Author: Christiaan Beek

Christiaan Beek Christiaan Beek is the Director of Threat Intelligence, Malware Operations at McAfee Labs, part of Intel Security. He was previously the director of Incident Response and Forensics for the McAfee Foundstone team in Europe, the Middle East, and Africa. Beek is an active member of MFCIRT, performing reverse-engineering of malware, digital forensics, forensic data mining, as well as coaching security teams around the globe. He is a passionate instructor and cybercrime specialist who has developed multiple training courses, workshops, and presentations. Beek is a contributor to the best–selling security book "Hacking Exposed."

For several weeks after we released the McAfee Labs Threats Report, May 2015, in which we discussed the topic of ransomware in depth, we frequently saw the same questions: “Why is ransomware increasing, and why is it so successful? In our report we offered a few answers to this question. We’d like to zoom in […]

We have seen an increasing amount of articles published about the “Dark Web,” underground cybercriminal sites that are hosted on hidden servers and can be accessed only by using Tor. One example of a Dark Web site hosted on one of these “.onion” domains was the Silk Road, a site infamous for the buying and […]

For McAfee Labs the New Year will start with a lot of excitement. During the next 10 weeks, several of us researchers will teach a master class at Oregon State University. During this class, “Defending against the Dark Arts,” more than 60 students will be served a diversity of topics, including malware, forensics, memory analysis, […]

One question I often hear is “When will Intel Security (McAfee) publish a report on the latest threat?” It seems to be a hot trend today for security companies to offer reports with topics such as “Operation X” or “Malware Y,” or to trumpet how many zero-day vulnerabilities they have found. Do we now measure […]

Targeted attacks have several stages, sometimes called the APT kill chain. At McAfee Labs we prefer the model described by Lockheed Martin: As part of the weaponizing phase, attackers often put a payload into a file that, once installed, will connect in the C2 (command and control) phase to the attacker. A very common payload […]