What is your security setup these days?

You can also refer to:

https://github.com/arkenfox/user.js/blob/master/user.js

 

it happens that both you and I use UBO in Hard Mode.
Then continues:

I do not know in Canada, but in Italy worse than useless........

 

Haha...okay I'll give you that

 

Xubuntu 21.10 (PC my daughter)
Strong password enabled
Quad9 DNS
UFW Firewall - enabled

Mozilla Firefox (latest version)

• Changed the settings in about:config for best privacy and security.
• Fission - enabled
• HTTPS-only-mode enabled
• DuckDuckGo set as search engine and homepage.

Extensions:

• UBO - Hard Mode - with TLD by Kees1958
• LocalCDN
• Speed Dial
• VideoDownloadHelper

P.S.
I checked the Linux Firefox Sandbox

 

@Sampei Nihira

Are you Firejail on Linux and/or RLbox as far as being Sandbox?

Kind regards,

 

How do you check Linux Firefox Sandbox?

 

about:support

 

Uninstalled Hard_Configurator and ran Simple Windows Hardening instead.

https://malwaretips.com/threads/configuredefender-utility-for-windows-10.79039/page-72#post-965820

Probably. With H_C enabled I could not download .exe files in Firefox for some reason. Disabling H_C and uninstallling H_C re-enabled downloading of .exe files.*

Uninstalled KSC and reinstalled N360.

#393

* Please note; I am not looking for support for this issue. Uninstalling Hard_Configurator resolved it.

 

Wow nice to see this is still on the go. Its been a long time since I've been here.
Voodoo Shield and windows firewall running on windows 10

 

AVG IS
Avira phantom vpn
Cloudflare dns 1.1.1.1 (don't know if it helps as I'm using vpn)
Rollback rx
Backup on external hdd
On demand: hmp, adw cleaner, npe, f-secure online scanner, eset online scanner
Chrome extensions: lastpass, bitdefender anti-track, adblock plus.

 

I ditched Huorong and started using 360 Total Security Premium again two weeks ago. 360 is lighter. I've still got WiseVector installed but don't currently use it, as it was causing some internet problems.

 

You're really into these Chinese AV's LOL. So now you're even paying for it? What does it provide you that others don't? I just wonder about it.

 

I think i stopped using Malwarebytes 4 or 5 years ago.

All 6 computers have Emsisoft Anti-Malware and 4 those computers also have HitManPro.Alert.
Win 7 is not used, 5 are Win 10 and 1 Win 8.1.

Something needs to be done with Win 8.1, Emsisoft is gonna stop with definition updates june 2022.
Maybe Voodooshield and Windows Defender.
Now i test Voodooshield with Win 10.

 

Yes, you can buy very cheap licenses from third party sellers. It doesn't automatically quarantine files.

 

3rd party sellers on Ebay or.... ?

 

I bought it from the website gamivo.com. In the past I've purchased it from eBay, but this time, I couldn't find it there.

 

Im testing F-Secure AV with Secureaplus free. F-Secure is quite good, but it lacks against lolbins. On my own malware testing, secureaplus freebie is really good to stop lolbin malwares.
Thinkin about to upgrade SAP to pro version, because of its unique way to check certificate checks (Trusted Certificate List, Name & Thumbprint).
Tried against fresh signed malware, F-Secure failed, secureaplus pro warned thumbprint certificate. Pretty good eh?

 

Oh yes, now I remember that you liked it for this reason. But didn't you like any other feature in the Pro version?

 

If your favorite AV software does have a feature that allows user to choose to quarantine, allow, deny. Depends on software used, this might work or not.
On my own testing ( i do like test all kind of security softwares). One basic example i've came across is:
1) Run ransomware malware sample or something similar and destructive
2) Your favorite AV(or other solution) pop-ups a window something like "Heur/APC", then it asks Allow or Deny
3) Don't click Allow or Deny, leave that pop up window open
4) Malware spawns several other child and/or parent processes
5) Those spawned processes are encrypting your system in the background
6) Click Deny
7) It kills the main process, but those background parent processes are still encrypting your files
System encrypted

So sometimes "auto-quarantine" feature is recommended.

 

Standard user account
Microsoft defender (+ Defender UI)
Malwarebytes
Voodooshield
Chrome + AdGuard + uBlock + Trafficlight

 

Good point. But perhaps that's why it's also a good idea to use dedicated anti-ransomware in case AV messed up, something like HMPA or AppCheck.

 

It removes the annoying ads that the free version has.

I would have though that unless you specifically clicked on Allow, the malware wouldn't be able to anything, but obviously that is not always the case. Anyway, that's an interesting situation and I have no idea how 360 would handle it.

 

Restoring a clean image will solve encryption by ransomware, correct? If so, why worry about ransomware (am I missing something)?

 

The main problem with ransomware now is that they leak personal information.
Like in the latest attack:
https://www.bleepingcomputer.com/ne...hit-by-conti-ransomware-no-ransom-demand-yet/
You can retore from a clean image but your data is out there.