The Intel Security Advanced Threat Research Team has discovered a critical signature forgery vulnerability in the Mozilla Network Security Services (NSS) crypto library that could allow malicious parties to set up fraudulent sites masquerading as legitimate businesses and other organizations. The Mozilla NSS library, commonly utilized in the Firefox web browser, can also be found […]

Read our new blog series and uncover your chance to win big!  It’s a contest, and you can play:  We’ll be publishing a series of four blog posts over the next few weeks.  Each post will contain a hidden clue to help you solve the puzzle below.  Track all four clue words over the blog […]

As the largest dedicated security vendor, McAfee’s goal is to help customers and consumers feel secure in the digital world. It’s certainly not simple, and it’s challenging to keep up with the bad guys. One way to do that is to match our adversaries’ aggressive drive to innovate with our own deeper commitment to collaborate […]

It wasn’t too long ago that we discussed the Internet-crippling bug named Heartbleed—a widespread vulnerability that was easily replicated and difficult to fix. It was considered the worst vulnerability to hit the Internet, and it has quickly become the standard by which all other vulnerabilities are judged. On Wednesday, Heartbleed was eclipsed. A new vulnerability, […]

By Brad Antoniewicz and Raj Samani Headlines across multiple media outlets are sounding the alarm on a new vulnerability affecting Linux and Unix systems. Nicknamed “Shellshock,” the vulnerability is said by some to have wider reach and impact than the recent Heartbleed vulnerability in April that, by some estimates, affected over million Internet-accessible systems.  For […]

European security researcher Stéphane Chazelashas discovered a critical vulnerability in the command-line shell known as Bash, or GNU Bourne-again Shell, the most widely deployed shell for Unix-based systems. The bug allows arbitrary, injected code to be executed as part of the assignment of environment variables. While Bash is deployed in many systems, including Linux, Debian, […]