Featured Blogs
Malicious Utility Can Defeat Windows PatchGuard
In 2012, my colleagues Deepak Gupta and Xiaoning Li explained in a white paper how some malware can operate at...
Targeted Attacks on French Company Exploit Multiple Word Vulnerabilities
Spear phishing email is a major worry to any organization. Messages that appear legitimate and specific fool us more often...
Dofoil Downloader Update Adds XOR-, RC4-Based Encryption
This blog was written by Sanchit Karve. The Dofoil downloader (found in the wild since 2011) occasionally updates itself with...
CryptoWall Ransomware Built With RC4 Bricks
Last month many Internet users were suddenly forced to trade in Bitcoins. This was not for general purposes–they were paying...
Operation Dragonfly Imperils Industrial Protocol
Recent headlines (here and here) may have struck fear into those living near major energy installations due to references about...
GameOver Zeus/Cryptolocker: Am I Still Infected?
It has been two weeks since the announcement by multiple global law enforcement agencies regarding the takedown of the communications...
A Glance Into the Neutrino Botnet
Lately, we have seen a number of communications through our automated framework from the Neutrino botnet. While analyzing this botnet,...
Information Operations an Integral Part of Cyberwarfare
Weapons and the skills to use them are not the only decisive elements in warfare. Rhetoric and imagery are important,...
Iranian Keylogger Marmoolak Enters via Backdoor
Targeted attacks have several stages, sometimes called the APT kill chain. At McAfee Labs we prefer the model described by...
Necurs, Zbot Use Obfuscated Windows XP Detection to Bypass Analysis
This blog was written by Sanchit Karve. McAfee Labs has recently come across a number of malware samples that drop...