mcafee

McAfee: Beware the .hk domain, among others

McAfee released a study late on Tuesday that indicates the domains that tend to be the most dangerous or malware-prone on the Web, and at the top of the list is the Hong Kong (.hk) domain.

The McAfee Mal Web report, which serves as a safety guidebook to risky online neighborhoods, reveals that 19.2 percent of all Web sites ending with the .hk domain pose a security threat to Web users, followed by China (.cn), the Philippines (.ph), Romania (.ro) and Russia (.ru).

By contrast, the safest domains on the Web are Finland (.fi), Japan (.jp), Norway (.no), Slovenia (.… Read more

Buzz Out Loud 718: Always worry

We could tell you not to worry, but then you'd e-mail us and tell us why you should. So, new rule. Always worry. And the HTC Touch Diamond ain't all that, but we're not saying the 3G iPhone is going to be all that, either. Don't get your hopes up. This is turning into an Eeyore sort of day, isn't it? Here's some good news: Zune 2.5 offers TV downloads! So...yay! Listen now: Download today's podcast EPISODE 718

Vodafone, Telecom Italia announce massive iPhone rollout http://arstechnica.com/journals/apple.ars/2008/05/06/ vodafone-telecom-italia-announce-massive-iphone-rollout … Read more

McAfee deal aims to make Yahoo search safer

Updated May 6, 5:50 AM PDT to reflect the actual announcement from the two companies.

Yahoo and McAfee announced a partnership Tuesday under which potentially unsafe Web sites appearing in Yahoo search results will be flagged as risky.

The deal, an exclusive for Yahoo, uses McAfee SiteAdvisor technology to label a variety of potentially dangerous Web sites with red warning text and links to McAfee information about what risks the site poses. Among the triggers for a red warning message are sites that host spyware, adware, or virus-infected downloads; sites that have links to other Web sites with dangerous … Read more

Race to Zero aims to stump antivirus scanners

A new contest to be held at this year's DefCon in Las Vegas in August hopes to prove that signature-based antivirus is dead, a move that one leading antivirus researcher says is "not a good idea."

The goal of the Race to Zero is simple: obfuscate a malicious code so that it evades well-known antivirus engines.

Contestants will be given a sample set of viruses and malicious code that they must modify and then upload through the contest portal. Once accepted, the sample will be sent through a number of leading antivirus engines (perhaps using VirusTotal.com … Read more

McAfee's libel against open source

Over the weekend Stuart Hicks emailed the OSI about an odd statement made by McAfee in its white paper on botnets [PDF]:

Taking the bot controller ofﬂine may kill a botnet. As a result, many bots use a Dynamic Domain Name System (DDNS) or have a list of backup IP addresses to survive such an event. Bot technology is rapidly evolving, often aided and abetted, unfortunately, by the open-source movement. [Emphasis mine.]

Huh? No justification is made for this statement. No follow-on, explanatory comments are made.

Someone at McAfee thinks that the correlation between botnets and open source is clear, but I am struggling to grasp any connection between the two. Perhaps this is just one more example of McAfee's dubious grasp on reality when it comes to open source. Remember its statement that open-source licensing is a threat to its business?

Consider the definition of a botnet:… Read more

McAfee's missed messages

When walking through the San Jose Minetta airport on Wednesday, I couldn't help but see McAfee's name strewn throughout the terminal. The marketing folks at McAfee must be on an advertising kick because there are numerous, visible advertisements that read, "Hackers hack code. McAfee hacks hackers."

OK, McAfee, you got my attention, but my question is, just who are you trying to reach with this message? Here is a list of possibilities and my associated confusion:

1. Enterprise customers. This audience doesn't seem likely. Enterprise security today is much more about governance, risk management, and … Read more

Hacking public-information kiosks

Public-information kiosks are supposed to allow users to find out more about a company or government agency, and that's all. But on Saturday afternoon, Shanit Gupta, a senior consultant at McAfee Foundstone, demonstrated several ways that he and others have been able to map the internal network on a system running XenApp, formerly Citrix Presentation Server.

On the demonstration screen at ShmooCon, an East Coast computer hacking conference, Gupta showed how the familiar toolbars and browser frame are missing on a system running XenApp. The idea is that on a kiosk the public can click on links only within … Read more

Spyware abuse includes domestic abuse says McAfee

On Thursday, the Anti-Spyware Coalition will meet in Washington. Included will be experts from McAfee, Google, and the Pew Internet & American Life project to discuss the latest in spyware trends. In addition to the well-known damage caused by spyware--hawking advertising, stealing passwords, and slowing down PCs--McAfee is calling attention to a little known aspect of spyware: domestic abuse.

"Using spyware for surveillance in cases of domestic abuse is a serious matter," says Anna Stepanov, who manages the Anti-Spyware program at McAfee Avert Labs. She's written a report titled Spyware: A Morphing Campaign (in PDF), which chronicles … Read more

MySpace page serves up fake Microsoft security update

According to security vendor McAfee, one of the profiles on MySpace currently serves up a fraudulent Microsoft security update that, if clicked, attempts to load malicious software. The profile of a 42-year-old woman from Arkansas appears to exist solely for the purpose of infecting visitors. McAfee says that both Microsoft and MySpace have been contacted.

Joris Evers, publicity director at McAfee, says "attackers send unwitting MySpace users a friend request, asking them to become friends with 'Rita.' When the user clicks to see who 'Rita' is they are sent to the profile that serves up malware." The profile … Read more

OneCare upgrade brings headaches

Since November, Microsoft has been slowly rolling out an update to its Windows Live OneCare security software. Although the update was designed to bring in new features, such as the ability to monitor the health of multiple PCs, some say the new version has brought only headaches.

Robert Webb of North Carolina said he started having problems from the moment his software was upgraded in early December.

"My main problem has been that OneCare does not always start when the computer is booted," Webb said in an e-mail interview. "It has to be manually started."

Microsoft'… Read more