Hardik Shah

Hardik Shah, a Senior Research Engineer in McAfee Labs, is an experienced security researcher and technology evangelist. He has extensive experience with exploits, malware analysis, and various IPS engines. Shah enjoys figuring out ways to protect customers from the latest threats. Prior to McAfee, he worked with the IPS research team at Symantec. You can follow him on twitter at @hardik05

Subscribe to Hardik Shah Blogs

More from Hardik Shah

McAfee Labs

Analyzing and Identifying Issues with the Microsoft Patch for CVE-2018-8423

Introduction As of July 2019, Microsoft has fixed around 43 bugs in the Jet Database Engine. McAfee has reported a couple of bugs and, so far, we have received 10 CVE’s from Microsoft. In our previous post, we discussed the root cause of CVE-2018-8423. While analyzing this CVE and patch ...

McAfee Labs

Jet Database Engine Flaw May Lead to Exploitation: Analyzing CVE-2018-8423

In September 2018, the Zero Day Initiative published a proof of concept for a vulnerability in Microsoft’s Jet Database Engine. Microsoft released a patch in October 2018. We investigated this flaw at that time to protect our customers. We were able to find some issues with the patch and reported ...

McAfee Labs

How Hackers Bypassed an Adobe Flash Protection Mechanism

The number of Flash Player exploits has recently declined, due to Adobe’s introduction of various measures to strengthen Flash’s security. Occasionally, however, an exploit still arises. On January 31, Kr-Cert reported a zero-day vulnerability, identified as CVE-2018-4878, being exploited in the field. (Adobe has released an update to fix this ...

McAfee Labs

Apache Struts at REST: Analyzing Remote Code Execution Vulnerability CVE-2017-9805

Apache Struts, an open-source web development framework, is prone to vulnerabilities. We wrote about CVE-2017-9791 in July. The latest is CVE-2017-9805, another remote code execution flaw actively being exploited, according to reports. This vulnerability affects the Struts plug-in Representational State Transfer (REST). Apache has updated Struts with Version 2.5.13 to fix ...

McAfee Labs

Analyzing CVE-2017-9791: Apache Struts Vulnerability Can Lead to Remote Code Execution

Apache Struts is a model-view-controller framework for creating Java web applications. Struts has suffered from a couple of vulnerabilities using the technique of object-graph navigation language (OGNL) injection. OGNL is an expression language that allows the setting of object properties and execution of various methods of Java classes. OGNL can ...

McAfee Labs

Analyzing CVE-2017-3731: Truncated Packets Can Cause Denial of Service in OpenSSL

OpenSSL is a popular open-source library for SSL and is used by various software and companies across the world. In January, OpenSSL released an update that fixed multiple vulnerabilities. One of them is CVE-2017-3731, which can cause a denial of service due to a crash. McAfee Labs analyzed this vulnerability ...

McAfee Labs

Analyzing CVE-2016-9311: NTPD Vulnerability Can Lead to Denial of Service

The network time protocol synchronizes time across various devices on a network. The network time protocol daemon (NTPD) is an open-source implementation of this protocol. In the last couple of months, a number of vulnerabilities have been reported in NTPD. One is CVE-2016-9311, which can cause a crash leading to ...

McAfee Labs

Vertexnet Botnet Hides Behind AutoIt

Recently we found some new malware samples using AutoIt to hide themselves. On further analysis we found that those sample belong to the Vertexnet botnet. They use multiple layers of obfuscation; once decoded, they connect to a control server to accept commands and transfer stolen data. This sample is packed ...

McAfee Labs

Delving Deeply Into a Bitcoin Botnet

Bitcoin is a virtual decentralized currency that was created in 2009 by developer Satoshi Nakamoto, who described the currency in a paper. Recently Bitcoin has gotten lots of attention. In early 2013, the prices reached a high of US$265 per Bitcoin. The following chart shows the currency’s historical price:   ...

Subscribe to McAfee Securing Tomorrow Blogs