Messages récents

Pages: [1] 2 3 4 5 6 7 8 ... 10
1
News / [MCAFEE]CVE-2020-16898: “Bad Neighbor”
« Dernier message par igor51 le Aujourd'hui à 00:00:22 »
CVE-2020-16898: “Bad Neighbor”


CVE-2020-16898: “Bad Neighbor” CVSS Score: 8.8 Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Overview Today, Microsoft announced a critical vulnerability in the Windows IPv6 stack, which allows an attacker to send maliciously crafted packets to potentially execute arbitrary code on a remote system. The proof-of-concept shared with MAPP (Microsoft Active Protection Program) members is both extremely simple and perfectly reliable. It results […]


The post CVE-2020-16898: “Bad Neighbor” appeared first on McAfee Blogs.


Source: CVE-2020-16898: “Bad Neighbor”
2
Our Experiences Participating in Microsoft’s Azure Sphere Bounty Program


From June to August, part of the McAfee Advanced Threat Research (ATR) team participated in Microsoft’s Azure Sphere Research Challenge.  Our research resulted in reporting multiple vulnerabilities classified by Microsoft as “important” or “critical” in the platform that, to date, have qualified for over $160,000 USD in bounty awards scheduled to be contributed to the ACLU ($100,000), St. Jude’s Children’s Research Hospital ($50,000) and PDX Hackerspace (approximately $20,000). With these contributions, we hope to support and give […]


The post Our Experiences Participating in Microsoft’s Azure Sphere Bounty Program appeared first on McAfee Blogs.


Source: Our Experiences Participating in Microsoft’s Azure Sphere Bounty Program
3
News / [MCAFEE]Securing Space 4.0 – One Small Step or a Giant Leap? Part 1
« Dernier message par igor51 le Hier à 22:00:15 »
Securing Space 4.0 – One Small Step or a Giant Leap? Part 1


McAfee Advanced Threat Research (ATR) is collaborating with Cork Institute of Technology (CIT) and its Blackrock Castle Observatory (BCO) and the National Space Center (NSC) in Cork, Ireland The essence of Space 4.0 is the introduction of smaller, cheaper, faster-to-the-market satellites in low-earth-orbit into the value chain and the exploitation of the data they provide. […]


The post Securing Space 4.0 – One Small Step or a Giant Leap? Part 1 appeared first on McAfee Blogs.


Source: Securing Space 4.0 – One Small Step or a Giant Leap? Part 1
4
News / [MCAFEE]Securing Space 4.0 – One Small Step or a Giant Leap? Part 2
« Dernier message par igor51 le Hier à 21:00:17 »
Securing Space 4.0 – One Small Step or a Giant Leap? Part 2


McAfee Advanced Threat Research (ATR) is collaborating with Cork Institute of Technology (CIT) and its Blackrock Castle Observatory (BCO) and the National Space Center in Cork, Ireland In the first of this two-part blog series we introduced Space 4.0, its data value and how it looks set to become the next battleground in the defense […]


The post Securing Space 4.0 – One Small Step or a Giant Leap? Part 2 appeared first on McAfee Blogs.


Source: Securing Space 4.0 – One Small Step or a Giant Leap? Part 2
5
Vulnerability Discovery in Open Source Libraries: Analyzing CVE-2020-11863


Open Source projects are the building blocks of any software development process. As we indicated in our previous blog, as more and more products use open source code, the increase in the overall attack surface is inevitable, especially when open source code is not audited before use. Hence it is recommended to thoroughly test it […]


The post Vulnerability Discovery in Open Source Libraries: Analyzing CVE-2020-11863 appeared first on McAfee Blogs.


Source: Vulnerability Discovery in Open Source Libraries: Analyzing CVE-2020-11863
6
News / [MCAFEE]On Drovorub: Linux Kernel Security Best Practices
« Dernier message par igor51 le Hier à 19:00:15 »
On Drovorub: Linux Kernel Security Best Practices


Intro In a U.S. government cyber security advisory released today, the National Security Agency and Federal Bureau of Investigation warn of a previously undisclosed piece of Linux rootkit malware called Drovorub and attribute the threat to malicious actor APT28. The report is incredibly detailed and proposes several complementary detection techniques to effectively identify Drovorub malware […]


The post On Drovorub: Linux Kernel Security Best Practices appeared first on McAfee Blogs.


Source: On Drovorub: Linux Kernel Security Best Practices
7
Vulnerability Discovery in Open Source Libraries Part 1: Tools of the Trade


Executive Summary Open source has become the foundation for modern software development. Vendors use open source software to stay competitive and improve the speed, quality, and cost of the development process. At the same time, it is critical to maintain and audit open source libraries used in products as they can expose a significant volume […]


The post Vulnerability Discovery in Open Source Libraries Part 1: Tools of the Trade appeared first on McAfee Blogs.


Source: Vulnerability Discovery in Open Source Libraries Part 1: Tools of the Trade
8
News / [MCAFEE]Robot Character Analysis Reveals Trust Issues
« Dernier message par igor51 le Hier à 17:00:15 »
Robot Character Analysis Reveals Trust Issues


Retired Marine fighter pilot and Top Gun instructor Dave Berke said “Every single thing you do in your life, every decision you make, is an OODA Loop.” OODA Loop? Observe–Orient–Decide–Act, the “OODA Loop” was originally developed by United States Air Force Colonel John Boyd and outlines that fundamentally all actions are first based on observations.  […]


The post Robot Character Analysis Reveals Trust Issues appeared first on McAfee Blogs.


Source: Robot Character Analysis Reveals Trust Issues
9
News / [Sophos]Ransomware: What REALLY happens if you pay the crooks?
« Dernier message par igor51 le Hier à 17:00:07 »
Ransomware: What REALLY happens if you pay the crooks?

Free talk! Join us online for as much fun as you can ethically have while talking about ransomware. (And learn some useful stuff too!)
Source: Ransomware: What REALLY happens if you pay the crooks?
10
News / [MCAFEE]Call an Exorcist! My Robot’s Possessed!
« Dernier message par igor51 le Hier à 16:00:15 »
Call an Exorcist! My Robot’s Possessed!


Overview As part of our continued goal of helping developers provide safer products for businesses and consumers, we here at McAfee Advanced Threat Research (ATR) recently investigated temi, a teleconference robot produced by Robotemi Global Ltd. Our research led us to discover four separate vulnerabilities in the temi robot, which this paper will describe in […]


The post Call an Exorcist! My Robot’s Possessed! appeared first on McAfee Blogs.


Source: Call an Exorcist! My Robot’s Possessed!
Pages: [1] 2 3 4 5 6 7 8 ... 10