Welcome to Smokey's Security Forums.
As a guest you only have limited access to the board and it's features, please consider registering to gain full access!
Registration is free and it only takes a few moments to complete.

Smokey's Security Forums

Please login or register.

Login with username, password and session length
Advanced search  


Fileless attacks surge in 2017, security solutions are not stopping them

Fileless attacks are on the rise and are predicted to comprise 35 percent of all attacks next year, according to the Ponemon Institute.

Fileless attacks surge in 2017, security solutions are not stopping them

Malware Log Analysis & Removal Help * Ransomware Encryption & Decrytion Techniques * Official Jetico Inc. Support Forums

Share this topic on FacebookShare this topic on MySpaceShare this topic on RedditShare this topic on TwitterAuthorTopic: New in 2017.6: Double Pulsar Mitigation and Email Notifications  (Read 86 times)

0 Members and 1 Guest are viewing this topic.

GilbertTopic starter

  • Updates Moderator
  • *
  • Offline Offline
  • location: Arctic
  • Posts: 31619
New in 2017.6: Double Pulsar Mitigation and Email Notifications
3 July 2017, 7:00 pm

Behavior Blocker with Double Pulsar Mitigation

More than six weeks have gone by since the global outbreak of the WannaCry ransomware and it’s safe to say we’re still feeling its effects. In fact, just days ago, news emerged that 55 traffic cameras in Victoria, Australia, had been infected by the malware. WannaCry uses Double Pulsar, an exploit tool supposedly developed by the NSA, to infect Windows computers that are not updated with the latest security patches.

Our ransomware response team is continuously working to help victims around the world out of their misery, but one general problem for computer techs remains: When installing an operating system on a new computer, there’s a time gap of up to an hour between connecting it to the Internet and getting all updates installed. With countless botnets constantly scanning the entire Internet for unpatched computers, it usually only takes a couple of seconds for a machine to get infected during this exceptionally vulnerable window of time.

To mitigate these attacks, our lab has improved our advanced behavior blocker module of Emsisoft Anti-Malware and Emsisoft Internet Security, which can now detect and block any attempts to use the leak that allows Double Pulsar to enter your computer. While you still have a responsibility to update the latest security patches, it does give you more time to complete the obligatory Windows Update procedure. The Emsisoft behavior blocker instantly shuts down any processes that try to use the exploit and shows you a notification box like this:

Double Pulsar Mitigation by Emsisoft Anti-Malware

Advanced Email Notifications

A frequently requested feature, especially by network admins, was the ability to receive notification emails on various events of our protection software. For those who manage attended or unattended computers remotely, it’s critical to know immediately when certain events take place – say, the exact time malware was found or when reboots are required to complete an online update of the software’s core protection components.

We listened to your feedback. The new email notifications feature can be found in the “Settings” – “Notifications” section of Emsisoft Anti-Malware and Emsisoft Internet Security. Granular settings allow you to choose which events you want to receive notifications for.

All 2017.6 updates in a nutshell

Emsisoft Anti-Malware & Emsisoft Internet Security

New Double Pulsar exploit mitigation in behavior blocker.

New advanced Email Notifications feature.

Improved: Scheduled scans now also run when no user is logged on to the computer.

Improved: Support for Windows Store (universal) apps.

Several minor tweaks and fixes.

Emsisoft Enterprise Console

Improved product stability and general fine tuning.

Improved Update Proxy, relocated cache folder to ProgramData.

Fixed client connectivity issues.

Fixed reporting issues.

Several minor tweaks and fixes.

Emsisoft Emergency Kit

New feature for easy switching to Emsisoft Anti-Malware.

How to obtain the new version

As always, so long as you have auto-updates enabled in the software, you will receive the latest version automatically during your regularly scheduled updates, which are hourly by default. New users please download the full installer from our product pages.

Note to Enterprise users: If you have chosen to receive “Delayed” updates in the Update settings for your clients, they will receive the new software version no earlier than 30 days after the regular “Stable” availability. This gives you time to perform internal compatibility tests before a new version gets rolled out to your clients automatically.

Have a great (ransomware-free) day!

Related Posts:New in 2017.3: Improved protection, scan of…New in 2017.4: Scheduled USB scans and bug fixesNew in 2017.2: Faster software startup and moreEmsisoft Anti-Malware & Emsisoft Internet…Emsisoft Anti-Malware & Emsisoft Internet…

Source: Emsisoft | Security Blog

>> To obtain the full Emsisoft article, click the link in the first post line <<

* Permissions
You can't post new topics.
You can't post replies.
You can't post attachments.
You can't modify your posts.
BBCode Enabled
Smilies Enabled
[img] Enabled
HTML Disabled

Except where otherwise stated, all content, graphics, banners and images included © 2006 - 2017 Smokey Services™ -- All rights reserved
Design board graphics, banners and images by Meg&Millie - Emma aka Tinker

This site does not store profiling-, tracking-, third-party and/or any other non-essential cookie(s) on client computers and is fully compliant with the EU ePrivacy Directive
Smokey's does not use any Web Analytics/Analysis Service, and also does not use any browser fingerprinting techniques



Smokey's also provides free fully qualified FRST (Farbar Recovery Scan Tool) Log / Malware Analysis & Removal Help and System Health Checks