Latest security report from McAfee

I was reading the latest security report from McAfee and I was struck by the following statistic:

"McAfee Labs is now at the point where we detect more than 110,000 new unique rootkits per quarter."

McAfee Labs

This latest report essentially echoes my concerns back in 2009. Namely, the bad guys are increasingly (almost unanimously) using readily available malware kits that include kernel, chipset, and BIOS rootkits to mask their payloads. In addition, the report warns of the latest trend towards cross-platform attack vectors such as vulnerabilities in Adobe Flash, Adobe Reader, and Java as well as targeting platforms growing in popularity such as iPad, iPhone, Android, Apple OS X, Thunderbird, and Firefox add-ons. Any of those sound familiar to you or residing on your personal machine/device? Point made.

The Microsoft Windows defense against kernel rootkits, called PatchGuard, was recently defeated by hackers and Mac OS X succumbed to rootkit penetration back in 2009. So, I've started dusting off my interest in further securing my Ubuntu Linux machine (which, by the way, is just as vulnerable to rootkits as the rest).

I'll probably start here for my desktop and here for my server (as well as peruse this guide for ideas), but if anyone knows of a better guide feel free to post a comment below.

P.S. I'm also keeping my eye on Fortress Linux. Their approach aligns with my sentiments (except for "Full support for Windows software") and the latest Xfce 4.8 desktop interface looks nice (assuming that's the version included in the initial release slated soon). Too bad only the Gnome Desktop Edition will be free, but I understand their reasoning. Check out the screenshots. More information regarding the three editions can be found here.


Post a Comment

Keep it clean and professional...