Threat Group APT28 Slips Office Malware into Doc Citing NYC Terror Attack
This blog post was co-written by Michael Rea. During our monitoring of activities around the APT28 threat group, McAfee Advanced...
Pirate Versions of Popular Apps Infiltrate Google Play via Virtualization
The McAfee Mobile Research team recently found pirated applications of popular apps distributed on the Google Play store. A pirated...
Expiro Malware Is Back and Even Harder to Remove
File infector malware adds malicious code to current files. This makes removal tricky because deleting infections results in the loss...
Configuring McAfee ENS and VSE to Prevent Macroless Code Execution in Office Apps
Microsoft Office macros are a popular method of distributing malware. Users can defend themselves against macro attacks by disabling macros....
Code Execution Technique Takes Advantage of Dynamic Data Exchange
Email phishing campaigns are a popular social engineering technique among hackers. The idea is simple: Craft an email that looks...
‘BadRabbit’ Ransomware Burrows Into Russia, Ukraine
This post was researched and written by Christiaan Beek, Tim Hux, David Marcus, Charles McFarland, Douglas McKee, and Raj Samani. McAfee...
Analyzing CVE-2017-0190: WMF Flaws Can Lead to Data Theft, Code Execution
CVE-2017-0190 is a recently patched vulnerability related to Windows metafiles (WMFs), a portable image format mainly used by 16-bit Windows...
McAfee Discovers Pinkslipbot Exploiting Infected Machines as Control Servers
This blog was written by Sanchit Karve. McAfee Labs has discovered that banking malware Pinkslipbot (also known as QakBot/QBot) has...
Cerber Ransomware Evades Detection With Many Components
This blog was co-written by Sapna Juneja. Cerber is a quickly evolving type of malware called crypto-ransomware. Cerber encrypts files...
Mirai Botnet Creates Army of IoT Orcs
This post was based on analysis by Yashashree Gund and RaviKant Tiwari. There is a lot of speculation in the...
