2015 -- the year automated malware protection and firewalls become worthless?

[anuseems]

Whether you're a home or business user, one thing you've probably had drummed into you for years is the importance of virus protection, an effective firewall and malware guards. Well, as we start our journey into 2015 such security tools may not be anywhere near as effective as they used to be. Is it worth investing in them at all?

The suggestion isnt that we should ditch firewalls and malware protection altogether -- that would be insanity. But security expert Ilia Kolochenko says that we need to rethink our reliance on automated security tools.

Kolochenko is CEO of High-Tech Bridge and Chief Architect of ImmuniWeb, and he has looked forward to the year ahead to make a number of security predictions. Perhaps the most interesting is the idea that we will no longer be able to rely on automated security tools to offer the level of protection we need. That's not to say that they won't have their place, just that human intervention is going to be necessary as attacks become more complex and evolve more quickly.

Web Application Firewalls, Web Vulnerability Scanners or Malware Detection services will not be efficient anymore if used independently or without human control. Both web vulnerabilities and web attacks are becoming more and more sophisticated and complex to detect, and human intervention is almost always necessary to fully detect all the vulnerabilities. It's not enough to patch 90% or even 99% of the vulnerabilities - hackers will detect the last vulnerability and use it to compromise the entire website. As a solution to the new threats High-Tech Bridge has launched ImmuniWeb SaaS -- a unique hybrid that uses automated security assessment combined with manual penetration testing.

Kolochenko also believes that we'll see an increase in the number of online problems originating from external sources. It's fair to say that direct attacks that exploit vulnerabilities in sites, apps and services will continue, but there will be an increase in attacks that take other forms. Plugins are seen as being particularly problematic, as is cross-site scripting (XSS), and these are just two examples of security problems that require human intervention.

So while it might not quite be time to ditch the malware tools and firewall entirely, it is time to appreciate that even the best tool is only ever going to offer limited protection.

http://betanews.com/2015/01/05/2015-the-year-automated-malware-protection-and-firewalls-become-worthless/

[The Owl]

most viri / Trojans get on your machine because of one major thing "YOU" or the stupidity of the person behind the keyboard.

A Good AV and being careful of what you click on will stop 99% of stuff and if like me you do download stuff with "keygen's" etc be specially careful and do it in a "Quarantined" area and do regular scan's and keep your AV updated.

[SPECTRUM]

most of the current security issues are only related with user's faults.

[steven36]

most viri / Trojans get on your machine because of one major thing "YOU" or the stupidity of the person behind the keyboard.

A Good AV and being careful of what you click on will stop 99% of stuff and if like me you do download stuff with "keygen's" etc be specially careful and do it in a "Quarantined" area and do regular scan's and keep your AV updated.

Back some years ago they use to be a virus in some keygens but they could be healed with DR.Web 2010-2011 and any av detected it . And the release groups didn't mean to do it . There was that one group in 2013 MeGaHeRTz was harvesting information from there patches .

but 90% most cracks are nothing but false positives

//www.nsaneforums.com/topic/12741-infected-fix-crack-patch-and-or-keygen/

. The scary thing is if it was done intentional it would be done in such a way regular scan's would not pick it up on much.I seen this happen once. Some anti virus programs have more false positives than they do real ones When the real thing comes it may not protect you at all.

A good tip when threats like this come along with firewalls, if they do use a interactive firewall so you can see if strange things are calling home . If anti malware programs dont have the data bases to find the threat they cant stop it ( there not worth a hill of beans) you would need remove yourself or reformat if you cant remove it. I remember before they made XP SP2 FW you could get infected just by connecting to internet and AVG or Norton wouldn't stop it and could not remove some stuff they detected . A lot of reformatting was going on back then . I made some money cleaning or reformatting-peoples computers tough . :)

Most likely if things get as bad as this article says your more likely would be infected from some website than from some respected crack group. ;)

[#return 1337]

most viri / Trojans get on your machine because of one major thing "YOU" or the stupidity of the person behind the keyboard.

A Good AV and being careful of what you click on will stop 99% of stuff and if like me you do download stuff with "keygen's" etc be specially careful and do it in a "Quarantined" area and do regular scan's and keep your AV updated.

They way I used to propagate malware was through common exploits in NetBIOS on Windows 2K/XP. But I'm sure it's just much easier for some chink in China to just pack it inside of a fucking flash update or something.

[steven36]

Yep, people really have a hard time telling what is real and what's not real . That's one thing I dont miss at all about posting warez . It got so bad once with people crying wolf because of packers giving false positives . It took almost all the fun out doing it. Anyone that's motive is truly just to help out people that cant afford to buy programs then others they complain and fuss after you really tested it then some noob comes up and says its virus when its not , If people dont know what is not real people sure the heck are not going know what is real they have been became too depended on anti-malware vendors when just 10 years ago they were not even all that dependable.

I remember when I 1st tired Kaspersky 5 in like 2007 it was better than all those other antivirus that was out at the time . But even in 2007 if you had something like AVG installed and it let a virus in and then try to remove it by uninstalling AVG or what ever one you used that you was infected with . by then It was to late to install kapersky because in 2007 even though it were the best on the market it mostly could prevent virus not get rid of them . That's why for along time I just used kaspersky because it could prevent you from getting it to begin with. prevention is the best medicine .

if Anti-malware cease to prevent infection doing scans every so often wont help much, by the time the databases catch up with the 0 day threats it will be to late you could done been infected for days or weeks. :rolleyes:

The best thing you may would hope for is you can remove it manually yourself and if you cant you have a clean backup image or you will need to reformat . Worse thing would be its some new threat that not widely known yet and your infected days or weeks and your anti malware dont even detect it yet . :o

[The Owl]

When I first got a AV it was Dr Solomon's which was brilliant then Symantec brought it out and integrated their staff which made Nortons the top dog till about 2008 / 2009 when it became bloated a lot of their long time and big customers and their testers (which included me) had goes about it being bloatware and they completely rewrote it since then it IMHO has been the best AV out there when used along side Malwarebytes and a personal preference of mine Pest Patrol Corporate, now seriously I will NOT get into a "Oh mines better than yours" pissing contest my combination along with the hardware firewall built in to my router works and works well and I know how much dodgy stuff I grab every day YOU DONT. And as I have said so many times before a, I am now technically retired but am still for "Special Customers" working and have been doing what I do since the days of 386's i.e. before most of you were even born or were still suckling on your mothers, b, with all that experience and as I have said locally Respect because I never wanted to go big time because of personal circumstances

I think I know what I am talking about. EOS.

for reference for those not old enough to remember them

http://en.wikipedia.org/wiki/Dr_Solomon's_Antivirus

[steven36]

I remember when just going to windows updates page and gave people virus once . A lot people were installing updates on new machines and were being infected before they ever got around installing antivirus . If Microsoft site can be infected with virus as has been in the past that means any site can be infected . You could be trying install something from a good site and get infected . The problem being if your were trying use a newer anti virus they were not even compatible with older service pack so needed updates to install them. :P

The latest big infection to hit internet and its still out there

SoakSoak malware leaves 11,000 WordPress sites blacklisted by Google

More than 11,000 domains reported to have been blacklisted by search engine, but more than 100,000 sites may be affected

SoakSoak modifies a file in infected sites’ WordPress installation, then loads a Javascript malware from the soaksoak.ru domain – hence the name.

http://www.theguardian.com/technology/2014/dec/16/soaksoak-malware-wordpress-blacklisted-google

This is caused by and outdated plugin that many never updated or did not have the money to update a premium plugin.