Don't worry too much about these PoCs. Security products often fail against targeted attacks or attacks that exploit a product's design. Every other antivirus fails consistently in
@cruelsister's tests of PoCs and malicious samples. However, most modern and reputable products can still protect you effectively, especially those with default-deny setups.
Let's not discuss Comodo in
@Shadowra's thread.
Only a highly skilled pentest against a network and information systems with the security software installed to protect that network on the systems therein will give anybody an accurate and reliable notion of how effective that security software actually is.
The whole youtuber test methodology of "I executed a malware pack or I downloaded a file from the internet and executed it and entered a malicious URL to see what happens" is so misleading. It creates a one-dimensional narrative of security software capability and quality that is completely false overall.
It is "users that want to use stuff" testing, which is complete nonsense from a security perspective. To protect a system from "users that want to use stuff" is an exercise in utter futility. A bypass is assured despite the security software placing first in the test video ranking system.
Change the sample set and the ranking order will be different. It will change with every different set of samples.
POCs. Well they are just POCs until they aren't, and they're actively used as part of a malicious campaign. The POCs stolen from the US government were the basis of an entire slew of malware campaigns over the years.
People getting so upset about what is posted about software. I think it is hilarious. Great entertainment. Shows people for what they really are.
help.gridinsoft.com
:/
