[AV-Comparatives] Proactive protection against the WannaCry ransomware

[Evjl's Rain]

It would be interesting to see WD's behavior here, in the case of the static detection fails.

https://malwaretips.com/threads/w-anna-cry-v2.71397/#post-630017

it's not easy to do a test with WD now because it's very likely to detect all samples by signatures. If we test it with the outdated signatures, if it triggers the cloud, it would block it, maybe
the best way to test it is to wait until there is a brand new variant which is undetected by either signatures or cloud

 

[orphyone]

Eset not protected, very surprising.

Just throwing this out there, most if not all Sys Admins should be applying GP as such:

Disable SMB v1 in Managed Environments with Group Policy

SMBv1 always known to be flawed and thus is part of a lot of these dumps.

 

[Maxxx58]

I cannot believe ESET is out of the game My decision switch from ESET to Kaspersky seems right

 

[Davidov]

One day, it will be disappointing, and no one is 100 percent at all. Next time, Kaspersky does not have to capture any kind of energy.

 

[ravi prakash saini]

the most solid defence ,in my personal experience, against any kind of malware or ransomware or whatever they are called are user account control and smart screen and no body has posted any result if they are breached or not.

 

[Arin]

One day, it will be disappointing, and no one is 100 percent at all. Next time, Kaspersky does not have to capture any kind of energy.

ummm but kaspersky is the nightmare of all cyber criminals.
Kaspersky is our hero.
Don't underestimate the power of kaspersky.

 

[Winter Soldier]

ummm but kaspersky is the nightmare of all cyber criminals.
Kaspersky is our hero.
Don't underestimate the power of kaspersky.

Sure, but I think what he meant is that no product is invincible and 100% secure, and keep in mind that this is the eternal struggle between the sword and the shield, and so always it will be.

 

[Windows Defender Shill]

Microsoft 10 Smart Screen should be able to detect, to the point where the user would be very aware they are running a risky file.

Or if set to block would not even give you the option.

Not even gonna mention the App lockdown settings Windows gives us now.

 

[Winter Soldier]

Microsoft 10 Smart Screen should be able to detect, to the point where the user would be very aware they are running a risky file.

You are right, indeed the problem is that for some users the default reply is "Run Anyway"

 

[spaceoctopus]

True,nothing is perfect,even Kaspersky which is a top product.Remembering some time ago when they discovered a malware that infiltrated,and was lingering in their core infrastructures.Despite the high level of security at that level.Proof that nothing is 100% sure and effective.

 

[Parsh]

True,nothing is perfect,even Kaspersky which is a top product.Remembering some time ago when they discovered a malware that infiltrated,and was lingering in their core infrastructures.Despite the high level of security at that level.Proof that nothing is 100% sure and effective.

That alleged Duqu 2.0 based fileless malware resided for quite some time in their machines when they suspected unusual network activity.
That was a malware of a state-sponsored cyberattack level and detecting it ultimately helped them understand and analyse their technique to be prepared, and avoid spoofing in ways they understood.

 

[spaceoctopus]

That alleged Duqu 2.0 based fileless malware resided for quite some time in their machines when they suspected unusual network activity.
That was a malware of a state-sponsored cyberattack level and detecting it ultimately helped them understand and analyse their technique to be prepared, and avoid spoofing in ways they understood.

Yes, it was what i was talking about.But the interesting thing in this case,is instead of attacking individual Pcs, someone could attack any security provider in it's main infrastructures and compromise every computers connected to it.Just seeing the case of Wannacry, it seems almost everything is possible.

 

[Game Of Thrones]

True,nothing is perfect,even Kaspersky which is a top product.Remembering some time ago when they discovered a malware that infiltrated,and was lingering in their core infrastructures.Despite the high level of security at that level.Proof that nothing is 100% sure and effective.

this is good! because the vendors that get hit by something like this will do better in the future to defend their infrastructures. many other even do not know that they are compromised. finding this kind of issues will help them to make better tactics.

 

[Parsh]

this is good! because the vendors that get hit by something like this will do better in the future to defend their infrastructures. many other even do not know that they are compromised. finding this kind of issues will help them to make better tactics.

True said! That's one occurrence that Kaspersky could actually benefit in terms of learning and being prepared, for themselves and their clients. You never can be sure if you're clean, and getting to know in itself is a feat.
Eventually, they would bring some radical improvement in strategies to deal with potential fileless malware and targeted attacks.
Against such fileless malware that Kaspersky reported in many financial institutes and enterprises, Kaspersky has implemented plans like their Anti-Targeted Attack Platform for advanced analysis and detection of such attacks.

 

[Maxxx58]

I agree no AV can sure 100%. But Kaspersky seems meet my taste. I also love ESET before, but it seems weak when detecting unknown threats. And the strongest, I think, is my experience

 

[amico81]

ESET has strong signatures but the HIPS is on default useless. I think too Kaspersky is the superstar of the av's

 

[Maxxx58]

Kaspersky on my computer just showed that

 

[robin hood]

I can't see 360TS.How good is 360TS vs wanna cry?

 

[mekelek]

I can't see 360TS.How good is 360TS vs wanna cry?

very very very weak

 

[robin hood]

very very very weak

I have and ZAL as a supplement.It should be enough