Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Yes, I will visit shady websites and open shady pdf - third party security?
Message
<blockquote data-quote="ForgottenSeer 98186" data-source="post: 1029089"><p>Visit any page, view any content, view any .doc for infos on any unpaid webpage.</p><p></p><p>Threat actors just love people like you. In fact, they target people like you by targeting all the PDF doc hosting websites and obscure websites.</p><p></p><p>So what are you researching? What subject matter?</p><p></p><p></p><ul> <li data-xf-list-type="ul">You are already aware of malicious PDFs and office docs with macros. So you can identify them and know not to click on links and enable macros. That solves the primary problem and prevents 99% of weaponized docs.</li> <li data-xf-list-type="ul">You already know you should be verifying every document you download by some method to ensure as best you can that they are not obfuscated malware. Whether you are doing any of that is a different matter. My guess is that you're not because in your mind it negatively affects your "productivity."</li> <li data-xf-list-type="ul">You can use a bare-minimum PDF reader such as Sumatra, but this will only be of assistance with weaponized PDFs.</li> <li data-xf-list-type="ul">It is entirely possible to protect your physical system while having good usability; use Hard_Configurator and configure all settings to maximum. Make allow exceptions where needed to permit what you need to do. You must be at least aware of it and don't use it because you don't want the "hassle" or "inconvenience."</li> <li data-xf-list-type="ul">Alternatively you can open PDFs in a linux distro running in Virtual Box, but I already know you're going to say it is a performance or productivity issue.</li> <li data-xf-list-type="ul">About the only thing left for you is to upload the PDFs and other documents to multiple malware analysis sandboxes online, review the analysis reports carefully before opening the PDFs or docs.</li> <li data-xf-list-type="ul">You can also create firewall block rules for the common methods and abused processes to connect out from PDFs and other documents. At least that is something and will prevent malware downloads.</li> <li data-xf-list-type="ul">Getting infected or suffering some other digital related calamity is just a matter of time for you.</li> <li data-xf-list-type="ul">You do already know the answers.</li> <li data-xf-list-type="ul">You remind me of the PhD candidate user that came here years ago, did all the same things you are doing. The reason they came here was they downloaded what they thought was a PDF. It turned out to be ransomware. Upon opening the PDF, the ransomware rapidly encrypted all their PhD thesis documents, source documents, etc. They had no backups.</li> </ul><p>There's a lot of very effective solutions, but you just don't want to use any of them. In your case, using a default-allow 3rd party antivirus is like throwing the dice. Your best bet would be Kaspersky with hardening of Application Control settings. At least you have Kaspersky System Watcher to rollback the encrypted documents when you get smacked by ransomware.</p><p></p><p>Or just forego AV and rely upon regular backups.</p><p></p><p></p><ul> <li data-xf-list-type="ul">Windows XP, unpatched</li> <li data-xf-list-type="ul">Office 2007, unpatched and enable macros</li> <li data-xf-list-type="ul">Adobe Reader version 5, unpatched (from 2004)</li> </ul><p>I give it less than 30 days.</p></blockquote><p></p>
[QUOTE="ForgottenSeer 98186, post: 1029089"] Visit any page, view any content, view any .doc for infos on any unpaid webpage. Threat actors just love people like you. In fact, they target people like you by targeting all the PDF doc hosting websites and obscure websites. So what are you researching? What subject matter? [LIST] [*]You are already aware of malicious PDFs and office docs with macros. So you can identify them and know not to click on links and enable macros. That solves the primary problem and prevents 99% of weaponized docs. [*]You already know you should be verifying every document you download by some method to ensure as best you can that they are not obfuscated malware. Whether you are doing any of that is a different matter. My guess is that you're not because in your mind it negatively affects your "productivity." [*]You can use a bare-minimum PDF reader such as Sumatra, but this will only be of assistance with weaponized PDFs. [*]It is entirely possible to protect your physical system while having good usability; use Hard_Configurator and configure all settings to maximum. Make allow exceptions where needed to permit what you need to do. You must be at least aware of it and don't use it because you don't want the "hassle" or "inconvenience." [*]Alternatively you can open PDFs in a linux distro running in Virtual Box, but I already know you're going to say it is a performance or productivity issue. [*]About the only thing left for you is to upload the PDFs and other documents to multiple malware analysis sandboxes online, review the analysis reports carefully before opening the PDFs or docs. [*]You can also create firewall block rules for the common methods and abused processes to connect out from PDFs and other documents. At least that is something and will prevent malware downloads. [*]Getting infected or suffering some other digital related calamity is just a matter of time for you. [*]You do already know the answers. [*]You remind me of the PhD candidate user that came here years ago, did all the same things you are doing. The reason they came here was they downloaded what they thought was a PDF. It turned out to be ransomware. Upon opening the PDF, the ransomware rapidly encrypted all their PhD thesis documents, source documents, etc. They had no backups. [/LIST] There's a lot of very effective solutions, but you just don't want to use any of them. In your case, using a default-allow 3rd party antivirus is like throwing the dice. Your best bet would be Kaspersky with hardening of Application Control settings. At least you have Kaspersky System Watcher to rollback the encrypted documents when you get smacked by ransomware. Or just forego AV and rely upon regular backups. [LIST] [*]Windows XP, unpatched [*]Office 2007, unpatched and enable macros [*]Adobe Reader version 5, unpatched (from 2004) [/LIST] I give it less than 30 days. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
