Jump to content

pbust

Staff
  • Content Count

    3,372
  • Joined

  • Last visited

Posts posted by pbust


  1. Thanks for posting Tarnak.

    It seems as if VoodooShield is querying VirusTotal for its detection.

    https://www.virustotal.com/en/file/8f05eae341003985ced864848ef49a5bde57124ab94cb55b477dbc29076f6029/analysis/1466810219/

    Not only is this problematic as they adopt all the FPs from all the 56 vendors, it is also ilegal and against the terms of service of VirusTotal to do this in a commercial product.

    I've reported the issue to VirusTotal.

     


  2. Welcome to the forum. As you suspected, it is probably due to some other third-party application relying on IE or another browser to do some tasks in the background. Every time that happens, MBAE will still inject into the browser instance and protect it.

     


  3. Thanks for confirming!

    Yeah there's still many websites that rely on VBScripting which was deprecated by Microsoft some time ago due to the security holes it opens up. In fact many Exploit Kits are still abusing VBScripting, so it's a good idea to keep that technique enabled in MBAE.

     

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.