Gathering Insights on the Reemergence and Evolution of Old Threats Through Managed Detection and Response
by Erika Mendoza, Anjali Patil, Jay Yaneza, and Jessie Prevost Smart Protection Network (SPN) data and observations from Managed Detection and Response (MDR) for the North American region show the persistence of older threats and tactics: delivery methods such as spam emails are still going strong, while ransomware attacks have seen a renewed vigor alongside […] more…Disrupting the Flow: Exposed and Vulnerable Water and Energy Infrastructures
by Stephen Hilt, Numaan Huq, Vladimir Kropotov, Robert McArdle, Cedric Pernet, and Roel Reyes Energy and water are two of the most central critical infrastructures (CIs). Both sectors have undergone necessary changes to reflect the latest in technology and improve how natural resources are harnessed and distributed. At present, these changes are heading toward more interconnected […] more…DarkPulsar FAQ
What’s it all about? In March 2017, a group of hackers calling themselves “the Shadow Brokers” published a chunk of stolen data that included two frameworks: DanderSpritz and FuzzBunch. The Fuzzbunch framework contains various types of plugins designed to analyze victims, exploit vulnerabilities, schedule tasks, etc. The DanderSpritz framework is designed to examine already controlled […] more…Octopus-infested seas of Central Asia
For the last two years we have been monitoring a Russian-language cyberespionage actor that focuses on Central Asian users and diplomatic entities. We named the actor DustSquad and have provided private intelligence reports to our customers on four of their campaigns involving custom Android and Windows malware. In this blogpost we cover a malicious program […] more…Phishing Campaign uses Hijacked Emails to Deliver URSNIF by Replying to Ongoing Threads
by Erika Mendoza, Anjali Patil and Jay Yaneza While most phishing campaigns are fairly simplistic in nature and easy to spot (they usually involve a legitimate-looking email, often with a malicious attachment or link embedded in the text), a spam campaign we observed in September indicates attackers are angling towards a more sophisticated form of phishing. […] more…#CyberAware: Teaching Kids to Get Fierce About Protecting Their Identity
It wasn’t Kiley’s fault, but that didn’t change the facts: The lending group denied her college loan due to poor credit, and she didn’t have a plan B. Shocked and numb, she began to dig a little deeper. She discovered that someone had racked up three hefty credit card bills using her Social Security Number (SSN) […] more…New trends in the world of IoT threats
Cybercriminals’ interest in IoT devices continues to grow: in H1 2018 we picked up three times as many malware samples attacking smart devices as in the whole of 2017. And in 2017 there were ten times more than in 2016. That doesn’t bode well for the years ahead. We decided to study what attack vectors […] more…Snapstreaks: Why Kids Keep them Going and What Parents Need to Know
People who use the popular social networking app Snapchat, understand what happens after three consecutive days of messaging the same person. A little flame automatically shows up next to that person’s name signaling that a Snapstreak is officially on. And, keeping that streak alive, is a bigger deal than you might guess. From that day […] more…80 to 0 in Under 5 Seconds: Falsifying a Medical Patient’s Vitals
The author thanks Shaun Nordeck, MD, for his assistance with this report. With the explosion of growth in technology and its influence on our lives, we have become increasingly dependent on it. The medical field is no exception: Medical professionals trust technology to provide them with accurate information and base life-changing decisions on this data. McAfee’s […] more…How do file partner programs work?
It’s easy to notice if you’ve fallen victim to an advertising partner program: the system has new apps that you didn’t install, ad pages spontaneously open in the browser, ads appear on sites where they never used to, and so on. If you notice these symptoms on your computer, and in the list of installed […] more…Attacks on industrial enterprises using RMS and TeamViewer
Main facts Kaspersky Lab ICS CERT has identified a new wave of phishing emails with malicious attachments targeting primarily companies and organizations that are, in one way or another, associated with industrial production. The phishing emails are disguised as legitimate commercial offers and are sent mainly to industrial companies located in Russia. The content of […] more…Family Matters: How to Help Kids Avoid Cyberbullies this Summer
The summer months can be tough on kids. There’s more time during the day and much of that extra time gets spent online scrolling, surfing, liking, and snap chatting with peers. Unfortunately, with more time, comes more opportunity for interactions between peers to become strained even to the point of bullying. Can parents stop their kids […] more…McAfee Interns Share Their Experience for #NationalInternDay
By Christie, HR Communications Intern As someone who always wanted to make an impact in the world, I thought nonprofit was the only fit for my passions in marketing and philanthropy. Because of this, I’ve worked primarily in the nonprofit sector for the last three years. But to keep my options open, I desired to […] more…What Drives a Ransomware Criminal? CoinVault Developers Convicted in Dutch Court
How often do we get a chance to learn what goes on in the minds of cybercriminals? Two members of McAfee’s Advanced Threat Research team recently did, as they attended a court case against two cybercriminal brothers. The brothers, Dennis and Melvin, faced a judge in Rotterdam, in the Netherlands. This case was one of […] more…Organizations Leave Backdoors Open to Cheap Remote Desktop Protocol Attacks
Thanks to my colleague Christiaan Beek for his advice and contributions. While researching underground hacker marketplaces, the McAfee Advanced Threat Research team has discovered that access linked to security and building automation systems of a major international airport could be bought for only US$10. The dark web contains RDP shops, online platforms selling remote desktop […] more…In cryptoland, trust can be costly
While the legal status of cryptocurrencies and laws to regulate them continue to be hammered out, scammers are busy exploiting the digital gold rush. Besides hacking cryptocurrency exchanges, exploiting smart-contract vulnerabilities, and deploying malicious miners, cybercriminals are also resorting to more traditional social-engineering methods that can reap millions of dollars. Their targets are not just […] more…More information
- Google free public DNS services were briefly corrupted
- Microsoft Office CVE-2015-1642 Memory Corruption Vulnerability
- No More Ransom Alliance Gains Momentum
- OpenBSD Multiple Privilege Escalation and Authentication Bypass Vulnerabilities
- 74 Arrested in International Operation Targeting BEC Scams
- Expert Earns $5,000 for Google Intranet Vulnerability
- Homes, Not Just Devices: The New Consumer Cybersecurity
- New Google Account Activity lets you know what Google knows about you
- Intel Tackles ROP Attacks With New Technology
- Inside Apple’s ‘Bionic Virtual Meeting Room’