Clik here to view.
Want to Break Into a Locked Windows 10 Device? Ask Cortana (CVE-2018-8140)
June’s “Patch Tuesday” (June 12) is here, but it is likely many Windows 10 users have not yet applied these updates. If you have not, just be sure not to leave your laptop lying around! The patches in...
View ArticleClik here to view.
Threat Report: Don’t Join Blockchain Revolution Without Ensuring Security
On May 19 researchers discovered a series of vulnerabilities in the blockchain-based EOS platform that can lead to remote control over participating nodes. Just four days prior, a mining pool server...
View ArticleClik here to view.
Unintended Clipboard Paste Function in Windows 10 Leads to Information Leak...
The McAfee Labs Advanced Threat Research team has been investigating the Windows 10 platform. We have submitted several vulnerabilities already and have disclosed our research to Microsoft. Please...
View ArticleClik here to view.
Apply MITRE’s ‘ATT&CK’ Model to Check Your Defenses
Every week we read about adversaries attacking their targets as part of online criminal campaigns. Information gathering, strategic advantage, and theft of intellectual property are some of the...
View ArticleClik here to view.
Checking In Halfway: The McAfee Labs 2018 Threats Predictions
Time flies when you’re fighting cybercrime. Now that’s not exactly how the phrase goes, but for us at McAfee, it’s hard to believe that we’re already almost halfway through 2018. It seems like just...
View ArticleClik here to view.
‘McAfee Labs Threats Report’ Spotlights Innovative Attack Techniques,...
In the McAfee Labs Threats Report June 2018, published today, we share investigative research and threat statistics gathered by the McAfee Advanced Threat Research and McAfee Labs teams in Q1 of this...
View ArticleClik here to view.
AsiaHitGroup Gang Again Sneaks Billing-Fraud Apps Onto Google Play
The McAfee Mobile Research team has found a new billing-fraud campaign of at least 15 apps published in 2018 on Google Play. Toll fraud (which includes WAP billing fraud) is a leading category of...
View ArticleClik here to view.
AsiaHitGroup Returns With New Billing-Fraud Campaign
Are you tired yet of the music track “Despacito”? If you downloaded this ringtone app from Google Play, chances are your answer is a resounding Yes. But it gets worse: The McAfee Mobile Research team...
View ArticleClik here to view.
Cybercrime in the Spotlight: How Crooks Capitalize on Cultural Events
Every four years, everyone’s head around the globe turns toward the television. The Olympics, the World Cup – world events like these have all eyes viewing friendly competition between nations....
View ArticleClik here to view.
Organizations Leave Backdoors Open to Cheap Remote Desktop Protocol Attacks
Thanks to my colleague Christiaan Beek for his advice and contributions. While researching underground hacker marketplaces, the McAfee Advanced Threat Research team has discovered that access linked to...
View ArticleClik here to view.
Google Play Users Risk a Yellow Card With Android/FoulGoal.A
English soccer fans have enthusiastically enjoyed the team’s current run in the World Cup, as the tune “Three Lions” plays in their heads, while hoping to end 52 years of hurt. Meanwhile a recent...
View ArticleClik here to view.
What Drives a Ransomware Criminal? CoinVault Developers Convicted in Dutch Court
How often do we get a chance to learn what goes on in the minds of cybercriminals? Two members of McAfee’s Advanced Threat Research team recently did, as they attended a court case against two...
View ArticleClik here to view.
CactusTorch Fileless Threat Abuses .NET to Infect Victims
McAfee Labs has noticed a significant shift by some actors toward using trusted Windows executables, rather than external malware, to attack systems. One of the most popular techniques is a “fileless”...
View ArticleClik here to view.
GandCrab Ransomware Puts the Pinch on Victims
The GandCrab ransomware first appeared in January and has updated itself rapidly during its short life. It is the leading ransomware threat. The McAfee Advanced Threat Research team has reverse...
View ArticleClik here to view.
Examining Code Reuse Reveals Undiscovered Links Among North Korea’s Malware...
This research is a joint effort by Jay Rosenberg, senior security researcher at Intezer, and Christiaan Beek, lead scientist and senior principal engineer at McAfee. Intezer has also posted this story....
View ArticleClik here to view.
80 to 0 in Under 5 Seconds: Falsifying a Medical Patient’s Vitals
The author thanks Shaun Nordeck, MD, for his assistance with this report. With the explosion of growth in technology and its influence on our lives, we have become increasingly dependent on it. The...
View ArticleClik here to view.
Microsoft Cortana Allows Browser Navigation Without Login: CVE-2018-8253
A locked Windows 10 device with Cortana enabled on the lock screen allows an attacker with physical access to the device to do two kinds of unauthorized browsing. In the first case, the attacker can...
View ArticleClik here to view.
McAfee ePO Platform Gains Insight Into Threat Research
The latest update to the McAfee® ePolicy Orchestrator® platform offers a new add-in to provide insight into the latest analysis carried out by McAfee Labs and the Advanced Threat Research team. The...
View ArticleClik here to view.
‘Insight’ into Home Automation Reveals Vulnerability in Simple IoT Product
Eoin Carroll, Charles McFarland, Kevin McGrath, and Mark Bereza contributed to this report. The Internet of Things promises to make our lives easier. Want to remotely turn lights and appliances on and...
View ArticleClik here to view.
McAfee Opens State-of-the-Art Security Research Lab in Oregon
McAfee’s Advanced Threat Research team has operated from several locations around the world for many years. Today we are pleased to announce the grand opening of our dedicated research lab in the...
View Article