Featured Blogs
Analyzing CVE-2017-0190: WMF Flaws Can Lead to Data Theft, Code Execution
CVE-2017-0190 is a recently patched vulnerability related to Windows metafiles (WMFs), a portable image format mainly used by 16-bit Windows...
Analyzing CVE-2017-3731: Truncated Packets Can Cause Denial of Service in OpenSSL
OpenSSL is a popular open-source library for SSL and is used by various software and companies across the world. In...
Analyzing CVE-2017-9791: Apache Struts Vulnerability Can Lead to Remote Code Execution
Apache Struts is a model-view-controller framework for creating Java web applications. Struts has suffered from a couple of vulnerabilities using...
Analyzing CVE-2021-1665 – Remote Code Execution Vulnerability in Windows GDI+
Introduction Microsoft Windows Graphics Device Interface+, also known as GDI+, allows various applications to use different graphics functionality on video...
Analyzing KillDisk Ransomware, Part 1: Whitelisting
This blog post was written by Sudhanshu Dubey. At McAfee Labs we recently analyzed the ransomware KillDisk. We will share...
Analyzing KillDisk Ransomware, Part 2: Variants and Screen Unlocking
This blog post was written by Sudhanshu Dubey. At McAfee Labs we recently analyzed the ransomware KillDisk. In part 1 of...
Analyzing Microsoft Office Zero-Day Exploit CVE-2017-11826
McAfee Labs has performed frequent analyses of Office-related threats over the years: In 2015, we presented research on the Office...
Analyzing Operation GhostSecret: Attack Seeks to Steal Data Worldwide
McAfee Advanced Threat Research analysts have uncovered a global data reconnaissance campaign assaulting a wide number of industries including critical...
Analyzing the First ROP-Only, Sandbox-Escaping PDF Exploit
The winter of 2013 seems to be “zero-day” season. Right after my colleague Haifei Li analyzed the powerful Flash zero...
