Category: McAfee Labs – McAfee Blogs

This article has been indexed from McAfee Labs – McAfee Blogs By Sriram P & Lakshya Mathur  Hancitor, a loader that provides Malware as a Service, has been observed distributing malware such as… The post HANCITOR DOC drops via CLIPBOARD appeared first…

Read more →

This article has been indexed from McAfee Labs – McAfee Blogs Co-authored by: P, Sriram, and Deepak Setty ‘Tis the season for scams. Well, honestly, it’s always scam season somewhere. In… The post ‘Tis the Season for Scams appeared first…

Read more →

This article has been indexed from McAfee Labs – McAfee Blogs Authored By Kiran Raj Due to their widespread use, Office Documents are commonly used by Malicious actors as a way… The post The Newest Malicious Actor: “Squirrelwaffle” Malicious Doc.…

Read more →

This article has been indexed from McAfee Labs – McAfee Blogs Authored by: Wenfeng Yu McAfee Mobile Research team recently discovered a new piece of malware that specifically steals Google, Facebook,… The post Social Networks Account Stealer Hidden in Android…

Read more →

This article has been indexed from McAfee Labs – McAfee Blogs Authored by Anuradha M McAfee Labs have observed a new phishing campaign that utilizes macro capabilities available in Microsoft PowerPoint…. The post Malicious PowerPoint Documents on the Rise appeared…

Read more →

This article has been indexed from McAfee Labs – McAfee Blogs Authored by Anuradha M McAfee Labs have observed a new phishing campaign that utilizes macro capabilities available in Microsoft PowerPoint…. The post Malicious PowerPoint Documents on the Rise appeared…

Read more →

This article has been indexed from McAfee Labs – McAfee Blogs Authored by Fernando Ruiz McAfee Mobile Malware Research Team has identified malware targeting Mexico. It poses as a security banking tool or as a bank… The post Android malware distributed in Mexico uses Covid-19…

Read more →

This article has been indexed from McAfee Labs – McAfee Blogs McAfee Mobile Malware Research Team has identified malware targeting Mexico. It poses as a security banking tool or as a bank application designed to report… The post Android malware distributed in Mexico uses Covid-19…

Read more →

This article has been indexed from McAfee Labs – McAfee Blogs In 2021 ransomware attacks have been dominant among the bigger cyber security stories. Hence, I was not surprised to see that McAfee’s June 2021 Threat report is primarily focused…

Read more →

This article has been indexed from McAfee Labs – McAfee Blogs This blog was written by Vallabh Chole & Oliver Devane Over the years, the cybersecurity industry has seen many threats get taken down, such as the Emotet takedown in…

Read more →

This article has been indexed from McAfee Labs – McAfee Blogs Introduction Microsoft Windows Graphics Device Interface+, also known as GDI+, allows various applications to use different graphics functionality on video displays as well as printers. Windows applications don’t directly…

Read more →

This article has been indexed from McAfee Labs – McAfee Blogs Today, Microsoft released a highly critical vulnerability (CVE-2021-31166) in its web server http.sys. This product is a Windows-only HTTP server which can be run standalone or in conjunction with…

Read more →

This article has been indexed from McAfee Labs – McAfee Blogs Preface Countries all over the world are racing to achieve so-called herd immunity against COVID-19 by vaccinating their populations. From the initial lockdown to the cancellation of events and…

Read more →

Introduction Email is one of the primary ways of communication in the modern world. We use email to receive notifications about our online shopping, financial transaction, credit card e-statements, one-time passwords to authenticate registration processes, application for jobs, auditions, school…

Read more →

The Roaming Mantis smishing campaign has been impersonating a logistics company to steal SMS messages and contact lists from Asian Android users since 2018. In the second half of 2020, the campaign improved its effectiveness by adopting dynamic DNS services…

Read more →

Read the original article: Access Token Theft and Manipulation Attacks – A Door to Local Privilege Escalation

Read more →

Read the original article: Access Token Theft and Manipulation Attacks – A Door to Local Privilege Escalation

Read more →

Read the original article: McAfee Labs Report Reveals Latest COVID-19 Threats and Malware Surges

Read more →

Read the original article: McAfee Defenders Blog: Reality Check for your Defenses Welcome to reality Ever since I started working in IT Security more than 10 years ago, I wondered, what helps defend against malware the best? This simple question…

Read more →

Read the original article: Netop Vision Pro – Distance Learning Software is 20/20 in Hindsight The McAfee Labs Advanced Threat Research team is committed to uncovering security issues in both software and hardware to help developers provide safer products for…

Read more →

Read the original article: Operation Diànxùn: Cyberespionage Campaign Targeting Telecommunication Companies In this report the McAfee Advanced Threat Research (ATR) Strategic Intelligence team details an espionage campaign, targeting telecommunication companies, dubbed Operation Diànxùn. In this attack, we discovered malware using…

Read more →

Read the original article: McAfee Defender’s Blog: Operation Dianxun Operation Dianxun Overview In a recent report the McAfee Advanced Threat Research (ATR) Strategic Intelligence team disclosed an espionage campaign, targeting telecommunication companies, named Operation Diànxùn. The tactics, techniques and procedures…

Read more →

Read the original article: Babuk Ransomware Executive Summary Babuk ransomware is a new ransomware threat discovered in 2021 that has impacted at least five big enterprises, with one already paying the criminals $85,000 after negotiations. As with other variants, this…

Read more →

Read the original article: Don’t Call Us We’ll Call You: McAfee ATR Finds Vulnerability in Agora Video SDK The McAfee Advanced Threat Research (ATR) team is committed to uncovering security issues in both software and hardware to help developers provide…

Read more →

Read the original article: Researchers Follow the Breadcrumbs: The Latest Vulnerabilities in Windows’ Network Stack The concept of a trail of breadcrumbs in the offensive security community is nothing new; for many years, researchers on both sides of the ethical…

Read more →

Read the original article: McAfee ATR Launches Education-Inspired Capture the Flag Contest! McAfee’s Advanced Threat Research team just completed its second annual capture the flag (CTF) contest for internal employees. Based on tremendous internal feedback, we’ve decided to open it up to…

Read more →

Read the original article: Two Pink Lines Depending on your life experiences, the phrase (or country song by Eric Church) “two pink lines” may bring up a wide range of powerful emotions.    I suspect, like many fathers and expecting fathers,…

Read more →

Read the original article: A Year in Review: Threat Landscape for 2020 As we gratefully move forward into the year 2021, we have to recognise that 2020 was as tumultuous in the digital realm as it has in the physical…

Read more →

Read the original article: 2021 Threat Predictions Report The Year 2020 brought a historic pandemic and bad actors leveraging COVID-19-themed threats to test our security operations and our unprecedented shift to a remote work life. As we enter 2021, these concerns…

Read more →

Read the original article: How A Device to Cloud Architecture Defends Against the SolarWinds Supply Chain Compromise In a blog post released 13 Dec 2020, FireEye disclosed that threat actors compromised SolarWinds’s Orion IT monitoring and management software with a…

Read more →

Read the original article: Additional Analysis into the SUNBURST Backdoor Executive Summary There has been considerable focus on the recent disclosures associated with SolarWinds, and while existing analysis on the broader campaign has resulted in detection against specific IoCs associated…

Read more →

Read the original article: SUNBURST Malware and SolarWinds Supply Chain Compromise Part I of II Situation In a blog post released 13 Dec 2020, FireEye disclosed that threat actors compromised SolarWinds’s Orion IT monitoring and management software with a trojanized…

Read more →