Antivirus

Defending against nation state ransomware

As a professional with over 20 years in the cyber security space, I cringe when a vendor presents and says: “attacks are getting more sophisticated and harder to defend against.”   While some of it rings true, it surely misses a critical point. The cyber security community has also become smarter, more vigilant, more sophisticated and…

Published 6 years ago in
Defending against nation state ransomware


As a professional with over 20 years in the cyber security space, I cringe when a vendor presents and says: “attacks are getting more sophisticated and harder to defend against.”   While some of it rings true, it surely misses a critical point. The cyber security community has also become smarter, more vigilant, more sophisticated and capable, and goes beyond just using antivirus software and malware removal tools.  In all of my research this year, in cases where I have seen gaps, we have had the means in our possession to easily fix.

With that said, there are two trends that look likely to rise in 2020 and for which we must be vigilant and prepared.

free anti-ransomware software being available.

About the author

Dave Klein is the senior director of cybersecurity at Guardicore.

Nation state actors have become more brazen

A major concern for 2020 must be the increasing number of capable nation state cyber actors/attackers.  These nation state actors have become extremely skilled at using false flag/obfuscation techniques and proxy actors in their cyber warfare to prevent clear-cut attribution back to their home state.  By making attribution difficult, so bad actors get away with their crimes and continue unhindered.  Furthermore, as per the 2019 Verizon Data Breach study, nation state attacks have increased from 12 per cent of attacks in 2017 to 23 per cent in 2018.  

As the world has become more experienced in uncovering nation state players so they have become more experienced in hiding, avoiding pitfalls and even manipulating data, tool kits and techniques to throw forensic analysts off by mimicking another nation state or criminal actors.   

Go to techniques once used to easily identify attackers no longer work.  Time stamps, which if analysed statistically could give you an attacker’s workday (and thus their global location), are now often manipulated.  Coding and debugging techniques are being manipulated since state actors know malware strings themselves. Debug paths and metadata are often used to zero in on an attacker’s base language, usernames and codin

Read More

Be the first to write a comment.

Leave a Reply

Your email address will not be published. Required fields are marked *

Antivirus

Your antivirus is probably slowing your PC more than protecting it

Antivirus is one of the first things most people install on a new PC. After all, nobody wants malware ruining their PC or, worse, stealing their data. And to be fair, most popular antivirus suites do a decent job of protecting your PC. But the problem is, they aren’t exactly optimized to be lean or

Published 3 weeks ago in
Your antivirus is probably slowing your PC more than protecting it

Antivirus is one of the first things most people install on a new PC. After all, nobody wants malware ruining their PC or, worse, stealing their data. And to be fair, most popular antivirus suites do a decent job of protecting your PC. But the problem is, they aren’t exactly optimized to be lean or lightweight. And things have become even worse ever since antivirus suites have started bundling extras like VPNs, parental controls, and browser add-ons.

All of this leaves the apps and games you actually use with fewer resources, which causes frequent slowdowns and even lag. So the uncomfortable irony is that the software meant to protect your PC ends up being the very thing holding it back.

How antivirus software can slow down your PC

When constant protection becomes constant pressure

TippaPatt</a>/Rawpixel</a>/Shutterstock””>

person using antivirus scanning tool-1
Miker Rivero/MakeUseOf/TippaPatt/ShutterstockRawpixel/Shutterstock
Credit: Miker Rivero/MakeUseOf/TippaPatt/Rawpixel/Shutterstock

Antivirus softwares love to present themselves as silent protectors. Always watching, always keeping you safe, and never getting in your way. Sure enough, part of this is true. They work in the background, but it’s not without any impact.

Antivirus programs work by scanning files as they are opened, downloaded, copied, or modified. That means every app you launch and every document you touch triggers a quick inspection. There are also the scheduled scans, which often run when you least expect them. So if your PC has ever felt slow, even when you’ve got nothing running, it’s probably the antivirus program combing through your files in the background.

Now, the performance hit isn’t the same every time. During light, routine scans, the impact can be minimal, anywhere from 0 to 20 percent. However, during full or partial scans, this can rise up to as high as 50 percent. The impact also varies depending on the antivirus program you’re using. Some are lightweight and efficient, while others are far more demanding.

Most of the time, you may not even notice this slowdown. But as soon as you start gaming, editing videos, or running any resource-intensive apps, the story will change. That’s when both your app or game and antivirus program start to compete for the same system resources, and the performance takes a hit.

To make matters worse, modern antivirus rarely sticks to just antivirus duties. Most of them come bundled with all sorts of extras, like VPNs, password managers, and system optimizers. All of these extras run separate processes. So yes, it’s not just one program you’re dealing with. Your PC is actually running multiple different software under a single name.

You can verify if the antivirus is the bottleneck

Be sure before you act

!–>

Read More

Continue Reading
Antivirus

If you’re struggling to play tactics sim Menace, it could be because your antivirus is randomly deleting files

This week saw the early access launch of turn-based tactics game Menace, created by the piss-swigging misanthropes behind Battle Brothers. Julian has been having a wonderful time playing it and learning about the importance of spare ammo and adequate reconnaissance. It could have been worse, Julian…

Published 3 weeks ago in
If you’re struggling to play tactics sim Menace, it could be because your antivirus is randomly deleting files

This week saw the early access launch of turn-based tactics game Menace, created by the piss-swigging misanthropes behind Battle Brothers. Julian has been having a wonderful time playing it and learning about the importance of spare ammo and adequate reconnaissance. It could have been worse, Julian…
Read More

Continue Reading
Antivirus

You don’t need to pay for third-party antivirus software to protect your PC anymore

Summary Most consumer devices already come with strong default security measures equivalent to or better than third-party software. Common vectors of attack for malware are already blocked by modern systems before they even reach your antivirus program. Individual consumer PCs are not a primary target for cybercriminals, and cyberattacks are often conducted by exploiting vulnerabilities

Published 3 weeks ago in
You don’t need to pay for third-party antivirus software to protect your PC anymore

Summary

  • Most consumer devices already come with strong default security measures equivalent to or better than third-party software.
  • Common vectors of attack for malware are already blocked by modern systems before they even reach your antivirus program.
  • Individual consumer PCs are not a primary target for cybercriminals, and cyberattacks are often conducted by exploiting vulnerabilities against third-party software, not the computer OS itself.

Do you still pay for third-party antivirus software like Norton or McAfee? You may be surprised to learn that there’s no real benefit to doing so. Software like this is mostly obsolete today.

Who pays for third-party antivirus software, and why?

It might sound like a bold claim, saying that you don’t need third-party antivirus software anymore. After all, recent statistics show that roughly half of American consumers use such programs. Interestingly enough, those same statistics also show that users over 65 are more than twice as likely to subscribe to paid antivirus software than those under 45.

Why is that? Well, there is certainly more than one reason, but a big one is simply misunderstanding and tradition.

In the past, having third-party antivirus software was prudent, almost mandatory to keep your computer safe. Some people who grew up in that era are comfortable with the idea of paying for these subscriptions, not realizing that things have changed: your computer protects itself just fine these days.

Not only do computers come out of the box equipped with incredibly good security these days, but most malware threats aren’t even targeting individual consumers. But you don’t have to take my word for it right away. Let’s dive into this in more detail.

Default security measures are more than enough today

All of your consumer devices come with default protection right off the shelf. With iOS and Android, their official app stores weed out malware and keep you safe. Mac has been using XProtect anti-malware for more than a decade, and it has an excellent record.

A screen showing an update for Windows Defender on Windows 11. Credit: Microsoft

Windows has Microsoft Defender Antivirus, which has consistently aced security tests run by third-party organizations. Since around seven years ago, Defender Antivirus has consistently earned perfect or near-perfect scores in protecting your PC.

Needless to say, that’s as good as it gets, and the program comes free with your Windows computer. There’s no paid antivirus software that can outperform this free, default option from Microsoft. They may offer more features, but not more practical benefits. But even beyond these built-in systems, there are other re

Read More

Continue Reading
Antivirus

AV vendor goes to war with security shop over update server scare

eScan lawyers up after Morphisec claimed ‘critical supply-chain compromise’ A spat has erupted between antivirus vendor eScan and threat intelligence outfit Morphisec over who spotted an update server incident that disrupted some eScan customers earlier this month.……

Published 3 weeks ago in
AV vendor goes to war with security shop over update server scare

eScan lawyers up after Morphisec claimed ‘critical supply-chain compromise’ A spat has erupted between antivirus vendor eScan and threat intelligence outfit Morphisec over who spotted an update server incident that disrupted some eScan customers earlier this month.……
Read More

Continue Reading