This article began as an overview of the Colonial Pipeline incident. However, the events unfolded so rapidly that the scope of the publication has gone beyond a single incident.

Android is the primary operating system that is currently being used all over the world. As such, it has become one of the biggest targets for hackers. As many antivirus... The post Does Avast...

There has been a huge explosion of different free and open-source options for EDR in the security space. Which is nice because the commercial offerings are stupid expensive. In this […] The post...

Summary points: Scammers are increasingly using Windows Push Notifications to impersonate legitimate alerts Recent campaigns pose as a Windows Defender... The post Scammers Impersonating Windows...

Over the past week we have seen a considerable body of work focusing on DarkSide, the ransomware responsible for the... The post DarkSide Ransomware Victims Sold Short appeared first on McAfee Blog.

This is a joint emergency webcast from the teams of Black Hills Information Security, Wild West Hackin’ Fest, and Active Countermeasures, presented by John Strand. There have been a couple […] The...

Today, Microsoft released a highly critical vulnerability (CVE-2021-31166) in its web server http.sys. This product is a Windows-only HTTP server... The post Major HTTP Vulnerability in Windows...

Cleartext Transmission of Sensitive Information via Moxa Service in NPort IA5000A series serial devices.

The NPort devices use Telnet as one of the network device management services. Telnet does not support the encryption of client-server communications, making it vulnerable to Man-in-the-Middle attacks.

The result of exporting a device’s configuration contains the passwords of all users on the system and other sensitive data in the original form if “Pre-shared key” doesn’t set.

By exploiting the vulnerability, a user with “Read Only” privilege level can send requests via the web console to have the device’s configuration changed. Scope Scope changed: the security of...

Preface Countries all over the world are racing to achieve so-called herd immunity against COVID-19 by vaccinating their populations. From... The post “Fool’s Gold”: Questionable Vaccines, Bogus...

The year four report covers 2020 and aims to highlight the achievements and efforts made by the Active Cyber Defence programme.

The Roaming Mantis smishing campaign has been impersonating a logistics company to steal SMS messages and contact lists from Asian... The post Roaming Mantis Amplifies Smishing Campaign with...

McAfee is tracking an increase in the use of deceptive popups that mislead some users into taking action, while annoying... The post How to Stop the Popups appeared first on McAfee Blog.

The importance of accessibility and protection of personal information can never be overstated especially when it comes to online dealings. This is because of the sensitive nature of such...

Executive Summary Many malware attacks designed to inflict damage on a network are armed with lateral movement capabilities. Post initial... The post Access Token Theft and Manipulation Attacks –...

Authored by: Sang Ryol Ryu and Chanung Pak A new wave of fraudulent apps has made its way to the... The post Clever Billing Fraud Applications on Google Play: Etinu appeared first on McAfee Blog.

Note: This blog post doesn’t make sense to many It’s 2021 now. Moreover, the quarter has already passed. I thought Drive-by Download attack was dead four years ago. Angler Exploit Kit has...

On April 2021, Codecov was compromised by an unknown threat actor who abused their access to the company's cloud environment to conduct a supply chain attack. The threat actor gained initial...

Colorado University suffers the biggest data breach in the institution's history,

Colorado University suffers the biggest data breach in the institution's history,

The McAfee Advanced Threat Research team today published the McAfee Labs Threats Report: April 2021. In this edition, we present... The post McAfee Labs Report Reveals Latest COVID-19 Threats and...

Recently, the McAfee Mobile Research Team uncovered several new variants of the Android malware family BRATA being distributed in Google... The post BRATA Keeps Sneaking into Google Play, Now...

On November 22, Law in Order fell victim to a NetWalker ransomware attack. The attackers threaten to publish the breached data if the ransom isn't paid.

On November 22, Law in Order fell victim to a NetWalker ransomware attack. The attackers threaten to publish the breached data if the ransom isn't paid.

US Fertility has had its sensitive patient data breached in a ransomware attack.

US Fertility has had its sensitive patient data breached in a ransomware attack.

U.S Treasury emails have been breached by suspected Russian hackers.

U.S Treasury emails have been breached by suspected Russian hackers.