Introduction: ImageMagick is a hugely popular open source software that is used in lot of systems around the world. It... The post Fuzzing ImageMagick and Digging Deeper into CVE-2020-27829...

Introduction Microsoft Windows Graphics Device Interface+, also known as GDI+, allows various applications to use different graphics functionality on video... The post Analyzing CVE-2021-1665 –...

The 10 must-attend sessions at Black Hat 2021

The McAfee Advanced Threat Research team today published the McAfee Labs Threats Report: June 2021. In this edition we introduce... The post McAfee Labs Report Highlights Ransomware Threats...

Gaming publishing giant Electronic Art (EA games) has lost 780 GB of sensitive gaming data in a recent data breach.

Gaming publishing giant Electronic Art (EA games) has lost 780 GB of sensitive gaming data in a recent data breach.

Executive Summary The McAfee Advanced Threat Research team (ATR) is committed to uncovering security issues in both software and hardware to help developers... The post A New Program for Your...

Introduction Virtualization technology has been an IT cornerstone for organization for years now. It revolutionized the way organizations can scale... The post Are Virtual Machines the New Gold...

Last week Wiz closed its Series B, which we had previously announced in March, with an additional $120 million investment from Salesforce Ventures and Blackstone with participation from Aglaé Ventures.

On 2021-06-07, a campaign was reported, involving Siloscape operator, gaining initial access via 1-day vulnerability, Web vulnerability, while using TOR anonymization, Thread impersonation to...

In the last decade, cybercrime has become more sophisticated. Most individuals are not very keen on cybercrime and assume only corporates and businesses are targets. Ransomware is a prevalent...

The msgrcv_nocancel syscall could disclose uninitialized memory from kernel space into userspace. This is due to an incorrect calculation being performed when copying the memory.

Join our Incident Master Ean Meyer as we play another round of Backdoors & Breaches (B&B) session using our new Tabletop Simulator (TTS) version! If you have STEAM / TABLETOP […] The post...

What do you do when you wake up one morning and realize that your system’s log-in credentials have suddenly become null and void? What actions do you take when it... The post What to do after a...

A few months ago I was exploring the write-ups and video solutions for the retired HackTheBox machine – Quick. It’s during this exploration that I came across HTTP/3. For those that are not aware,...

How to make sure your antivirus is working without any malware Michael Allen // Recently, a customer asked me if there was a way they could generate alerts from the new antivirus product they...

The report breaks down the current state of the cloud security market and provides an analysis of Wiz’s product strategy, technology, competitors, and more. It’s essential reading for anyone...

This article began as an overview of the Colonial Pipeline incident. However, the events unfolded so rapidly that the scope of the publication has gone beyond a single incident.

Android is the primary operating system that is currently being used all over the world. As such, it has become one of the biggest targets for hackers. As many antivirus... The post Does Avast...

There has been a huge explosion of different free and open-source options for EDR in the security space. Which is nice because the commercial offerings are stupid expensive. In this […] The post...

Summary points: Scammers are increasingly using Windows Push Notifications to impersonate legitimate alerts Recent campaigns pose as a Windows Defender... The post Scammers Impersonating Windows...

Over the past week we have seen a considerable body of work focusing on DarkSide, the ransomware responsible for the... The post DarkSide Ransomware Victims Sold Short appeared first on McAfee Blog.

This is a joint emergency webcast from the teams of Black Hills Information Security, Wild West Hackin’ Fest, and Active Countermeasures, presented by John Strand. There have been a couple […] The...

Today, Microsoft released a highly critical vulnerability (CVE-2021-31166) in its web server http.sys. This product is a Windows-only HTTP server... The post Major HTTP Vulnerability in Windows...

Cleartext Transmission of Sensitive Information via Moxa Service in NPort IA5000A series serial devices.

The NPort devices use Telnet as one of the network device management services. Telnet does not support the encryption of client-server communications, making it vulnerable to Man-in-the-Middle attacks.

The result of exporting a device’s configuration contains the passwords of all users on the system and other sensitive data in the original form if “Pre-shared key” doesn’t set.

By exploiting the vulnerability, a user with “Read Only” privilege level can send requests via the web console to have the device’s configuration changed. Scope Scope changed: the security of...

Preface Countries all over the world are racing to achieve so-called herd immunity against COVID-19 by vaccinating their populations. From... The post “Fool’s Gold”: Questionable Vaccines, Bogus...

The year four report covers 2020 and aims to highlight the achievements and efforts made by the Active Cyber Defence programme.