This article has been indexed from McAfee Labs – McAfee Blogs By Sriram P & Lakshya Mathur Hancitor, a loader that provides Malware as a Service, has been observed distributing malware such as… The post HANCITOR DOC drops via CLIPBOARD appeared first…
Tag: McAfee Labs – McAfee Blogs
‘Tis the Season for Scams
This article has been indexed from McAfee Labs – McAfee Blogs Co-authored by: P, Sriram, and Deepak Setty ‘Tis the season for scams. Well, honestly, it’s always scam season somewhere. In… The post ‘Tis the Season for Scams appeared first…
The Newest Malicious Actor: “Squirrelwaffle” Malicious Doc.
This article has been indexed from McAfee Labs – McAfee Blogs Authored By Kiran Raj Due to their widespread use, Office Documents are commonly used by Malicious actors as a way… The post The Newest Malicious Actor: “Squirrelwaffle” Malicious Doc.…
Social Networks Account Stealer Hidden in Android Gaming Hacking Tool
This article has been indexed from McAfee Labs – McAfee Blogs Authored by: Wenfeng Yu McAfee Mobile Research team recently discovered a new piece of malware that specifically steals Google, Facebook,… The post Social Networks Account Stealer Hidden in Android…
Malicious PowerPoint Documents on the Rise
This article has been indexed from McAfee Labs – McAfee Blogs Authored by Anuradha M McAfee Labs have observed a new phishing campaign that utilizes macro capabilities available in Microsoft PowerPoint…. The post Malicious PowerPoint Documents on the Rise appeared…
Malicious PowerPoint Documents on the Rise
This article has been indexed from McAfee Labs – McAfee Blogs Authored by Anuradha M McAfee Labs have observed a new phishing campaign that utilizes macro capabilities available in Microsoft PowerPoint…. The post Malicious PowerPoint Documents on the Rise appeared…
Android malware distributed in Mexico uses Covid-19 to steal financial credentials
This article has been indexed from McAfee Labs – McAfee Blogs Authored by Fernando Ruiz McAfee Mobile Malware Research Team has identified malware targeting Mexico. It poses as a security banking tool or as a bank… The post Android malware distributed in Mexico uses Covid-19…
Android malware distributed in Mexico uses Covid-19 to steal financial credentials
This article has been indexed from McAfee Labs – McAfee Blogs McAfee Mobile Malware Research Team has identified malware targeting Mexico. It poses as a security banking tool or as a bank application designed to report… The post Android malware distributed in Mexico uses Covid-19…
Fighting new Ransomware Techniques with McAfee’s Latest Innovations
This article has been indexed from McAfee Labs – McAfee Blogs In 2021 ransomware attacks have been dominant among the bigger cyber security stories. Hence, I was not surprised to see that McAfee’s June 2021 Threat report is primarily focused…
Hancitor Making Use of Cookies to Prevent URL Scraping
This article has been indexed from McAfee Labs – McAfee Blogs This blog was written by Vallabh Chole & Oliver Devane Over the years, the cybersecurity industry has seen many threats get taken down, such as the Emotet takedown in…
Analyzing CVE-2021-1665 – Remote Code Execution Vulnerability in Windows GDI+
This article has been indexed from McAfee Labs – McAfee Blogs Introduction Microsoft Windows Graphics Device Interface+, also known as GDI+, allows various applications to use different graphics functionality on video displays as well as printers. Windows applications don’t directly…
Major HTTP Vulnerability in Windows Could Lead to Wormable Exploit
This article has been indexed from McAfee Labs – McAfee Blogs Today, Microsoft released a highly critical vulnerability (CVE-2021-31166) in its web server http.sys. This product is a Windows-only HTTP server which can be run standalone or in conjunction with…
“Fool’s Gold”: Questionable Vaccines, Bogus Results, and Forged Cards
This article has been indexed from McAfee Labs – McAfee Blogs Preface Countries all over the world are racing to achieve so-called herd immunity against COVID-19 by vaccinating their populations. From the initial lockdown to the cancellation of events and…
Steps to Discover Hidden Threat from Phishing Email
Introduction Email is one of the primary ways of communication in the modern world. We use email to receive notifications about our online shopping, financial transaction, credit card e-statements, one-time passwords to authenticate registration processes, application for jobs, auditions, school…
Roaming Mantis Amplifies Smishing Campaign with OS-Specific Android Malware
The Roaming Mantis smishing campaign has been impersonating a logistics company to steal SMS messages and contact lists from Asian Android users since 2018. In the second half of 2020, the campaign improved its effectiveness by adopting dynamic DNS services…
Access Token Theft and Manipulation Attacks – A Door to Local Privilege Escalation
Read the original article: Access Token Theft and Manipulation Attacks – A Door to Local Privilege Escalation
Access Token Theft and Manipulation Attacks – A Door to Local Privilege Escalation
Read the original article: Access Token Theft and Manipulation Attacks – A Door to Local Privilege Escalation
McAfee Labs Report Reveals Latest COVID-19 Threats and Malware Surges
Read the original article: McAfee Labs Report Reveals Latest COVID-19 Threats and Malware Surges
McAfee Defenders Blog: Reality Check for your Defenses
Read the original article: McAfee Defenders Blog: Reality Check for your Defenses Welcome to reality Ever since I started working in IT Security more than 10 years ago, I wondered, what helps defend against malware the best? This simple question…
Netop Vision Pro – Distance Learning Software is 20/20 in Hindsight
Read the original article: Netop Vision Pro – Distance Learning Software is 20/20 in Hindsight The McAfee Labs Advanced Threat Research team is committed to uncovering security issues in both software and hardware to help developers provide safer products for…
Operation Diànxùn: Cyberespionage Campaign Targeting Telecommunication Companies
Read the original article: Operation Diànxùn: Cyberespionage Campaign Targeting Telecommunication Companies In this report the McAfee Advanced Threat Research (ATR) Strategic Intelligence team details an espionage campaign, targeting telecommunication companies, dubbed Operation Diànxùn. In this attack, we discovered malware using…
McAfee Defender’s Blog: Operation Dianxun
Read the original article: McAfee Defender’s Blog: Operation Dianxun Operation Dianxun Overview In a recent report the McAfee Advanced Threat Research (ATR) Strategic Intelligence team disclosed an espionage campaign, targeting telecommunication companies, named Operation Diànxùn. The tactics, techniques and procedures…
Babuk Ransomware
Read the original article: Babuk Ransomware Executive Summary Babuk ransomware is a new ransomware threat discovered in 2021 that has impacted at least five big enterprises, with one already paying the criminals $85,000 after negotiations. As with other variants, this…
Don’t Call Us We’ll Call You: McAfee ATR Finds Vulnerability in Agora Video SDK
Read the original article: Don’t Call Us We’ll Call You: McAfee ATR Finds Vulnerability in Agora Video SDK The McAfee Advanced Threat Research (ATR) team is committed to uncovering security issues in both software and hardware to help developers provide…
Researchers Follow the Breadcrumbs: The Latest Vulnerabilities in Windows’ Network Stack
Read the original article: Researchers Follow the Breadcrumbs: The Latest Vulnerabilities in Windows’ Network Stack The concept of a trail of breadcrumbs in the offensive security community is nothing new; for many years, researchers on both sides of the ethical…
McAfee ATR Launches Education-Inspired Capture the Flag Contest!
Read the original article: McAfee ATR Launches Education-Inspired Capture the Flag Contest! McAfee’s Advanced Threat Research team just completed its second annual capture the flag (CTF) contest for internal employees. Based on tremendous internal feedback, we’ve decided to open it up to…
Two Pink Lines
Read the original article: Two Pink Lines Depending on your life experiences, the phrase (or country song by Eric Church) “two pink lines” may bring up a wide range of powerful emotions. I suspect, like many fathers and expecting fathers,…
A Year in Review: Threat Landscape for 2020
Read the original article: A Year in Review: Threat Landscape for 2020 As we gratefully move forward into the year 2021, we have to recognise that 2020 was as tumultuous in the digital realm as it has in the physical…
2021 Threat Predictions Report
Read the original article: 2021 Threat Predictions Report The Year 2020 brought a historic pandemic and bad actors leveraging COVID-19-themed threats to test our security operations and our unprecedented shift to a remote work life. As we enter 2021, these concerns…
How A Device to Cloud Architecture Defends Against the SolarWinds Supply Chain Compromise
Read the original article: How A Device to Cloud Architecture Defends Against the SolarWinds Supply Chain Compromise In a blog post released 13 Dec 2020, FireEye disclosed that threat actors compromised SolarWinds’s Orion IT monitoring and management software with a…
Additional Analysis into the SUNBURST Backdoor
Read the original article: Additional Analysis into the SUNBURST Backdoor Executive Summary There has been considerable focus on the recent disclosures associated with SolarWinds, and while existing analysis on the broader campaign has resulted in detection against specific IoCs associated…
SUNBURST Malware and SolarWinds Supply Chain Compromise
Read the original article: SUNBURST Malware and SolarWinds Supply Chain Compromise Part I of II Situation In a blog post released 13 Dec 2020, FireEye disclosed that threat actors compromised SolarWinds’s Orion IT monitoring and management software with a trojanized…