Thank you guys! @Trooper, just like they were saying, you might want to start in AutoPilot mode for a day or so, then maybe switch to Smart Mode....
Thank you guys for all of you input on the desktop shield gadget! It would take forever to respond to each one, but I appreciate your guy’s help....
If people are going to speculate without testing, then I have every right to join the conversation.
You did post that! But that is not the PeddleCheap port that was recommended by MRG. PLEASE perform the test from exploit-db.com and prove me wrong.
Sure, and that rule will stop this attack... but what about the next zero day? There needs to me an effective mechanism in place that protects...
If we "We can draw no conclusion whatsoever on its effectiveness against the "real" version of DoublePulsar.", then why are we even discussing...
You said "Most security solutions can detect the "misbehaving" rundll32.exe activity done in the Metasploit version." This is simply not true......
I already tested with the metaploit port, and VS blocked DP, as clearly demonstrated in my videos. Are you suggesting that someone also test the...
1- Absolutely... as long as the attack is within the scope of application control. 2- Absolutely... as long as the attack is within the scope of...
Hehehe, I see what you are saying, but there is truly nothing to debate... there is nothing subjective in the tests or the attack. For example,...
Hehehe, the ironic thing is that the exact opposite of what you said is true. There is PLENTY of evidence that VS blocks DoublePulsar... simply...
Hehehe, I know... I truly have repeated myself 30 times. He either does not want to understand the attack, is not capable of understanding the...
That question is extremely deceptive and you know it. In the EB / DP attack, yes, VS blocked the kernel level payload DP. I have said that from...
If you do not even know the difference between an exploit and a payload, then I just wasted a bunch of time trying to explain this to you. VS...
Directly from the link you just provided... "DoublePulsar is a sophisticated memory-based kernel payload that hooks onto x86 and 64-bit systems...
First of all, DP is not an exploit, it is the malicious backdoor payload that EB tries to install... But VS blocks the installation....
You said "so don't say "VS block DP to be installed", it can't , however VS can prevent DP to do further malicious tasks." This is completely and...
Hehehe, that is where VS blocked the attack!!! EB was not "able to create rundll32.exe or calc.exe" since VS blocked it... which is the one job...
I see exactly what you are saying, but you are incorrect. How can you say that VS did not block DP, when the session was not created and the DP...
Yes, in the metasploit test, VS absolutely blocks the installation of the payload DP... this is easily proven because the session is not created...
From post #64 of this thread "If a security product is able to block loading the Doublepulsar backdoor installation, attackers have to come up...
I am confused... the title of this thread is "WannaCry Exploit Could Infect Windows 10", which I am assuming refers to Eternalblue (since WannaCry...
Unfortunately you are correct Sir ;).
Great point! Has anyone seen some actual statistics on home vs business infections from the outbreak, or are we just assuming that it was mainly...
Hehehe, I certainly am not doing any "back slapping" ;). Do you agree that the attack is either within the scope of an application control...
Separate names with a comma.
