This blog was written byVaradharajan Krishnasamy, Karthickkumar, Sakshi Jaiswal Introduction Ransomware attacks are one of the most common cyber-attacks among... The post REvil Ransomware Uses DLL...

ISaGRAF Runtime stores the password in plaintext in memory and in a file which is located in the same directory with the executable file ISAGRAF.exe.

A remote attacker is able to decrypt passwords captured during a Man-in-the-Middle attack, because the affected software uses Tiny Encryption Algorithm (TEA) algorithm with fixed keys to encrypt...

An attacker with write privileges in VirtualStore folder can perform arbitrary code execution by placing ".dll" files in affected software directory, because the software loads dynamic libraries...

A remote attacker is able to read and modify captured data during a Man-in-the-Middle attack, because the affected software uses ISaGRAF eXchange Layer* protocol, which is unencrypted by design.

Some commands used by the ISaGRAF eXchange Layer (IXL) protocol perform various file operations in the file system. Since the parameter pointing to the file name is not checked for reserved...

CNA Financial customers are feeling the ripple effects of a ransomware attack that occurred earlier this year.

CNA Financial customers are feeling the ripple effects of a ransomware attack that occurred earlier this year.

This blog was written by Vallabh Chole & Oliver Devane Over the years, the cybersecurity industry has seen many threats... The post Hancitor Making Use of Cookies to Prevent URL Scraping appeared...

This blog was written by Kiran Raj & Kishan N. Introduction In the last few years, Microsoft Office macro malware... The post Zloader With a New Infection Technique appeared first on McAfee Blog.

While the world continues to wait for Kaseya to issue an update to patch VSA installations against a vulnerability exploited by the REvil ransomware gang, security researchers spotted a malware...

Executive Summary Ryuk is a ransomware that encrypts a victim’s files and requests payment in Bitcoin cryptocurrency to release the... The post New Ryuk Ransomware Sample Targets Webservers...

Kaspersky ICS CERT discovered a Denial of Service of the device through GET HTTP request to the web server of camera.

Kaspersky ICS CERT has discovered that the web service of the Robert Bosch GmbH CPP HD/MP cameras does not correctly parse the HTTP protocol. Scope Scope changed

Kaspersky ICS CERT discovered a reflected XSS in a page parameter. Scope Scope changed

Kaspersky ICS CERT discovered multiple reflected XSS in URI handlers. Scope Scope changed

Kaspersky ICS CERT has discovered missing authentication vulnerability for execution critical commands by HTTP requests.

Introduction: ImageMagick is a hugely popular open source software that is used in lot of systems around the world. It... The post Fuzzing ImageMagick and Digging Deeper into CVE-2020-27829...

Introduction Microsoft Windows Graphics Device Interface+, also known as GDI+, allows various applications to use different graphics functionality on video... The post Analyzing CVE-2021-1665 –...

The 10 must-attend sessions at Black Hat 2021

The McAfee Advanced Threat Research team today published the McAfee Labs Threats Report: June 2021. In this edition we introduce... The post McAfee Labs Report Highlights Ransomware Threats...

Gaming publishing giant Electronic Art (EA games) has lost 780 GB of sensitive gaming data in a recent data breach.

Gaming publishing giant Electronic Art (EA games) has lost 780 GB of sensitive gaming data in a recent data breach.

Executive Summary The McAfee Advanced Threat Research team (ATR) is committed to uncovering security issues in both software and hardware to help developers... The post A New Program for Your...

Introduction Virtualization technology has been an IT cornerstone for organization for years now. It revolutionized the way organizations can scale... The post Are Virtual Machines the New Gold...

Last week Wiz closed its Series B, which we had previously announced in March, with an additional $120 million investment from Salesforce Ventures and Blackstone with participation from Aglaé Ventures.

On 2021-06-07, a campaign was reported, involving Siloscape operator, gaining initial access via 1-day vulnerability, Web vulnerability, while using TOR anonymization, Thread impersonation to...

In the last decade, cybercrime has become more sophisticated. Most individuals are not very keen on cybercrime and assume only corporates and businesses are targets. Ransomware is a prevalent...

The msgrcv_nocancel syscall could disclose uninitialized memory from kernel space into userspace. This is due to an incorrect calculation being performed when copying the memory.

Join our Incident Master Ean Meyer as we play another round of Backdoors & Breaches (B&B) session using our new Tabletop Simulator (TTS) version! If you have STEAM / TABLETOP […] The post...