1. Spam Bots in APAC have started a new malware campaign. Per the 2 screen shots directly below, Websense is blocking the email msgs/attachments while McAfee's Reputation System, TrustedSource, thinks the sender is fine:
2. Per this link to our Websense File Sandbox Report, the M$ Word attachment to the aforementioned malware campaign is dropping executables, attempting to inject itself into explorer and modifying Registry Settings. Seems malicous doesn't it? Not according to McAfee or any other AV Company currently:
3. Per the final 2 screen shots directly below, the dropper attempts to pull bin.exe via HTTP from a site in the Czech Republic. Websense not only had the site classified as malicious but the Real-Time Analytics of ACE would have detected/blocked the download while TrustedSource again thinks the site is just fine.
In summary, McAfee failed to stop the initial email connection, failed to detect the malicious macro in the Word attachment, and finally, failed to detect the phone home. Final Verdict - McAfee Executives made serious money with the acquisition by Intel while your security posture has declined. Time to call Websense??? :-)
This comment has been removed by the author.
ReplyDeleteVery Excellent Information if you are looking for antivirus Tech support Panda, Bitdefender, Webroot, Emsisoft Anti Malware, F-Secure, Avg, Avast ,Norton, McAfee, Panda, Kaspersky etc. antivirus Call us now to This Toll Free Number 1888-221-6490, visit here Antivirus Technical Support Services Toll free Phone Number
ReplyDeleteget instant resolution by McAfee Support Phone Number
ReplyDelete