Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
"Bypassing" NoVirusThanks EXE Radar Pro
Message
<blockquote data-quote="Emmanuellws" data-source="post: 619634" data-attributes="member: 60108"><p>Guys don't panic. Look at Panda's bypassed video comment section. They are a Cylance and CB reseller as well. Finally, the actual weakness is in Windows 7 and it's Powershell version 1.0 or 2.0 - all product will fail as they will use all types of powershell attack tools and will always bypass...if not file based, fileless will work as well, after I mentioned about "Invoke Obfuscation" powershell method Carbon Black won't be able to block as well, look at their answers....they still need to combine with Logrhythm or CyberShark to detect. Don't worry guys....trust your own product. Look at this video then you will understand...no security product at this moment can 100% protect you against advanced powershell attack especially fileless based attack. If only their video ran on Windows 10, disable Powershell 2.0, enable Windows Defender, enable your product...if run the exact same attack from the current video of your product...it will fail to bypass..but of course, if they were to reproduce another video running on windows 10, they will surely leverage the attack to another level.</p><p></p><p>If your product is running on Windows 10 or server 2016, disable Powershell 2.0, running fully on Powershell version 5, setup logging in Events, GPO, setup Logrhythm/Cybershark or other similar tools, install your product ensure support AMSI, Enable Windows Defender and secure it.. then you are protected from the most advanced powershell attack...except invoke Obfuscation Powershell Attack which needs close monitoring on your networks and system event.</p><p></p><p>[MEDIA=youtube]_8yBjg7bRLo[/MEDIA]</p></blockquote><p></p>
[QUOTE="Emmanuellws, post: 619634, member: 60108"] Guys don't panic. Look at Panda's bypassed video comment section. They are a Cylance and CB reseller as well. Finally, the actual weakness is in Windows 7 and it's Powershell version 1.0 or 2.0 - all product will fail as they will use all types of powershell attack tools and will always bypass...if not file based, fileless will work as well, after I mentioned about "Invoke Obfuscation" powershell method Carbon Black won't be able to block as well, look at their answers....they still need to combine with Logrhythm or CyberShark to detect. Don't worry guys....trust your own product. Look at this video then you will understand...no security product at this moment can 100% protect you against advanced powershell attack especially fileless based attack. If only their video ran on Windows 10, disable Powershell 2.0, enable Windows Defender, enable your product...if run the exact same attack from the current video of your product...it will fail to bypass..but of course, if they were to reproduce another video running on windows 10, they will surely leverage the attack to another level. If your product is running on Windows 10 or server 2016, disable Powershell 2.0, running fully on Powershell version 5, setup logging in Events, GPO, setup Logrhythm/Cybershark or other similar tools, install your product ensure support AMSI, Enable Windows Defender and secure it.. then you are protected from the most advanced powershell attack...except invoke Obfuscation Powershell Attack which needs close monitoring on your networks and system event. [MEDIA=youtube]_8yBjg7bRLo[/MEDIA] [/QUOTE]
Insert quotes…
Verification
Post reply
Top
