Clik here to view.
RagnarLocker Ransomware Threatens to Release Confidential Information
EXECUTIVE SUMMARY The RagnarLocker ransomware first appeared in the wild at the end of December 2019 as part of a campaign against compromised networks targeted by its operators. The ransomware code is...
View ArticleClik here to view.
What’s in the Box? Part II: Hacking the iParcelBox
Package delivery is just one of those things we take for granted these days. This is especially true in the age of Coronavirus, where e-commerce and at-home deliveries make up a growing portion of...
View ArticleClik here to view.
My Adventures Hacking the iParcelBox
In 2019, McAfee Advanced Threat Research (ATR) disclosed a vulnerability in a product called BoxLock. Sometime after this, the CEO of iParcelBox, a U.K. company, reached out to us and offered to send a...
View ArticleClik here to view.
Ripple20 Vulnerability Mitigation Best Practices
On June 16th, the Department of Homeland Security and CISA ICS-CERT issued a critical security advisory warning covering multiple newly discovered vulnerabilities affecting Internet-connected devices...
View ArticleClik here to view.
McAfee COVID-19 Report Reveals Pandemic Threat Evolution
The McAfee Advanced Threat Research team today published the McAfee® Labs COVID-19 Threats Report, July 2020. In this “Special Edition” threat report, we delve deep into the COVID-19 related attacks...
View ArticleClik here to view.
Hunting for Blues – the WSL Plan 9 Protocol BSOD
Windows Subsystem for Linux Plan 9 Protocol Research Overview This is the final blog in the McAfee research series trilogy on the Windows Subsystem for Linux (WSL) implementation – see The Twin Journey...
View ArticleClik here to view.
Six Hundred Million Reasons to Celebrate: No More Ransom Turns FOUR!!
Happy Birthday! Today we mark the fourth anniversary of the NoMoreRansom initiative with over 4.2 million visitors, from 188 countries, stopping an estimated $632 million in ransom demands from ending...
View ArticleClik here to view.
McAfee Defender’s Blog: Operation North Star Campaign
Building Adaptable Security Architecture Against the Operation North Star Campaign Operation North Star Overview Over the last few months, we have seen attackers take advantage of the pandemic as a...
View ArticleClik here to view.
Operation (노스 스타) North Star A Job Offer That’s Too Good to be True?
Executive Summary We are in the midst of an economic slump [1], with more candidates than there are jobs, something that has been leveraged by malicious actors to lure unwitting victims into opening...
View ArticleClik here to view.
Take a “NetWalk” on the Wild Side
Executive Summary The NetWalker ransomware, initially known as Mailto, was first detected in August 2019. Since then, new variants were discovered throughout 2019 and the beginning of 2020, with a...
View ArticleClik here to view.
McAfee Defender’s Blog: NetWalker
Building Adaptable Security Architecture Against NetWalker NetWalker Overview The NetWalker ransomware, initially known as Mailto, was first detected in August 2019. Since then, new variants were...
View ArticleClik here to view.
Ripple20 Critical Vulnerabilities – Detection Logic and Signatures
This document has been prepared by McAfee Advanced Threat Research in collaboration with JSOF who discovered and responsibly disclosed the vulnerabilities. It is intended to serve as a joint research...
View ArticleClik here to view.
Dopple-ganging up on Facial Recognition Systems
Co-authored with Jesse Chick, OSU Senior and Former McAfee Intern, Primary Researcher. Special thanks to Dr. Catherine Huang, McAfee Advanced Analytics Team Special thanks to Kyle Baldes, Former McAfee...
View ArticleClik here to view.
Call an Exorcist! My Robot’s Possessed!
Overview As part of our continued goal of helping developers provide safer products for businesses and consumers, we here at McAfee Advanced Threat Research (ATR) recently investigated temi, a...
View ArticleClik here to view.
Robot Character Analysis Reveals Trust Issues
Retired Marine fighter pilot and Top Gun instructor Dave Berke said “Every single thing you do in your life, every decision you make, is an OODA Loop.” OODA Loop? Observe–Orient–Decide–Act, the “OODA...
View ArticleClik here to view.
Vulnerability Discovery in Open Source Libraries Part 1: Tools of the Trade
Executive Summary Open source has become the foundation for modern software development. Vendors use open source software to stay competitive and improve the speed, quality, and cost of the development...
View ArticleClik here to view.
On Drovorub: Linux Kernel Security Best Practices
Intro In a U.S. government cyber security advisory released today, the National Security Agency and Federal Bureau of Investigation warn of a previously undisclosed piece of Linux rootkit malware...
View ArticleClik here to view.
Vulnerability Discovery in Open Source Libraries: Analyzing CVE-2020-11863
Open Source projects are the building blocks of any software development process. As we indicated in our previous blog, as more and more products use open source code, the increase in the overall...
View ArticleClik here to view.
Securing Space 4.0 – One Small Step or a Giant Leap? Part 2
McAfee Advanced Threat Research (ATR) is collaborating with Cork Institute of Technology (CIT) and its Blackrock Castle Observatory (BCO) and the National Space Center in Cork, Ireland In the first of...
View ArticleClik here to view.
Securing Space 4.0 – One Small Step or a Giant Leap? Part 1
McAfee Advanced Threat Research (ATR) is collaborating with Cork Institute of Technology (CIT) and its Blackrock Castle Observatory (BCO) and the National Space Center (NSC) in Cork, Ireland The...
View Article