Re: McAfee really DOES write new Malware! Wholey Moley!

[<Blanchard_Michael () emc com>]

 HI Dave!
    Good to talk to ya!  We've met several times, once I believe was on the Odyssey cruise in Boston Harbor.  
   I would have hoped (and figured) that the use of existing malware was the focus of this course.  
  But the wording of the course description does pretty much lead one to think otherwise "...have a chance to create a 
Trojanhorse,..." and "...what you create..."  I'd certainly change that wording around to say "examine existing 
Trojanhorse programs" or something like that as this is getting a little bit of a bad buzz due to the creation aspect 
:-(


Mike B

Michael P. Blanchard 
Senior Security Engineer, CISSP, GCIH, CCSA-NGX, MCSE
Office of Information Security & Risk Management 
EMC ² Corporation 
4400 Computer Dr. 
Westboro, MA 01580 
email:  Blanchard_Michael () EMC COM 

-----Original Message-----
From: Craig Schmugar [mailto:craig () getvirushelp com] 
Sent: Tuesday, September 29, 2009 4:33 PM
To: funsec () linuxbox org; Blanchard, Michael (InfoSec)
Cc: David_Marcus () McAfee com
Subject: RE: [funsec] McAfee really DOES write new Malware! Wholey Moley!

Sending this for Dave, who recently subscribed, but isn't yet able to post:
---


Mike,

Let me address your concerns. We are NOT creating new malware nor are we showing others how to create malware. We are 
allowing our customers to get firsthand experience with existing malware and malware tools to educate them on what it 
is that is out in the wild hunting them and their users. This will be done in a secure environment with no 
connectivity. No one will be allowed removable media or storage devices. All malware and associated toolkits that we 
are using are currently detected and protected against.

Again, we are not teaching coding or teaching people how to write malware nor would we ever. We are allowing them to 
interact and experience malware in a controlled environment to get a better understanding of what we are protecting 
them and their users from.

Please feel free to contact me should you have any other questions or concerns.

Best regards,
Dave

Dave Marcus
Director, Security Research and Communications
McAfee Avert Labs
443.321.3771 Direct
443.668.0048 Mobile
Twitter: DaveMarcus
Twitter: McAfeeAvertLabs
david_marcus () avertlabs com
www.mcafee.com

Read The Blog. Live the Podcast.
---


> How can any antivirus vendor condone such activity, let alone teach a course 
> in it????  What has the world come to?  Don't they remember the whole outcry 
> against the University of Calgary when they wanted to teach a course that 
> involved creation of new viruses?
>   
>
>
> http://www.mcafeefocus.com/focus09/sessions/GroupMeetings.aspx#avert2
> Avert Labs - Malware Experience
> (By appointment only)
> Tuesday, Oct. 6
> 1:00 pm - 5:00 pm
> You've often heard that the Internet is a dangerous place and you've probably 
> read about threats such as botnets, keystroke loggers and drive-by 
> installations of malware through rigged Web sites. But what is malware really? 
> How do cybercriminals launch their malicious attacks? McAfee is offering you 
> the chance to find out with the unique and exclusive McAfee Malware 
> Experience. 
>
> Join experts from McAfee Avert Labs and have a chance to create a Trojan 
> horse, commandeer a botnet, install a rootkit and experience first hand how 
> easy it is to modify websites to serve up malware. Of course this will all be 
> done in the safe and closed environment, ensuring that what you create doesn't 
> actually go out onto the Internet. To sign up,....
>
>
> Michael P. Blanchard 
> Senior Security Engineer, CISSP, GCIH, CCSA-NGX, MCSE
> Office of Information Security & Risk Management 
> EMC ² Corporation 
> 4400 Computer Dr. 
> Westboro, MA 01580 
> email:  Blanchard_Michael () EMC COM 
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.