Fresh Malware with No Known Family Discovered in Targeted Attack

Discussion in 'malware problems & news' started by Minimalist, May 9, 2017.

  1. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
  2. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,591
    Location:
    U.S.A.
    Last edited: May 9, 2017
  3. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,499
    Way to go Cylance:thumb: I wonder how many use Cylance on this forum besides me?
     
  4. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    I'm still waiting for a standalone version. Apparently Cylance doesn't need to use the cloud, so why do they refuse to release it? I've also read it generate lots of false positives, so that may be the problem.
     
  5. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,499
    They do have a stand alone version. That is what I am using. It is through Malware Managed. If you subscribe to their yearly sub you get access to your very own portal. From that portal you can waive any file they tag if you are sure it is not a baddie. I think the most of the time those false positives are from sigs or the packing programs the program uses. On your portal you can also click analyze the file on Virus Total like Voodoo does.

    Or by stand alone do you mean a program that does never need internet access? Very few do these days.
     
  6. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    With standalone I mean a version that isn't controlled by "Malware Managed". I've read about Cylance on their own blog, and they say they don't need the cloud, so all behavior watching (via AI) is done locally on the system itself. So it doesn't even need to be connected to the internet.
     
  7. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,499
    And I have their access blocked via firewall , unless I want to do a Virus Total check.
    BUT I probably don't need it via all my other security. BUT like all you I love to test software and have done so for a very long time. Like I said before I was here during the first 1000 members. You may have been on of them, I can not remember. I do remember a bunch that were. And again even though the current records only go back to 2002. I was here in the 90's and so no I am not a newbie. Just letting you know is all.
     
  8. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Yes you already mentioned this, what was your original nickname? And I hope you now know what I mean. Cylance keeps boasting that they got great detections rate without having to use signatures/heuristics like traditional AV's, so bring it on.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.