Featured Blogs
McAfee Defender’s Blog: Cuba Ransomware Campaign
Cuba Ransomware Overview Over the past year, we have seen ransomware attackers change the way they have responded to organizations...
BRATA Keeps Sneaking into Google Play, Now Targeting USA and Spain
Recently, the McAfee Mobile Research Team uncovered several new variants of the Android malware family BRATA being distributed in Google...
McAfee Labs Report Reveals Latest COVID-19 Threats and Malware Surges
The McAfee Advanced Threat Research team today published the McAfee Labs Threats Report: April 2021. In this edition, we present...
Clever Billing Fraud Applications on Google Play: Etinu
Authored by: Sang Ryol Ryu and Chanung Pak A new wave of fraudulent apps has made its way to the...
Access Token Theft and Manipulation Attacks – A Door to Local Privilege Escalation
Executive Summary Many malware attacks designed to inflict damage on a network are armed with lateral movement capabilities. Post initial...
“Fool’s Gold”: Questionable Vaccines, Bogus Results, and Forged Cards
Preface Countries all over the world are racing to achieve so-called herd immunity against COVID-19 by vaccinating their populations. From...
How to Stop the Popups
McAfee is tracking an increase in the use of deceptive popups that mislead some users into taking action, while annoying...
Roaming Mantis Amplifies Smishing Campaign with OS-Specific Android Malware
The Roaming Mantis smishing campaign has been impersonating a logistics company to steal SMS messages and contact lists from Asian...
Major HTTP Vulnerability in Windows Could Lead to Wormable Exploit
Today, Microsoft released a highly critical vulnerability (CVE-2021-31166) in its web server http.sys. This product is a Windows-only HTTP server...
DarkSide Ransomware Victims Sold Short
Over the past week we have seen a considerable body of work focusing on DarkSide, the ransomware responsible for the...
Scammers Impersonating Windows Defender to Push Malicious Windows Apps
Summary points: Scammers are increasingly using Windows Push Notifications to impersonate legitimate alerts Recent campaigns pose as a Windows Defender...
A New Program for Your Peloton – Whether You Like It or Not
Executive Summary The McAfee Advanced Threat Research team (ATR) is committed to uncovering security issues in both software and hardware to help developers...
Are Virtual Machines the New Gold for Cyber Criminals?
Introduction Virtualization technology has been an IT cornerstone for organization for years now. It revolutionized the way organizations can scale...
McAfee Labs Report Highlights Ransomware Threats
The McAfee Advanced Threat Research team today published the McAfee Labs Threats Report: June 2021. In this edition we introduce...
New Ryuk Ransomware Sample Targets Webservers
Executive Summary Ryuk is a ransomware that encrypts a victim’s files and requests payment in Bitcoin cryptocurrency to release the...
Analyzing CVE-2021-1665 – Remote Code Execution Vulnerability in Windows GDI+
Introduction Microsoft Windows Graphics Device Interface+, also known as GDI+, allows various applications to use different graphics functionality on video...
Fuzzing ImageMagick and Digging Deeper into CVE-2020-27829
Introduction: ImageMagick is a hugely popular open source software that is used in lot of systems around the world. It...
Fighting new Ransomware Techniques with McAfee’s Latest Innovations
In 2021 ransomware attacks have been dominant among the bigger cyber security stories. Hence, I was not surprised to see...
