Debasish Mandal

Debasish is a security researcher, currently working in McAfee Labs Endpoint Exploit Prevention Team. He has been working in information security industry for past 6+ years. Initial few years of his career was mostly focused into Penetration Testing & Red Teaming. Last 4 years at McAfee, his primary focus has been shifted to Vulnerability Research and Threat Hunting, where he spends most of his time, reverse engineering different vulnerabilities, advanced exploitation techniques and developing detection logic for them. Besides doing research, he is passionate about security bug hunting - e.g. he has uncovered several critical security issues in widely deployed products which eventually took him to rank 32 on MSRC Top 100 Security Researchers list in year 2018. In past Debasish has also presented his research at various international security conferences such as BlackHat Europe Briefings, BruCON , SigSegV etc.
Microsoft recently patched a critical flaw in Internet Explorer’s scripting engine that could lead to remote code execution. The vulnerability is being exploited in the wild and was originally reported by a researcher from Google’s Threat Analysis Group. Microsoft released an out-of-band patch to fix the vulnerability before the normal patch cycle. McAfee products received ...
Read Blog
McAfee Labs has noticed a significant shift by some actors toward using trusted Windows executables, rather than external malware, to attack systems. One of the most popular techniques is a “fileless” attack. Because these attacks are launched through reputable executables, they are hard to detect. Both consumers and corporate users can fall victim to this ...
Read Blog
Recently the McAfee IPS Research Team informed Microsoft about a potential remote code execution vulnerability in Office 2016 that McAfee discovered in March. Microsoft released a patch for this vulnerability this week with CVE-2017-8630. In this post, we will briefly discuss the vulnerability and its exploitability. The Problem While auditing PowerPoint, we came across an ...
Read Blog
This blog was written by Yakun Zhang. A virtual machine is a completely isolated guest operating system installation within a normal host operating system. Virtual machine escape is the process of breaking out of a virtual machine and interacting with the host operating system, which can lead to infections and malware execution. VMware escapes demonstrated ...
Read Blog
Recently McAfee Labs discovered an interesting bug in Windows’ OLE implementation, which Microsoft patched this week. Now that the patch is available, we can discuss this vulnerability, which resides in the OleRegEnumVerbs() function of ole32.dll. During our research we found that a stack corruption vulnerability in ole32!OleRegEnumVerbs can be triggered if we embed any OLE1 ...
Read Blog