September 8, 2010 - Just after Adobe released its out-of-band patch for CVE-2010-2862, we discovered a malware exploiting a new zero-day vulnerability in the wild. Similar to the iOS PDF jailbreak vulnerability and CVE-2010-2862, this zero day occurs while Adobe Reader is parsing TrueType (continue reading...) Read more
September 1, 2010 - Two weeks ago, I posted a blog entry talking about the counterfeiting of legal documents. I have received many comments and requests for further data related to this type of fraud from various Eastern Europe countries, France, and even (continue reading...) Read more
August 31, 2010 - The Anti-Malware engine is a critical and core piece of the McAfee anti-malware solutions. As with any core technology, the engine must be rock-solid stable, fast, and functionally rich. A new McAfee Labs whitepaper outlines these engine technologies and values, (continue reading...) Read more
August 6, 2010 - Even as AMTSO attempts to bring some qualified and competent guidance to testing methodologies, and individuals with an agenda or paranoia invent stories about why it is not good, we see more completely incompetent testing. I refer this time to (continue reading...) Read more
July 30, 2010 - Shortcut exploits have made the news in malware circles this month. After Stuxnet first used them, it wasn’t long before other malware started (continue reading...) Read more
July 26, 2010 - As McAfee Labs predicted in a previous blog post regarding the Microsoft Windows Shell .LNK vulnerability, it was just a matter of time before malware started using Exploit-CVE2010-2568 to take advantage of this new Microsoft zero-day flaw. The (continue reading...) Read more
July 19, 2010 - Today Microsoft updated the security advisory that was initially published last Friday (July 16), stating that they’re working on issuing a security patch for this vulnerability. Earlier, malware exploiting this issue was found in the wild. Researchers at McAfee (continue reading...) Read more
June 1, 2010 - The news that Google is supposedly dropping Microsoft Windows is spreading like wildfire all over the Internet today. Without getting into any “which OS is better or more secure” holy war, let’s review some facts to see if this (continue reading...) Read more
May 13, 2010 - I was just reading Byron Acohido’s writeup on Microsoft ending security support for patches for Windows XP Service Pack 2 and Windows 2000. Now as I work for a vendor myself I completely understand why Microsoft is going EOL (continue reading...) Read more
March 30, 2010 - Today Microsoft released MS10-018 covering 10 vulnerabilities, including CVE-2010-0806, a zero-day threat discovered in the wild earlier in this month. Reported exploit detections from McAfee home users are significant, though well below the top 20 detections at the the (continue reading...) Read more
March 9, 2010 - Earlier today, Microsoft released Security Advisory (981374). This advisory covers CVE-2010-0806, an unpatched vulnerability affecting Internet Explorer versions 6 and 7. This attack appears to be rather targeted at the moment, but as with other unpatched vulnerabilities in the past, (continue reading...) Read more
February 9, 2010 - Today we unveiled our Threats Report for the fourth quarter of 2009. It highlights many of the most significant spam-generating stories in 2009 as well as the rise of political hacktivism in countries such as Poland, Latvia, Denmark, and Switzerland. (continue reading...) Read more
January 21, 2010 - Microsoft has released Security Bulletin MS10-002, regarding Internet Explorer vulnerabilities. In addition to patching the flaw exposed by Operation Aurora, the company released patches for seven other vulnerabilities. We are aware of reports of private CVE-2010-0249 exploits impacting Internet (continue reading...) Read more
January 19, 2010 - Here’s a quick update on CVE-2010-0249, aka the Aurora exploit. A few days ago exploit code was made public. Since then malware authors have been customizing the exploits payload to install their own malicious creations. Much of (continue reading...) Read more
January 19, 2010 - We are pleased to announce the next event in our complimentary monthly “Hacking Exposed Live!–A Webcast Series,” which educates attendees to protect against cybercrime and hackers. The monthly webcast, hosted by Hacking Exposed coauthor and McAfee Senior Vice President (continue reading...) Read more
January 15, 2010 - Operation Aurora has received a lot of attention over the past couple of days. To recap, Google, Adobe, and many other companies were attacked with code exploiting a zero-day vulnerability in Internet Explorer. Since the announcement of (continue reading...) Read more
January 14, 2010 - Earlier today, George Kurtz posted an entry, ‘Operation “Aurora” Hit Google, Others’, on the McAfee’s Security Insight blog The purpose of this blog is to answer questions about this particular attack; fill in some of the threat flow and (continue reading...) Read more
November 23, 2009 - Information regarding another zero-day vulnerability in the Internet Explorer web browser affecting version 6 and 7 has been published as Proof-of-Concept over the weekend. The vulnerability lies in a missing check when accessing a website’s Stylesheet markup information through the (continue reading...) Read more
September 11, 2009 - Microsoft has announced an out-of-band release for a vulnerability (CVE-2009-3103) in the SMB2 protocol which exposes Windows Server 2008 and Windows Vista users to possible remote code execution attacks. It does not appear that Windows 2000 and Windows XP are (continue reading...) Read more