galaxy 11 Posted July 3, 2018 Share Posted July 3, 2018 Where is eset please nice bad, I can not agree Link to comment Share on other sites More sharing options...
itman 1,659 Posted July 3, 2018 Share Posted July 3, 2018 This is sheer speculation on my part since I don't have a copy of the .docx file. Suspect what the file was infected with was: https://www.trustwave.com/Resources/SpiderLabs-Blog/Multi-Stage-Email-Word-Attack-without-Macros/ or a very close variant. I am basing this on the detections from the VT link previously posted. Eset does not detect the initial malware downloader in the .docx file by VT hash lookup verification but does detect all the rest of the malware download components. So again, my take is that Eset e-mail scanning would not have picked it up at that point. Link to comment Share on other sites More sharing options...
novice 20 Posted July 4, 2018 Share Posted July 4, 2018 (edited) On 6/4/2018 at 3:42 AM, Marcos said: Among those 10/59 detections were none from a popular AV with a concrete detection name; all were generic detections... How is this relevant???? If an antivirus has a mechanism based on HIPS /behavior analysis the detection is supposed to be generic. Of course , 24 hour later ESET will have time to analyze it and give it a name, but we, the regular users , are not looking for a name, we are looking for a detection. Edited July 4, 2018 by claudiu Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted July 4, 2018 Administrators Share Posted July 4, 2018 8 hours ago, claudiu said: How is this relevant???? If an antivirus has a mechanism based on HIPS /behavior analysis the detection is supposed to be generic. We already kindly asked you to stop trolling. If you are not satisfied with no 100% detection, you can use any AV you like. However, we live in a real world and there's no security software that could 100% protect you from malware so sooner or later you'll get disappointed with other AVs too if you don't accept that fact and if you don't contribute to safety by practicing safe computing. Here are some tips that one should practice to stay safe: 1, Patch, Patch, PATCH 2, Back up, back up, BACK UP 3, Install protective software and keep both the program and modules updated. Do not disable any of the protection modules. 4, Choose strong passwords. 5, Control access to your machine. 6, Use email and the internet safely, do not open unknown emails and attachments. 7, Use secure connections. 8, Protect sensitive data, use encryption. 9. Most importantly, stay informed. Since everything has been said, we'll draw this topic to a close. Link to comment Share on other sites More sharing options...
Recommended Posts