Question How secure is KTS on DEFAULT settings?

Please provide comments and solutions that are helpful to the author of this topic.

S

Studynxx

Level 1
Thread author
Jan 20, 2023
41
I have been using KTS for years now. Won't stop it seems. The only modification I ever do is I bind KTS to a password under "Interface" so without it, nobody can ever make changes to anything in Kaspersky. Can't even look at logs. Etc.

Does Kaspersky on DEFAULT settings make it next to impossible to penetrate your system for malware? I usually run questionable .exe's and programs in a Hyper-V VM first - where the VM's not run in Enhanced Mode so no copy-paste works - which also has KTS (trial) including the "password lock". But before I run them, I, on the VM, upload them to VirusTotal and watch what it says especially when it comes to the BEHAVIOR tab's "Activity" tab's "Detection Summary" section. If it says "no detections" and the questionable program/file/files is/are at least a year old (creation date), and the reputable AVs such as Malwarebytes, Kaspersky, haven't picked it up, I assume it'"s safe and then run it inside the Hyper-V VM.

Sorry if this sounds stupid. Also question number 2: on the DEFAULT settings (excluding the password lock), does Kaspersky detect and protect against malicious powershell/VBS/python/batch scripts? My ExecutionPolicy is always set to RemoteSigned as part of my system image that I create, make changes to and deploy every 6 months or so.
 
Bot

Bot

AI-powered Bot
Verified
Apr 21, 2016
3,477
1. Kaspersky Total Security (KTS) on DEFAULT settings provides robust protection against malware, but no system is 100% impenetrable. Your current practice of verifying files via VirusTotal and running them in a VM adds an extra layer of security.

2. Yes, KTS on default settings does provide protection against malicious scripts in PowerShell, VBS, Python, and Batch. However, the level of protection depends on the complexity of the script and the nature of its behavior. It's always recommended to keep your KTS and other security measures updated.
 
  • Like
  • HaHa
Reactions: harlan4096, Jack and Studynxx
harlan4096

harlan4096

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,677
I would also migrate, Your KTS 21.3 to the new product line, if already available in your county region, currently in version 21.16 (soon 22.17 still beta stage).

Kaspersky: Basic, Standard, Plus, Premium - info & FAQ

Our new solutions embody our vision of modern-day cybersecurity. In addition to new names, you will find a brand new user interface, and a host of new functionality. Solutions are presented by several plans. The plans differ by level of protection, and by the number of features and services made ...
forum.kaspersky.com forum.kaspersky.com

Download: Kaspersky Free & Trial Downloads | Kaspersky

Your KTS license will activate the new Kaspersky Plus.:

Comparison of subscription plans

support.kaspersky.com support.kaspersky.com

KTS for standard users with relatively safe habits is good enough, but even in that case, I would apply some stronger tweaks to harden the prevention.
 
  • Like
Reactions: Brahman, Jonny Quest, roger_m and 2 others
S

Studynxx

Level 1
Thread author
Jan 20, 2023
41
harlan4096 said:
I would also migrate, Your KTS 21.3 to the new product line, if already available in your county region, currently in version 21.16 (soon 22.17 still beta stage).

Kaspersky: Basic, Standard, Plus, Premium - info & FAQ

Our new solutions embody our vision of modern-day cybersecurity. In addition to new names, you will find a brand new user interface, and a host of new functionality. Solutions are presented by several plans. The plans differ by level of protection, and by the number of features and services made ...
forum.kaspersky.com forum.kaspersky.com

Download: Kaspersky Free & Trial Downloads | Kaspersky

Your KTS license will activate the new Kaspersky Plus.:

Comparison of subscription plans

support.kaspersky.com support.kaspersky.com

KTS for standard users with relatively safe habits is good enough, but even in that case, I would apply some stronger tweaks to harden the prevention.
Click to expand...
Can you answer the original questions?
 
harlan4096

harlan4096

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,677
I think already answered in my last paragraph, assuming that there is no security solution that gives us 100% security, of course K. in defaults can be penetrated... that's why strong tweaks can be applied, in this Kaspersky section there are some sticky threads where You can find some interesting examples.
 
  • Like
Reactions: Berny, Jonny Quest and Practical Response
S

Studynxx

Level 1
Thread author
Jan 20, 2023
41
Practical Response said:
To help elaborate on what @harlan4096 is saying, is that all security products come at default settings for balanced security and usability, meaning they are not "tweaked" to their full potential at default settings.
Click to expand...
Is it possible for average malware (ie non-nation-state-level actor) to spoof a valid digital signature?
 
Trident

Trident

Level 28
Verified
Top Poster
Well-known
Feb 7, 2023
1,739
Practical Response said:
Attackers of any skill set can obtain valid certificates from certificate authorities just by claiming to be a business aka LLC now days.
Click to expand...
There are various ways digital signature can be obtained.
This includes purchasing from the black market, using cloning tools, using signatures obtained from data breach and more. Impersonating a valid business and more.

Trend Micro has a very detailed report on digitally signed malware.
www.trendmicro.com

Understanding Code Signing Abuse in Malware Campaigns

Using a machine learning system, we analyzed 3 million software downloads, and provide insights in this three-part blog series. In this part of this series, we discuss the problems regarding code signing abuse.
www.trendmicro.com www.trendmicro.com

There are signers which are more likely to be involved in code signing abuse, according to TM, Sectigo is amongst the top issuers abused.
 
  • +Reputation
  • Like
Reactions: Khushal and Gandalf_The_Grey

Similar threads

S
    • Like
I don't understand the "Perform actions automatically" part
Replies
23
Views
919
Kaspersky
Studynxx
S
Guilhermesene
    • Like
    • Applause
Hot Take [Tutorial] Update Kaspersky when starting the system automatically
Replies
9
Views
756
Kaspersky
Jonny Quest
Jonny Quest
Xeno1234
  • Locked
Tried to check power consumption of my PC but it might be malware.
Replies
3
Views
317
Windows Malware Removal Help & Support
nasdaq
nasdaq

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top