Slashdot Mirror
Domain: kaspersky.com
Stories and comments across the archive that link to kaspersky.com.
Comments · 139
-
Re:So how do I tell if I've been infected?
What files should I check for? How can I remove it myself? All this hue and outcry about hundreds of thousands of installed backdoors but Kapersky won't say what files to look for?
-
What it is
Here is some interesting information about Pegasus and the POS firm that develops and sells it, of course it has to be Israeli, who else and the source https://www.kaspersky.com/blog..., no wonder a US government controlled by the Mossad wanted to ban them, just wont join the Israeli games of a forever expanding Israel, until the rest of the world is either consumed or destroyed.
They purposefully made use of zero day exploits, which makes them criminally negligent and they should be prosecuted but of course the Israeli government wont do it because Mossad, oh and yeah, the software did not just spy for the people who bought and deployed it, you gumbys, you were also facilitating Israel espionage and further penetration of security.
-
Re:A cool experiment, not a practical solution
Experiment, sure...
New police radars can 'see' inside homes (Jan. 19, 2015)
https://www.usatoday.com/story...
Technologies that see through the walls (July 7, 2015)
https://www.kaspersky.com/blog... -
The biggest problem with bitcoins?
The fact t that 81% of all mining takes place in one country, China, which is under totalitarian control. The blockchain ledger contains what they want it to contain. And blockchain has serious scaling problems as well. Supposedly a "distributed" system, most transactions take over an hour to verify if one has downloaded and users their own local blockchain ledger. Most cryptocurrency owners avoid the use of local ledgers by using "wallets" which connect to the ledger on a blockchain server accessed by tens of thousands - no distribution there.
Major blockchain myths and the limitations they impose are discussed in the link below.
https://www.kaspersky.com/blog...
tldr; blockchain is, essentially,, a giant Ponzi Scheme masquerading as digital money. He how created it and those who jumped in early made off with the money of the late arrivals who were blinded by dreams of getting rich quick. Eventually, most government will outlaw its use.
-
Re:Promising you don't != promising you *can't*
A free unlimited VPN is still a welcome offer.
Maybe you should check out Kaspersky Secure Connection. It's not free, but then, free services typically make you the product rather than the customer.
https://usa.kaspersky.com/secu...
USD $4.99/month
I'd trust a foreign provider long before a US-based one because of US TLAs, plus a foreign government has far less ability to affect you as an individual than one's own government.
Strat
-
Kaspersky Investigation - original release
-
EVIL Kaspersky
OK, they're ALL out to get you. If you didn't pay for it, you're the product. I fear my local government more than a far-away one. I'm a minnow, no some plankton living in the social/financial sea. It's only metadata. If you've got nothing to hide, you've got nothing to fear. Ever uploaded something to VirusTotal/Google/MS/Amazon? If it's unencrypted in the cloud, it's probably now on someone's ELSE's cloud too. If encrypted, it's still fair game. KAV have good reviews. So I'll just leave this here and get my coat,
OVERVIEW
https://www.pcworld.com/articl...
https://www.av-test.org/en/ant...
http://chart.av-comparatives.o...
Free
https://usa.kaspersky.com/free...
https://www.bitdefender.com/su...
https://www.malwarebytes.com/m...
https://www.avira.com/en/free-...
https://home.sophos.com/
https://www.pandasecurity.com/...
Just PICK one just as long as it's not the default MS Defender. They couldn't stop it from getting in to start with, what makes you think their AV is going to do better? -
Re:All together?
That Israel is lying, the USA is lying
They are states, focused on the well being of their citizens and not the truth. Of course they are lying when they have to, just as Russia and everyone else.
the owner who is/was KGB
You mean the Soviet Union ?
and other executives who are FSB at Kaspersky are an exception to the rule that once you are in that world, you never leave that world, and that when you give a program where you give the providers of the program the keys to the kingdom, that given the background of th eactors, that they won't exploit what you gave them permission to exploit?
All it takes is a couple of seconds to find their response to your absurd statement. Have a nice day
-
Re:Kaspersky may well be innocent
Um, that doesn't make them innocent, that makes them guilty but coerced. Innocent would be if the Russian spies were sniffing through their telemetry without them knowing, but that still means they are just as much of a security hole. I will admit that I didn't know that anti-virus software sent the user's files off-site for "inspection" if they were "suspicious". That is ridiculously insecure for the user's private data.
Your "innocent" scenario is exactly what Kaspersky says (may have) happened in the case with the case where an NSA contractor's files were scanned by Kaspersky and then immediately hacked by the Russians. From Eugene Kaspersky:
Even though we have an internal security team and run bug bounty programs, we can’t give a 100% guarantee that there are no security issues in our products
-
WSL vs Win32 API
It is that no existing anti-malware utilities will automatically catch and remove the malware. This is a serious risk.
Well to be more precise :
- currently the WSL subsystem that provides "linux ABI" to original linux ELFs
- and the Win32 system usually offered to normal windows userland
are too different environment which are kept (on purpose) isolated from each other.(Just think about it: even if theoretically NTFS can store case-sensitive filenames, absolutely no Win32 userland does handle it.
That's just one of the several reasons why both environment should touch eachother's stuff.
Another reason is that for performance reason WSL uses an entirely different threading system than Win32 apps - "picothreads", there was a lot of online articles about the benefits of their introduction to NT kernels)Only some specific forms of message passing are possible.
(- Windows' bash.exe can start ELFs in WSL (usual
Latest version of WSL can pass a little bit more data around.
WSL has a special filesystem driver to be able to safely mount windows' user data in the filesystem tree.
And that's about it.).That mean that you copy of Kaspersky Lab for Microsoft Windows can't directly see anything happening in WSL.
...BUT!...
Absolutely nothing prevents you (or security software suites from official providers) to run the "KAV" elf inside WSL to handle the WSL side of security, in collaboration with the Win32 software. -
THE solution: expiry depends on complexity
Hi
you chose a password, there is a calculation performed how long a brute force/dictionary attack will take.
Your password will expire after this time.
Calculate the time using this calculator (take the botnet time): https://password.kaspersky.com...thisisanicepassword => 3 days
this is a nice password => 40 years (maybe maximize on a top limit)
12345678 => 1 second
one two three four => 3 years
correcthorsebatterystaple => 5 years (hmm, maybe they should add that to an exception list)
h4Z7p8d0 => 51 seconds
h4Z7p8d0x3 => 2 hours
h4Z7p8d0x3w1 => 6 days
h4Z7p8d0x3w1bd => 2 years -
that's the POWER that makes the world go round!
Just download a free antivirus livecd and scan your system with that.
Options include but are not limited to:
AVG:
https://www.avg.com/en-us/resc...
https://www.avg.com/en-us/down...Avira:
https://www.avira.com/en/downl...Bitdefender:
http://download.bitdefender.co...Comodo:
https://www.comodo.com/busines...Dr. Web:
https://free.drweb.com/aid_adm...F-Secure:
ftp://ftp.f-secure.com/anti-vi...
https://www.f-secure.com/en/we...Kaspersky:
http://support.kaspersky.com/v...
http://rescuedisk.kaspersky-la... -
Re:"cybersecurity software firm that bears his nam
"Yevgeny is the official spellingg of his name in roman letters."
No, it isn't. Who made you boss? Perhaps you should STFU, and let Eugene spell his name the way he wants in the Roman alphabet. Can't get any more "official" than that, you retarded foreigner. -
Re:Ha
Even as someone who lives in "the West" (Australia) you better believe I use Kaspersky over any other anti-virus; I trust them FAR more than the others. At worst, they'll collude with a government that's not on particularly chatty terms with my own.
Also:
Magic Lantern - Anti-Virus Vendor Co-operation
The rise and ubiquity of law enforcement malware.Curiously, Kaspersky was recently yanked from the shelves of at least 1 large office goods supplier (OfficeWorks).
Could it be it does too good a job of securing our systems? -
Tie expiration date to password length
6 char password => expires in 1 hour
8 chars => 1 day
10 chars => 1 week
12 chars => 3 months
14+ chars => 1 yearSo making long passwords would make you change only every year.
test: https://password.kaspersky.com... -
The link to FFForget in TFS failed for me.
Try without "www", it worked for me: https://ffforget.kaspersky.com... .
-
Re:Thank you LG!
While I agree in principle, it's not like it's difficult to prevent that crap from talking to the outside world.
Maybe you, maybe me - but not most people You know, the ones who have already participated in a botnet DDOS. https://business.kaspersky.com... and it's going to get much worse before it gets better.
-
Does this guy know what a microkernel is?
If you read TFA this guys says:
"The first feature is that the Kaspersky OS is based on microkernel architecture, which basically means using the minimum amount of ingredients to bake your own operating system. The OS can be custom-designed as per requirements by using different modification blocks. This is similar to what Cyanogen Inc. has implemented in the module-based form of Cyanogen Modular OS for smartphones."
Unless I have missed something Cyanogen's OS is still using a normal monolithic kernel. Actually this guys description would pretty well include normal module loading and unloading in the linux OS. Why do people who don't understand things try to explain them by comparing them to other things they probably also don't understand?
But then I read Fossbytes 'about us' page and realized that they are just another aggregator running out of Delhi, and their biggest claim to fame is 300,000 followers on social media. Can't we at least get a link to the horse's mouth like
https://eugene.kaspersky.com/2...
instead of re-aggregating an poorly written per-aggregated mention of the news? -
Actual source
Nothing like an ad-infested news page with referral program links to the original source. Here is the actual article, with a sanitized URL:
-
Kaspersky's checker is quite intelligent
Way better than what you currently find on normal websites.
They should just make it easier to integrate the thing on your own webpage.
https://password.kaspersky.com... -
They plan a USB firewall
Kaspersky Labs tries to crowdfund a USB charger "antivirus/firewall" which will ship for $25
https://blog.kaspersky.com/pur...
Google has taken some precautions with the mighty powerful ADB interface such as warning users and disabling even the option to display the screen where you enable it but there are several ordinary end users who wonder around with it enabled.
I recently had to help a hotel bar's laptop computer, it had like 10-20 complete strangers private iPhone data backed up! Right, it didn't have passwords I bet but all the personal photos, browsing history etc are there. Just imagine what a person who does it on purpose can do with SSDs and SD cards reaching TB range . -
Re:Missing an M?
What's a Skimer?
Using the magical oracle known as "Google", we find the answer to that question is...
ATM malware
ATM malware
ATM malware
ATM malware
ATM malware
ATM malware
(you probably get the idea by now: "Skimer" is ATM malware) -
Original Post by Kaspersky Labs
Here is the original article on the Kaspersky Labs site in case anyone is interested.
The article at securelist.com has a few more technical details and includes a list of the special track 2 values used to activate the functionality.
-
Re:Not a suprise
There are some great tools available.
For password checking, you can try Kaspersky's
https://blog.kaspersky.com/pas...
You can disconnect your computer from the network while using it.For generating a password:
http://correcthorsebatterystap... -
Billion with a B
Has to be the largest single heist attempt ever, though perhaps pales to the systemic pillaging that Kaspersky mentioned last year.
-
Open Secure Boot
Ostensibly to prevent malware from installing itself into the boot process as a hypervisor. Such bootkits date back to the days of booting from floppy disks, when they were called "boot sector viruses". The original idea was that you'd add the public key for whatever operating system you plan to run to a PC's UEFI settings.
UEFI Secure Boot can be deployed in two ways: open, where the owner of a machine can add new public keys or turn off Secure Boot entirely, or closed, where the owner of a machine can do neither of these things. Manufacturers of PCs and motherboards certified for Windows 8 (x86) or Windows 8 (x86-64) were required to include open Secure Boot, relegating closed Secure Boot to Windows RT. True, as of Windows 10, Microsoft began to allow PCs to ship with either open or closed Secure Boot. But in practice, what fraction of PCs are sold with closed Secure Boot?
-
Re:Pretty Amazing Really
I'm not saying it's not a success or worth doing, just that it's perhaps not *quite* the degree of success that it might seem. Keeping in mind that there likely to be lots of groups trying out this kind of scam, each using their own sets of keys and potentially also distributing them across multiple C&C servers to help mitigate against this kind of countermeasure, then the number of victims for a given C&C server is likely to be quite low to start with. According to the site iteself there are around 15,000 keys in total (the 750 mentioned in TFA was just the initial batch), although that might not correspond in any meaningful way with the number of victims or files that have been encrypted. What I'm hoping for is that Kaspersky will follow up on this with some indication of how many of those ~15,000 keys are actually used by victims of the gang to successfully recover their data, how many unique victims they identified, how many files were recovered, and so on.
-
Re:750 keys
it's a download https://noransom.kaspersky.com...
-
Re:Password1
at least one symbol and at least 8 characters Password1~
This leads to extremely common patterns, or classes of passwords such as ULLLLLLLDS, which can be pre-computed for cracking.
Knowing the 30 most common such topologies and allows an attacker to crack 90% of all passwords (according to leaked password lists).
Smart password checkers like the one of Kaspersky take that into account https://blog.kaspersky.com/pas...
Here is a talk https://www.youtube.com/watch?... and some material here: https://blog.korelogic.com/blo....
-
Re:There's an even greater flaw here.
Actually Windows is deemed safer by in the security industry than either Mac OSX or iOS.
http://www.winbeta.org/news/fo...
https://usa.kaspersky.com/inte...
http://www.cnet.com/news/in-th... Regardless, I think the consensus these days is we all need to be careful regardless of device. Social engineering happens on them all. I use both Macs and PCs. I run AV and OpenDNS Umbrella and more for my Macs too and scrutinize anything attachments, links, etc. that I go to. -
Re:The strange power of delusional phantasy!
their are many companies that offer white listing solutions...
Here was one I found with a single google search:
http://www.kaspersky.com/partn...I also liked the barrage of toothless AC peasants cackling below you attempting to tag me with rotten produce.
The white listing system works and has worked for many years and there are many applications of it that are known to work quite well.
They're paradoxically easier to set up than blacklisting systems because they're a great deal more simple. All you do is make it so the computer can run LESS than it was designed to run and you set LESS to EQUAL what you want it to run. The other things that COULD run on the system before... simply can't.
I love that you think this is hard to do... think of the way a black listing anti virus system works. It looks for known bad code and then intercepts it. That's how it works.
A white listing system does the opposite. It intercepts EVERYTHING and prevents ANYTHING what so ever from running assuming that anything and everything is a virus... EXCEPT things specifically defined to it as NOT a virus.
Its the same system only instead of trying to guess every virus and malware possible... I just define whatever is currently running as GOOD and if anything is added to the system then it is ASSUMED to be bad unless otherwise stated.
Its a very simple system and I operate white lists pervasively on many systems using several of the most popular techniques for implementing them.
This is fundamental IT security. That you're ignorant of it is not surprising or embarrassing for you. You don't know what you're talking about. I do. I am an expert. You're an AC shit head.
*wink*
-
Re:Re-engineer the OS to include ROMs?
How many people would be harmed if some basic components of XP had been burned into ROM?
Everyone who had one, because they would be found to have security vulnerabilities (see here for an example of exactly that happening), and then everyone's system would be vulnerable.
Incidentally, Kaspersky was building an OS that does exactly what you suggest, so if it works, then maybe we will see more of what you suggested in the future. I'm doubtful though, for reasons mentioned in the previous paragraph. -
Some LiveCDs ... Re:AVG: People still use it?
Thank you.
Are you a Linux user by chance?
I found this:
http://www.bitdefender.com/bus...
And it appears to be 100% free with a free license.
I know - people say *nix doesn't need antivirus program(s)...but clamav isn't enough to satisfy my needs.
###
Avira continues with popups? What a shame. One would think popups to be a form of adware. I enjoyed the configuration options which Avast didn't provide [several years ago].
MSE makes me wonder if I have any protection at all.
Avast may be the winner here [for free options] if you turn off most of the non-virus related scanning modules.
I like Clamwin for a backup manual scanner, it's caught some trojans MSE couldn't find. I hear detection rate is poor and false positives are common but it's one more tool in my chest.
Here are some free antivirus LiveCDs:
+ AVG:
http://www.avg.com/us-en/avg-r...+ AVG ARL: The latest release version of the AVG Rescue CD GNU/Linux (ARL) with daily updated virus database,
latest alpha or beta version of the ARL and all the resources needed to build the ARL from scratch. Releases are signed!
https://share.avg.com/arl+ Avira:
https://www.avira.com/en/downl...+ BitDefender:
http://download.bitdefender.co...+ Comodo Rescue Disk (CRD):
https://www.comodo.com/busines...+ Dr.Web LiveCD:
http://www.freedrweb.com/lived...+ F-Secure:
https://www.f-secure.com/en/we...
https://www.f-secure.com/en/we...+ Kaspersky:
http://support.kaspersky.com/f...
http://support.kaspersky.com/v...
http://forum.kaspersky.com/ind...As with all antivirus products, please read the greedy EULAs before proceeding.
-
Some LiveCDs ... Re:AVG: People still use it?
Thank you.
Are you a Linux user by chance?
I found this:
http://www.bitdefender.com/bus...
And it appears to be 100% free with a free license.
I know - people say *nix doesn't need antivirus program(s)...but clamav isn't enough to satisfy my needs.
###
Avira continues with popups? What a shame. One would think popups to be a form of adware. I enjoyed the configuration options which Avast didn't provide [several years ago].
MSE makes me wonder if I have any protection at all.
Avast may be the winner here [for free options] if you turn off most of the non-virus related scanning modules.
I like Clamwin for a backup manual scanner, it's caught some trojans MSE couldn't find. I hear detection rate is poor and false positives are common but it's one more tool in my chest.
Here are some free antivirus LiveCDs:
+ AVG:
http://www.avg.com/us-en/avg-r...+ AVG ARL: The latest release version of the AVG Rescue CD GNU/Linux (ARL) with daily updated virus database,
latest alpha or beta version of the ARL and all the resources needed to build the ARL from scratch. Releases are signed!
https://share.avg.com/arl+ Avira:
https://www.avira.com/en/downl...+ BitDefender:
http://download.bitdefender.co...+ Comodo Rescue Disk (CRD):
https://www.comodo.com/busines...+ Dr.Web LiveCD:
http://www.freedrweb.com/lived...+ F-Secure:
https://www.f-secure.com/en/we...
https://www.f-secure.com/en/we...+ Kaspersky:
http://support.kaspersky.com/f...
http://support.kaspersky.com/v...
http://forum.kaspersky.com/ind...As with all antivirus products, please read the greedy EULAs before proceeding.
-
Some LiveCDs ... Re:AVG: People still use it?
Thank you.
Are you a Linux user by chance?
I found this:
http://www.bitdefender.com/bus...
And it appears to be 100% free with a free license.
I know - people say *nix doesn't need antivirus program(s)...but clamav isn't enough to satisfy my needs.
###
Avira continues with popups? What a shame. One would think popups to be a form of adware. I enjoyed the configuration options which Avast didn't provide [several years ago].
MSE makes me wonder if I have any protection at all.
Avast may be the winner here [for free options] if you turn off most of the non-virus related scanning modules.
I like Clamwin for a backup manual scanner, it's caught some trojans MSE couldn't find. I hear detection rate is poor and false positives are common but it's one more tool in my chest.
Here are some free antivirus LiveCDs:
+ AVG:
http://www.avg.com/us-en/avg-r...+ AVG ARL: The latest release version of the AVG Rescue CD GNU/Linux (ARL) with daily updated virus database,
latest alpha or beta version of the ARL and all the resources needed to build the ARL from scratch. Releases are signed!
https://share.avg.com/arl+ Avira:
https://www.avira.com/en/downl...+ BitDefender:
http://download.bitdefender.co...+ Comodo Rescue Disk (CRD):
https://www.comodo.com/busines...+ Dr.Web LiveCD:
http://www.freedrweb.com/lived...+ F-Secure:
https://www.f-secure.com/en/we...
https://www.f-secure.com/en/we...+ Kaspersky:
http://support.kaspersky.com/f...
http://support.kaspersky.com/v...
http://forum.kaspersky.com/ind...As with all antivirus products, please read the greedy EULAs before proceeding.
-
Bank Hackers Steal Millions Via Malware?
I always though computer operating systems were only capable of being hacked, but thanks slashdot for giving us that technically insightful and informative heads-up
"First, they get physical access to the ATMs and insert a bootable CD to install the malware -- code named Tyupkin by Kaspersky Lab. After they reboot the system, the infected ATM is under their control."
"The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem" -
EMET
EMET http://support.microsoft.com/k... along with whatever antivirus you choose.
I like ESET, especially the business version with console. I get it for my large customers.
Kaspersky is good. I use it for email gateways and small offices. The firewall breaks some shit, though.
I'm always removing viruses from computers that are running avast!, McAfee, Symantec, and AVG, so I won't be using those anytime soon
Trend Micro seems to be great, but I only have a couple of users running it so I have never used it in a large environment.
Vipre is a bad joke (I tested it).
MalwareBytes is great at removing crap and I use it often, but I have yet to use the paid version.
TDSSKiller http://support.kaspersky.com/v... for rootkits.
I'm thinking purchasing MalewareBytes for a small office soon (8 users), but I may go with Trend Micro. I'm on the fence. -
injected by spearfishing component suppliers
> one thing a lot of people often overlook is that Stuxnet required physical infiltration of the Iranian lab to plant the virus. It also required someone
No, Stuxnet was injected by spearfishing and waterholing several companies that make components which later go into SCADA systems, some of which were used in the enrichment facility.
http://blog.kaspersky.com/stux...
Note that the rest of your post is based on reasoning from your mistake about the initial infection. Also BTW, it's a worm, not a virus.
-
Antivirus LiveCDs - boot and scan your system
+ AVG:
http://www.avg.com/us-en/avg-r...+ AVG ARL: The latest release version of the AVG Rescue CD GNU/Linux (ARL) with daily updated virus database,
latest alpha or beta version of the ARL and all the resources needed to build the ARL from scratch.
Releases are signed!
https://share.avg.com/arl+ Avira:
https://www.avira.com/en/downl...+ BitDefender:
http://download.bitdefender.co...+ Comodo Rescue Disk (CRD):
https://www.comodo.com/busines...+ Dr.Web LiveCD & LiveUSB:
http://www.freedrweb.com/livec...
http://www.freedrweb.com/liveu...+ F-Secure:
https://www.f-secure.com/en/we...
https://www.f-secure.com/en/we...+ Kaspersky:
http://support.kaspersky.com/f...
http://support.kaspersky.com/v...
http://forum.kaspersky.com/ind... -
Antivirus LiveCDs - boot and scan your system
+ AVG:
http://www.avg.com/us-en/avg-r...+ AVG ARL: The latest release version of the AVG Rescue CD GNU/Linux (ARL) with daily updated virus database,
latest alpha or beta version of the ARL and all the resources needed to build the ARL from scratch.
Releases are signed!
https://share.avg.com/arl+ Avira:
https://www.avira.com/en/downl...+ BitDefender:
http://download.bitdefender.co...+ Comodo Rescue Disk (CRD):
https://www.comodo.com/busines...+ Dr.Web LiveCD & LiveUSB:
http://www.freedrweb.com/livec...
http://www.freedrweb.com/liveu...+ F-Secure:
https://www.f-secure.com/en/we...
https://www.f-secure.com/en/we...+ Kaspersky:
http://support.kaspersky.com/f...
http://support.kaspersky.com/v...
http://forum.kaspersky.com/ind... -
Antivirus LiveCDs - boot and scan your system
+ AVG:
http://www.avg.com/us-en/avg-r...+ AVG ARL: The latest release version of the AVG Rescue CD GNU/Linux (ARL) with daily updated virus database,
latest alpha or beta version of the ARL and all the resources needed to build the ARL from scratch.
Releases are signed!
https://share.avg.com/arl+ Avira:
https://www.avira.com/en/downl...+ BitDefender:
http://download.bitdefender.co...+ Comodo Rescue Disk (CRD):
https://www.comodo.com/busines...+ Dr.Web LiveCD & LiveUSB:
http://www.freedrweb.com/livec...
http://www.freedrweb.com/liveu...+ F-Secure:
https://www.f-secure.com/en/we...
https://www.f-secure.com/en/we...+ Kaspersky:
http://support.kaspersky.com/f...
http://support.kaspersky.com/v...
http://forum.kaspersky.com/ind... -
Re:Similar bug in iOS
Does decent include 10 million virus apps?
-
Competition will Support XP
Other Anti-Virus vendors like Symantec, McAfee, and Kaspersky are going to continue to support XP past April, so why should Microsoft concede market share to these competitors?
Also, Microsoft is going to look pretty bad if a new virus makes a major impact, so having their security product database updates continue will mitigate that. Doing otherwise could easily be spun as irresponsible.
-
The Real POwn
Pwn2Own 2010: iPhone 3GS compromised via bypassing code signing; Nexus One not compromised.
Every year Android has existed: 99% of viruses on Android.
Reality totally contradicts the picture you are trying to point. Android far more secure: Odd then it has ALL of the viruses/trojans/malware. Apple disliking jailbreaking: odd then that jailbreaks come out with great regularity after every new OS or device release (but mostly tethered) and Apple hires jailbreak developers to work on core systems sometimes...
Your hatred is blinding you to reality.
-
Re:One major reason why AV is a dead-end
Ohh yea, the Kaspersky Guys are the shit. One messed up patch after the other and now this.
-
Re:One major reason why AV is a dead-end
There is no way to prevent these things from happening
Sure there is. Kaspersky Anti-Virus Security Center has a Update Verification module built in, that allows a sysadmin to install the update to a known-clean test group and then run a virus scan BEFORE the update is applied to the rest of the machines. If the scan fails(ie, finds anything), the update is aborted and an email is sent to the admin. If Malwarebytes had that kind of thing(or if it did and the sysadmins actually used it), this wouldn't even be an issue.
-
1 in 20
Maybe I'm doing something wrong, but I haven't seen a virus in a decade.
-
Link to fix
http://forum.kaspersky.com/index.php?showtopic=255508&st=20&p=1978848&#entry1978848
Text of fix, credit the forum poster known as "omaudio":
from Kaspersky-
"We apologize for the inconvenience. It does appear that there was a hiccup with an Update pushed out causing Windows XP machines to lose internet connectivity. An update was just released that should address the issue, what I will need you to do is:
To get XP users internet connectivity (temporarily), please disable the Web AV component of your protection policy for your managed computers. After doing so;
In Security Center (or Admin Kit):
1.) Go to the Repositories section >> (Right click) Updates >> All Tasks >> Clear updates repository.
2.) Go to the Repositories section >> (Right click) Updates >> Download UpdatesAfter taking this step, please run your group Update task for Managed Computers. After the update has been pushed to your workstations, please re-enable your Web AV component in your protection policy. This should resolve the issue. "
-
Re:What problem does it solve?
BIOS boot sector protection has never prevented writes to the MBR unless you're running DOS - any actual OS uses direct hardware access instead of using the BIOS, and so it can't be blocked. It'd be possible for the BIOS to complain that the MBR's been modified, but it has no way of verifying that the partition boot code or the actual bootloader are still secure. Unsurprisingly, malware authors take advantage of this - https://support.kaspersky.com/viruses/solutions?qid=208280748 has a list of modern bootkits.
-
Fake FBI warning virus
My vote goes for the fake FBI warning screen that hijacks explorer.exe. It basically informs users that they have done something very illegal and must pay a "fine" to unlock the computer in the form of MoneyPak cards. Screenshot here (not my link, just found online as an example)
BTW, you can remove this SOB using a bootable Kaspersky Rescue Disk. It runs a form of Linux that will boot into an anti-virus desktop console. Assuming you have internet access, it will most likely contain NIC drivers to download the latest defs for you prior to the scan/removal process.
Good luck!
