Can your antivirus handle a zero-day malware attack.?

http://securitywatch.pcmag.com/secu...ur-antivirus-handle-a-zero-day-malware-attack

 

No Antivirus can handle all zero-day malware attacks. That is why some sort of virtualization is needed (Sandboxie, Shadow Defender, Deep Freeze, etc.).

 

Heuristics, isolation and HIPS.

 

behabiour blocker

 

anti-executable

 

both

 

Very true, my friend!

 

HIPS, Isolation/Virt, Heuristics/BB.
Of course I have all three. Comodo HIPS, sandboxie and Qihoo360/comodo sandbox/BB.

 

even better with all these arsenal

 

I'll be looking forward to your reports on compatibility.

 

I'm psyched that comodo firewall now works with sandboxie. I even ditched WSA for qihoo 360. I figured that the HIPS and sandbox would keep me pretty safe other than WSA. Qihoo 360 detection is far better than WSA.

 

Threw you through a loop with that one, didn't I?

 

I don't mind admitting that you have. (Though I of course know that cruelsister is high on the Comodo/360 combo.)

Do the two sandboxes coexist or have you turned off functionality in Comodo's?

I've never tried CFW after 5.12 so this is all new to me.

 

Everything seems to be working well. I have both of them running. The only issue I've noticed is that files download to my sandboxed folder instead of in the shared space folder. Not a huge problem. Also the virtual kiosk doesn't seem to be working well for me. Not sure why. Not a big problem. I don't really plan on using it much. I didn't see much need for WSA with all the things I have running at the moment. Technically I could just run Comodo and qihoo and be ok.

 

I'll be interested in hearing how it "tests" if you get a chance to put it through its paces.

I know that Qihoo wasn't scanning within the (Sandboxie supervised) sandboxed browser. Have you confirmed that whether it's doing so now under the new setup with either the Eicar download or URLs? (How about within the Comodo sandbox?)

Thanks for any info you can supply on this.

 

I've been testing it on VM and it's worked great. I haven't had any problems with it. Qihoo doesn't work in sandboxie. I haven't tested it with comodo sandbox. I'm sure cruelsister may have though. It does scan in my sandbox folder. Which is all I care about.

 

Just wondered if comodo firewall 6 users have conducted a shields up test recently.?
I have and noticed that port 0 reports that it is in a closed state rather than stealthed which is what usually comodo does with this port.

 

Can your antivirus handle a zero-day malware attack.?

I doubt it, considering it's a technology from the 80's, and it hasn't changed a bit since then....apparently

 

It's just an article about AV-C's test with attention-grabbing/sensationalist title, there is already a thread about the test here:
https://www.wilderssecurity.com/showthread.php?t=352255

 

Yeah exactly

 

Yes, to limit it to the ones I have tested with real zero-days

WSA: has HIPS and whitelisting option (only allow programs which have been seen by a large portion of the community)

CIS 6.0: with D+ disabled has an option to fully virtualize programs from non-whitelisted vendors

But there are more like Avast 2014 with new (WSA) like hardened mode or SecureAge+ (with whitelisting)

 

Lol, put you arm-cannon down now.

I don't use AV myself ATM since I always get problems when using one and ended up in having to find a replacement, just so I can replace it again. Yeah, I know, my computer is racist.

BTW, I think an AV can handle most (not all) fresh malware if they have some extra boost, which is pretty common nowadays. And let the party begin...

 

As much as 0-day malware is real, same goes for it being an overrated phrase.

The AV we have nowadays is not just based on signature-based detection....and no, we're not living in the 80s despite the fact that going retro is considered hippy and trendy in some parts of the fashion world.

When you can acknowledge that malware evolves and tries to evade detection, you know that 0-day malware detection will be a hit or miss scenario just like any other tests. It's range of effectiveness will vary from a percentage to another depending on sample set. It's like tossing a coin and getting heads or tails...

Against a targeted attack against a specific brand, the probability falls flat to 0 within a time frame (until it gets an update or signature). Just like any other thing.

To complicate things further, when you consider your chances of getting across a 0-day malware in a period of time (which differs from 1 person to another), it really becomes too minimal an issue to fret over because of a single digit.

So, don't worry too much about it. If you're still single and readily available (if you're of the female gender, PM me), try your luck on finding a partner. You might be luckier there.

 

OK. But the facts come from the "experts" in the industry, just so you know