Probably associated with this: https://www.wilderssecurity.com/thr...ent-blackmoon-banking-trojan-campaign.393811/ Block all inbound/outbound traffic to this address, 1.234.3.139, and it can't connect.
I'm still waiting for a standalone version. Apparently Cylance doesn't need to use the cloud, so why do they refuse to release it? I've also read it generate lots of false positives, so that may be the problem.
They do have a stand alone version. That is what I am using. It is through Malware Managed. If you subscribe to their yearly sub you get access to your very own portal. From that portal you can waive any file they tag if you are sure it is not a baddie. I think the most of the time those false positives are from sigs or the packing programs the program uses. On your portal you can also click analyze the file on Virus Total like Voodoo does. Or by stand alone do you mean a program that does never need internet access? Very few do these days.
With standalone I mean a version that isn't controlled by "Malware Managed". I've read about Cylance on their own blog, and they say they don't need the cloud, so all behavior watching (via AI) is done locally on the system itself. So it doesn't even need to be connected to the internet.
And I have their access blocked via firewall , unless I want to do a Virus Total check. BUT I probably don't need it via all my other security. BUT like all you I love to test software and have done so for a very long time. Like I said before I was here during the first 1000 members. You may have been on of them, I can not remember. I do remember a bunch that were. And again even though the current records only go back to 2002. I was here in the 90's and so no I am not a newbie. Just letting you know is all.
Yes you already mentioned this, what was your original nickname? And I hope you now know what I mean. Cylance keeps boasting that they got great detections rate without having to use signatures/heuristics like traditional AV's, so bring it on.