Featured Blogs
Android/LeifAccess.A is the Silent Fake Reviewer Trojan
The McAfee Mobile Research team has identified an Android malware family dubbed Android/LeifAccess.A that has been active since May 2019....
Ransomware Maze
EXECUTIVE SUMMARY The Maze ransomware, previously known in the community as “ChaCha ransomware”, was discovered on May the 29th 2019...
Nemty Ransomware – Learning by Doing
Executive Summary The McAfee Advanced Threat Research Team (ATR) observed a new ransomware family named ‘Nemty’ on 20 August 2019....
COVID-19 Threat Update – now includes Blood for Sale
Although the use of global events as a vehicle to drive digital crime is hardly surprising, the current outbreak of...
Transitioning to a Mass Remote Workforce – We Must Verify Before Trusting
While not a new practice, the sheer volume of people required to adhere to social distancing best practices means we...
MalBus Actor Changed Market from Google Play to ONE Store
Authored by: Sang Ryol Ryu and Chanung Pak McAfee Mobile Research team has found another variant of MalBus on an...
Tales From the Trenches; a Lockbit Ransomware Story
Co-authored by Marc RiveroLopez. In collaboration with Northwave As we highlighted previously across two blogs, targeted ransomware attacks have increased...
Cybercriminals Actively Exploiting RDP to Target Remote Organizations
The COVID-19 pandemic has prompted many companies to enable their employees to work remotely and, in a large number of...
ENS 10.7 Rolls Back the Curtain on Ransomware
Ransomware protection and incident response is a constant battle for IT, security engineers and analysts under normal circumstances, but with...
COVID-19 – Malware Makes Hay During a Pandemic
Special thanks to Prajwala Rao, Oliver Devane, Shannon Cole, Ankit Goel and members of Malware Research for their contribution and...
How To Use McAfee ATP to Protect Against Emotet, LemonDuck and PowerMiner
Introduction This blog describes how McAfee ATP (Adaptive Threat Protection) rules are used within McAfee Endpoint Security products. It will...
OneDrive Phishing Awareness
There are number of ways scammers use to target personal information and, currently, one example is, they are taking advantage...
RagnarLocker Ransomware Threatens to Release Confidential Information
EXECUTIVE SUMMARY The RagnarLocker ransomware first appeared in the wild at the end of December 2019 as part of a...
What’s in the Box? Part II: Hacking the iParcelBox
Package delivery is just one of those things we take for granted these days. This is especially true in the...
My Adventures Hacking the iParcelBox
In 2019, McAfee Advanced Threat Research (ATR) disclosed a vulnerability in a product called BoxLock. Sometime after this, the CEO...
Ripple20 Vulnerability Mitigation Best Practices
On June 16th, the Department of Homeland Security and CISA ICS-CERT issued a critical security advisory warning covering multiple newly discovered vulnerabilities affecting...
McAfee COVID-19 Report Reveals Pandemic Threat Evolution
The McAfee Advanced Threat Research team today published the McAfee® Labs COVID-19 Threats Report, July 2020. In this “Special Edition”...
Hunting for Blues – the WSL Plan 9 Protocol BSOD
Windows Subsystem for Linux Plan 9 Protocol Research Overview This is the final blog in the McAfee research series trilogy...
