Tag Archives: drive-by download

Defeat Internet Browser Exploits With Malwarebytes Anti-Exploit

imageCybercriminals design malware to exploit vulnerable systems without user interaction being required – on the one hand, and craft attacks that take advantage of unaware (untrained) computer users, in which user interaction is required – on the other hand.

The second part, of this two part attack approach, can only be defeated if the computer user is aware of current Internet threats. So, knowledge and experience, are critical ingredients in the never ending and escalating battle against cybercriminals.

In order to defeat attacks which rely on exploiting vulnerable systems, the preferred method to do so is – the implementation of a layered security approach. Employing layered security should (I emphasize should), lead to the swift detection of malware, before any damage occurs on the targeted system.

Let’s talk real world:

Given existing technology, no single security application is capable of providing adequate computer system protection. Gaps exist in protection capabilities in even the most sophisticated security applications.

Layering (or stacking) security applications, offers the best chance of remaining infection free, by closing those gaps. Keep in mind however, that even the best layered protection strategy will not make up for the lack of experience, and intuitiveness, of many computer users.

So, stopping the bad guys from gaining a foothold has to be a primary objective of that layered defense strategy that I mentioned earlier. And, part of that strategy includes, raising barriers at the doorway to the system – the Internet browser.

The Modern Malware Review (March 2013), a statistical analysis performed by Palo Alto Networks which focused on malware that – “industry-leading antivirus products” failed to detect – noted a persistent trend.

From the report:

90% of unknown malware delivered via web-browsing

Given that the samples were captured by the firewall, we were able to identify the application that carried the malware. While web-browsing was found to be the leading source of malware both in terms of total malware as well as undetected malware, the application mix was very different between the two groups.

For example, SMTP accounted for 25% of the total malware, but only 2% of the fully undetected malware. Comparatively, web-browsing dominated both
categories, accounting for 68% of total malware, but over 90% of undetected samples. This clearly shows that unknown malware is disproportionally more likely to be delivered from the web as opposed to email.

Another brick in the wall:

Malwarebytes Anti-Exploit (formerly Zero Vulnerability Labs ExploitShield) – a free “install and forget” Internet browser security application (which I installed several days ago) – is designed to protect users from unknown “zero-day” vulnerability exploits aimed at Firefox, Chrome, Internet Explorer, Opera……..

As well, protection is also included for selected browser components – Java, Adobe Reader, Flash, and Shockwave. Added protection is incorporated for Microsoft Office components – Word, Excel, PowerPoint.

Fast facts:

Malwarebytes Anti-Exploit protects users where traditional security measures fail. It consists of an innovative patent-pending application shielding technology that prevents malicious exploits from compromising computers through software vulnerabilities.

Malwarebytes Anti-Exploit is free for home users and non-profit organizations. It includes all protections needed to prevent drive-by download targeted attacks originating from commercial exploit kits and other web-based exploits.

These type of attacks are used as common infection vectors for financial malware, ransomware, rogue antivirus and other types of nastiest not commonly detected by traditional blacklisting antivirus and security products.

Installation is a breeze and, on application launch, a simple and uncomplicated interface is presented.

image

Clicking on the “Shields” tab will provide you with a list of applications protected by Anti-Exploit – as shown below.

image

As a reminder that Anti-Exploit is up and running, a new Icon – as shown in the following screen shot, will appear in the system tray.

image

System requirements: Windows 8, Windows 7, Windows Vista, and Windows XP.

Download at: MajorGeeks

The good news: Each of us, in our own way, has been changed by the world of wonders that the Internet has brought to us. Twenty years on, and I’m still awestruck. I suspect that many of us will be thunderstruck by applications and projects yet to be released.

The bad news: The Internet has more than it’s fair share of criminals, scam and fraud artists, and worse. These lowlifes occupy a world that reeks of tainted search engine results, malware infected legitimate websites, drive-by downloads and bogus security software.

When travelling in this often dangerous territory, please be guided by the following: Stop – Think – Click. The bad guys – including the corrupted American government – really are out to get you.

The Modern Malware Review is a 20 page PDF file packed with data which provides a real-world perspective on malware and cybercrime. I recommend that you read it.

28 Comments

Filed under Browsers, Don't Get Hacked, downloads, Free Anti-malware Software, Freeware, Malwarebytes’ Anti-Malware

ExploitShield Browser Edition – FREE

Cybercriminals design malware to exploit vulnerable systems without user interaction being required – on the one hand, and craft attacks that take advantage of unaware computer users, in which user interaction is required – on the other hand.

The second part, of this two part attack approach, can only be defeated if the computer user is aware of current Internet threats. So, knowledge and experience, are critical ingredients in the never ending, and escalating battle, against cybercriminals.

In order to defeat attacks which rely on exploiting vulnerable systems, the preferred method to do so, is the implementation of a layered security approach. Employing layered security should (I emphasize should), ensure the swift detection of malware, before any damage occurs on the targeted system.

Let’s talk real world:

Given existing technology, no single security application is capable of providing adequate computer system protection. Gaps exist in protection capabilities in even the most sophisticated security applications.

Layering (or stacking) security applications, offers the best chance of remaining infection free, by closing these gaps. Keep in mind however, that even the best layered protection strategy will not make up for the lack of experience, and intuitiveness, of many computer users.

So, stopping the bad guys from gaining a foothold has to be a primary objective of that layered defense strategy that I mentioned earlier. And, part of that strategy includes raising barriers at the doorway to the system – the Internet browser.

ExploitShield (brought to my attention some time ago by good friend Michael Fisher), a free Internet browser security application which is currently in Beta, seems well suited to helping raise those barriers.

From the site:

ExploitShield protects users where traditional security measures fail. It consists of an innovative patent-pending application shielding technology that prevents malicious exploits from compromising computers through software vulnerabilities.

ExploitShield Browser Edition is free for home users and non-profit organizations. It includes all protections needed to prevent drive-by download targeted attacks originating from commercial exploit kits and other web-based exploits.

These type of attacks are used as common infection vectors for financial malware, ransomware, rogue antivirus and other types of nastiest not commonly detected by traditional blacklisting antivirus and security products.

Where’s the proof?

Since I’m just now getting back into application testing, following six months or so of 60+ hours a week assignments, I’ve relied (in this case) on the expert opinion of others (including Neil J. Rubenking), as to the effectiveness of ExploitShield. My apologies for that.

Installation is a breeze and, on application launch, a simple and uncomplicated interface is presented.

image

Clicking on the “Shields” tab will provide you with a list of applications protected by ExploitShield – as shown below.

image

Once loaded, ExploitShield will run as a background process (shown in the screen capture below – necessary since it provides active protection for the applications shown in the screenshot above.

image

As a reminder that ExploitShield is up and running, a new Icon – the “Z”, as shown in the following screen shot ,will appear in the system tray.

image

System requirements: Windows 8, Windows 7, Windows Vista, and Windows XP. ExploitShield runs as both 32 bit and native bit.

From the developer: This beta 0.8.1 expires March 31, 2013. Check back to download a new version once expired.

Download at: ZeroVulnerabilityLabs

It may be a new year – but, the state of Internet security is as it ever was – pathetic. The Internet is a world that is full of cybercriminals, scam and fraud artists, and worse. A world that reeks of tainted search engine results, malware infected legitimate websites, drive-by downloads and bogus security software.

Please be guided by the following: Stop – Think – Click. The bad guys really are out to get you.

15 Comments

Filed under 64 Bit Software, Anti-Malware Tools, Browsers, Don't Get Hacked, downloads