- May 9, 2024
- 129
The only almost unbeatable thing is my technique at prevention. Containing everything for analysis. Comodo didn't contain everything but almost everything.
What is your solutionThe only almost unbeatable thing is my technique at prevention. Containing everything for analysis. Comodo didn't contain everything but almost everything.
yes. as explained in the video. now lets hope they dont take another 3~4 years to bring this fix into cis...Yes. There are two settings :
- Monitor DLL files being loaded by running processes (Enabled).
- Auto-block unknown DLL file(s) from being loaded by processes (Enabled).
View attachment 287714
When the benign EXE file (vulnerable to DLL hijacking) is executed, Xcitium monitors loaded DLL and blocks if it is Unknown.
Comodo (CIS) still does not monitor loaded DLLs, so it cannot block DLL hijacking attacks.
yes. as explained in the video. now lets hope they dont take another 3~4 years to bring this fix into cis...![]()
theyre new. according with a mod there its a new option added to prevent these kind of problem exposed on my videos. i dont know when exacly they added it but its new.@Sandbox Breaker - DFIR, If I'm right, you use Xcitium. Can you confirm if the settings below are old or new?
Monitor DLL files being loaded by running processes
Auto-block unknown DLL file(s) from being loaded by processes
I dropped Xcitium. Sorry. And with reason.@Sandbox Breaker - DFIR, If I'm right, you use Xcitium. Can you confirm if the settings below are old or new?
Monitor DLL files being loaded by running processes
Auto-block unknown DLL file(s) from being loaded by processes
It is not clear from the staff's reply if those settings are old or new. He states they are looking into the issue and then directs you to those settings, mentioning the settings are there for such situations but disabled by default to avoid false positive cases.theyre new. according with a mod there its a new option added to prevent these kind of problem exposed on my videos. i dont know when exacly they added it but its new.
My solution is not for daily usage but rather than malware analysis. Sandboxing everything then analyze it in containment.What is your solution
or the solutions you rely on for protection.
And thank you.