Battle Malwarebytes Premium or Emsisoft Anti-Malware 2021

The_King

The_King

Level 12
Verified
Top poster
Well-known
Aug 2, 2020
560
NewbyUser said:
Yea, I vacillate between using http/ssl scanner to browser extension based products. Not totally convinced SSL scanning is wise.
Click to expand...

Out of all the malware that made some kind of network connection during their infection process, about 23% communicated over HTTPS, either to send or receive data from the C2, or during installation when they may use HTTPS to conceal the fact that they are retrieving malicious payloads or components.

Network traffic encryption is more important for Trojans, especially information stealers. An information stealer’s main goal is to collect as much data about the victim as possible, including sensitive financial information, and remain undetected while doing so. Among our sample set, information stealers made up 16% of the total number of samples tested during the time period.
Click to expand...
Information stealers relied more heavily on HTTPS to communicate than any other type of malware. Even though they make up only a little more than an eighth of the total samples that made any kind of internet connection during their infection process in our analyses, about 44% of the information stealers communicate using TLS over the standard HTTPS ports.
Click to expand...
Using SSL/TLS gives malware the ability to conceal commands sent to the client, hide data exfiltration, or prevent the detection of downloads of additional modules or payloads. In this analysis, we consider any of those activities a use of TLS.
Click to expand...
news.sophos.com

Nearly a quarter of malware now communicates using TLS

Encryption is one of the strongest weapons malware authors can leverage: They can use it to obfuscate their code, to prevent users (in the case of ransomware) from being able to access their files,…
news.sophos.com news.sophos.com
 
  • Like
Reactions: show-Zi, oldschool and Nevi
Nightwalker

Nightwalker

Level 23
Verified
Helper
Top poster
Content Creator
Well-known
May 26, 2014
1,288
Just a little example of how Malwarebytes can be a really good solution for some users considering the nowadays malware scenario, it can proactively protect against this new 0-day attack targeting windows users with microsoft office documents (CVE-2021-40444) and it probably could do with a very old version too, thats the beauty of its anti-exploit protection.

ExploitOfficeWMIblock.png


malwaretips.com

New 0-Day Attack Targeting Windows Users With Microsoft Office Documents

Microsoft on Tuesday warned of an actively exploited zero-day flaw impacting Internet Explorer that's being used to hijack vulnerable Windows systems by leveraging weaponized Office documents. Tracked as CVE-2021-40444 (CVSS score: 8.8), the remote code execution flaw is rooted in MSHTML (aka...
malwaretips.com malwaretips.com

blog.malwarebytes.com

[updated] Windows MSHTML zero-day actively exploited, mitigations required

In-the-wild attacks are exploiting a vulnerability in MSHTML that can load malicious ActiveX controls in Office documents.
blog.malwarebytes.com blog.malwarebytes.com
 
  • Like
  • +Reputation
Reactions: show-Zi, Nevi, dinosaur07 and 5 others

Similar threads

Shadowra
    • Like
    • +Reputation
    • Thanks
Video Malwarebytes Anti-Malware Premium 2022
Replies
14
Views
709
Security and Privacy Videos
Viking
Viking
G
    • Like
Q&A malwarebytes as on-demand scanner while using norton AV
Replies
3
Views
623
Norton
geek166
G
Shadowra
    • Like
    • Thanks
    • +Reputation
Video Emsisoft Anti-Malware 2022
Replies
38
Views
1,620
Security and Privacy Videos
flaubert1971
flaubert1971
Top Bottom