McAfee chief trusts whitelisting despite exploits

McAfee chief trusts whitelisting despite exploits

Summary: McAfee global chief executive David DeWalt has said the company will continue to use whitelisting in its security products, even after recent hacks

SHARE:
TOPICS: Security
0

McAfee global chief executive David DeWalt has said that his company will continue to use whitelists in its security products despite the fact that they have been repeatedly exploited by hackers who use stolen trusted certificates to sign malware.

David DeWalt of McAfee image

McAfee global chief David DeWalt has said that whitelists will be used in the company's security products. Photo credit: Darren Pauli/ZDNet Australia

The infamous Stuxnet family stole Authenticode-signed certificates from Realtek and JMicron to push malware through to whitelist-protected computers. Hackers also stole a VeriSign certificate, which US-based Vantage Credit Union used for its Quicken and Microsoft Money software. That certificate was then used to legitimise malware.

"Whitelisting and blacklisting have flaws, but we do see a combination of the two that is very powerful," DeWalt said. "Whitelisting — where only one source can update the operating system — is much more secure ... where there is only one trusted source, only one point of vulnerability."

For more on this story, see Stolen creds don't kill whitelisting: McAfee on ZDNet Australia.

Topic: Security

Darren Pauli

About Darren Pauli

Darren Pauli has been writing about technology for almost five years, he covers a gamut of news with a special focus on security, keeping readers informed about the world of cyber criminals and the safety measures needed to thwart them.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

0 comments
Log in or register to start the discussion