Chintan Shah is currently working as a Security Researcher with McAfee Intrusion Prevention System team and holds broad experience in the network security industry. He primarily focuses on Exploit and vulnerability research, building Threat Intelligence frameworks, Reverse engineering techniques and malware analysis. Chintan had researched and uncovered multiple targeted and espionage attacks in the past blogging about them. His interests lies in software fuzzing for vulnerability discovery, analyzing exploits, malwares and translating to product improvement.
Chintan Shah Blog FeedMore from Chintan Shah
Access Token Theft and Manipulation Attacks – A Door to Local Privilege Escalation
Executive Summary Many malware attacks designed to inflict damage on a network are armed with lateral movement capabilities. Post initial...
Vulnerability Discovery in Open Source Libraries: Analyzing CVE-2020-11863
Open Source projects are the building blocks of any software development process. As we indicated in our previous blog, as...
Vulnerability Discovery in Open Source Libraries Part 1: Tools of the Trade
Executive Summary Open source has become the foundation for modern software development. Vendors use open source software to stay competitive...
An Inside Look into Microsoft Rich Text Format and OLE Exploits
There has been a dramatic shift in the platforms targeted by attackers over the past few years. Up until 2016,...
Evolution of Malware Sandbox Evasion Tactics – A Retrospective Study
Executive Summary Malware evasion techniques are widely used to circumvent detection as well as analysis and understanding. One of the...
Attacks On Indian Organizations Continue – More Exploits Focused On Events
In November last year, McAfee Labs researchers reported about Operation Mangal, an ongoing targeted attack campaign against several Indian domestic...
Win32/Syndicasec Used In Targeted Attacks Against Indian Organizations
During the last couple of months, we’ve observed several RTF exploits that target Indian organizations. The first RTF exploit was...
Targeted Attacks on French Company Exploit Multiple Word Vulnerabilities
Spear phishing email is a major worry to any organization. Messages that appear legitimate and specific fool us more often...
Periodic Connections to Control Server Offer New Way to Detect Botnets
A number of recent botnets and advanced threats use HTTP as their primary communications channel with their control servers. McAfee...
Bank Account Logins for Sale, Courtesy of Citadel Botnet
Financial theft is one of the most lucrative forms of cybercrime. Malware authors continue to deliver sophisticated tools and techniques...
- 1
- 2