McAfee Labs
Read McAfee Labs blogs for the latest threat research, threat intelligence, and thought leadership from the Threat Research team.
Phishing Android Malware Targets Taxpayers in India
Authored by ChanUng Pak McAfee’s Mobile Research team recently found a new Android malware, Elibomi, targeting taxpayers in India. The malware steals sensitive financial and private information via...
The Rise of Deep Learning for Detection and Classification of Malware
Co-written by Catherine Huang, Ph.D. and Abhishek Karnik Artificial Intelligence (AI) continues to evolve and has made huge progress over the last decade. AI shapes our daily lives. Deep...
XLSM Malware with MacroSheets
Excel-based malware has been around for decades and has been in the limelight in recent years. During the second half of 2020, we saw adversaries...
Babuk: Biting off More than they Could Chew by Aiming to Encrypt VM and *nix Systems?
Co-written with Northwave’s Noël Keijzer. Executive Summary For a long time, ransomware gangs were mostly focused on...
Fighting new Ransomware Techniques with McAfee’s Latest Innovations
In 2021 ransomware attacks have been dominant among the bigger cyber security stories. Hence, I was not...
An Overall Philosophy on the Use of Critical Threat Intelligence
The overarching threat facing cyber organizations today is a highly skilled asymmetric enemy, well-funded and resolute in...
REvil Ransomware Uses DLL Sideloading
This blog was written byVaradharajan Krishnasamy, Karthickkumar, Sakshi Jaiswal Introduction Ransomware attacks are one of the most...
Hancitor Making Use of Cookies to Prevent URL Scraping
This blog was written by Vallabh Chole & Oliver Devane Over the years, the cybersecurity industry has...
Zloader With a New Infection Technique
This blog was written by Kiran Raj & Kishan N. Introduction In the last few years, Microsoft...
New Ryuk Ransomware Sample Targets Webservers
Executive Summary Ryuk is a ransomware that encrypts a victim’s files and requests payment in Bitcoin cryptocurrency...
Fuzzing ImageMagick and Digging Deeper into CVE-2020-27829
Introduction: ImageMagick is a hugely popular open source software that is used in lot of systems around...
Analyzing CVE-2021-1665 – Remote Code Execution Vulnerability in Windows GDI+
Introduction Microsoft Windows Graphics Device Interface+, also known as GDI+, allows various applications to use different graphics...
