Posts Tagged 'internet security'
From McAfee’s first Cyber Defense Center (CDC) in Dubai, we closely monitor threats and activities in Europe and the Middle East. Since the Center’s official launch in September 2013, we have seen quite a few interesting trends, especially in the Persian Gulf region. Many of the activities spotted are related to hacktivism, cybercrime, or regional […]
While analyzing a recent Internet Explorer zero-day vulnerability, CVE-2014-0322 (containing the Flash sample hash b9c9dab0fd30418884800afebbaba4d99f4526ef0c9a47972a20ab20fed0a06d), we noticed the exploit makes an unorthodox call to ZwProtectVirtualMemory to bypass data execution prevention. What is different about this call? The argument(s) of ZwProtectVirtualMemory are placed in an unusual manner. Typically arguments that are pointer variables belonging to the […]
Where there’s a will, there’s a way. That’s the credo of pretty much any market out there, regardless of its legality. The FBI shut down one notoriously shady market, The Silk Road—an online outlet where users could purchase drugs, firearms, stolen credit cards, and more—in October 2013. Less than one month later, the site re-launched […]
A new member of my organization, Kent Landfield, led the McAfee delegation working on the NIST Cybersecurity Framework. Here is Kent’s response to the process and the product: This week the National Institute of Standards and Technology (NIST) presented the White House with its Cybersecurity Framework, intended to reduce the cyber risk to the nation’s […]
On February 4, Adobe released an out-of-band security update addressing a critical remote code execution vulnerability that is currently being exploited in the wild, according to the vendor’s blog post. Our research team quickly responded to this threat, and we have already provided various protections through our products. (For details, check here.) We have learned […]