Jump to content

Archived

This topic is now archived and is closed to further replies.

Dickepa

AV Evasion

Recommended Posts

That doesn't hold true for ESET. Such files would need to have a valid Microsoft signature for instance in order not to be scanned.

Share this post


Link to post
Share on other sites

I don't believe most AV scan engines ignore signed software per se. Malware authors employing stolen valid certs. has existed for years. However, some security solutions have components such as behavior monitor or HIPS than can be configured to allow Trusted Publishers and the like. Also code signing is more a factor in their reputational scanning feature than in realtime scanning in most AV products.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...