No. 1 Story

HP job cuts loom for Australian employees

A number of Australian employees of Hewlett-Packard are facing the loss of their jobs as the global computer giant looks to slash its worldwide workforce by up to 30,000.

read more

Related Articles

Windows, threat, trends, the, view, from, McAfee
Juniper offers SSL VPN security for the iPad
Juniper Networks has extended its SSL VPN security to the iPad with the release...
Read More
Social networking - the security dilemma
A recent survey by security company Sophos exposes the dilemma to business posed by...
Read More
How unique is your presence on the Internet?
You might think that thousands, nay millions of people will be on the Internet...
Read More
Scareware rogue software reaches threat peak
The highest level of total malware detected in more than a year, and four...
Read More
AppLabs and Original Software Partner to Help Clients Take the Step from Manual to Automated...
- Sponsored Editorial - AppLabs sees huge value proposition for its clients with...
Read More

More From

Popular Threads

Windows threat trends: the view from McAfee

Stephen Withers
Friday, 22 October 2010 14:39

Business IT - Security

View Comments
Page 1 of 3

What are the threats currently facing Windows users? McAfee has some answers to this question, and its advice includes being especially watchful for phishing attempts at the end of each quarter.


Paula Greve, director of web security research at McAfee, told attendees at the the company's Focus 2010 security conference that McAfee is currently seeing very targeted attacks being delivered to specific individuals within organisations via personally addressed emails that appear to have relevance to the victims, for example by including references to their organisational roles. Another method is to send messages via social networks or media that provide an appropriate context. One example might be that if someone posted a set of photos of a particular location, an attacker might send a message (possibly masquerading as a friend) reading 'here's an angle you missed' followed by a malicious link.

Such attacks may be associated with advanced persistent threats (APTs) similar to Aurora. Greve noted that the publicity surrounding Aurora did sensitise people to such threats, leading to a threefold increase in the number of suspect URLs submitted to McAfee.

The basic lifecycle of an APT goes like this:
research the intended victim (online and offline);
deliver an attack using multiple vectors;
evade detection after installation, eg by transmitting data when the network is busiest;
gain intelligence and access to related systems;
leave no evidence behind so the victim can't tell what data was copied or modified; and
use the collected information to launch further attacks.

Another active area is fake AV software, also known as scareware as it is designed to scare people into buying a product to 'clean up' malware that isn't present on their systems but that might itself install malware while charging victims for the privilege. The incidence of password-stealing malware is also growing.

Some patterns can be seen around particular threat categories. "Fridays are kind of a hot time [for malware delivery]," said Greve. Malware distributors are responding to security companies' success in blocking sites by activating the servers for short periods at a time, The idea is to try to fool researchers into thinking the sites have already been taken down.

A different pattern applies to phishing - see page 2.



Start 1 2 3 Next 

Our Services for Technology Professionals

E - mail News SMS Headlines Desktop Alerts News Feeds Job Alerts Technology Events Press-Releases