14 matches found
Get to Know Steve Povolny
Meet Steve Povolny Head of Advanced Threat Research for Trellix Threat Labs By Michael Alicea · May 17, 2022 At Trellix, we celebrate and champion our people. This week, I sat down with Steve Povolny, Head of Advanced Threat Research for Trellix Threat Labs. As he is one of the leading...
Update on WhisperGate, Destructive Malware Targeting Ukraine – Threat Intelligence & Protections Update
Update on WhisperGate, Destructive Malware Targeting Ukraine – Threat Intelligence & Protections Update By Taylor Mullins, Mo Cashman and Raj Samani · January 20, 2022 Recent news reports of a “ransomware” campaign targeting Ukraine has resulted in significant press coverage regarding not only...
Netop Vision Pro - Distance Learning Software is 20/20 in Hindsight
ARCHIVED STORY Netop Vision Pro – Distance Learning Software is 20/20 in Hindsight By Sam Quinn · MAR 21, 2021 · 27 MIN READ The McAfee Labs Advanced Threat Research team is committed to uncovering security issues in both software and hardware to help developers provide safer products for...
Call an Exorcist! My Robot! My Robot's Possessed!
ARCHIVED STORY Call an Exorcist! My Robot’s Possessed! By Mark Bereza · AUG 05, 2020 · 69 MIN READ Overview As part of our continued goal of helping developers provide safer products for businesses and consumers, we here at McAfee Advanced Threat Research ATR recently investigated temi, a...
Call an Exorcist! My Robot! My Robot's Possessed!
ARCHIVED STORY Call an Exorcist! My Robot’s Possessed! By Mark Bereza · AUG 05, 2020 · 69 MIN READ Overview As part of our continued goal of helping developers provide safer products for businesses and consumers, we here at McAfee Advanced Threat Research ATR recently investigated temi , a...
McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service - What The Code Tells Us
McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service – What The Code Tells Us By McAfee Labs · October 2, 2019 Episode 1: What the Code Tells Us McAfee’s Advanced Threat Research team ATR observed a new ransomware family in the wild, dubbed Sodinokibi or REvil, at the end of April 201...
HVACking: Understanding the Delta Between Security and Reality
ARCHIVED STORY HVACking: Understanding the Delta Between Security and Reality By Douglas McKee · August 09, 2019 The McAfee Labs Advanced Threat Research team is committed to uncovering security issues in both software and hardware to help developers provide safer products for businesses and...
Avaya Deskphone: Decade-Old Vulnerability Found in Phone's Firmware
ARCHIVED STORY Avaya Deskphone: Decade-Old Vulnerability Found in Phone’s Firmware By Philippe Laulheret · August 08, 2019 Avaya is the second largest VOIP solution provider source with an install base covering 90% of the Fortune 100 companies source, with products targeting a wide spectrum of...
In NTDLL I Trust – Process Reimaging and Endpoint Security Solution Bypass
ARCHIVED STORY In NTDLL I Trust – Process Reimaging and Endpoint Security Solution Bypass By Eoin Carroll · June 20, 2019 Process Reimaging Overview The Windows Operating System has inconsistencies in how it determines process image FILEOBJECT locations, which impacts non-EDR Endpoint Detection a...
In NTDLL I Trust – Process Reimaging and Endpoint Security Solution Bypass
ARCHIVED STORY In NTDLL I Trust – Process Reimaging and Endpoint Security Solution Bypass By Eoin Carroll · June 20, 2019 Process Reimaging Overview The Windows Operating System has inconsistencies in how it determines process image FILEOBJECT locations, which impacts non-EDR Endpoint Detection a...
McAfee Labs Advanced Threat Research Aids Arrest of Suspected Cybercrime Gang Linked to Top Malware CTB Locker
ARCHIVED STORY McAfee Labs Advanced Threat Research Aids Arrest of Suspected Cybercrime Gang Linked to Top Malware CTB Locker By Trellix · December 20, 2017 In our recent research, we interviewed the actors behind ransomware campaigns. One of the interesting findings was cybercriminals seemed to...
RHEL 6 : rhev-hypervisor6 (RHSA-2015:0126)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2015:0126 advisory. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization...
chromium -- RSA signature malleability in NSS
Google Chrome Releases reports: 414124 RSA signature malleability in NSS CVE-2014-1568. Thanks to Antoine Delignat-Lavaud of Prosecco/INRIA, Brian Smith and Advanced Threat Research team at Intel Security...
Stable Channel Update
The stable channel has been updated to 37.0.2062.124 for Windows and Mac. This build contains a security change: 414124 RSA signature malleability in NSS CVE-2014-1568. Thanks to Antoine Delignat-Lavaud of Prosecco/INRIA, Brian Smith and Advanced Threat Research team at Intel Security Interested ...