6/23/2023 0 Comments Is kaspersky security cloud good![]() ![]() It defeated basically every behavior blocker that we tried, except as soon to be reported extremely paranoid configs of Kaspersky. In my recent testing ( Discuss - MacDefender Test #2, "Trojan" Ransomware ) I replicated a very similar technique but I used 7-zip instead of Node.js. ![]() Across ~a hundred samples of ransomware, IMO that is a fairly decent result. Even when he did bonus dynamic testing where the signature scanner was totally disabled. This, however, I believe was the single (or maybe two total instances) of ransomware managing to encrypt files under DeepGuard's watch. It then dropped 2 Javascript files on disk with a crypto payload (that is suspicious but their signatures missed it), and then told Node.js to execute the payload.īecause Node.js is presumably whitelisted and trustworthy, F-Secure happily allowed it to encrypt everything. It downloaded a standalone copy of Node.js from their official site (which of course is not malware and not suspicious). Click to showed me one such piece of malware less than a month ago.
0 Comments
Leave a Reply. |