Hardik Shah, a Senior Research Engineer in McAfee Labs, is an experienced security researcher and technology evangelist. He has extensive experience with exploits, malware analysis, and various IPS engines. Shah enjoys figuring out ways to protect customers from the latest threats. Prior to McAfee, he worked with the IPS research team at Symantec. You can follow him on twitter at @hardik05
Hardik Shah Blog FeedMore from Hardik Shah
Fuzzing ImageMagick and Digging Deeper into CVE-2020-27829
Introduction: ImageMagick is a hugely popular open source software that is used in lot of systems around the world. It...
Analyzing CVE-2021-1665 – Remote Code Execution Vulnerability in Windows GDI+
Introduction Microsoft Windows Graphics Device Interface+, also known as GDI+, allows various applications to use different graphics functionality on video...
Analyzing and Identifying Issues with the Microsoft Patch for CVE-2018-8423
Introduction As of July 2019, Microsoft has fixed around 43 bugs in the Jet Database Engine. McAfee has reported a...
Jet Database Engine Flaw May Lead to Exploitation: Analyzing CVE-2018-8423
In September 2018, the Zero Day Initiative published a proof of concept for a vulnerability in Microsoft’s Jet Database Engine....
How Hackers Bypassed an Adobe Flash Protection Mechanism
The number of Flash Player exploits has recently declined, due to Adobe’s introduction of various measures to strengthen Flash’s security....
Apache Struts at REST: Analyzing Remote Code Execution Vulnerability CVE-2017-9805
Apache Struts, an open-source web development framework, is prone to vulnerabilities. We wrote about CVE-2017-9791 in July. The latest is...
Analyzing CVE-2017-9791: Apache Struts Vulnerability Can Lead to Remote Code Execution
Apache Struts is a model-view-controller framework for creating Java web applications. Struts has suffered from a couple of vulnerabilities using...
Analyzing CVE-2017-3731: Truncated Packets Can Cause Denial of Service in OpenSSL
OpenSSL is a popular open-source library for SSL and is used by various software and companies across the world. In...
Analyzing CVE-2016-9311: NTPD Vulnerability Can Lead to Denial of Service
The network time protocol synchronizes time across various devices on a network. The network time protocol daemon (NTPD) is an...
Vertexnet Botnet Hides Behind AutoIt
Recently we found some new malware samples using AutoIt to hide themselves. On further analysis we found that those sample...
- 1
- 2