Business, McAfee Labs

ROCA: Which Key-Pair Attacks Are Credible?

In the past two weeks, we have seen two big encryption issues arise: key reinstallation attacks, called KRACKs; and “Return of Coppersmith’s Attack,” called ROCA. Many CEOs, CIOs, and CISO/CSOs are asking, as they must, “Are we protected?” and “What’s our exposure?” Security architects are scurrying about to identify reasonable responses that can be presented …

Business, Cloud Security

McAfee Demos Ease of Exploiting Recent Apache Struts Vulnerability

This post was written by Brook Schoenfield and the Advanced Threat Research Team. A series of exploitable conditions have been uncovered in Apache Struts. One of these, CVE-2017-9805, allows unauthenticated execution of attacker code (aka remote code execution). This issue has already been weaponized into attack kits such as Metasploit and exploitation has been seen …

Business, Technical How To

Update: Technical McAfee Detail On DoubleAgent

Cedric Cochin teamed with Brook Schoenfield on this article Updated March 29, 2017 McAfee has been investigating the impact of the so-called “DoubleAgent zero-day” technique of Windows debugging capabilities announced on 22 March 2017. This injection technique uses a Microsoft Windows debugging feature that requires administrative privileges.  On the fly debugging is designed to be used …