Author: Christiaan Beek

Christiaan Beek Christiaan Beek is the Director of Threat Intelligence, Malware Operations at McAfee Labs. In his previous role at McAfee, he was the director of the Incident Response and Forensics for the McAfee Foundstone team in Europe, the Middle East, and Africa. Beek is an active member of MFCIRT, performing reverse-engineering of malware, digital forensics, forensic data mining, as well as coaching security teams around the globe. He is a passionate instructor and cybercrime specialist who has developed multiple training courses, workshops, and presentations. Beek is a contributor to the best–selling security book "Hacking Exposed."

One question I often hear is “When will Intel Security (McAfee) publish a report on the latest threat?” It seems to be a hot trend today for security companies to offer reports with topics such as “Operation X” or “Malware Y,” or to trumpet how many zero-day vulnerabilities they have found. Do we now measure […]

Targeted attacks have several stages, sometimes called the APT kill chain. At McAfee Labs we prefer the model described by Lockheed Martin: As part of the weaponizing phase, attackers often put a payload into a file that, once installed, will connect in the C2 (command and control) phase to the attacker. A very common payload […]

During recent weeks we’ve seen a new botnet kit advertised in several Russian forums. The iDroidbot costs US$1,500 and targets phones running iOS 7.1 and earlier, as well as Android 2.2 and later. The kit has some interesting features, including a credit-card number grabber and a method for draining mobile wallets. According to the developer, […]

In McAfee Labs we keep a close eye on the Zeus/Zbot/Gamover botnet malware that is responsible of thousands of samples we gather each day. The following graph shows the total number of Zbot samples submitted to McAfee Labs in recent months. For a couple of weeks, McAfee Labs has followed a global Zbot campaign, in […]

Talking with customers during the past few months, the key topics and questions we heard were all about targeted attacks, threat intelligence, and security information and event management (SIEM). However, there seems be a myth that “once we have SIEM, we will have visibility into threats”—as if SIEM will give us all the answers. To […]