McAfee Labs

McAfee Labs is one of the leading sources for threat research, threat intelligence, and cybersecurity thought leadership. See our blog for more information.
En este informe de predicciones han colaborado Eoin Carroll, Taylor Dunton, John Fokker, German Lancioni, Lee Munson, Yukihiro Okutomi, Thomas Roccia, Raj Samani, Sekhar Sarukkai, Dan Sommer y Carl Woodward. Ahora que 2018 se acerca a su fin, tal vez deberíamos estar agradecidos de que el año no haya estado completamente dominado por el ransomware, ...
Read Blog
Diese Bedrohungsprognosen wurden verfasst von Eoin Carroll, Taylor Dunton, John Fokker, German Lancioni, Lee Munson, Yukihiro Okutomi, Thomas Roccia, Raj Samani, Sekhar Sarukkai, Dan Sommer und Carl Woodward. Während sich das Jahr 2018 dem Ende zuneigt, sollten wir wahrscheinlich dafür dankbar sein, dass es nicht vollständig von Ransomware dominiert wurde – auch wenn die Varianten GandCrab und ...
Read Blog
Estas previsões foram escritas por Eoin Carroll, Taylor Dunton, John Fokker, German Lancioni, Lee Munson, Yukihiro Okutomi, Thomas Roccia, Raj Samani, Sekhar Sarukkai, Dan Sommer e Carl Woodward. Com o encerramento de 2018, devemos ser gratos pelo ano não ter sido inteiramente dominado pelo ransomware, embora a ascensão do GandCrab e de variantes do SamSam ...
Read Blog
These predictions were written by Eoin Carroll, Taylor Dunton, John Fokker, German Lancioni, Lee Munson, Yukihiro Okutomi, Thomas Roccia, Raj Samani, Sekhar Sarukkai, Dan Sommer, and Carl Woodward. As 2018 draws to a close, we should perhaps be grateful that the year has not been entirely dominated by ransomware, although the rise of the GandCrab ...
Read Blog
This blog was written by Brook Schoenfield. On November 10, a researcher reported the vulnerability AVGater, which affects some antimalware products. The vulnerability allows a user without administrative privileges to restore a quarantined file in a user’s defined location. After internal reviews and with confirmation from the author of the blog, McAfee believes no McAfee ...
Read Blog
This blog was co-written by Brook Schoenfield and Damian Quiroga. I am a wry observer of vulnerability announcements. CVE-2017-3735—which can allow a small buffer overread in an X.509 certificate—presents an excellent example of the limitations of the Common Vulnerability Scoring System (CVSS). This scoring system is the de facto security industry standard for calculating and ...
Read Blog
This blog was co-written by Brook Schoenfield and Ramnath Venugopalan. In many organizations the use of self-signed certificates is forbidden by policy. Organizations may ban the use of self-signed certificates for several reasons: It is trivially easy to generate a certificate’s key pair without reasonable entropy, to fail protect the private key of the key ...
Read Blog
This blog was written by Brook Schoenfield. On October 12, researcher Mathy Vanhoef announced a set of Wi-Fi attacks that he named KRACKs, for key reinstallation attacks. These attack scenarios are against the WPA2 authentication and encryption key establishment portions of the most recent set of protocols. The technique is through key reinstallation. The attack ...
Read Blog