A former Black Hat today wrote an interesting article in Searchsecurity.com "
Metamorphic malware sets new standard in antivirus evasion". The author, Noah Schiffman, outlines the growing challenge of metamorphic viruses. Read the article as he outlines the general architecture of viruses. At the end he states a great recommendation:
"Protection from any type of metamorphic malware is best addressed by blended threat management platforms using a multi-layered approach. Antivirus software, updated frequently, remote access restrictions and compliance monitoring should be employed at the server and end-user levels. Network and personal firewalls should have any unused service ports shut down. Email servers should employ content filters and file scanning. Finally, any corporate setting should develop, maintain and enforce a well-defined and effective set of security policies. In extreme situations, when dealing with highly sensitive data, extra security measures such as real-time emulation analysis and specialized network segmentation may be considered."
Layered defenses. It's the only way to mitigate risk in today's world.
Guy
www.authenticationworld.com
guy.huntington@authenticationworld.com
del.icio.us