Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
What do you think about this?
Message
<blockquote data-quote="RoboMan" data-source="post: 1090144" data-attributes="member: 53544"><p>False, hence why behavioural analysis of files exist. The concept of signature-based antivirus alone is antique.</p><p></p><p>Again, not entirely true. An antivirus can be triggered when it identifies at least one attack chain of them all. It may not identify the obfuscation technique, or the process injection, but something as simple as a constant call home can trigger a firewall rule and expose the whole attack.</p><p></p><p>Ridiculous argument. Every software can have vulnerabilities. Also, this means a malware file must be packed with code to bypass every single antivirus' containment module, given the strange fact that the cybercriminal has identified a way to bypass them all. This is no evidence whatsover to say sandboxes don't work.</p><p></p><p>True, but ALL software open possibilities for vulnerabilities and backdoors. At least antivirus can help you protect you from exploitation of OS vulnerabilities.</p><p></p><p>Lol</p><p></p><p>No need, you already use Windows or MacOs.</p><p></p><p>Okay, maybe I'm in hater mode with this one, but this is not true. Malware can be triggered without double clicking it, for example by extracting it.</p><p></p><p>Excellent safety habit, but you can't expect Average Joes to acknowledge this, hence why antiviurus are important to them.</p><p></p><p>False. Despite being harder to monitor since there's no file, behavioral approach is usually effective for this type of malware, since file or not, malware usually behaves the same way.</p></blockquote><p></p>
[QUOTE="RoboMan, post: 1090144, member: 53544"] False, hence why behavioural analysis of files exist. The concept of signature-based antivirus alone is antique. Again, not entirely true. An antivirus can be triggered when it identifies at least one attack chain of them all. It may not identify the obfuscation technique, or the process injection, but something as simple as a constant call home can trigger a firewall rule and expose the whole attack. Ridiculous argument. Every software can have vulnerabilities. Also, this means a malware file must be packed with code to bypass every single antivirus' containment module, given the strange fact that the cybercriminal has identified a way to bypass them all. This is no evidence whatsover to say sandboxes don't work. True, but ALL software open possibilities for vulnerabilities and backdoors. At least antivirus can help you protect you from exploitation of OS vulnerabilities. Lol No need, you already use Windows or MacOs. Okay, maybe I'm in hater mode with this one, but this is not true. Malware can be triggered without double clicking it, for example by extracting it. Excellent safety habit, but you can't expect Average Joes to acknowledge this, hence why antiviurus are important to them. False. Despite being harder to monitor since there's no file, behavioral approach is usually effective for this type of malware, since file or not, malware usually behaves the same way. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
