Serious Discussion Deep Instinct | Deep Learning AI Cybersecurity Platform

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,784
This morning, I see a new block by DeepInstinct in reference to Firefox.exe
"...was identified as a remote code injection and is now blocked
Security Engine= Behavioral analysis
Security Module Remote code injection"

probably safe to assume this is a false positive, only my 2d in about 9 months, & IIRC I think the first one was also remote code injection(??). So think this is NOT exactly a false+ as I think the detection is real, but it's "false" in that I need to create an exception for firefox. But also wondering if something changed in how firefox goes online & interacts with the system. I was not running firefox when this popup block appeared, so I assume it was firefox checking for updates...? :unsure: Any other Di users see this...:unsure::unsure:
PS sorry no screen shot snip it as popup was on my hardware win10, and I'm online in VM.

Edit: perhaps of interest, Firefox 122.0.1 and as I said above it was not running, so I clicked its icon to open it, and it open normally and I checked "About" and it opened normally too... :unsure:So that raises some questions in my mind about the Di "detection" / block... :unsure:
 
Last edited:
  • Like
Reactions: Kongo

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,597
This morning, I see a new block by DeepInstinct in reference to Firefox.exe
"...was identified as a remote code injection and is now blocked
Security Engine= Behavioral analysis
Security Module Remote code injection"
Got the same block right now
 
  • Thanks
Reactions: simmerskool

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,784
Got the same block right now
Wow & good, not just me :D

PS I sent an email to cyberforcesecurity. If we both got this popup, then probably 100s or 1000s others did too, and if false+ maybe it will be fixed by Di rather than creating exception.
 
  • Like
Reactions: Kongo

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,784
v. 5.1.0000.8 released

Unfortunately no patchnotes. I just noticed that there is an option now, to add a custom notification for the Deep Instinct alerts.
Yes I saw the same update on Sunday -- it was detected by VS/Cyberlock WhiteListCloud as deepui.exe is not signed. Have not seen the custom notification option -- I have not logged into the cloud management console in many months as DI just works with little or no further input from me :LOL:
:rolleyes:
 

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,784
Does anyone of you know how often a new D-Brain Package is released and whether there is an option to use an older version?
sorry don't know. I've been running DeepInstinct for +16 months, but rarely have any reason to look at its management console, but based on just a few updates to desktop client, not too often. Just guessing. @Kongo might know for sure.
 

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,597
Does anyone of you know how often a new D-Brain Package is released and whether there is an option to use an older version?
D-Brain package? I guess you just mean a new client release. Last update was in early July. You can simply choose which client you want to install within the online dashboard:

Screenshot 2024-09-14 222749.png
 

kamiloxf

Level 1
Apr 3, 2016
36
No, I don't mean the agent version, I mean how often a new model is released that is responsible for the analysis "Similarly" to Cylance protect, their mathematical model is released from time to time
1726346133774.png
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top