HI Dave!
Good to talk to ya! We've met several times, once I believe was on the
Odyssey cruise in Boston Harbor.
I would have hoped (and figured) that the use of existing malware was the
focus of this course.
But the wording of the course description does pretty much lead one to think
otherwise "...have a chance to create a Trojanhorse,..." and "...what you
create..." I'd certainly change that wording around to say "examine existing
Trojanhorse programs" or something like that as this is getting a little bit of
a bad buzz due to the creation aspect :-(
Mike B
Michael P. Blanchard
Senior Security Engineer, CISSP, GCIH, CCSA-NGX, MCSE
Office of Information Security & Risk Management
EMC ² Corporation
4400 Computer Dr.
Westboro, MA 01580
email: [email protected]
-----Original Message-----
From: Craig Schmugar [mailto:[email protected]]
Sent: Tuesday, September 29, 2009 4:33 PM
To: [email protected]; Blanchard, Michael (InfoSec)
Cc: [email protected]
Subject: RE: [funsec] McAfee really DOES write new Malware! Wholey Moley!
Sending this for Dave, who recently subscribed, but isn't yet able to post:
---
Mike,
Let me address your concerns. We are NOT creating new malware nor are we
showing others how to create malware. We are allowing our customers to get
firsthand experience with existing malware and malware tools to educate them on
what it is that is out in the wild hunting them and their users. This will be
done in a secure environment with no connectivity. No one will be allowed
removable media or storage devices. All malware and associated toolkits that we
are using are currently detected and protected against.
Again, we are not teaching coding or teaching people how to write malware nor
would we ever. We are allowing them to interact and experience malware in a
controlled environment to get a better understanding of what we are protecting
them and their users from.
Please feel free to contact me should you have any other questions or concerns.
Best regards,
Dave
Dave Marcus
Director, Security Research and Communications
McAfee Avert Labs
443.321.3771 Direct
443.668.0048 Mobile
Twitter: DaveMarcus
Twitter: McAfeeAvertLabs
[email protected]
www.mcafee.com
Read The Blog. Live the Podcast.
---
>How can any antivirus vendor condone such activity, let alone teach a course
>in it???? What has the world come to? Don't they remember the whole outcry
>against the University of Calgary when they wanted to teach a course that
>involved creation of new viruses?
>
>
>
>http://www.mcafeefocus.com/focus09/sessions/GroupMeetings.aspx#avert2
> Avert Labs - Malware Experience
>(By appointment only)
>Tuesday, Oct. 6
>1:00 pm - 5:00 pm
>You've often heard that the Internet is a dangerous place and you've probably
>read about threats such as botnets, keystroke loggers and drive-by
>installations of malware through rigged Web sites. But what is malware really?
>How do cybercriminals launch their malicious attacks? McAfee is offering you
>the chance to find out with the unique and exclusive McAfee Malware
>Experience.
>
>Join experts from McAfee Avert Labs and have a chance to create a Trojan
>horse, commandeer a botnet, install a rootkit and experience first hand how
>easy it is to modify websites to serve up malware. Of course this will all be
>done in the safe and closed environment, ensuring that what you create doesn't
>actually go out onto the Internet. To sign up,....
>
>
>Michael P. Blanchard
>Senior Security Engineer, CISSP, GCIH, CCSA-NGX, MCSE
>Office of Information Security & Risk Management
>EMC ² Corporation
>4400 Computer Dr.
>Westboro, MA 01580
>email: [email protected]
>
>_______________________________________________
>Fun and Misc security discussion for OT posts.
>https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
>Note: funsec is a public and open mailing list.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
