Featured Blogs
Ryuk, Exploring the Human Connection
In collaboration with Bill Siegel and Alex Holdtman from Coveware. At the beginning of 2019, McAfee ATR published an...
Satanbot Employs VBScript to Create Botnet
Malware is on the rise. At the beginning of 2008, our malware collection had 10 million samples. Today we have...
Scammers are Exploiting Ukraine Donations
Authored by Vallabh Chole and Oliver Devane Scammers are very quick at reacting to current events, so they can generate...
Scammers Follow the Rebranding of Twitter to X, to Distribute Malware
Authored by: Vallabh Chole and Yerko Grbic On July 23rd, 2023, Elon Musk announced that the social networking site, Twitter...
Scammers Impersonating Windows Defender to Push Malicious Windows Apps
Summary points: Scammers are increasingly using Windows Push Notifications to impersonate legitimate alerts Recent campaigns pose as a Windows Defender...
Securing Space 4.0 – One Small Step or a Giant Leap? Part 1
McAfee Advanced Threat Research (ATR) is collaborating with Cork Institute of Technology (CIT) and its Blackrock Castle Observatory (BCO) and...
Securing Space 4.0 – One Small Step or a Giant Leap? Part 2
McAfee Advanced Threat Research (ATR) is collaborating with Cork Institute of Technology (CIT) and its Blackrock Castle Observatory (BCO) and...
Security on Silicon the Next Big Step in Cyber Protection
With the growth of the Internet of Things, going from 15 billion to 200 billion devices by 2020, and the...
Seeing Through Darkleech Obfuscation: a Quick Hack to Iframes
This blog post was written by Kalpesh Mantri. Darkleech is an Apache module on the dark web that distributes malware....
Self-Signed Certificates Can Be Secure, So Why Ban Them?
This blog was co-written by Brook Schoenfield and Ramnath Venugopalan. In many organizations the use of self-signed certificates is forbidden...
Server-Side Request Forgery Takes Advantage of Vulnerable App Servers
This blog was written by Kunal Garg. Server-side request forgery is an attack in which an attacker can force a...
Setting Up HTTPS for Google App Engine Applications
Thursday, we posted advice on creating a custom domain name for an application developed with Google’s App Engine. In this...
Seven Windows Wonders – Critical Vulnerabilities in DNS Dynamic Updates
Overview For the March 2021 Patch Tuesday, Microsoft released a set of seven DNS vulnerabilities. Five of the vulnerabilities are...
Sex Sells: Looking at Android Adult Adware Apps
Advertising is one of the primary methods to generate money from mobile devices. Ads can be displayed in the browser...
Shamoon Attackers Employ New Tool Kit to Wipe Infected Systems
Last week the McAfee Advanced Threat Research team posted an analysis of a new wave of Shamoon “wiper” malware attacks...
Shamoon Rebooted in Middle East, Part 2
Last week we provided some initial analysis on recent attacks targeting organizations in the Middle East. The attack has hallmarks...
Shamoon Rebooted?
We have recently received notifications and samples from impacted organizations in the Middle East that have hallmarks of the Shamoon...
Shamoon Returns to Wipe Systems in Middle East, Europe
Destructive malware has been employed by adversaries for years. Usually such attacks are carefully targeted and can be motivated by...
