Featured Blogs
SUNBURST Malware and SolarWinds Supply Chain Compromise
Part I of II Situation In a blog post released 13 Dec 2020, FireEye disclosed that threat actors compromised SolarWinds’s...
Additional Analysis into the SUNBURST Backdoor
Executive Summary There has been considerable focus on the recent disclosures associated with SolarWinds, and while existing analysis on the...
How A Device to Cloud Architecture Defends Against the SolarWinds Supply Chain Compromise
In a blog post released 13 Dec 2020, FireEye disclosed that threat actors compromised SolarWinds’s Orion IT monitoring and management...
2021 Threat Predictions Report
The December 2020 revelations around the SUNBURST campaigns exploiting the SolarWinds Orion platform have revealed a new attack vector –...
A Year in Review: Threat Landscape for 2020
As we gratefully move forward into the year 2021, we have to recognise that 2020 was as tumultuous in the...
Two Pink Lines
Depending on your life experiences, the phrase (or country song by Eric Church) “two pink lines” may bring up a...
McAfee ATR Launches Education-Inspired Capture the Flag Contest!
McAfee’s Advanced Threat Research team just completed its second annual capture the flag (CTF) contest for internal employees. Based on tremendous...
Don’t Call Us We’ll Call You: McAfee ATR Finds Vulnerability in Agora Video SDK
The McAfee Advanced Threat Research (ATR) team is committed to uncovering security issues in both software and hardware to help...
Researchers Follow the Breadcrumbs: The Latest Vulnerabilities in Windows’ Network Stack
The concept of a trail of breadcrumbs in the offensive security community is nothing new; for many years, researchers on...
Beyond Clubhouse: Vulnerable Agora SDKs Still in Widespread Use
On February 17th, 2021, McAfee disclosed findings based on a 10-month long disclosure process with major video conferencing vendor Agora,...
Babuk Ransomware
Executive Summary Babuk ransomware is a new ransomware threat discovered in 2021 that has impacted at least five big enterprises,...
McAfee ATR Threat Report: A Quick Primer on Cuba Ransomware
Executive Summary Cuba ransomware is an older ransomware, that has recently undergone some development. The actors have incorporated the leaking of victim data to increase its impact...
McAfee ATR Thinks in Graphs
0. Introduction John Lambert, a distinguished researcher specializing in threat intelligence at Microsoft, once said these words that changed perspectives:...
Netop Vision Pro – Distance Learning Software is 20/20 in Hindsight
The McAfee Labs Advanced Threat Research team is committed to uncovering security issues in both software and hardware to help...
Operation Diànxùn: Cyberespionage Campaign Targeting Telecommunication Companies
In this report the McAfee Advanced Threat Research (ATR) Strategic Intelligence team details an espionage campaign, targeting telecommunication companies, dubbed...
Seven Windows Wonders – Critical Vulnerabilities in DNS Dynamic Updates
Overview For the March 2021 Patch Tuesday, Microsoft released a set of seven DNS vulnerabilities. Five of the vulnerabilities are...
McAfee Defender’s Blog: Operation Dianxun
Operation Dianxun Overview In a recent report the McAfee Advanced Threat Research (ATR) Strategic Intelligence team disclosed an espionage campaign,...
McAfee Defenders Blog: Reality Check for your Defenses
Welcome to reality Ever since I started working in IT Security more than 10 years ago, I wondered, what helps...
