Jump to content

Amaroq_Starwind

Members
  • Content Count

    518
  • Joined

  • Last visited

Everything posted by Amaroq_Starwind

  1. Since Apple keeps aggressively shooting down cybersecurity for iDevices, is there a way that users could transition to obtaining Malwarebytes through the Enterprise Management system?
  2. Windows 10, by default, reserves Case-sensitive filenames/folders for the Linux subsystem, but there is a registry change you can make to enforce Case-sensitivity for Windows programs as well, and you can use PowerShell to set specific folders to be Case-sensitive.
  3. The MalwareBytes team could put an unrestricted version of the app inside of the MalwareBytes Windows client, and allow the user to manage the sideload that way. Since it would be through a secure channel, it wouldn't be anywhere near as dangerous as grabbing it from a website.
  4. Due to recent events, I feel a strong urge to switch over from the Home version of MalwareBytes to the Business version, but before I fork over the delicious cash or plan my budgeting, I want to know some things: 1. As a current Home user, what business-exclusive features could I reasonably expect to benefit from in everyday use? 2. When upgrading from Home to Business, which products in particular would you recommend? 3. Based on the answers to the previous two, how much more can I expect the Business-line products to cost me compared to the consumer versions that I'm already using? Thanks! 🦊
  5. Does Malwarebytes have the ability to scan case-sensitive files and directories? If not, then I strongly feel like that ability should be added, especially since Windows supports case-sensitive files and directories now, and cross-platform threats are becoming increasingly common.
  6. Sometimes, an app is just a lot more convenient. And I'm sure that there's a ton of room for optimization to minimize resource consumption, especially battery.
  7. Just out of curiosity: would analog computers be more resistant to Malware?
  8. This is why the security providers need to get their hands on the quantum computers first, and why we need to start using mesh nets.
  9. This idea is a simple one; incorporate the Android version of the MalwareBytes components within the Windows and Mac versions, and allow it to scan Android devices over USB. This would be a good way to remove Android-based threats when an Android device is no longer under the user's control, as Android threats can't target Windows. This functionality could also extend to sanitizing MicroSD cards from Android devices, or even allow you to sideload the Android version of Malwarebytes through the Windows/macOS Malwarebytes client.
  10. My proposal here is simple; an app for iOS/macOS, Android, Win32, UWP and Linux that keeps informed whenever there is a new blog post, product announcement, beta program, and so on. It could also let you access the MalwareBytes community through your forum account, manage your licenses and installed products, and more quickly and easily get in touch with support staff.
  11. 1. https://www.wired.com/2016/06/demonically-clever-backdoor-hides-inside-computer-chip/ 2. https://en.wikipedia.org/wiki/Hybrid_computer 3. https://en.wikipedia.org/wiki/Analog_computer#Resurgence 4. https://www.dwavesys.com/take-leap 5. https://spectrum.ieee.org/computing/software/mayhem-the-machine-that-finds-software-vulnerabilities-then-patches-them Here we go... Hopefully something good will actually come out of me sharing all this information.
  12. MalwareBytes Quantum. Leveraging the power of cloud-based quantum computing, MalwareBytes Quantum actively hunts for zero-day vulnerabilities around the clock to correct them on the fly, and even hunts down Malware authors to give them a taste of their own medicine.
  13. There's a system called MAYHEM, designed to hunt down vulnerabilities zero-day vulnerabilities and correct them on the fly. Combine that with a hybrid Digital/Analog/Quantum supercomputing platform, and you might have an effective defense. I know for a fact that it can be done.
  14. I really don't want to bump this, but seeing as nobody came when I specifically mentioned them... 😕 It's been exactly a year since @oblivionisinevitable made this thread, and literally nobody but myself seems to have responded in that time.
  15. It was inevitable. Some groups are just filled with horrible, horrible people.
  16. "MalwareBytes has encountered an error. Please contact support."
  17. https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/ This is the first known Malware specifically designed to kill people, as far as I can tell. I feel like there couldn't be a better time for somebody to take a more offensive approach to cybersecurity...
  18. Wait, really? That's unfortunate... I currently have a license, so I didn't even realize.
  19. What I meant by scanning scripts is to run them in an online simulation as a means of testing their threat level, and trying identify patterns in the way they're written.
  20. By Non-PE, I specifically mean things like Script files, DOS executables, Linux executables, JAR files, and so on. MalwareBytes doesn't scan those, but just because a dormant threat can't affect your current system does not mean it can't affect other systems, especially on a business or development platform, or when using peer-to-peer file sharing. I only even found out that MalwareBytes didn't try to scan DOS executables because of a file called PAPER.TXT/PAPER.EXE, a research paper (about itself) which was also an executable program. Early on in the paper, it mentioned that virus scanners may pick it up. I manually scanned it with MalwareBytes, and it didn't detect anything, but when I showed the paper to MalwareBytes staff they told me that it was because it was a DOS executable and would thus have little to no threat potential against a modern operating system. Or so they say... you can never be too careful, IMHO.
  21. Extending on this idea: Attempted changes made by means of UAC-V could be logged and tracked in detail for both Security and Software-development reasons, and then an Administrator could individually approve those filesystem and registry changes to be distributed system-wide once they're certain that the changes are desirable. An Administrator could even choose to whitelist certain trusted applications so that further UAC prompts would not be required. This could even be combined with a 64-Bit version of Installer Detection (also detailed in one of the above links) to provide increased safety and compatibility for Enterprise customers, as incorrectly built installers will request elevation and be redirected as they should while also telling the Administrator, Log Viewer or Developer exactly what went wrong. One more note: All of this could potentially take some time and stress away from the user's workflow as well, as they wouldn't have to constantly deal with UAC.
  22. In Windows 10, Microsoft introduced a feature called User Account Control virtualization. 1. https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/user-account-control-virtualize-file-and-registry-write-failures-to-per-user-locations 2. https://docs.microsoft.com/en-us/windows/security/identity-protection/user-account-control/how-user-account-control-works In a nutshell, UAC Virtualization is a short-term solution for backwards compatibility with older software which is non-UAC compliant, without forcing the user to grant the application Administrator privileges; in the event of a Denied Access failure, attempted I/O to System directories or registry hives instead get redirected to a per-user directory or hive. However, as this is meant to be a short-term solution, it is not recommended by Microsoft to be used for anything outside of debugging purposes. It also isn't enabled globally and has to be toggled on a per-application basis, and the final nail in the coffin: it can't be enabled for 64-Bit applications. To note, UAC-V is automatically overridden when you choose to grant Administrator privileges to a program anyway. UAC Virtualization has potential applications in the field of security, but could be seen as a crutch for developers (hence why Microsoft placed these limitations on it). In many Enterprise environments, however, legacy software is often still used to some extent, which can pose a security risk. On the flipside, there's ample room for configuring UAC-V (or an equivalent of it) on an Administrative, Organization-Wide level, and automatically auditing errors for purposes of both debugging and cyberforensics. So my proposal is as follows; Create both a File System Filter Driver and a Registry Filter Driver as a MalwareBytes component to provide a security-focused equivalent to UAC-V, which could be applied globally to all applications, or only to specific users, applications and groups. In addition, enable the driver to also provide UAC-V for 64-Bit applications. To prevent inexperienced software developers from relying on it and to prevent malicious abuse of the system, Administrators could override the settings of less-privileged users and groups through the management console. Any thoughts on this subject?
  23. Hey, @treed. Really sorry to bother you, but is my suggestion actually possible?
  24. Should probably create an automated script that checks the file where icons are pinned to the dock and automatically corrects it, replacing the shortcut for the stub app with the correct one
  25. I had a thought recently; what harm would it cause if the Business-line MalwareBytes products were given a different color scheme to help further distinguish them from the Home products? For example, something like Purple? It's close enough to Blue that it wouldn't look drastically out of place, but far enough from Blue to be easily recognized at a glance. Now, that's not to say that Purple is the only option. If anyone has arguments for keeping with the Blue color, or for using a different color entirely from either of those two, then I'd love to hear it.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.