATR) analysis of Sodinokibi...
McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service – Crescendo
Episode 4: Crescendo This is the final installment of the McAfee Advanced Threat Research (ATR) analysis of Sodinokibi and its...
Office 365 Users Targeted by Voicemail Scam Pages
McAfee Labs has been observing a new phishing campaign using a fake voicemail message to lure victims into entering their Office 365 email credentials.
Using Expert Rules in ENS to Prevent Malicious Exploits
Expert Rules are text-based custom rules that can be created in the Exploit Prevention policy in ENS Threat Prevention. Learn more about which threats they can help block.
