Featured Blogs
HVACking: Understanding the Delta Between Security and Reality
The McAfee Labs Advanced Threat Research team is committed to uncovering security issues in both software and hardware to help...
Avaya Deskphone: Decade-Old Vulnerability Found in Phone’s Firmware
Avaya is the second largest VOIP solution provider (source) with an install base covering 90% of the Fortune 100 companies...
MoqHao Related Android Spyware Targeting Japan and Korea Found on Google Play
The McAfee mobile research team has found a new type of Android malware for the MoqHao phishing campaign (a.k.a. XLoader...
The Twin Journey, Part 2: Evil Twins in a Case In-sensitive Land
In the first of this 3-part blog series, we covered the implications of promoting files to “Evil Twins” where they...
DHCP Client Remote Code Execution Vulnerability Demystified
CVE-2019-0547 CVE-2019-0547 was the first vulnerability patched by Microsoft this year. The dynamic link library, dhcpcore.dll, which is responsible for...
Clop Ransomware
This new ransomware was discovered by Michael Gillespie on 8 February 2019 and it is still improving over time. This...
The Twin Journey, Part 1
Summary and Introduction: The recent changes in Windows 10, aiming to add case sensitivity (CS) at directory level, have prompted...
Jet Database Engine Flaw May Lead to Exploitation: Analyzing CVE-2018-8423
In September 2018, the Zero Day Initiative published a proof of concept for a vulnerability in Microsoft’s Jet Database Engine....
What Is Mshta, How Can It Be Used and How to Protect Against It
The not-so Usual Suspects There is a growing trend for attackers to more heavily utilize tools that already exist on...
Examining the Link Between TLD Prices and Abuse
This blog was written by Charlie Feng. Briefing Over the years, McAfee researchers have observed that certain new top-level Domains...
