Featured Blogs
BackOff Malware Uses Encryption to Hide Its Intentions
Often we see malware authors using encryption or obfuscation along with other techniques to modify the static contents of malware....
Babuk: Biting off More than they Could Chew by Aiming to Encrypt VM and *nix Systems?
Co-written with Northwave’s Noël Keijzer. Executive Summary For a long time, ransomware gangs were mostly focused on Microsoft Windows operating...
Babuk Ransomware
Executive Summary Babuk ransomware is a new ransomware threat discovered in 2021 that has impacted at least five big enterprises,...
Avaya Deskphone: Decade-Old Vulnerability Found in Phone’s Firmware
Avaya is the second largest VOIP solution provider (source) with an install base covering 90% of the Fortune 100 companies...
Automotive Security Moves Into Cyber Realm
The focus on the security of automobiles and the transportation sector as a whole (planes, trains, etc.) is steadily increasing....
Automatic App Installation from Google Play Poses Big Risk
Android users usually download and install applications from the Google Play store through several interactions with the service–including viewing the...
AutoIt and Malware: What’s the Connection?
During the last couple of weeks I’ve come across three malware samples packed using compiled AutoIt scripts, so I decided...
Attacks on SWIFT Banking System Benefit From Insider Knowledge
In recent months, we’ve seen headlines about the compromise of a bank in Bangladesh from which cybercriminals attempted to steal...
Attacks On Indian Organizations Continue – More Exploits Focused On Events
In November last year, McAfee Labs researchers reported about Operation Mangal, an ongoing targeted attack campaign against several Indian domestic...
Attackers Seek to Hack Hardware for Ultimate Control
We are seeing interesting changes in how researchers and attackers are exploring methods to undermine systems and devices. Increasingly, the...
Attackers Exploiting WinRAR UNACEV2.DLL Vulnerability (CVE-2018-20250)
Earlier this month Check Point Research reported discovery of a 19 year old code execution vulnerability in the wildly popular...
At McAfee, Protecting Customers Takes Precedence Over Seeking Headlines
One question I often hear is “When will McAfee publish a report on the latest threat?” It seems to be...
AsiaHitGroup Returns With New Billing-Fraud Campaign
Are you tired yet of the music track “Despacito”? If you downloaded this ringtone app from Google Play, chances are...
AsiaHitGroup Gang Again Sneaks Billing-Fraud Apps Onto Google Play
The McAfee Mobile Research team has found a new billing-fraud campaign of at least 15 apps published in 2018 on...
AshleyMadison Hack Demonstrates Power of Scam Artists
This blog post was written by Armando Rodriguez. Last month, cybersecurity journalist Brian Krebs broke the news that adult site...
Are Virtual Machines the New Gold for Cyber Criminals?
Introduction Virtualization technology has been an IT cornerstone for organization for years now. It revolutionized the way organizations can scale...
Apps Sending Plain HTTP Put Personal Data at Risk
At the AVAR Conference in November 2014, McAfee Labs presented how to exploit a cross-site scripting vulnerability of the Costco...
Apply MITRE’s ‘ATT&CK’ Model to Check Your Defenses
Every week we read about adversaries attacking their targets as part of online criminal campaigns. Information gathering, strategic advantage, and...
