About Me



Read More

Corporate Blogs

Feeds & Podcasts

Meet the Bloggers



#McAfeeFOCUS, #MFETrivia, #SecChat, #SecurityLegos, $1 million guarantee, .pre, 3DS, 3G, 12 Scams of Christmas, 99 things, 419 scam, 2011 Threats Predictions, 2012, 2012 Gartner Magic Quadrant, 2012 London Olympics, 2012 Security Predictions, 2012 Virtual Sales Kickoff, Abbreviation, access to live fraud resolution agents, Accountability, Account hacked, Account Takeover Scams, Accredited Channel Engineer, ACE, ACE certification partner, Acquisition, addiction, Adobe, Adobe Flash, adult online content, advance-fee fraud, Advanced Persistent Threat, advanced persistent threats, adware, AET, affiliate marketing schemes, Alex Merton-McCann, Alex Thurber, Amitabh Bachchan dies, AMTSO, analysis, Android, Android/FakeToken, Android/FakeUpdates, Android/NickiSpy, android antivirus, Android Bot analysis, Android Dropper, Android Exploit, Android Malware, Android Malware Analysis, Android Market, Android Mobile Malware, Android Rooting Exploit, Android security, android security app, Android SMS broadcast, animation, Annual Partner Survey, Anonymous, Anonymous Group, anti-malware, anti-phishing, anti-spam, anti-spyware, anti-theft, anti-virus, anti-virus program pops up, Antievasion, antivirus, Antivirus software, APIs, App Alert, AppContainer, Apple, application blacklisting, application developers, applications, application security, AppLocker, app protection, apps, app safety, app security, APT, APTs, Arun Sabapathy, ASIC, ASLR, ATM scams, ATM skimming, attack, attacks, Australia, authentication, AutoIt, automated transaction server, automobile, automotive, AutoRun malware, AV-TEST.org, award, awards, Backdoor, Back To School, backup data, Backup Security, Bad Apps, balanced scorecard, bank accounts, bank fraud, banking, banking applications, banking fraud, basic security protection, basic security software rates, behavior-based detection, Belarus, Bernie Madoff, best practices, beyond the PC, Big Data, big security data, bill collectors call for nonpayment, Bill Rancic, Bin Laden Scams, Biological Computer, Bios, Bioskit, Bitcoin, BlackBerry, Black Hat, Blackhat, black hat hackers, blue screen, Bluetooth, book, bootkit, bot, botnet, botnets, bots, Brazil, breach, Brent Sanders, bueno, buffer overflow, businesses, Business IT, C&C Server, C-SAVE program, CA, Cameron Diaz, canada online scams, CanSecWest, car hacking, case study, Cayman Islands, celebrities, celebrity, certificate authority, certification, chain mails, Change Control, channel partner, Channel Partners, Channel Partner Town Hall, Channel Program, Channels Town Hall, Charity Phishing Scams, chat, chat rooms, Checklist to keep teenagers safe online, child identity theft, children online safety, children safety online, child safety, Chile, China, chris barton, christmas, Christmas scams, christmas shopping, Christmas shopping concerns, Christmas shopping crimes, chromebook, CIO Insomnia Project, CISO Executive Summit, Citrix, Civil War, class action lawsuit, clickjacking, cloud, cloud apps, Cloud city, Cloud computing, Cloud Expo, cloud security, Cofer Black, collaboration, college students, Colombia, Commercial/SMB, Commercial and Enterprise Deal Registration, Compliance, computer, computer issues, computers, computer security, computer security protection, computer setup, computer support, conference, Conficker, consolidation, Consumer, consumer internet users, consumerization, consumerization of IT, consumer PCs, consumers, consumer threat alert, consumer threats, Consumer Threats Alert, Content Protection, Continuing Education, cookies, Corporate Responsibility, cost of losing your smartphone, counter identity theft, creating safe passwords, creating strong passwords, credit card fraud, credit card fraud and protection, credit card skimming, credit card thefts, credit fraud alerts, credit monitoring, credit monitoring and resolution, credit scores, crimeware, critical infrastructure, cross-site scripting, CSP, currency, customer service, CVE-2012-0158, CVE 2012-1535, CVE 2012-1889, Cyber, cyber addiction, cyber attack, cyberattacks, cyber attacks, cyber bullying, cyberbullying, Cybercrime, cybercrime, cybercriminal, cyber criminals, cybercriminals, cybercrooks, Cyber Defense Symposium 2012, cyberespionage, cyber ethics, cyber fraud, Cyber Insurance, Cyber Intelligence Sharing and Protection Act of 2011, cybermom, Cyber Monday shopping, cyber mum, cybermum, Cybermum India, Cyber risks, cybersafe, cybersafety, cyber safety for women, Cyber safety tips, Cyber savvy mom, cyber scams, cyberscams and identity theft, cyber security, cybersecurity, cyber security awareness, cybersecurity concerns, Cyber Security Mom, cybersecurity mom, cybersquatter, cybersquatting, cyberterrorists, cyber threat, cyberthreats, cyberwar, cyberwarfare, cyber warfare, DAM, dangerous searches, Darkshell, DAT 6807/6808, data, Database, database activity monitoring, database security, data breach, data breaches, data center, Datacenter, data center security, Data Classification, data loss, Data Loss Prevention, Data Protection, Data Protection Act, dating scams, Dave DeWalt, Dave Marcus, David Small, DDoS, Deal Registration, decade of cybercrime, deceptive online promotions, dedicated security appliances, Deep Command, DeepDefender, Deep Defender, Deepika Padukone, DeepSAFE, DefCon, DefCon Kids, denial of service, denied credit, Department of Commerce, device, Device Control, devices, dewalt, DEX, digital assets, digital assets worth, Digital Certificates, digital devices, digital gadgets, digital music and movie report, digital reputation, distributed denial of service, DLP, Dmitri Alperovitch, DNS, DNS changer, DNSChanger, Dorifel, DoS, DougaLeaker, download, downloader, downloaders, drawing cyber lines, drive-by downloads, drivers license, drivers license identity theft, dumpster diving, Duqu, e-card scams, e-gold, e-mail id, earnings, easter, Easter scam, eBay, ecards, ecard spam, eCommerce, Ecuador, education, Eelectric Vehicle, EFF, ELAM, election, Electronic Medical Records, email, Email & Web Security, Email & Web Security, email accounts, Email Protection, email scam, email scams, email security, email spoofing, embedded, embedded devices, Embedded Security, EMEA, Emerging Markets, Emerging Market Security, EMM, emma watson pictures, employment fraud, Employment Identity Theft Scams, encryption, Endpoint Protection, Endpoint Security, Endpoint security suite upgrade, energy, Enhanced Deal Registration, enterprise, enterprise mobility, enterprise resource planning, enterprise scurity, enterprise security, epayment, epo, ePO Deep Command, ePO DeepCommand, ePolicy Orchestrator, Epsilon, epsilon security breach, ERP, ESM, espionage, etiquette, EV, Exif, exploit, Exploit for Android, exploiting real brand names, exploits, facebook, Facebook photos, Facebook Security, Facebook spam, Facial recongnition, fake-av, fake alert, fake ant, fake anti-virus software, Fake AntiVirus, fake anti virus, Fake Anti Virus Scams, fake emails, Fake Identity, fake security software, fake software, fake system tool programs, fake updates, fake websites, false, false news, families online, family, family identity safety, family online safety, family online safety tips, family protection, Family Safety, Farmville, FBI, FBI warning, FDCC, fictitious identity theft, FIFA, file sharing, Finance, financial scams, Financial Security, Firesheep, firewall, FISMA, Fixed Function Devices, Flame, Flamer, Flash, flashback, Focus, Focus11, FOCUS 2011, forrester, forwards, Foundstone, France, France Law, fraud, fraud resolution, fraud resolution agent assistance, fraudulent credit card or bank charges, free, Free gift card scam, Free giveaway scam, freely downloadable morphing tool, free money scam, free money scams, free WiFi spots, french, French Law, Friday Security Highlights, FTC, fuzz, fuzzing, Galaxy SIII, games, gaming, gaming consoles, Garter, Gartner, Gartner Security and Risk Management Summit, Gauss, Gavin Struthers, Gaza, George Kurtz, geotag, geotagging, GFIRST, gift cards and iPad promotions online, gift online shopping, gift scams, Global Cybersecurity, Global Payments, Global Risk 2012 report, Global SecurityAlliance Partner Summit, global threat intelligence, Global unprotected rates, gmail, gold software support, good parenting, google, google code, Google Play, government, governments, GPS, gratis, GSM, GTI, hack, hacker, Hackers, hackers steal credit card numbers and sensitive personal data, hacking, Hacking Exposed, Hacktivism, Hacktivity, harassment, HB1140, Healthcare, Healthcare Security, heidi klum, Here you have worm, Heuristics, Hi5, highroller, HIMSS12, HIPAA, hips, Hispanic, hoax, hoax - slayer, holiday gifts, holiday malware, Holidays, holiday scams, holiday screensavers, holiday shopping, holiday shopping fraud, holiday websites, home network issues, homework, host intrusion prevention, Host IPS, household devices, how to check computer, how to keep teens safe online, how to protect, how to protect devices, how to search online, how to secure wireless connection, how to set up wi fi, how to talk to kids, how to talk to teens, HV, Hybrid Vehicle, ICS, IDC, identify potential cyber-threats, identify spam, identity as a service, identity exposure, identity fraud, identity fraud scams, Identity Management, identity protection, identity protection $1 million guarantee, identity protection alerts, identity protection fraud, identity protection surveillance, identity surveillance, identity theft, identity theft. app privacy, identity theft celebrities, identity theft expert, identity theft fraud, identity theft McAfee, identity theft protection, identity theft protection identity protection fraud, identity theft protection product, identity theft resolution, identity theft ring, identity theft risk, identity theft scams, identity theft tax scams, Identity thieves and cybercriminals, identity threat protection, IDF 2011, IDF 2012, ID theft, IE 10, iframe, IIM Bengaluru suicide case, illegal immigrants, impersonation, in.cgi, Incident Response, Incumbency Advantage Program, India, India cybermum, Indian kids, Indonesia, industrial control systems, infected mobile apps, information collected by advertisers or social media marketing, information growth, Information leak, Information Protection, Information Security, Information Warfare, Infrastructure, Initiative to Fight Cybercrime, innovation, insiders, Insider Threats, integration, Integrity, Integrity Control, intel, Intel Cloud SSO, intellectual property, Internet access, Internet Access cut off, internet addiction, internet connected devices, Internet Explorer, Internet Explorer 10, Internet filtering, internet identity trading surveillance, Internet monitoring, Internet Phishing Scams, internet privacy, Internet Safety, Internet Safety News, internet safety software, internet safety tips, internet security, internet security tips, Internet settings, internet time limits, Interop, in the cloud, IntruShield, intrusion prevention, In vehicle Infotainment, investment scams, iOS, IP, iPad, iPad scams, iphone, IPS, IPv6, IRCBOT for android, IRCE 2012, IRS, IRS scams, I Series, ISP, IT, IT as a Service, itouch, IT Security, IT Security market, Japan, japan earthquake malware, japan earthquake safe donation, japan earthquake scams, japan tsunami scams, java, JavaScript, job applications, Joe Sexton, John Bernard Campbell, JPEG, JPEG Commands, jpg, julian Assange, July 9, kama sutra koobface, Katrina Kaif, keep family PC safe, Kernel 0day vulnerability, kernel mode, keycatchers, keyloggers, kids, kids on iPhone, kids online, kids online behavior, Kids online behaviour, kids online safety, kids safety, king county, KnowledgeBase, koobface, Kraken, kurtz, labs, laptops, Larry Ponemon, LART, Late Payment Scam, law, law enforcement, LCEN, leaked passwords, leaked personal information, legal, legal identifier, legal risk, Legos, LilyJade, linkedin, Linux, Linux/Exploit:Looter Analysis, Linux and Windows, live-tweeting, live access to fraud resolution agents, lizamoon, Lloyds, Location services, locked-, Lockheed Martin, logging out of accounts, login details, LOIC, London, Looter Analysis, Lori Drew, loss of gadgets, lost, lost or stolen driver’s license credit cards debit card store cards, lost or stolen Social Security card or Social Security number, lost or stolen wallet, lost wallet protection, lottery, luckysploit, LulzSec, M&A, mac, mac/OSX, Mac antivirus, mac malware, Mac malware and threats, Mac OSX, Mac OS X, Mac security, mac threat, Magic Quadrant, mailbox raiding, Mail fraud, mail order bride spam, make passwords secure\, Malicious Android Application, malicious apps, malicious files, malicious program, Malicious QR Code, malicious sites, malicious software, malware, Malware Experience, malware forums, Malware research, malware threats, malweb, managed security services, Managed Services, Management, managing personal affairs online, Mandatory Security Hotfix, map, mapping the mal web, maps, Marc Olesen, Mariposa, mass mailing worm, mass sql injection, master boot record, mastercard, Maturity Model, MBR, mcaf.ee, McAfee, Mcafee's Who Broke the Internet, McAfee-Synovate study, McAfee Advice Center, mcafee all access, McAfee AntiSpyware, McAfee Antivirus Plus, McAfee Application Control, McAfee Channel, McAfee Channel Partner, McAfee Cloud Security Platform, McAfee Consumer Threat Alert, McAfee Data Loss Prevention, Mcafee DLP, McAfee Email Gateway 7.0, McAfee EMM, McAfee Employees, McAfee Enterprise Mobility Management, McAfee ePO, McAfee ePolicy Orchestrator, McAfee Facebook page, McAfee Family Protection, McAfee Family Protection for Android, McAfee Firewall Enterprise, McAfee FOCUS, McAfee FOCUS 2011, McAfee free tool, McAfee Global Unprotected Rates Study, McAfee Identity Protection, mcafee identity theft protection, McAfee Initiative to Fight Cybercrime, McAfee Internet Security, McAfee Internet Security for Mac, mcafee internet security for mac; mcafee family protection for mac, McAfee Labs, McAfee Labs Q3 Threat Report, McAfee Labs Report, McAfee managed Service Provider Program, mcafee mobile, McAfee MobileSecurity, McAfee Mobile Security, McAfee MOVE, McAfee MOVE AV, McAfee Network Security Platform, McAfee Network Threat Response, McAfee NSP, McAfee Partner, McAfee Partner Learning Center, McAfee Partner of the Year Award, McAfee Partner Program, McAfee Partner Summit, McAfee Policy Auditor, McAfee Q4 2011 Threat report, McAfee Rebates, McAfee research, McAfee Rewards, McAfee Risk Advisor, McAfee Safe Eyes, McAfee Safe Eyes Mobile, McAfee Scan and Repair, McAfeeSECURE, McAfee SECURE, mcafee secure shopping, McAfee Security, McAfee Security Journal, McAfee Security Management, McAfee security products, McAfee security software, McAfee security software offer, McAfee Security Webinars, McAfee Site advisor, McAfee SiteAdvisor, McAfee Social Protection, McAfee Software, mcafee spamcapella, McAfee TechMaster services, McAfee Threat Predictions, mcafee threat report, McAfee Total Access for Endpoint, McAfee Total Access for Servers, mcafee total protection, McAfee Vulnerability Manager, McAfee Vulnerability Manager for Databases, mcafee wavesecure, McAfee® Internet Security Suite, McCain, medical device security, medical identify theft, Medical identity theft, medical records, Metro, Mexico, michael jackson, Microsoft, Microsoft Security Bulletin, Microsoft XML Core Services, Mid-Market, Middle East, Mike Decesare, Mike Fey, MMORPG, Mobile, mobile antivirus, mobile app, mobile applications, mobile apps, mobile banking, mobile carriers, Mobile Commerce, mobile data communications, Mobile Data Protection, mobile data protocols, mobile device, mobile devices, mobile devices and security threats, mobile device security, mobile devices issues, mobile identity security, mobile malware, mobile phones, mobile phone spyware, mobile protection, mobile safety tips, mobile scam, mobile security, mobile security app, mobile security software, mobile smartphone security, mobile spam, mobiles security, mobile threats, mobile wireless internet security concerns, Moira, Moira Cronin, mom, money laundering, monitor a child’s identity, monitor credit and personal information, monitoring, Monkif, Morphing, most dangerous celebrities, Mother's day, mothering, mothering advice, mothering boys, mothering Internet safety, Mother’s day spam, movies, MS12-020, M Series, msn spaces, msvcr71.dll, multiple devices, multiple social security numbers, multitenancy, mum, Mummy blogger, myAut2Exe, Mybios, myspace, MySQL, mystery shoppers, NACACS, national cybersecurity awareness month, National Cyber Security Awareness Week, national identification card, NATO, NCSA, ndr, near field communication, negative online experiences, Netbook, netiquette, Network Behavior Analysis, Network Evasions, Network IPS, Network Perimeter Security, Network Security, Network Security; Email & Web Security; Security-as-a-Service, Network Security Manager, network security server security, New teen survey, new year resolution, New York Times, next-gen IPS, Next Generation, next generation data center, Next Generation IPS, NFC, NGIPS, NickiSpy, Nigerian 419 Scam, nigerian scam, Night Dragon, NIST, Nitol, NitroSecurity, Nitro Security, NitroView, Niwa, north america, North Korea, NotCompatible, NSS Labs, NTBA, Oak Ridge National Laboratory, obama, Occupy Wall Street, OCTO, OHR, OLE, olympics, Olympic scams, OMB, online, Online Backup, online banking, online banking safely, online book shopping, online bookstore, online child safety, online coupon scams, online credit fraud, online danger, online dangers, online dating, online e-tailers, online ethics, online fraud, online game, online games, online game spam, online gaming, online gangs, online harassment, online marketing sites, online personal data protection, online predators, online safety, online safety for kids, online safety of kids, online safety tips, online scams, online search, online security, online security education, online shopping, online shopping risks, online shopping scams, online shopping threats, online spam, online surfing, online survey scam, online threat, online threats, onlinethreats, online video, Open Source, operational risk, Operation Aurora, Operation High Roller, Operation Shady RAT, Optimized, optimize PC, Orange, organized crime, organized criminals, OS/X, oscars, outages, outlook, OWASP, P2P, PARC, parental advice, Parental control, parental controls, parents, Partner Acceleration Resource Center, Partner Care, Partner Learning Connection, partners, Partner Summit, passport, password, password complexity check, passwords, password security, password stealer, Pastebin, patch, Patch Tuesday, Patmos, Paul Otellini, pay-per-install malware, paycash, Payload, payment, paypal, PC, PC Addiction, PCI, PCI Compliance, PCI DSS, pc protection, PCs, pc security, PC setup, PDF, pedro bueno, peer to peer, Peer to Peer file sharing, Pemberton, perception, personal identity fraud, personal identity theft, personal identity theft fraud, personal information, personal information loss, personal information over mobile phones, personal information protection, Personal information security, personal privacy, personal protection, Peru, peter king, Phantom websites, phishing, phishing kits, phishing scams, phishing shareware, photo privacy, photo protection, Photo sharing, pickpockets, pic sharing, piers morgan, PII, Pin scams, pinterest scam, piracy, Playstation, Podcast, policies, Ponemon Institute, Ponzi scam, pop ups, pornography, Postcode Lottery, posting inappropriate content, posting videos online, PostScript, potential employers, Potentially unwanted program, power grid, power loss, Pre-detection, Pre-Installed Malware, predictions, Premium SMS Trojan, president obama, Printers, privacy, Privacy Awareness Week, privacy setting, privacy settings, Privacy settings on Google +, proactive identity protection, proactive identity surveillance, proactive security, Products, Profitability Stack, promotion, Protect all devices, protect devices, protect digital assets, protecting kids online, protecting photos, protecting teens, protection, protect teens, provide live access to fraud resolution agents, Public-Private partnerships, public policy, Public Sector, puget sound, Pune Police, pup, PWN2OWN, pws, Q1 Threats Report, qr code, QR codes, quarterly threat report, Quervar, Ramnit, Ransomware, raonsomware, RAT, RC4 algorithm, rdp, realtec, Rebecca Black, Records phone conversations, recover files, reference architecture, regulation, regulations, reinfect mbr, Renee James, replacing your smartphone, reporting, reputational risk, Rep Weiner, research, resolutions, responsible mail, Responsible netizens, restore credit and personal identity, retail, RFID, ring tones, risk, Risk Advisor, risk and, Risk and Compliance, Risk Management, risk of personal information loss, risks of online shopping, risky, risky celebrity to search, Riverbed, Robert Siciliano, roberts siciliano, rogue anti-virus software, rogue antivirus, rogue applications, Rogue Certificates, rogue security software, ROI, romance scams, Rookits, Rooting Exploit, rootkit, RootkitRemover, Rootkits, ROP, RPM Italian, RSA, RSA 2010, RSA 2012, RTF, rules/guidelines for kids' cyber safety, Russia, s, SaaS, SaaS Monthly Specialization, SaaS security solutions, safe, safe email tips, Safe Eyes, safe online shopping, safe password tips, Safe search, safe searching, Safe surf, safe surfing, safe transactions, SAIC, sales conversions, Salesforce.com, Samsung, Saudi Arabia, Saviynt Access Manager, SCADA, scam, scammers, scams, SCAP, scareware, scarface, SchmooCon, schools, screensavers, sear, search, Search engine optimization, Search engine poisoning, SEC Guidance, Secret Life of Teens, Secret Life of Teens research, SecTor, Secure Boot, secure cloud computing, Secure Computing, secure container, secure data, secure devices, secure new devices, secure smartphone, secure wi fi, security, Security-as-a-Service, Security 101, Security and Defense Agenda, security attacks, security awareness, security breach, security breaches, security conferences, Security Connected, Security Connected Reference Architecture, Security Influence, security information and event management, security landscape, security management, security metrics, security optimization, security policy, security research, Security Seals, security software, security threats, self-defence, selling like, sensitive data, sensitive documents, sensitive information, Sentrigo acquisition, seo abuse, server, settings, sexting, Shady RAT, SharePoint, sharing photos, Shop.org, shopping scams, shortened URLs, short url, SIA Partners, SIEM, signature-based detection, simple safety tips, SiteAdvisor, site advisor, siteadvisor research, Situational Awareness, SkyWiper, Skywyper, SlowLoris, Small Business, Smart Grid, smartphone, smartphones, smartphone safety, smartphone security, smart phone threats, SmartScreen, SMB, SMB Advisor Tool, SMB Deal Registration, SMB Extravaganza, SMBs, SMB Specialization, smishing, sms, SMS Lingo, sniffing tools, social business, social engineering, social media, social media online scams, social media passwords, social media threats, social network, social networking, social networking best practices, social networking scams, social networking sites, social networking sites security, social networks, social responsibility, Social Security, Social Security Card, social security number, Social Security number fraud, social security number theft, Social Security number thefts, software, Software-as-a-Service, software installation, solid state drive, Sony, South Africa, South Korea, spam, spam mail, Spams, spear, Spearphishing, Spellstar, sport, SpyEye, Spyware, sql attacks, SQL Injection, SSN fraud, st. patricks day, State of Security, stay protected online, stay safe from phishing, Stealth, stealth attack, stealth crimeware, stealth detection, Steve Jobs, Stinger, stolen cards, stolen email addresses, stolen mail, stolen medical card, stolen passwords, stolen Social Security number thefts, Stop.Think.Connect, storage, student loan applications, Stuxnet, subscription, substation, Suites, summer activities, summer games, Summer holidays, Summer Olympics, summer vacation, Support, Support Notification Service, support services, surfing, survive reboot, suspicious messages, swine flu, Symbian, T-Mobile, Tablet, tablets, tablet security, TAGITM, Tags: Cybermum, targeted attack, targeted attacks, taxes, tax filing tips, taxpayer warning, Tax Preparer Scams, tax returns, tax scams, tax season reminder, TCO, teacher abuse over the internet, Teaming Plan, Tech Data, tech gifts, technical support, technology development, technology trends, Tech Savvy Teenagers, tech services, tech support, teen behavior, teen hate video, teens, teens and porn, teens online, teens online dating, teens online safety, teens posting video, Telecommunications, Testing, text message, text messaging, Thailand, The Profitability Stack, The Stack, The VARGuy, threat, threat reduction, threat report, Threats, threats on women's day, thurber, Tiered Pricing, Tips, tips and tricks, Tips for a secured password, Tips for Consumers, tips to mobile security, tips to stay safe online, TJX, Todd Gebhart, toolkit scam, tools, Total Access for Business, Total Access for Business Promotion, Total Protrection 2012, TPM, traffic manager, transfer data, travel related online scams, travel risk, travel security, trending topics, trojan, trojan banker, trojans, troubleshoot PC, Trust and Safety, Trusted Computing Module, trustedsource, trusted websites and web merchants, trustmark, Trustmark Security, TSA, TSB and STP, tweens, tweet, Tweets, twitter, Twitter celebrities, Twitter online security, Twitter Spam, twitter spam; phishing; twitter scam, type in website address incorrectly, types of phishing, typing in incorrect URLs, typos, typosquatting, U.S. Cyber Challenge Camps, UAE, ukash, Ultrabook, unauthorized credit card transactions, Underground Economies, uninitialized local variable, unique password, United Arab Emirates, unlimited technical support, unprotected PCs, unprotected rate research, unsecured computers, unsecured internet risk, unsecured unprotected wireless, unsecured unprotected wireless security risks, unsecured wireless, Unsecure websites, unsubscribe, update computer, UPS scam, UPS scams, UPX, urchin.js, URL hijacking, URL shortening services, USB drives, use after free, use of cookies advertising personal security, use of Social Security number (SSN) as national ID, user mode, US ESTA Fee Scam, US passport, US Visa Waiver Program scam, valentine scams, valentines day scams; romance scams; email spam, valentines day scams; romance scams; valentine threats, Vanity Fair, vbs, Vericept DLP, verify website's legitimacy, Verizon DBIR, ViaForensics, video game, vinoo thomas, violent video games, Virtualization, VIrtual Machines, Virtual Sales Kickoff 2012, virus, Viruses, Virus protection, virusscan, VirusScan Enterprise with ePO 8.8, VirusTotal, visa, vista, VMworld 2011, Vontu DLP, vPro, vulnerability, vulnerability management, Vulnerability Manager, vulnerability manager for databases, W32/XDocCrypt.a, waledac, WAN, water facility, water pumps hacked, water treatment facilities hacked, wave secure, web, Web 2.0, Webinar, web mobs, web protection, web searches, web security, Websense DSS, Web services, web sites, web threats, welfare fraud, wells fargo, what to do when your wallet is lost missing or stolen, white hat hackers, Whitelisting, Wi-Fi WEP WAP protection breach, wifi, Wii, wikileaks, Win 8, windows, Windows 7, Windows 8, Windows 8 Metro, Windows Credential, Windows Defender, windows malware, Windows Mobile, Windows Runtime, Windows Store, Wind River, WinRT, winsh, work with victim restore identity, World Cup, world of warcraft, worm, Worms, wrong transaction scam emails, www.counteridentitytheft.com, Xbox, XDocCrypt, Xerox, xirtem, xmas, xss, Yahoo!, Yahoo password hacked, youth, youtube, you tube videos, Zbot, Zero-Day, ZeroAccess, zeus, zombie, zombie computers, zombies, • Facebook etiquette, • Most dangerous celebrity, • Parental control

Operation “Aurora” Hit Google, Others by George Kurtz

Thursday, January 14, 2010 at 3:34pm by Archive

McAfee Labs has been working around the clock, diving deep into the attack we are now calling Aurora that hit multiple companies and was publicly disclosed by Google on Tuesday.  

We are working with multiple organizations that were impacted by this attack as well as the government and law enforcement. As part of our investigation, we analyzed several pieces of malicious code that we have confirmed were used in attempts to penetrate several of the targeted organizations.

New Internet Explorer Zero Day
In our investigation we discovered that one of the malware samples involved in this broad attack exploits a new, not publicly known vulnerability in Microsoft Internet Explorer. We informed Microsoft about this vulnerability and Microsoft published an advisory and a blog post on the matter on Thursday afternoon.

As with most targeted attacks, the intruders gained access to an organization by sending a tailored attack to one or a few targeted individuals. We suspect these individuals were targeted because they likely had access to valuable intellectual property. These attacks will look like they come from a trusted source, leading the target to fall for the trap and clicking a link or file. That’s when the exploitation takes place, using the vulnerability in Microsoft’s Internet Explorer.

Once the malware is downloaded and installed, it opens a back door that allows the attacker to perform reconnaissance and gain complete control over the compromised system. The attacker can now identify high value targets and start to siphon off valuable data from the company.

Our investigation has shown that Internet Explorer is vulnerable on all of Microsoft’s most recent operating system releases, including Windows 7. Still, so far the attacks we’ve seen using this vector have been focused on Internet Explorer 6. Microsoft has been working with us on this matter and we thank them for their collaboration.

While we have identified the Internet Explorer vulnerability as one of the vectors of attack in this incident, many of these targeted attacks often involve a cocktail of zero-day vulnerabilities combined with sophisticated social engineering scenarios. So there very well may be other attack vectors that are not known to us at this time. That said, contrary to some reports our findings to date have not shown a vulnerability in Adobe Reader being a factor in these attacks.

Operation “Aurora”
I am sure you are wondering about the name “Aurora.”  Based on our analysis, “Aurora” was part of the filepath on the attacker’s machine that was included in two of the malware binaries that we have confirmed are associated with the attack. That filepath is typically inserted by code compilers to indicate where debug symbols and source code are located on the machine of the developer. We believe the name was the internal name the attacker(s) gave to this operation. 

Changing The Threat Landscape
Blaster, Code Red and other high profile worms are definitely a thing of the past. The current bumper crop of malware is very sophisticated, highly targeted, and designed to infect, conceal access, siphon data or, even worse, modify data without detection.

These highly customized attacks known as “advanced persistent threats” (APT) were primarily seen by governments and the mere mention of them strikes fear in any cyberwarrior. They are in fact the equivalent of the modern drone on the battle field. With pinpoint accuracy they deliver their deadly payload and once discovered – it is too late.

Operation Aurora is changing the cyberthreat landscape once again. These attacks have demonstrated that companies of all sectors are very lucrative targets. Many are highly vulnerable to these targeted attacks that offer loot that is extremely valuable: intellectual property.

Similar to the ATM heist of 2009, Operation Aurora looks to be a coordinated attack on many high profile companies targeting their intellectual property. Like an army of mules withdrawing funds from an ATM, this malware enabled the attackers to quietly suck the crown jewels out of many companies while people were off enjoying their December holidays.  Without question this attack was perpetrated during a period of time that would minimize detection. 

All I can say is wow. The world has changed. Everyone’s threat model now needs to be adapted to the new reality of these advanced persistent threats. In addition to worrying about Eastern European cybercriminals trying to siphon off credit card databases, you have to focus on protecting all of your core intellectual property, private nonfinancial customer information and anything else of intangible value. 

We will continue to provide updates on this event as it continues to unfold.  As I said in my last post, this is only the tip of the iceberg.

(To  get real time updates on this story follow George on Twitter at http://www.twitter.com/george_kurtzCTO)

(Update: Added detail on IE 6 being a primary attack vector at 1.55 PM PT on 01/14/10)
(Update 2: Added link to Microsoft advisory and blog at 6.47 PM PT on 01/14)

Bookmark and Share

Tags: , , ,

Submit your own comments / message for this post

Your email is never published nor shared. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Comments (58)

  • Incidentresponder October 13, 2011 6:19AM

    It’s no wonder things don’t ever get fixed. We can’t even get the correct info! As “ARealIncidentResponder” stated below the actual folks who found this aren’t even mentioned (for good reason actually) point is that until info within the security field is shared more openly atleast WITHIN the field then these things will continue to happen, propagate cause a whole host of problems. It doesn’t help when alot of supposed security news sources have alot of way wrong info whether intentionally of not!

  • Flavio Blanco June 29, 2010 10:30AM

    I d like to hear more about antihacker101s comments. Can he provide better facts to support his conclusions, of being part of a botnet? What tools are helping his fight? What technical advice can he pass along to detect worms that arent the decoys, botnets and more. While I have often suspected some compromize of hardware firmware or motherboard chips is occuring, what evidence does he have to support this? How can we recognize this kind of infection? Whats the fix, flashing the bios? What about deep hard disk sector infections that seemingly survive reformats? Seen any of that?

  • Mike June 21, 2010 3:17PM

    I love how all the “leading” security firms such as the one this site promots has to scramble but my “firewall” has been able to block this exploit since 2006.

  • pander May 11, 2010 11:51AM

    Ok we know the problem right? And we seem to know some of the fixes, correct? Now I want to know, as do most business-minded folks, how do we profit from this threat? Seems as though “decoys” can be valuable, as is unmined gold ore. But I wonder if they (decoys)can be used to reverse-infect the Chinese or any other origin? This may not be a cure. But it sure would be fun to know we scrambled their eggs for once, and we burned down their kitchens to do it! lol

  • smith April 28, 2010 2:14AM

    Hey folks,
    Thanks a lot for sharing such a nice and informative article, i had gone through the article and also the comments posts and i agree with the views of KARL. he had mentioned a very good views.

    By the way for more information on Security Courses check this link: http://www.eccouncil.org/certification.aspx

  • Open Source GPL WordPress Themes April 8, 2010 10:16AM

    We need security indeed, but unfortunately we still need Windows more. I try switching to other OS but it always make me come back to Windows. Sadly isn\’t?

  • webcertain March 18, 2010 7:13AM

    Surely Windows is a flawed system, but I found that AVG is a good antivirus. It also has lots of free products, and it’s easy to use. Worth a try!

  • SimonR February 18, 2010 11:44AM

    @Hindsight. Not sure anyone is expecting perfection. I run a dev org and at least we make an effort to run some reasonable security checks before we release. We also beleave in continuous improvement, not cutting corners. I will have to say that the focus/importance placed on security is really driven by the culture of the org. I can say from experience that security is more important in orgs that focus on customer satisfaction vs. org that focus on the next big sale.

  • Rotundo Pierluigi February 11, 2010 8:44AM

    I think we have to reengineer the way to look at operating systems now…

    Rotundo Pierluigi

  • antihacker101 February 3, 2010 3:35AM

    false security is all that is happening. i been fighting the botnet longer than anyone. not only was it being built in my machines(and other hardware and servies), but i just learned that i am the command and control center of the botnet. i have info on the worm and hackers.
    if you want to really make a secure full working detectory, you need the info i have. example. the worm loves decoys. conficters were made detectable on purpose. the main worm gets in by injecting radio packets into a stream that is picked up by chips on the motherboard and also a hardware exploit from your network connection.

    the main work hijacks what it refers to as global.
    the worm works in layers. they keep monitoring eachother. the hackers are not the main hackers. the original hackers attempted to remove the worm a week after april first after i succeeded in sending a message to a comunity site revealing the source. it backfired and used kid hackers(given info) to set authoritys away from them. parts of the main worm just started to get addressed in novemeber. the hacker did something to the worm nov 17 by altering display/lan/audio drivers and then the ports used changed to port 445 instead of the normal high ports(linked as commands using parsing injections).

  • Mark Aitchison January 31, 2010 6:20PM

    It is really frustrating that security exploits of this sort are going on today, and ill-informed quibbling over blaming an OS or browser is distracting attention from the real problem: softwrae designers took a wrong turn well over a decade ago, making it their priority to add powerful features without enough consideration for teh security implications. I do agree that Unix-family operating systems were designed to be secure from the ground up, and were much, much better than MS Windows in general up until roughly Windows 7, after which you cannot make sweeping claims that one is better than the other. But for a long time the problem has been the insecurity of software (and humanware) using the operating systems, and the mindset behind the rush add bling and capabilities just waiting to be abused. The present discussion about Zero-day and other exploits, and IE vs Firefox security, is an echo of discussions mid-2007. Yet the most shocking thing (for the security community) is that steps to prevent many such problems were discussed (in virus-l and elsewhere) well over a decade ago. The only reasons I can think of for sensible security attitudes being ignored is a misguided commercial calculation and a \

  • Ken Jackson January 24, 2010 11:30AM

    Internet Explorer and Windows are grave security threats… Corporations concerned with their intellectual property ought to drop Windows like an infected plague-rat.

    You said it, mykle!

    I wish I didn’t have to use Windows-dependent software at work.

  • next123 January 23, 2010 12:21PM

    I hope McAfee brings us a conference paper with the forensics behind this attack. There are too many things don\\\\\\’t quite make sense

  • Michael J. Schultz January 22, 2010 2:06PM

    All Aurora did was leverage the insecurity of the internet. This is another way to say security is looked at on a network level and sometimes at a virus check level but rarely at a user level.
    Personal security is usually limited to a PIN or password access by a user. This is how PayPal became the most hacked payment system in the world.
    What is needed is to use authenticated digital identities as access points to the internet. Instead of PINs or passwords create authenticated digital profiles that access via dynamic gateways.
    A virus then cannot automatically send email or information out as it cannot be programmed to mimic the dynamic access.
    For full disclosure, GenMobi has created and patented access through authenticated digital identities.

  • ARealIncidentResponder January 20, 2010 7:25PM

    Pssst… It wasn\’t you guys that found the vulnerability.. This is not a new attack or family of malware. The world hasn\’t changed – you guys finally got wind of it.

  • Hindsight 20/20 January 20, 2010 11:52AM

    @Dave: Hindsight 20/20 eh\’ Dave. I do chuckle at those who always point to not enough thinking. not enough development.

    If it were so simple then I guess there would be perfect products all over the place. Perfect AV products, or Perfect OS\’s and App thus not requiring AV in the first place. And as soon as the programming perfection becomes a reality then we either start down a road to a single product or multiple perfect products and you just have to select your favorite flavor.

    I hear it all the time. If you test on 5 machines and a bug is found you should have tested 10. If you tested 10 you should have tested 20, if you tested 20 you should have tested 50, and if you tested it so thoroughly it was near perfect it would take forever (paralysis by analysis) and once it came out it would be outdated because someone a little less perfect put theirs out first and you get blasted for taking up too much time developing/testing.

    If only the real world was so black and white.

  • AnnieB January 19, 2010 11:59AM

    Does anyone know the content of the emails sent to corporate staff that caused that staff to click on the seemingly harmless links? Most people are not idiots, and will not click on obviously fradulent links, so these emails must have been relatively sophisticated.

  • Dave January 18, 2010 1:22PM

    Just amazing. Here we are in 2010 and we are still quibbling over the virtues of which OS or browser technology is better. The problem here is not the technology but rather the people who develop and ultimately use it. There is a fundamental disconnect between the people who develop the coolest, latest new whiz-bang gizmo feature in software, those who use it and those who abuse it. Unfortunately most software development lifecycles either don’t include any security check points or leave security testing to the very end—well after all the flaws are baked in. Until developers start taking secure coding and testing seriously, and end-users remain complacent, we will continue down the path of serious security breaches perpetrated by those with the will, patience, and motivation to exploit software.
    This zero-day is by no means the last. And there are plenty of zero-days baked into to all kinds of software other than Microsoft products, they just haven’t been found yet.
    Secure your code people!!!