cruelsister

Level 36
Content Creator
Trusted
Verified
Noticing that McAfee has come out with a new build of Cloud AV, just thought that a revisit was in order to determine if the problems with the Cloud sync were resolved.
Please note that Panda Cloud AV was included in the video more as a baseline than a comparison.

 

cruelsister

Level 36
Content Creator
Trusted
Verified
Nothing Proactive at all, and even the Tesla detection was reactive and not proactive.

Consider that Tesla is a ransomware type that will spawn its payload (usually somewhere in App Data), and immediately after the spawning is coded to self-delete. Note that in the video the detection happened about 12 seconds after the malware file was executed- when the Tesla icon vanished this was a function of the suicide coding of the malware and not anything that McAfee accomplished. The Tesla detection was for the original vector that no longer existed anyway and the actual spawned payload was ignored and was allowed to encrypt the files.

The time lag that was seen is totally inexcusable in any Cloud based security product, and especially bad here since McAfee has been incorporating a cloud compnent in their Enterprise products since 2012.
 

Moose

Level 22
Pre-moderated
Salutations,

> What is your opinion on Voodoo Shield? Anyone?
> Your current security software set-up for Windows 10?
> And how do you deal with scripts ect? Yourself? Detection and cleaning?

Kind regards, M;)
 
H

hjlbx

Salutations,

> What is your opinion on Voodoo Shield? Anyone?
> Your current security software set-up for Windows 10?
> And how do you deal with scripts ect? Yourself? Detection and cleaning?

Kind regards, M;)
VooDooShield is being actively developed. Current version will protect against scripts by blocking interpreters. Can whitelist safe command lines.

Don't use W10. It isn't ready...

Comodo or anti-executable to deal with scripts. Easiest, most user-friendly option is NVT ERP.

@Moose... you already know this stuff...
 
  • Like
Reactions: Moose