Gold Dragon Widens Olympics Malware Attacks, Gains Permanent Presence on Victims’ Systems
McAfee Advanced Threat Research (ATR) recently released a report describing a fileless attack targeting organizations involved with the Pyeongchang Olympics. The attack used a PowerShell implant that established a channel to the attacker’s server to gather basic system-level data. What was not determined at that time was what occurred after ...
Operation Dragonfly Analysis Suggests Links to Earlier Attacks
On September 6, Symantec published details of the Dragonfly campaign, which targeted dozens of energy companies throughout 2017. This attack...
What Is Ransomware and Who Does It Target?
Lockouts—they happen. We forget our keys, we can’t remember our passwords—and sometimes, someone else locks us out. And in the...
Patch Now: Simple Office ‘Protected View’ Bypass Could Have Big Impact
Protected View is a security feature of Microsoft Office. According to research from MWR Labs, Protected View mode is a strong...
Overcoming Targeted Attacks: a New Approach
Successful targeted attacks bypass security controls and typically cause significant damage to an enterprise. Damages may include reputation, monetary, and...
Vulnerable From Below: Attacking Hypervisors Using Firmware And Hardware
Malicious attacks with firmware privileges can compromise an entire system, so it is especially important to apply measures to reduce...
Threat Actors Use Encrypted Office Binary Format to Evade Detection
This blog post was written in conjunction with Xiaoning Li. Microsoft Office documents play an important role in our work...
Attacks On Indian Organizations Continue – More Exploits Focused On Events
In November last year, McAfee Labs researchers reported about Operation Mangal, an ongoing targeted attack campaign against several Indian domestic...
McAfee Adds Flash Exploit Detection to NSP 8.2
Adobe Flash vulnerabilities and exploits have worried users and security professionals for many years. The situation today remains serious. A...
At McAfee, Protecting Customers Takes Precedence Over Seeking Headlines
One question I often hear is “When will McAfee publish a report on the latest threat?” It seems to be...