Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
Comodo Firewall 10 vs WannaCry Ransomware
Message
<blockquote data-quote="Andy Ful" data-source="post: 632670" data-attributes="member: 32260"><p>I am not sure if Comodo can stop EternalBlue & DoublePulsar worm <strong>remote attack</strong>. There are some reasons for that, so I opened the new thread:</p><p><a href="https://malwaretips.com/posts/632004/" target="_blank">Is that true, that default deny security solutions can stop the EternalBlue & DoublePulsar attacks?</a></p><p>EternalBlue worm drops DLLs on disk of target machine, but they are injected in Ring 0, so any program can have problems with catching this. The injection process of DoublePulsar Dll is known (see the above link), and it is very unusual. If the EternalBlue uses the similar technique, then things are even worse.<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite111" alt=":(" title="Frown :(" loading="lazy" data-shortname=":(" /></p><p>It would be helpful if someone could perform the metasploit remote attack (with EternalBlue & DoublePulsar) directed to the machine secured by CF.<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite120" alt="o_O" title="Er... what? o_O" loading="lazy" data-shortname="o_O" /></p></blockquote><p></p>
[QUOTE="Andy Ful, post: 632670, member: 32260"] I am not sure if Comodo can stop EternalBlue & DoublePulsar worm [B]remote attack[/B]. There are some reasons for that, so I opened the new thread: [URL='https://malwaretips.com/posts/632004/']Is that true, that default deny security solutions can stop the EternalBlue & DoublePulsar attacks?[/URL] EternalBlue worm drops DLLs on disk of target machine, but they are injected in Ring 0, so any program can have problems with catching this. The injection process of DoublePulsar Dll is known (see the above link), and it is very unusual. If the EternalBlue uses the similar technique, then things are even worse.:( It would be helpful if someone could perform the metasploit remote attack (with EternalBlue & DoublePulsar) directed to the machine secured by CF.o_O [/QUOTE]
Insert quotes…
Verification
Post reply
Top