Re: [funsec] McAfee really DOES write new Malware! Wholey Moley!

2009-09-29 Thread Craig Schmugar
Sending this for Dave, who recently subscribed, but isn't yet able to post: --- Mike, Let me address your concerns. We are NOT creating new malware nor are we showing others how to create malware. We are allowing our customers to get firsthand experience with existing malware and malware tools

Re: [funsec] Panda worm

2009-11-28 Thread Craig Schmugar
Here's some info: http://vil.nai.com/vil/content/v_141204.htm http://vil.nai.com/vil/content/v_244825.htm -- Update November 25th, 2009-- A new variant of W32/Fujacks.worm was identified with some new characteristics. This variant is installed as a hidden service on the infected system. The follow

Re: [funsec] Miller, Pwn2Own's winner tells Apple, Microsoft to find their own bugs

2010-03-31 Thread Craig Schmugar
Read this: http://www.eweek.com/c/a/Security/Microsoft-Patches-When-Silence-Isnt-Golden/ News Analysis: The software maker admits to withholding details on security vulnerabilities to protect customers from bad guys, but critics say that policy increases the risk for everyone. Microsoft has fesse

RE: [funsec] The false positive in McAfee GroupShield

2007-10-09 Thread Craig Schmugar
be exactly right in this specific Groupshield example, but I'm not one to sacrifice genericisity and performance for the sake of allowing security researchers to swap exploit code. Craig Schmugar Threat Researcher McAfee Avert Labs -Original Message- From: [EMAIL PROTECTED] [mailto:

RE: [funsec] Latest VB 100 test results

2007-12-06 Thread Craig Schmugar
http://www.av-comparatives.org/seiten/ergebnisse/report16.pdf Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jeff Kell Sent: Thursday, December 06, 2007 10:05 AM To: Alex Eckelberry Cc: funsec@linuxbox.org Subject: Re: [funsec] Latest VB 100 test r

RE: [funsec] Month of Kernel Bugs - day 1

2006-11-01 Thread Craig Schmugar
Patch patch patch? What patch? Last time I checked there were 2 or maybe 3 patches available for the 25 IE-related MoBB issues (from July). So, I might question the phrase "these days" in Gadi's statement "you are all more secure these days" Craig -Original Message- From: [EMAIL PROTEC

RE: [funsec] Month of Kernel Bugs - day 1

2006-11-01 Thread Craig Schmugar
--- From: Fergie [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 01, 2006 8:02 PM To: [EMAIL PROTECTED] Cc: funsec@linuxbox.org Subject: RE: [funsec] Month of Kernel Bugs - day 1 As an educated consumer: yes. - ferg -- "Craig Schmugar" <[EMAIL PROTECTED]> wrote: Patch pat

RE: [funsec] Month of Kernel Bugs - day 1

2006-11-02 Thread Craig Schmugar
y]. Craig -Original Message- From: Gadi Evron [mailto:[EMAIL PROTECTED] Sent: Thursday, November 02, 2006 12:13 AM To: Craig Schmugar Cc: 'Fergie'; funsec@linuxbox.org Subject: RE: [funsec] Month of Kernel Bugs - day 1 On Wed, 1 Nov 2006, Craig Schmugar wrote: > > A

RE: [funsec] Month of Kernel Bugs - day 1

2006-11-03 Thread Craig Schmugar
s to protect themselves often struggle to do so (including the small fish). Craig -Original Message- From: Gadi Evron [mailto:[EMAIL PROTECTED] Sent: Thursday, November 02, 2006 7:39 PM To: Craig Schmugar Cc: 'Fergie'; funsec@linuxbox.org Subject: RE: [funsec] Month of Kernel