Clik here to view.
Android Malware Appears Linked to Lazarus Cybercrime Group
The McAfee Mobile Research team recently examined a new threat, Android malware that contains a backdoor file in the executable and linkable format (ELF). The ELF file is similar to several executables...
View ArticleClik here to view.
Lazarus Cybercrime Group Moves to Mobile Platform
When it comes to describing cyberattacks, the word sophisticated is used a lot. Whether to explain yet another “advanced” campaign by a threat actor group hoping to steal information or disrupt...
View ArticleClik here to view.
Malware Mines, Steals Cryptocurrencies From Victims
How’s your Bitcoin balance? Interested in earning more? The value of cybercurrency is going up. One way to increase your holdings is by “mining,” which is legal as long as it is done with the proper...
View ArticleClik here to view.
Don’t Substitute CVSS for Risk: Scoring System Inflates Importance of...
I am a wry observer of vulnerability announcements. CVE-2017-3735—which can allow a small buffer overread in an X.509 certificate—presents an excellent example of the limitations of the Common...
View ArticleClik here to view.
Should I Worry About AVGater, Which Exploits Some Security Products?
On November 10, a researcher reported the vulnerability AVGater, which affects some antimalware products. The vulnerability allows a user without administrative privileges to restore a quarantined file...
View ArticleClik here to view.
‘McAfee Labs 2018 Threats Predictions Report’ Previews Five Cybersecurity Trends
This report was written by members of McAfee Labs and the Office of the CTO. Welcome to the McAfee Labs 2018 Threats Predictions Report. We find ourselves in a highly volatile stage of cybersecurity,...
View ArticleClik here to view.
Emotet Downloader Trojan Returns in Force
During the past couple of days, we have seen an increase in activity from Emotet. This Trojan downloader spreads by emails that lure victims into downloading a Word document, which contains macros that...
View ArticleClik here to view.
Chinese Cybercriminals Develop Lucrative Hacking Services
Underground cybercrime profits in China have likely already exceeded US$15.1 billion (100 billion Chinese yuan); caused more than $13.8 billion (91.5 billion yuan) worth of damage relating to data...
View ArticleClik here to view.
McAfee Labs Reports All-Time Highs for Malware in Latest Count
In the third quarter of 2017, McAfee Labs reports all-time highs of new and total malware. What is causing the increasing numbers of malware that are submitted to us at an average rate of four new...
View ArticleClik here to view.
Looking Into the World of Ransomware Actors Reveals Some Surprises
During the preparations for our keynotes at McAfee’s recent MPOWER conference, we brainstormed a few topics we wanted to share with the audience. Ransomware was definitely on our agenda, but so much...
View ArticleClik here to view.
Operation Dragonfly Analysis Suggests Links to Earlier Attacks
On September 6, Symantec published details of the Dragonfly campaign, which targeted dozens of energy companies throughout 2017. This attack was effectively Dragonfly 2.0, an update to a campaign that...
View ArticleClik here to view.
McAfee Labs Advanced Threat Research Aids Arrest of Suspected Cybercrime Gang...
In our recent research, we interviewed the actors behind ransomware campaigns. One of the interesting findings was cybercriminals seemed to have a sense of absolute safety when conducting criminal...
View ArticleClik here to view.
Decyphering the Noise Around ‘Meltdown’ and ‘Spectre’
The McAfee Advanced Threat Research (ATR) Team has closely followed the attack techniques that have been named Meltdown and Spectre throughout the lead-up to their announcement on January 3. In this...
View ArticleClik here to view.
Malicious Document Targets Pyeongchang Olympics
McAfee Advanced Threat Research analysts have discovered a campaign targeting organizations involved with the Pyeongchang Olympics. Attached in an email was a malicious Microsoft Word document with the...
View ArticleClik here to view.
North Korean Defectors and Journalists Targeted Using Social Networks and...
Recently, South Korean media wrote about North Korean refugees and journalists being targeted by unknown actors using KakaoTalk (a popular chat app in South Korea) and other social network services...
View ArticleClik here to view.
Twitter Accounts of US Media Under Attack by Large Campaign
A previously reported campaign purportedly carried out by Turkish hacker group “Ayyildiz Tim” targeting high-profile, verified Twitter accounts with the purpose of spreading Turkish political...
View ArticleClik here to view.
Gold Dragon Widens Olympics Malware Attacks, Gains Permanent Presence on...
UPDATE (Feb. 12, 2018): A new variant of the original file-less implant appeared on Feb. 5, 2018, indicating the attack has resumed. The new variant has the same author and metadata as the original...
View ArticleClik here to view.
Lazarus Resurfaces, Targets Global Banks and Bitcoin Users
This blog was written with support and contributions provided by Asheer Maholtra, Jessica Saavedra Morales, and Thomas Roccia. McAfee Advanced Threat Research (ATR) analysts have discovered an...
View ArticleClik here to view.
Free Ransomware Available on Dark Web
The McAfee Advanced Threat Research team recently analyzed a ransomware-as-a-service threat that is available for free and without registration. This malware was first seen in July 2017 with the...
View ArticleClik here to view.
DDoS Attacks in the Netherlands Reveal Teen Gamers on Troublesome Path
At the end of January, the Netherlands was plagued by distributed denial of service (DDoS) attacks targeting various financial institutions, tech sites, and the Dutch tax authorities. At the time of...
View Article