Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
(Sandboxed) Windows Defender vs Zero Day Malware
Message
<blockquote data-quote="Andy Ful" data-source="post: 775676" data-attributes="member: 32260"><p>The concept "zero-day malware" was used for many years, but as [USER=56349]@Lockdown[/USER] mentioned, in the context of exploits. At present it is accepted to use it in the context of general malware:</p><p>"Zero-day <a href="https://www.britannica.com/technology/malware" target="_blank">malware</a> is hostile computer <a href="https://www.britannica.com/technology/software" target="_blank">software</a>, such as viruses or <a href="https://www.britannica.com/technology/trojan-computing" target="_blank">Trojan horses</a>, that is not yet detectable by antivirus programs. "</p><p><a href="https://www.britannica.com/topic/advanced-persistent-threat" target="_blank">Advanced persistent threat | information technology</a></p><p></p><p>Yet, the term "zero-day attack", seems to be realated only to exploits.</p><p>Sometimes it is hard to understand the meaning of "zero-day malware" terminology:</p><p></p><p><span style="font-size: 18px"><strong>"Mark Russinovich</strong></span></p><p><span style="font-size: 22px"><strong>WORKSHOP - Zero Day Malware Cleaning with the Sysinternals Tools</strong></span></p><p> </p><p>Learn how to analyze and clean <span style="color: rgb(0, 168, 133)">zero day malware</span> using the Sysinternals tools directly from their author, including Process Monitor, Process Explorer, and Autoruns. By enabling deep inspection and control of processes, file system and registry activity, and autostart execution points, these utilities are useful for everything from day-to-day computer maintenance to advanced system and application troubleshooting. The tools are especially effective for <span style="color: rgb(0, 168, 133)">malware analysis and cleaning</span> - so much so that malware commonly tries to prevent their execution. Mark focuses on the features useful for<span style="color: rgb(0, 168, 133)"> malware hunting</span>, demonstrates their capabilities by presenting real-world cases of the tools being used to identify and clean malware, and concludes with a live analysis of the infamous<span style="color: rgb(184, 49, 47)"><strong> Stuxnet virus</strong></span>."</p><p><a href="https://www.blackhat.com/html/bh-us-11/bh-us-11-archives.html" target="_blank">Black Hat ® Technical Security Conference: USA 2011 // Venue</a></p><p></p><p>It seems first that the above is related to the undetected, general malware samples, except the Stuxnet virus example, which is known for exploiting many zero day vulnerabilities.</p></blockquote><p></p>
[QUOTE="Andy Ful, post: 775676, member: 32260"] The concept "zero-day malware" was used for many years, but as [USER=56349]@Lockdown[/USER] mentioned, in the context of exploits. At present it is accepted to use it in the context of general malware: "Zero-day [URL='https://www.britannica.com/technology/malware']malware[/URL] is hostile computer [URL='https://www.britannica.com/technology/software']software[/URL], such as viruses or [URL='https://www.britannica.com/technology/trojan-computing']Trojan horses[/URL], that is not yet detectable by antivirus programs. " [URL='https://www.britannica.com/topic/advanced-persistent-threat']Advanced persistent threat | information technology[/URL] Yet, the term "zero-day attack", seems to be realated only to exploits. Sometimes it is hard to understand the meaning of "zero-day malware" terminology: [SIZE=18px][B]"Mark Russinovich[/B][/SIZE] [SIZE=22px][B]WORKSHOP - Zero Day Malware Cleaning with the Sysinternals Tools[/B][/SIZE] Learn how to analyze and clean [COLOR=rgb(0, 168, 133)]zero day malware[/COLOR] using the Sysinternals tools directly from their author, including Process Monitor, Process Explorer, and Autoruns. By enabling deep inspection and control of processes, file system and registry activity, and autostart execution points, these utilities are useful for everything from day-to-day computer maintenance to advanced system and application troubleshooting. The tools are especially effective for [COLOR=rgb(0, 168, 133)]malware analysis and cleaning[/COLOR] - so much so that malware commonly tries to prevent their execution. Mark focuses on the features useful for[COLOR=rgb(0, 168, 133)] malware hunting[/COLOR], demonstrates their capabilities by presenting real-world cases of the tools being used to identify and clean malware, and concludes with a live analysis of the infamous[COLOR=rgb(184, 49, 47)][B] Stuxnet virus[/B][/COLOR]." [URL='https://www.blackhat.com/html/bh-us-11/bh-us-11-archives.html']Black Hat ® Technical Security Conference: USA 2011 // Venue[/URL] It seems first that the above is related to the undetected, general malware samples, except the Stuxnet virus example, which is known for exploiting many zero day vulnerabilities. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
