VideoHelp Forum

+ Reply to Thread
Results 1 to 10 of 10
Thread
  1. DECEASED
    Join Date
    Jun 2009
    Location
    Heaven
    Search Comp PM
    Microsoft Corp. warns that attackers are exploiting a previously unknown vulnerability in Windows 10 and many Windows Server versions to seize control over PCs when users open a malicious document or visit a booby-trapped website. There is currently no official patch for the flaw, but Microsoft has released recommendations for mitigating the threat.

    https://krebsonsecurity.com/2021/09/microsoft-attackers-exploiting-windows-zero-day-flaw/
    "Like this facility, I don't exist."
    Quote Quote  
  2. Member Cornucopia's Avatar
    Join Date
    Oct 2001
    Location
    Deep in the Heart of Texas
    Search PM
    So, stop opening malicious documents and visiting booby-trapped sites. Duh.


    Scott
    Quote Quote  
  3. Where is the crystal ball function that allows you to know in advance what's a malicious document and which website has a booby trap?
    Quote Quote  
  4. Member Cornucopia's Avatar
    Join Date
    Oct 2001
    Location
    Deep in the Heart of Texas
    Search PM
    Critical, scientific, logical thinking. Patience. And good habits of safe methodology.


    Scott
    Quote Quote  
  5. I'm a Super Moderator johns0's Avatar
    Join Date
    Jun 2002
    Location
    canada
    Search Comp PM
    I remember years ago when an exploit attacked windows xp users that couldn't be blocked as long as you were online,same old thing happening.
    I think,therefore i am a hamster.
    Quote Quote  
  6. Originally Posted by Cornucopia View Post
    Critical, scientific, logical thinking. Patience. And good habits of safe methodology.


    Scott
    Spot on.
    Quote Quote  
  7. Originally Posted by Cornucopia View Post
    Critical, scientific, logical thinking. Patience. And good habits of safe methodology.


    Scott
    Really. I just finished 2 degrees, one on biology and one on health sciences and I don't seem to recall any class that prepared me for knowing in advance which files had a malicious payload and which sites had booby traps. Maybe I should sue my school.

    I also recently started working on a cybersecurity degree and studying for my Security+ certification, but I still haven't been taught how to use "Critical, scientific, logical thinking. Patience. And good habits of safe methodology" to know which files have a malicious payload and which sites have booby traps. Maybe they'll cover that next semester.

    On the bright side I am doing well in my Sarcasm class.
    Quote Quote  
  8. Member Cornucopia's Avatar
    Join Date
    Oct 2001
    Location
    Deep in the Heart of Texas
    Search PM
    You should get your money back.
    Quote Quote  
  9. Originally Posted by Cornucopia View Post
    You should get your money back.
    Written like a man who realizes what he said was idiotic but lacks the confidence in himself to admit he was wrong.

    Anytime you want to demonstrate the method you use to demonstrate what files have a malicious payload, without using antivirus software to scan them, or what websites may be hosting "booby traps", feel free to enlighten the rest of us heathens.
    Quote Quote  
  10. 1. Do not open / download / execute any email attachments, even from a 'trusted' source - phone them and ask them if they sent you a file. The old fashioned way.

    2. Do not click on any hyperlinked txt in email main body of txt from a stranger or known source.

    That covers 99.9% of it.

    In the 2000's I used to use AVG Antivirus (free) on home PC system/network - but any antivirus - even a mega expensive one is never going to protect you against a new exploit. Think about it.

    Until an exploit is in the wild and patched; then the AV app does not know about it, and can't save you, or prevent it from installing itself. Plain logic.

    I work on computer systems for a living and have not used an AV solution since 2003, professionally or domestically. And have never had any issues whatsoever. Not once.

    And I haven't had my bank details hacked, that old chestnut - lol - and neither have any of my clients. I AM saying keep your systems patched even if they are creaking with M$ sticking plasters. Better yet - as I do - do not use M$ for mission critical systems.

    What I am saying 100% is any AV is a waste of space / sys resource. Its a con, and nearly everyone falls for it with the bank details threat. Who's got a million pounds in their current account ?

    And the same people who advocate AV on their home PC in case hackers get their last £23.50 before payday quite happily order shit from JustEat and Amazon on their phone completely unprotected. And happily pay for small items via contactless in their local corner shop with complete strangers from lands afar manning the tills.

    Some people amaze me with their beliefs and what they actually do to put themselves at risk every day in their lives - but shit their pants if they haven't given McAfee or Kaspersky half of their monthly wages once every year.
    Last edited by codehound; 11th Sep 2021 at 19:56.
    Quote Quote  



Similar Threads