Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
Scriptor Infection Who You Gonna Call?
Message
<blockquote data-quote="cruelsister" data-source="post: 432463" data-attributes="member: 7463"><p>First off, thank you for your kind words! Presenting the Videos is my pleasure, and Jack should get the main Thanks for having this forum and allowing me to do so.</p><p></p><p>Regarding SEP- It's curious that SEP was mentioned as I've been giving it much thought recently. Norton/Symantec is the one product line that would benefit the most from the Windows 10 AMSI module since they have horrid Scriptor detection ability. This actually makes sense when you consider that on the corporate level scripts are commonly used to automate processes across the Network; and i order to avoid false positives, Symantec made a decision to allow just about any Script to run without any further thought.</p><p></p><p>This decision has led to a number of severe breaches (those at Home Depot, Target, and a few other places not made public I was personally involved in) caused by simple (although elegantly) coded Scriptors. There are some that may say SEP wasn't set up properly, but as Symantec personnel set up the software themselves this argument is certainly not valid.</p><p></p><p>But as to using SEP on a Home system, it is a grave mistake to be using an Unmanaged installation, and I'm not at all surprised that Umbra has moved on. There are just too many Tricks and Tweaks to be done to make the protection passable, and even with these SEP falls short. Also, as both Norton and Symantec share essentially the same definition database the Norton Home user also is prone to Scriptor infection. </p><p></p><p>I'm in the process of coding a Scriptor that I mentioned in passing previously (a worm that that targets files on Removable drives), so perhaps I should run it on a Norton protected system.</p></blockquote><p></p>
[QUOTE="cruelsister, post: 432463, member: 7463"] First off, thank you for your kind words! Presenting the Videos is my pleasure, and Jack should get the main Thanks for having this forum and allowing me to do so. Regarding SEP- It's curious that SEP was mentioned as I've been giving it much thought recently. Norton/Symantec is the one product line that would benefit the most from the Windows 10 AMSI module since they have horrid Scriptor detection ability. This actually makes sense when you consider that on the corporate level scripts are commonly used to automate processes across the Network; and i order to avoid false positives, Symantec made a decision to allow just about any Script to run without any further thought. This decision has led to a number of severe breaches (those at Home Depot, Target, and a few other places not made public I was personally involved in) caused by simple (although elegantly) coded Scriptors. There are some that may say SEP wasn't set up properly, but as Symantec personnel set up the software themselves this argument is certainly not valid. But as to using SEP on a Home system, it is a grave mistake to be using an Unmanaged installation, and I'm not at all surprised that Umbra has moved on. There are just too many Tricks and Tweaks to be done to make the protection passable, and even with these SEP falls short. Also, as both Norton and Symantec share essentially the same definition database the Norton Home user also is prone to Scriptor infection. I'm in the process of coding a Scriptor that I mentioned in passing previously (a worm that that targets files on Removable drives), so perhaps I should run it on a Norton protected system. [/QUOTE]
Insert quotes…
Verification
Post reply
Top