George Yunaev

George Yunaev is a Senior Software Engineer at Bitdefender. He joined the company's OEM Technology Licensing Unit in 2008, after working at Kaspersky Lab for seven years. Aside from developing SDKs for various OEM solutions, George is also providing partners and prospects with useful insights into emerging threats and potential pitfalls of technology licensing. His extensive software engineering experience of 19 years also covers reverse-engineering and malware analysis. He is based in Silicon Valley, California, and enjoys traveling and active sports such as skydiving and wakeboarding.

Recent Posts

Why Don't You Provide Useful Malware Descriptions?

Published on 08/18/16 06:27PM

Technology

Read More

IoT Security: What to Expect as a Vendor When Joining the Connected World

Published on 07/31/15 02:30PM

Threats, Internet of Things

... or lessons to learn from Fiat Chrysler Automobiles (FCA)'s recent mistakes

Many vendors are now adding Internet connectivity to their products, adding more features and enabling the device to send information back to them. Unfortunately, for the vendors who never developed connected products before, these additions also carry a greater risk of having a high-impact security vulnerability in their products. Case in point: the vulnerability recently discovered in the wireless service (Uconnect) of a Jeep Cherokee, which affects several connected cars by Fiat Chrysler Automobiles (FCA) and resulted in recalling 1.4M vehicles. The researchers who discovered it showed how this security flaw could enable hackers to take control over the car’s brakes, engine and electronic equipment.

Read More

11 Frequently Asked Questions About Malware Botnets – Answered!

Published on 06/20/15 08:30AM

Threats

Or why using the Command and Control (C&C) server ban lists will not help with security.

If the malware botnet concept is a bit blurry to you, this article will surely clarify things. Without further ado, here are 11 frequently asked questions about malware botnets: 

Read More

Why IoT Security Will Be a Nightmare for Everyone

Published on 05/08/15 02:00PM

Technology, Internet of Things

The Internet of Things (IoT) seems to be about innovation, about developing new cool, exciting “things” that nobody has done before – developing them fast, bringing them to the market with high speed. And people developing these things do understand the importance of security. Even for a small thing such as a wireless-controlled lamp, a user wouldn't want any neighbor kid to control it. However, as the 2014 Blackhat/Defcon showed[1], a number of those devices have rather inadequate security and could be easily broken into. So why exactly does this happen?

Read More

POS Security (2): Attack Vectors and Prevention Methods

Published on 03/04/15 04:00PM

Threats, Network Security, Endpoint Security

In POS Security: Lessons for Every Business Employing Such Systems we show how important it is for a retailer or any type of business processing credit card payments to fully understand how POS systems work and the security risks.

In this article, we’ll cover POS attack vectors and ways to detect and even prevent them. There are several ways someone may attack a POS, and we’ll analyze them one by one.

Read More

POS Security (1): Lessons for Every Business Employing Such Systems

Published on 02/12/15 04:00PM

Threats, Network Security, Endpoint Security

POS security is one term that we’ve been hearing for more than five years now. And its dark connotations only increased in intensity with the recent Target and Home Depot breaches that shook the two retailers to their core. But it’s not only high-profile retailers that should be wary of such attacks. Smaller companies – retail chains, restaurants and other types of business – in the US, Canada, Australia and Russia have had their POS systems breached in recent months.

So regardless of industry or location, if you have a POS system in place, or you’re considering employing one, you may become a target. To prevent this gloomy perspective, it’s recommended you fully understand how POS systems work, what types there are and the risks they present, as well as the basic security questions you need to ask a potential POS vendor when evaluating their solution.

Read More

10 Questions to Ask an APT Protection Provider Before Choosing Them

Published on 02/06/15 03:55PM

Threats, OEM Business

Are you looking for the right Advanced Persistent Threat (APT) protection provider? If you already have a security solution in place, talk to your current vendor first and get their view on APTs. Also, be sure to ask if they detect advanced malware threats, and whether the solution you license from them is just a “traditional, signature-based antivirus” or it has other features such as generic detection, proactive protection and heuristics.

Read More

How to Properly Evaluate an APT Security Solution?

Published on 01/08/15 03:30PM

Threats, OEM Business

As mentioned previously in Detecting Advanced Persistent Threats – myths and realities, the technologies used by some Advanced Persistent Threat (APT) security vendors may not result in a good detection rate. To add to the problem, most companies providing APT protection do not participate in the standard industry detection tests run by reputable companies. These are the main tools that measure the “effectiveness” of a security solution in terms of how well the solution prevents the penetration of modern malware.

Typical excuses are:

Read More

Sony Security Breach: Unprecedented and Unparalleled. Or Is It?

Published on 12/19/14 03:48PM

Threats, Cloud Security, Network Security

If you thought the Apple iCloud breach was the biggest security hit on Hollywood this year, you’d be wrong. The recent attack on the film studio Sony Pictures is considered the biggest one yet, as the damage affects not only the company, but also its employees and film collaborators. The attackers, who call themselves the Guardians of Peace #GOP, leaked a treasure trove of internal data: high-quality screening copies of Annie, Fury, Mr. Turner and Still Alice, sales projections for a number of TV shows, company budgets, IT security plans and access credentials, personal information of employees and artists working with Sony, as well as payroll and compensation data. Given the amount of top secret data leaked, the US FBI department has jumped on the investigation, along with the security company that Sony hired to clean up its networks and restore its systems.

Read More

Detecting Advanced Persistent Threats: Myths & Realities

Published on 12/02/14 11:07AM

Threats, Network Security, Endpoint Security, Technology

Advanced Persistent Threats (APTs) have been a hot topic for quite some time. In the hype created around it, the media and security specialists have ventured to provide opinions and explanations on various aspects, including what an APT is, and how to protect against it. For example, security vendors offering solutions against APTs often claim that “Traditional signature-based security won't protect you from APTs”. They also explain that they offer “a signature-less, virtualized detection engine", and other modern technologies that protect against APTs. But are they really 100% effective?

And are all these claims valid?

Read More