Geared with an eye to the escalating sophistication of malware, McAfee is rolling out a new approach to threat protection, using rootkit protection based on hardware-enhanced security jointly developed by Intel and McAfee, dynamic whitelisting, risk intelligence and real-time security management.
The new functionality is included in the just-released McAfee Complete Endpoint Protection suites for enterprise and business.
“This signals a pretty big shift from mainstream approaches to security, particularly when it comes to hardware-enhanced security and application control, and whitelisting,” said Dan Wolff, product manager for McAfee Endpoint Security, in an interview with Infosecurity. “It matches the dramatic shift we see in the sophistication of malware, especially things that target root kits and boot drivers, which hide from traditional security approaches.”
He noted that new malware tactics are outstripping traditional anti-virus protections. “One of the things that we’re seeing more and more of are coordinated attacks, like Operation High Roller, that are a combination of social engineering and malware,” Wolff said. “They’re even using call centers to proliferate malware.” In one such scam, end users get a call from someone purporting to be from Microsoft support, explaining that there’s a problem within their PC. After a bit of “support” forensics, the agent will direct the user to go to a specific website and enter information, upon which malware will be deployed.
He also said that McAfee has this year seen the rise of server-side software. While things like banking trojans are client-side attacks that target an end-user and bide their time until that person logs into online banking, server-side attacks implement malware on a gateway or web server, and are able to intercept a vast amount of relevant information at once. “It’s like implementing a big filter on a river instead of putting a gate on every tributary to wait for one fish to come along,” Wolff said.
Read more; http://www.infosecurity-magazine.com/view/32672/mcafee-overhauls-its-malware-protection-approach/
