Eoin Carroll

Eoin Carroll is a Principal Engineer on the McAfee Advanced Threat Research team, focused on finding new vulnerabilities in both software and hardware. For the first decade of his career he worked as an Electronic Engineer in both the semiconductor and medical device industries, gaining a wealth of engineering and risk experience.
Prior to joining McAfee ATR team he has also worked as a Software Security Engineer, Product Security Architect, Penetration Tester and Incident Responder, developing both defensive and offensive perspectives. During this time he has created and lead security teams as well as mentored many security engineers.
He is very passionate about protecting Autonomous Vehicles and Smart Cities by combining his engineering, security and researcher experience.
His work experience includes Threat Modeling and Risk, Secure Platform Design and Mitigations, Memory Forensics, Operating System Internals and Reverse Engineering.

Subscribe to Eoin Carroll Blogs

More from Eoin Carroll

McAfee Labs

Transitioning to a Mass Remote Workforce – We Must Verify Before Trusting

While not a new practice, the sheer volume of people required to adhere to social distancing best practices means we now have a mass workforce working remotely. Most enterprises and SMBs can support working remotely today but many IT departments are not equipped to scale to the numbers currently required. ...

McAfee Labs

SMBGhost – Analysis of CVE-2020-0796

The Vulnerability The latest vulnerability in SMBv3 is a “wormable” vulnerability given its potential ability to replicate or spread over network shares using the latest version of the protocol (SMB 3.1.1). As of this writing, Microsoft have just released a patch for CVE-2020-0796 on the morning of March 12th. The ...

McAfee Labs

The Cloning of The Ring – Who Can Unlock Your Door?

Steve Povolny contributed to this report. McAfee’s Advanced Threat Research team performs security analysis of products and technologies across nearly every industry vertical. Special interest in the consumer space and Internet of Things (IoT) led to the discovery of an insecure design with the McLear NFC Ring a household access ...

McAfee Labs

In NTDLL I Trust – Process Reimaging and Endpoint Security Solution Bypass

Process Reimaging Overview The Windows Operating System has inconsistencies in how it determines process image FILE_OBJECT locations, which impacts non-EDR (Endpoint Detection and Response) Endpoint Security Solution’s (such as Microsoft Defender Realtime Protection), ability to detect the correct binaries loaded in malicious processes. This inconsistency has led McAfee’s Advanced Threat ...

McAfee Labs

RDP Stands for “Really DO Patch!” – Understanding the Wormable RDP Vulnerability CVE-2019-0708

During Microsoft’s May Patch Tuesday cycle, a security advisory was released for a vulnerability in the Remote Desktop Protocol (RDP). What was unique in this particular patch cycle was that Microsoft produced a fix for Windows XP and several other operating systems, which have not been supported for security updates ...

McAfee Labs

IE Scripting Flaw Still a Threat to Unpatched Systems: Analyzing CVE-2018-8653

Microsoft recently patched a critical flaw in Internet Explorer’s scripting engine that could lead to remote code execution. The vulnerability is being exploited in the wild and was originally reported by a researcher from Google’s Threat Analysis Group. Microsoft released an out-of-band patch to fix the vulnerability before the normal ...

Subscribe to McAfee Securing Tomorrow Blogs