Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
Of LoLBins, 0 Days, and ESET (Part 2)
Message
<blockquote data-quote="ForgottenSeer 107474" data-source="post: 1084043"><p>When following real world procedures (like AV-test and AV-comparatives) most AV's have near perfect scores. The point Cruel Sister was making in her first video is that allowing a dropper through a LoLbin is a considerable risk factor (you don't know whether the downloaded file is good or bad). Her (in my opinion correct) warning that ESET could do better, triggered a bombardment of critisism that the file dropped was not really malicious. That is why she posted the second video (which dropped something harmefull and bricked user files).</p><p></p><p>Now they are critising [USER=7463]@cruelsister[/USER] 's video again with the arrgument that it did not come through the "front door". That argument in itself is valid. People can't be infected out of nowhere. But for average PC users the most common routes of infection through the 'front door" are responding to an email with either a prize or an tax invoice. The trick is to trigger an emotion (greed, anger and fear work the best). Another often used rout eof infection is an average home users being redirected to websites looking like an antivirus telling you are infected (using the fear emotion) and you need to download something.</p><p></p><p>So getting through the front door is trival, but even using the front door approach ESET has its limitations (and CS video shows why they probably missed the 1.8 percent of tthe "in the wild samples, using real world scenario's" in the picture below).</p><p></p><p>[ATTACH=full]282949[/ATTACH]</p><p></p><p>But as @Showdara posted, it just confiorms his experience.</p></blockquote><p></p>
[QUOTE="ForgottenSeer 107474, post: 1084043"] When following real world procedures (like AV-test and AV-comparatives) most AV's have near perfect scores. The point Cruel Sister was making in her first video is that allowing a dropper through a LoLbin is a considerable risk factor (you don't know whether the downloaded file is good or bad). Her (in my opinion correct) warning that ESET could do better, triggered a bombardment of critisism that the file dropped was not really malicious. That is why she posted the second video (which dropped something harmefull and bricked user files). Now they are critising [USER=7463]@cruelsister[/USER] 's video again with the arrgument that it did not come through the "front door". That argument in itself is valid. People can't be infected out of nowhere. But for average PC users the most common routes of infection through the 'front door" are responding to an email with either a prize or an tax invoice. The trick is to trigger an emotion (greed, anger and fear work the best). Another often used rout eof infection is an average home users being redirected to websites looking like an antivirus telling you are infected (using the fear emotion) and you need to download something. So getting through the front door is trival, but even using the front door approach ESET has its limitations (and CS video shows why they probably missed the 1.8 percent of tthe "in the wild samples, using real world scenario's" in the picture below). [ATTACH type="full" alt="1713712519863.png"]282949[/ATTACH] But as @Showdara posted, it just confiorms his experience. [/QUOTE]
Insert quotes…
Verification
Post reply
Top