Cyberattacks have always been, well, cyber. Their immediate effects were on our data, our digital information, and our devices…until they weren’t. The interconnected nature of the world and the way it’s built in 2018 has brought us exciting and revolutionary innovations, but it has also been leveraged by hackers to extend the impact of a ...
Read Blog
Home / Archives for Steve Povolny
Steve Povolny
Steve Povolny serves as the Head of Advanced Threat Research within McAfee. Steve started his career working in network security at Target Corporation, where he developed his first passion for all things security, leading penetration testing and internal forensics. After several years, he transitioned to TippingPoint, now a division of Trend Micro, and spent several years as a security researcher, learning a combination of offensive and defensive security. Steve discovered his true passion was developing and leading world-class teams of highly capable and uniquely innovative security researchers - he brings that passion to McAfee along with his vision for ATR as one of the world's most trusted and capable security research organizations.On a personal note, Steve recently relocated to Portland, Oregon, where he lives with his wife and two young daughters. He loves to be outdoors, and enjoys camping, hiking, biking, fishing and hunting.
McAfee Opens State-of-the-Art Security Research Lab in Oregon
By
Steve Povolny
on
Aug 22, 2018
McAfee’s Advanced Threat Research team has operated from several locations around the world for many years. Today we are pleased to announce the grand opening of our dedicated research lab in the Hillsboro, Oregon, office near Portland. Although we have smaller labs in other locations, the new McAfee Advanced Threat Research Lab was created to ...
Read Blog
Microsoft Cortana Allows Browser Navigation Without Login: CVE-2018-8253
By
Cedric Cochin and Steve Povolny
on
Aug 14, 2018
A locked Windows 10 device with Cortana enabled on the lock screen allows an attacker with physical access to the device to do two kinds of unauthorized browsing. In the first case, the attacker can force Microsoft Edge to navigate to an attacker-controlled URL; in the second, the attacker can use a limited version of ...
Read Blog
Unintended Clipboard Paste Function in Windows 10 Leads to Information Leak in RS1
By
Steve Povolny
on
Jun 14, 2018
The McAfee Labs Advanced Threat Research team has been investigating the Windows 10 platform. We have submitted several vulnerabilities already and have disclosed our research to Microsoft. Please refer to our vulnerability disclosure policy for further details or the post from earlier this week on Windows 10 Cortana vulnerabilities. Early last year, a trivial “information leak” ...
Read Blog
Want to Break Into a Locked Windows 10 Device? Ask Cortana (CVE-2018-8140)
By
Cedric Cochin and Steve Povolny
on
Jun 12, 2018
June’s “Patch Tuesday” (June 12) is here, but it is likely many Windows 10 users have not yet applied these updates. If you have not, just be sure not to leave your laptop lying around! The patches in this cycle fix a code execution vulnerability using the default settings for Windows 10 and the “Cortana” ...
Read Blog
Syn/Ack Unique Proactive Protection Technique
By
Charles McFarland and Steve Povolny
on
May 11, 2018
McAfee’s Advanced Threat Research team has performed analysis on samples of Syn/Ack ransomware implementing Process Doppelgänging. For those who are concerned about the potential impact of this ransomware but are currently unable to implement McAfee product protections, we have found a simple but interesting alternative method. Prior to encryption and ransom, the malware first checks ...
Read Blog
Inside the Capabilities and Detection of UDPoS Malware
By
Steve Povolny
on
Feb 16, 2018
Imagine a job that changes every day of your life, where you get to do something new each week – that’s what it’s like working in the cybersecurity industry. For me, this is ideal—smarter adversaries, new challenges, and the constant struggle to predict and prepare for the future of security in information technology makes this feel ...
Read Blog
Trivial Software Flaws Continue to Plague Networked Devices
By
Steve Povolny
on
Jan 10, 2018
Western Digital My Cloud NAS Devices Contain Multiple Vulnerabilities It’s 2018, but it feels like 2008. I often reflect on how relatively simplistic the attack surface of nearly everything was just 10 years ago, and how much we’ve evolved since then. I remember writing exploits for trivial buffer overflows without having to deal with exception ...
Read Blog