New Update Defender Hardening Console Executable

This is one of the cases where Helios will help.

Example: malicious HTA file is not detected by Defender.
Hash: 24ef77b150ff7ebc30d8cb7234fd2cec8a15a58128e8e2441e259b7d3de1e66c

Defender alone would not handle this malware.

Protections: MSHTA is blocked from accessing the web anyway, through Deep Firewall Control.

The script sets persistence.

Response:
View attachment 294617


Remediation terminates the process, deletes the persistence and the initial script (I will update the UI so it doesn't display "Quarantine" but "Process" and displays information what will happen on remediation.

Helios combines expertise in fileless and evasive malware detection with reputation from different providers on executables.

I allowed access to the more common applications. Better you need them than find out you can't run them. Ideally, the console would allow you to enable them as needed on a case by case basis. All or nothing isn't an acceptable default. I priortise convenience over security.