Shamoon Returns to Wipe Systems in Middle East, Europe
Destructive malware has been employed by adversaries for years. Usually such attacks are carefully targeted and can be motivated by...
Pay-Per-Install Company Deceptively Floods Market with Unwanted Programs
For the past 18 months, McAfee Labs has been investigating a pay-per-install developer, WakeNet AB, responsible for spreading prevalent adware...
WebCobra Malware Uses Victims’ Computers to Mine Cryptocurrency
McAfee Labs researchers have discovered new Russian malware, dubbed WebCobra, which harnesses victims’ computing power to mine for cryptocurrencies.
Fallout Exploit Kit Releases the Kraken Ransomware on Its Victims
Alexandr Solad and Daniel Hatheway of Recorded Future are coauthors of this post. Read Recorded Future’s version of this analysis. ...
‘Operation Oceansalt’ Delivers Wave After Wave
In the latest findings from the McAfee Advanced Threat Research team, we examine an adversary that was not content with a single campaign, but launched five distinct waves adapted to their separate targets.
Ransomware GandCrab Version 5 Partners With Crypter Service for Obfuscation
The GandCrab ransomware, which first appeared in January, has been updated rapidly during its short life, with Version 5.0.2 appearing...
Political Figures Differ Online: Names of Trump, Obama, Merkel Attached to Ransomware
Politics and ransomware. No, it’s not a lost single from the Oasis back catalogue, but in fact a relatively recent...
McAfee Opens State-of-the-Art Security Research Lab in Oregon
Today we are pleased to announce the grand opening of our dedicated research lab in the Hillsboro, Oregon, office near Portland.
McAfee ePO Platform Gains Insight Into Threat Research
The latest update to the McAfee® ePolicy Orchestrator® platform offers a new add-in to provide insight into the latest analysis carried out by McAfee Labs and the Advanced Threat Research team.
Microsoft Cortana Allows Browser Navigation Without Login: CVE-2018-8253
A locked Windows 10 device with Cortana enabled on the lock screen allows an attacker with physical access to the device to do two kinds of unauthorized browsing.