Featured Blogs
From Building Control to Damage Control: A Case Study in Industrial Security Ft. Delta
Management. Control. It seems that you can’t stick five people in a room together without one of them trying to...
HVACking: Understanding the Delta Between Security and Reality
The McAfee Labs Advanced Threat Research team is committed to uncovering security issues in both software and hardware to help...
Avaya Deskphone: Decade-Old Vulnerability Found in Phone’s Firmware
Avaya is the second largest VOIP solution provider (source) with an install base covering 90% of the Fortune 100 companies...
MoqHao Related Android Spyware Targeting Japan and Korea Found on Google Play
The McAfee mobile research team has found a new type of Android malware for the MoqHao phishing campaign (a.k.a. XLoader...
The Twin Journey, Part 2: Evil Twins in a Case In-sensitive Land
In the first of this 3-part blog series, we covered the implications of promoting files to “Evil Twins” where they...
DHCP Client Remote Code Execution Vulnerability Demystified
CVE-2019-0547 CVE-2019-0547 was the first vulnerability patched by Microsoft this year. The dynamic link library, dhcpcore.dll, which is responsible for...
Clop Ransomware
This new ransomware was discovered by Michael Gillespie on 8 February 2019 and it is still improving over time. This...
The Twin Journey, Part 1
Summary and Introduction: The recent changes in Windows 10, aiming to add case sensitivity (CS) at directory level, have prompted...
Jet Database Engine Flaw May Lead to Exploitation: Analyzing CVE-2018-8423
In September 2018, the Zero Day Initiative published a proof of concept for a vulnerability in Microsoft’s Jet Database Engine....
What Is Mshta, How Can It Be Used and How to Protect Against It
The not-so Usual Suspects There is a growing trend for attackers to more heavily utilize tools that already exist on...