Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
Kaspersky Endpoint Security 11 vs CXK-NMSL ransomware
Message
<blockquote data-quote="MacDefender" data-source="post: 872615" data-attributes="member: 83059"><p>Hah, I guess it's starting to gain a little popularity.... I picked 7z for my fake malware but that's my lack of creativity. Using certutil is kind of cute.</p><p></p><p>On Linux/macOS, it's really common these days that either python or the openssl command is used to achieve either de-obfuscation or outright cryptoransom.</p><p></p><p>This is going to be a new area of challenge for behavior blockers / dynamic protection to understand. Combined with the ability to obfuscate scripts themselves, IMO this <strong>has to be </strong>handled by dynamic protection, not just some sort of static scanner or even a fancy signature scanner.... Looking forward to see what vendors come up with!</p></blockquote><p></p>
[QUOTE="MacDefender, post: 872615, member: 83059"] Hah, I guess it's starting to gain a little popularity.... I picked 7z for my fake malware but that's my lack of creativity. Using certutil is kind of cute. On Linux/macOS, it's really common these days that either python or the openssl command is used to achieve either de-obfuscation or outright cryptoransom. This is going to be a new area of challenge for behavior blockers / dynamic protection to understand. Combined with the ability to obfuscate scripts themselves, IMO this [B]has to be [/B]handled by dynamic protection, not just some sort of static scanner or even a fancy signature scanner.... Looking forward to see what vendors come up with! [/QUOTE]
Insert quotes…
Verification
Post reply
Top