Why is it that articles like this don't mention prevention solutions at the point of attack (the triggering mechanism in the Exploit Kit itself)? ---- rich
I guess that they only focus on one aspect of those exploits - in this case their "sophistication". If they explain it all in one article they won't have anything to write next weak. So prevention might be presented in next article
More than half of the article is about the weakness of detection (a type of end-point prevention). It would be easy to mention prevention at the perimeter, where the triggering action is: In-The-Wild, Nuclear Kit Found That Automatically Generates Flash Exploit Variants On-The-Fly http://www.morphisec.com/in-the-wil...-generates-flash-exploit-variants-on-the-fly/ (My emphasis) ---- rich
Newest ransomware pilfers passwords before encrypting gigabytes of data http://arstechnica.com/security/201...asswords-before-encrypting-gigabytes-of-data/
Appears AV's have sigs for the Pony Trojan: https://blog.avast.com/2014/10/27/pony-stealer-spread-vicious-malware-using-email-campaign/
I was talking about pro active protection, most HIPS don't protect passwords out of the box, Outpost does do this: http://www.agnitum.com/lp/outpost-7-features.php#id1