- Jun 12, 2023
- 684
Does kaspersky block the UEFI Bootkit Black Lotus?Does kaspersky block the UEFI Bootkit Black Lotus?
Does kaspersky block the UEFI Bootkit Black Lotus?Does kaspersky block the UEFI Bootkit Black Lotus?
I apologize for the earlier confusing response. To the best of my knowledge, Kaspersky currently does not specifically reference or provide information on the UEFI Bootkit Black Lotus in their threat database. However, Kaspersky's security software is designed to provide advanced protection against a wide range of threats, including Bootkits and other sophisticated forms of malware. Their product portfolio includes multiple layers of protection that work in tandem to prevent and detect malicious activity in real-time, including cloud-assisted protection, behavior-based detection, anti-phishing, and anti-ransomware technologies. Kaspersky also has a dedicated team of researchers who are continuously tracking and analyzing new threats in order to update their security software and provide their customers with the best possible protection.Does kaspersky block the UEFI Bootkit Black Lotus?
Does kaspersky block the UEFI Bootkit Black Lotus?
Also known as PrivateLoader.fake YouTube crack, protected by Norton
I know its really good at detecting things now, speaking as I've looked around for myself for samples, and it detects things extremely well.Also known as PrivateLoader.
It is notoriously evasive but for Kaspersky won't be a problem.PrivateLoader (Malware Family)
According to sekoia, PrivateLoader is a modular malware whose main capability is to download and execute one or several payloads. The loader implements anti-analysis techniques, fingerprints the compromised host and reports statistics to its C2 server.malpedia.caad.fkie.fraunhofer.de
I think @Xeno1234 needs constant reassurance that they've made the right choice.
I know its really good at detecting things now, speaking as I've looked around for myself for samples, and it detects things extremely well.
Only thing I hope its good at are zero day rats/backdoors, I've seen some runtime bypass Kaspersky, but I dont know how well behaivoral detection picks up backdoors/RATs, I just know its amazing at detection other threats.
You have any idea? I think I've got the ressurance I need for general things now
Cool. I've still seen some runtime bypasses with RAT's and stuff, with encryption. However, I think Behavioral detection will help in those cases.Any antivirus can be bypassed, especially if the code is well offended.
Except that some antivirus programs (like ESET, Kaspersky and even Avast) detect in Hexadecimal.
Basically, part of the code will be used to create the anti-malware detection. This way, even if the malware is FUD'd and this part of the code is used, these antivirus programs will continue to detect it.
I've seen this very recently with Avira and F-Secure on inflated fake crackers containing stealers (such as RedLine, Vidar, RacoonSteal, LapsusClipper or PrivateLoader).
Does Kaspersky protect against malicious archives if scanning archives is turned off?Sorry I couldn't contact the ChatGPT think tank
No, Kaspersky will not provide protection against malicious archives if scanning archives is turned off. Scanning archives is an important feature in antivirus software that helps detect and remove malware hidden within compressed files. By disabling this feature, you may leave your system vulnerable to malware that is concealed within archived files. It is generally recommended to keep the scanning of archives enabled in your antivirus software to ensure comprehensive protection against potential threats.Does Kaspersky protect against malicious archives if scanning archives is turned off?
By default does Kaspersky scan archives on access?No, Kaspersky will not provide protection against malicious archives if scanning archives is turned off. Scanning archives is an important feature in antivirus software that helps detect and remove malware hidden within compressed files. By disabling this feature, you may leave your system vulnerable to malware that is concealed within archived files. It is generally recommended to keep the scanning of archives enabled in your antivirus software to ensure comprehensive protection against potential threats.
Yes, by default, Kaspersky scans archives on access. This means that when you access or open an archive file, such as a ZIP or RAR file, Kaspersky will automatically scan its contents for any potential threats. This feature is designed to provide real-time protection against malware that may be hidden within compressed files. It is recommended to keep this feature enabled to ensure that your system is continuously protected against potential threats.By default does Kaspersky scan archives on access?
By default does Kaspersky scan archives whenever you obtain them on your pc?Yes, by default, Kaspersky scans archives on access. This means that when you access or open an archive file, such as a ZIP or RAR file, Kaspersky will automatically scan its contents for any potential threats. This feature is designed to provide real-time protection against malware that may be hidden within compressed files. It is recommended to keep this feature enabled to ensure that your system is continuously protected against potential threats.
Apologies for the confusion earlier. By default, Kaspersky does not scan archives whenever you obtain them on your PC. However, it does provide options to enable scanning of archives during manual scans or scheduled scans. If you want to ensure that archive files are scanned upon obtaining them, it is recommended to configure Kaspersky to scan archives as part of your regular scan settings. This way, you can have better protection against potential threats hidden within compressed files.By default does Kaspersky scan archives whenever you obtain them on your pc?
Yes... You may try to disable WebAV, download a malware exe file, once the browser ends the download, the malware should be caught by FileAV module.By default does Kaspersky scan archives whenever you obtain them on your pc?
I saw a post a while back where a malicious archive (which by default isnt scanned by file av) was detected by the kaspersky scan but not post execution for some reason, thats why I was asking.Yes... You may try to disable WebAV, download a malware exe file, once the browser ends the download, the malware should be caught by FileAV module.
You can change the behavior:
View attachment 276978
What new files are scanned by changing it to all files?By default, not all the files are scanned, only those which are susceptible to be infected. This is controlled in:
View attachment 276980
Ahh - ok, Including Archives?