New Exploit Evades All Antivirus Products For Almost A Day...

An automated attack toolkit that surfaced this month is believed to be behind a new wave of ransomware attacks, according to a security researcher at Malwarebytes who said it managed to avoid detection by major antivirus vendors for nearly a full day.

Read more: New Exploit Evades All Antivirus Products For Almost A Day | CRN

A full day, how is that newsworthy? The malwares that sat on the New York Times servers managed to evade Symantec’s Sonar and AV for 45 days or so. :wink:

First of all it claims to have avoided the detection of all major AV’s not just one such as Symantec/Norton AV (Also you can’t compare pro hacking/custom malware and one exploit). Second of all we needed some fresh news as it was getting a bit boring here on the forum LOL! Also that’s another story that AV’s are not enough today for the protection and general info about ransomware getting more sophisticated for anybody who missed the info about it.

It’s shocking just how advanced ransomware is now getting - it does indeed show that having just an AV on PC is no good, nor some security suites (I say some, because there is Comodo!)

It makes you wonder whether to remove Java, or keep it…

Do you use it for anything? If not then I’d say remove it, if you just don’t want Java in your browser then you can disable Java for the browser only, it’s in the settings for Java.

how do they know it was one day and not more?

Perhaps they have a psychic?

Or perhaps none of the files used were created before that day? Iunno.

Indeed. Oh yeah! Just like with this example… AV fails to detect and say you get the worst case scenario… Full encryption ransomware infection… Pure nightmare! That’s true… Many still rely on just detection! Very risky…

Good to see you being so active these days again on the forum, facebook, blog, etc… Can’t say enough about it ;D :-TU

Very good point! It crossed my mind as well… But yeah I bet it was much longer than one day…

I have it installed on my computer in case an application needs it. For security reasons I have disabled Java in browsers. In the rare case I find a website running a Java applet I will enable it for that visit.

CIS has technologies of protection against exploits?

Yes CIS protect you against buffer overflow attack.

Edit: Read more about the exploit protection here: Behaviour Blocker, Network Access, Internet Protection | Internet Security v6.3 (In the advanced settings section) for the rest of the exploits you have sandbox, HIPS protection.

Yes CIS protect you against buffer overflow attack.
[b]Seany007[/b] , thanks. It is one type of attack. And how vulnerabilities of applications?

You are welcome. If you read about it… Buffer overflow is one major attack when it comes to software vulnerabilities…

“As such, buffer overflows cause many software vulnerabilities and form the basis of many exploits.”

Also Comodo has option “Do heuristic command-line analysis for certain applications” as well which will prevent some other exploits. Overall you have a combined protection of CIS so you will get the alert from one protection module or another (that’s the idea). But I always use EMET with CIS to have a better chance at stopping any vulnerabilities in the applications. Also can’t wait for the ExploitShield to work with CIS!