Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Security Statistics and Reports
Cybersecurity: Defense Against the Latest Attacking Techniques in the ATP Test (February 2024)
Message
<blockquote data-quote="Victor M" data-source="post: 1084636" data-attributes="member: 96560"><p>All the techniques either use jscript or Powershell .( Read the info on each Scenario accompanying any vendor ) I never use Powershell nor jscript. So I block them. Your AV should be configurable to do the same. ( If not, then you should choose a product that has configurable rules ) If your AV has a Enable switch, then you can selectively disable the Block for instances when you do need them. There is Nothing in Windows that uses Powershell nor jscript, at least not in Settings and Control Panel, so you won't disrupt Windows in any way.</p><p></p><p>The only benefit when you employ those specific AV's mentioned in the test, is that they Might be able to remove the thing; depending on how they recognize it. Do your hardening and these attacks will be stopped. So what if an artifact remains, it is rendered harmless.</p><p></p><p>Most of the scenarios start off with a download from email attachment. So good secure habits plays a Very important part - you will be able to stop the attacks at stage 1. But, email attachments is only the Current favorite delivery method; and new methods will be discovered. So hardening is an important 2nd security layer that would stop the attacks, if stage 1 succeeds.</p></blockquote><p></p>
[QUOTE="Victor M, post: 1084636, member: 96560"] All the techniques either use jscript or Powershell .( Read the info on each Scenario accompanying any vendor ) I never use Powershell nor jscript. So I block them. Your AV should be configurable to do the same. ( If not, then you should choose a product that has configurable rules ) If your AV has a Enable switch, then you can selectively disable the Block for instances when you do need them. There is Nothing in Windows that uses Powershell nor jscript, at least not in Settings and Control Panel, so you won't disrupt Windows in any way. The only benefit when you employ those specific AV's mentioned in the test, is that they Might be able to remove the thing; depending on how they recognize it. Do your hardening and these attacks will be stopped. So what if an artifact remains, it is rendered harmless. Most of the scenarios start off with a download from email attachment. So good secure habits plays a Very important part - you will be able to stop the attacks at stage 1. But, email attachments is only the Current favorite delivery method; and new methods will be discovered. So hardening is an important 2nd security layer that would stop the attacks, if stage 1 succeeds. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
