Clik here to view.
Apache Struts at REST: Analyzing Remote Code Execution Vulnerability...
Apache Struts, an open-source web development framework, is prone to vulnerabilities. We wrote about CVE-2017-9791 in July. The latest is CVE-2017-9805, another remote code execution flaw actively...
View ArticleClik here to view.
McAfee Labs Threats Report Explores WannaCry/Petya, Threat Hunting,...
This blog post was written by Vincent Weafer. Today we published the McAfee Labs Threats Report: September 2017. This quarter’s report shows off a new design. We hope you will find it attractive as...
View ArticleClik here to view.
McAfee Labs: Faceliker Surge Manipulates Facebook “Likes” to Promote News,...
Criminals excel in manipulating the trust within human relationships, particularly as individuals project themselves into digital realms such as social media. We see it in phishing messages, which fool...
View ArticleClik here to view.
Linux Kernel Vulnerability Can Lead to Privilege Escalation: Analyzing...
This blog was written by Krishs Patil. A memory corruption bug in UDP fragmentation offload (UFO) code inside the Linux kernel can lead to local privilege escalation. In this post we will examine this...
View ArticleClik here to view.
Staying Anonymous on the Blockchain: Concerns and Techniques
With Bitcoin at one point valued at more than $5,000 per unit, cryptocurrencies have excited a lot of interest from individuals, businesses, and hackers. One of the selling points of Bitcoin and others...
View ArticleClik here to view.
Taiwan Bank Heist and the Role of Pseudo Ransomware
Widespread reports claim the Far Eastern International Bank in Taiwan has become a victim of hacking. The attacks demonstrate the global nature of cybercrime, with the cybercriminals attempting to wire...
View ArticleClik here to view.
Tips for Effective Threat Hunting
In May, McAfee surveyed more than 700 IT and security professionals around the world to better understand how threat hunting is used in organizations and how they hope to enhance their threat hunting...
View ArticleClik here to view.
KRACKs Against Wi-Fi Serious But Not End of the World
On October 12, researcher Mathy Vanhoef announced a set of Wi-Fi attacks that he named KRACKs, for key reinstallation attacks. These attack scenarios are against the WPA2 authentication and encryption...
View ArticleClik here to view.
ROCA: Which Key-Pair Attacks Are Credible?
In the past two weeks, we have seen two big encryption issues arise: key reinstallation attacks, called KRACKs; and “Return of Coppersmith’s Attack,” called ROCA. Many CEOs, CIOs, and CISO/CSOs are...
View ArticleClik here to view.
KRACKs: Five Observations on WPA Authentication Vulnerability
KRACKs are in the news. McAfee has already discussed these key reinstallation attacks that affect Wi-Fi setups in two posts: “KRACKs Against Wi-Fi Serious But Not End of the World” “How KRACK Threatens...
View ArticleClik here to view.
‘BadRabbit’ Ransomware Burrows Into Russia, Ukraine
This post was researched and written by Christiaan Beek, Tim Hux, David Marcus, Charles McFarland, Douglas McKee, and Raj Samani. McAfee is currently investigating a ransomware campaign known as...
View ArticleClik here to view.
Analyzing Microsoft Office Zero-Day Exploit CVE-2017-11826: Memory Corruption...
McAfee Labs has performed frequent analyses of Office-related threats over the years: In 2015, we presented research on the Office OLE mechanism; in 2016 at the BlueHat conference, we looked at the...
View ArticleClik here to view.
Code Execution Technique Takes Advantage of Dynamic Data Exchange
Email phishing campaigns are a popular social engineering technique among hackers. The idea is simple: Craft an email that looks enticing to users and convince them to click on a malicious link or open...
View ArticleClik here to view.
Configuring McAfee ENS and VSE to Prevent Macroless Code Execution in Office...
Microsoft Office macros are a popular method of distributing malware. Users can defend themselves against macro attacks by disabling macros. McAfee Labs has now seen a new attack technique using a...
View ArticleClik here to view.
Expiro Malware Is Back and Even Harder to Remove
File infector malware adds malicious code to current files. This makes removal tricky because deleting infections results in the loss of legitimate files. Although file infectors were more popular in...
View ArticleClik here to view.
Pirate Versions of Popular Apps Infiltrate Google Play via Virtualization
The McAfee Mobile Research team recently found pirated applications of popular apps distributed on the Google Play store. A pirated app is one distributed usually outside of the official store as a...
View ArticleClik here to view.
Self-Signed Certificates Can Be Secure, So Why Ban Them?
In many organizations the use of self-signed certificates is forbidden by policy. Organizations may ban the use of self-signed certificates for several reasons: It is trivially easy to generate a...
View ArticleClik here to view.
Threat Group APT28 Slips Office Malware into Doc Citing NYC Terror Attack
During our monitoring of activities around the APT28 threat group, McAfee Advanced Threat Research analysts identified a malicious Word document that appears to leverage the Microsoft Office Dynamic...
View ArticleClik here to view.
New Android Malware Found in 144 GooglePlay Apps
McAfee’s Mobile Research team has found a new Android malware in 144 “Trojanized” applications on Google Play. We named this threat Grabos because we found this string in several elements of the code,...
View ArticleClik here to view.
IoT Devices: The Gift that Keeps on Giving… to Hackers
McAfee Advanced Threat Research on Most Hackable Gifts You’ve probably noticed the recent increase in Internet connected drones, digital assistants, toys, appliances and other devices hitting the...
View Article