Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Comodo
CIS 2025 is now LIVE!
Message
<blockquote data-quote="Trident" data-source="post: 1098051" data-attributes="member: 99014"><p>In general, blocking threats as early as possible is always recommended. Any solution that allows you to run malware (be it contained) and then dwells on this malware, desperately trying to take a decision if it should be remediated or not, exposes your system and information to a risk, and is not optimal. Ask a few IT professionals and they will tell you the same -- even executing malware on virtual machines without the proper hardware enforcement measures in place is <strong>not recommended</strong>. Maybe it will be fine for a while, maybe not for a while, but for 5, 10,15 years,. One day, disaster will happen. The aim of cyber security is to act pro-actively, not reactively.</p><p>It is also recommended to apply additional security at the door, which in terms of sophisticated attacks, most frequently is your email inbox.</p><p></p><p>In some cases, allowing the malware to run may be necessary, as attackers will always target pre-execution prevention methods first.</p><p>Although many attempts to evade pre-execution analysis would fail, some would succeed.</p><p></p><p>Behavioural blocking systems, containment (there are different implementations of that), traffic control would reduce the potential damage.</p><p><strong>This should be the last line of defence.</strong></p><p>Once malware has managed to run, without proper, very resource-intensive forensics analysis, often made impossible due to lost attack artefacts, <strong>no business or individual</strong> can guarantee that your information and system are not compromised in any way. Unless you have deployed some sort of attack investigation previously (such as EDR) and even that's not guarantee. If anyone is making claims how "malware is executed and system is 100% safe", these people are simply dishonest.</p><p></p><p>In some very complex attacks (that will not target you), just downloading the file subjects it to various parsers (icon viewers, preview generators) and this has been enough to exploit Windows vulnerabilities, without the file ever having to be executed. However, this is extremely rare but outlines the importance of more robust methods.</p><p></p><p>[USER=114717]@bazang[/USER] Dude I told you many times that I understand your arguments and accept them. Not sure why it is so difficult for you to understand what I'm saying. I do not want any improvements in Comodo -- I do not use Comodo.</p></blockquote><p></p>
[QUOTE="Trident, post: 1098051, member: 99014"] In general, blocking threats as early as possible is always recommended. Any solution that allows you to run malware (be it contained) and then dwells on this malware, desperately trying to take a decision if it should be remediated or not, exposes your system and information to a risk, and is not optimal. Ask a few IT professionals and they will tell you the same -- even executing malware on virtual machines without the proper hardware enforcement measures in place is [B]not recommended[/B]. Maybe it will be fine for a while, maybe not for a while, but for 5, 10,15 years,. One day, disaster will happen. The aim of cyber security is to act pro-actively, not reactively. It is also recommended to apply additional security at the door, which in terms of sophisticated attacks, most frequently is your email inbox. In some cases, allowing the malware to run may be necessary, as attackers will always target pre-execution prevention methods first. Although many attempts to evade pre-execution analysis would fail, some would succeed. Behavioural blocking systems, containment (there are different implementations of that), traffic control would reduce the potential damage. [B]This should be the last line of defence.[/B] Once malware has managed to run, without proper, very resource-intensive forensics analysis, often made impossible due to lost attack artefacts, [B]no business or individual[/B] can guarantee that your information and system are not compromised in any way. Unless you have deployed some sort of attack investigation previously (such as EDR) and even that's not guarantee. If anyone is making claims how "malware is executed and system is 100% safe", these people are simply dishonest. In some very complex attacks (that will not target you), just downloading the file subjects it to various parsers (icon viewers, preview generators) and this has been enough to exploit Windows vulnerabilities, without the file ever having to be executed. However, this is extremely rare but outlines the importance of more robust methods. [USER=114717]@bazang[/USER] Dude I told you many times that I understand your arguments and accept them. Not sure why it is so difficult for you to understand what I'm saying. I do not want any improvements in Comodo -- I do not use Comodo. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
