What we do
At McAfee Enterprise Advanced Threat Research (ATR), our goal is to identify and illuminate a broad spectrum of threats in today's complex landscape. McAfee Enterprise ATR researchers are responsible for research in nearly every vertical of threat, including those targeting banking, retail, medical, and other industries. We have experts in vulnerability and threat research who find and report critical vulnerabilities in popular hardware and software and who use a global network of endpoints to track malware campaigns as well as the nation-states and malicious actors behind them. Our red team incorporates and builds upon the techniques, tactics, and procedures (TTPs) uncovered by our researchers while performing engagements where the robustness of both our products and infrastructure are continuously being tested. And our Operational Intelligence team operates globally around the clock, keeping watch of the latest cyber campaigns and actively tracking the most impactful cyber threats. These findings are fed back into the solutions that ultimately power McAfee Enterprise's products.
McAfee Enterprise Advanced Threat Research Lab
The McAfee Enterprise Advanced Threat Research Lab provides our researchers access to state-of-the-art hardware and equipment targeting the discovery, exploitation, and responsible disclosure of critical vulnerabilities. The lab also showcases demos of research projects, such as attacks against medical devices, cars, and more.
Watch Video
McAfee Enterprise Advanced Threat Report: October 2021
This McAfee Enterprise Advanced Threat Research Report reveals the prevalence of ransomware campaigns, their favorite targets and evolving models.
Read ReportResearch spotlight
McAfee Enterprise ATR Researchers Discover Vulnerabilities in Classroom Management Software
McAfee Enterprise’s Advanced Threat Research team audited a popular classroom management software called Netop Vision Pro, used by millions of students and teachers around the world. The researchers were able to demonstrate exploitation of network-based vulnerabilities to fully compromise the software’s users, including being able to remotely enable devices such as webcams.
Read MoreMcAfee Enterprise ATR Uncovers Major Vulnerability in Agora Video SDK
McAfee Enterprise ATR released findings on a significant vulnerability in call setup for the Agora Video SDK, used extensively by major applications worldwide for audio and video conferencing. Read more here on the implications of the vulnerability and impact to industry.
Read BlogCall an Exorcist My Robot’s Possessed!
McAfee Enterprise ATR researchers disclosed four unique vulnerabilities leading to full remote control of a popular robot, providing remote control over the Internet and spying capabilities through the camera.
Read BlogDoppleganging up on Facial Recognition Systems
ATR researchers emulated state of the art passport systems, and adapted model hacking techniques to bypass facial recognition.
Read BlogHVACking: Understanding the Delta Between Security and Reality
McAfee Enterprise ATR investigated a major building controller and discovered a critical, zero-day vulnerability.
Read BlogMcAfee Enterprise Researchers Expose Insights into Netwalker Ransomware
McAfee Enterprise Operational Intelligence Team researchers provide analysis of enhancements to the Netwalker ransomware, telemetry insights and deep technical analysis.
Read BlogIndustry research
The McAfee Enterprise ATR team continually conducts leading-edge research into the threats that impact a variety of industries. Below are a few of the key areas we are currently focused on. They will be updated as new research is released.
Automotive
McAfee Enterprise ATR investigates the attack surfaces in autonomous vehicles as well as the machine learning algorithms and physical-to-digital attacks related to them.
Learn MoreSCADA & Industrial Control Systems
McAfee Enterprise ATR investigates multiple areas of SCADA and ICS implementations, including human machine interface (HMI) software, programmable logic controllers (PLCs), and network protocols, such as MODBUS, ICCP, and others.
Learn MoreHealthcare & Medical Devices
Our research explores medical devices, networks, protocols, and security practices to help healthcare organizations innovate securely.
Learn MoreSoftware-Defined Radio
Our research looks at radio frequency, including near-field communications (NFC and RFID) and wireless transmissions to determine potential impacts to network and proximity devices.
Learn MoreBrowser, Operating System & Enterprise Software
By discovering and disclosing these critical vulnerabilities in the world’s most popular software, the McAfee Enterprise ATR team continuously reduces the overall attack surface for one of the most attractive targets for cybercriminals.
Learn MoreConsumer Electronics & IoT
Our researchers look for vulnerabilities in consumer devices to identify threats and guide manufacturers toward more secure products, reducing the potential for attackers to gain access to home or business networks.
Learn MoreNews & events
Check out the McAfee Enterprise ATR team in the news and at various security conferences around the world.
Media Coverage
- Popular remote lesson monitoring program could be exploited to attack student PCs, ZDNet
- Critical Security Bugs Fixed in Virtual Learning Software, Threat Post
- McAfee: Software Vulnerabilities Threaten Schools Amid Campus Returns, Channel Futures
- Chinese APT Targets Telcos in 5G-Related Cyber-Espionage Campaign, Dark Reading
- Hackers pretended to be Huawei to try and steal 5G secrets, TechRadar Pro
- Security concerns arise over popular Clubhouse app after ties to China-based company revealed, TechRepublic
- Popular SDK used by social media sites allows attackers to spy on audio and video calls, Silicon Angle