Skip to comments.Five Endpoint Attacks Your Antivirus Won’t Catch
Posted on 11/18/2019 4:16:44 PM PST by fireman15
Fileless attacks allow sophisticated hackers to evade antivirus programs and hide inside legitimate applications and operating systems. According to 2019 Endpoint Security Survey, fileless attacks on endpoints are the biggest concern of security experts. In addition, about 53% of organization experience an increase in endpoint security risks.
Endpoints are the access point into your data, credentials, environment, and probably your entire organization. Vulnerable endpoints allow attackers to steal data, access your network, and execute ransomware attacks. This article explains how attackers have improved their strategies to bypass traditional antivirus, putting your system at risk.
1. Cryptomining Malware Cryptomining tools convert computing power into profit. Cryptocurrency mining demands a lot of expensive CPU resources. Therefore, attackers create malware and other attacks to quietly drain computing resources from victims for cryptomining.
Cryptomining attack methods include:
Exploiting exposed AWS resourceshackers steal AWS account credentials to exploit cloud cryptomining resources, often referred to as cryptojacking.
Browser based attacksattackers lure cryptominers to compromised websites that look legitimate at first sight.
Cryptomining malwareattackers use phishing campaigns to deliver malware that consumes CPU on your endpoints.
(Excerpt) Read more at blogs.harvard.edu ...
The primary symptom that has tipped me off on our laptops is when one of them is sitting idle and the computer gets hot and the fan starts running full bore. The other problem that I have had is when the laptop is put to sleep and put in its bag and when I arrive at my destination it is super hot and the battery is dead. I shut them down all the way these days if I want to be sure this will not happen.
I also had an Amazon Fire TV box get infected and started running so hot that it became unstable. I suspect that my Apple TV may have started overheating for the same reason.
Cryptomining malware is quickly becoming one of the most pervasive and annoying problems on the internet.
antivirus programs aren’t all that great to start with, though they soak up massive amounts of memory and cpu resources
the only way to secure a windows system is to set up a minimum of two login accounts: one is a normal administrative account (akin to unix superuser but unfortunately the default on windows) and a second account that is a Limited User account, then use the Limited User account for all work except for system/software/peripheral adds/removes/updates, which would be the only reasons that the administrative account is used ... you can still get malware in the limited account, but such malware is local to the user account, can not invade the system or the software, and is very easy to remove by going to the administrative account and deleting the malware components (which can’t fight back since they can only be started by the limited account)
No flashing lights on your router?
It’s a good thing for everyone that I have no interest in planting viruses on anyone’s computer. There’s beaucoup ways to do this that haven’t been attempted yet, SFAIAA.
Sounds like a very good idea. I used to use virtual machines when going on the Internet, especially when downloading content. But whenever you think that you have a foolproof way to secure your computer or other digital device... someone figures out a way to get around your defenses or you get lazy.
I would imagine that a public dismembering of a caught hacker (as opposed of incarceration) would be an effective anti-malware tool.
Not that I am opposed to this solution, but the reality is that other hackers would install more malware on your computer while you were busy watching the dismemberment.
Back in the days when pickpockets were hanged, hangings were favorite gatherings for more pickpockets.
Thanx for posting
We have to ask, is that why your handle is fireman15?
No, I am a retired fire officer. I posted this because after years of not having much trouble with malware, I have now had several computers and devices having difficulty with malware that has caused them to overheat, run slow, and malfunction. Most of it has not been detected in a timely manner by the antivirus software that I have been using.
Thanks. I was not being serious but they seemed to go together! Sorry about your experiences.
run linux in a virtual machine on your windows operating system for all online work- much much less apt to get any kind of virus-
You can also run soemthign like sandboxie to isolate your browser from your OS- and delete everything when you go offline- if you get a virus i n the sandbox- oh well- the main operating system is safe supposedly-
Also- another good thing to run is RollBack RX- create a known good snapshot- after you have all your programs and setting set the way you like- if you get a virus- do a rollback- virus gone- even if windows won’t start- it loads before windows does- (You’ll just have to redo all your windows updates though-)
All that has to be done to disable Windows Defender is to convince the system that other anti-virus software is being used. System restore seems to be easy to screw up as well. The latest generations of malware is more than capable of defeating Microsoft's built in defenses. It is pathetic that Windows 10 is continually receiving disruptive updates that mess up your system supposedly in the name of security. My assumption in the past when a computer has been overheating while sitting idle has usually been that it is taking some type of cheesy update.
[[System restore seems to be easy to screw up as well.]]
Yeah i don ‘t like system restore- it doesn’t often restore everything- like if i install a program, then do a system restore- sometimes it will get rid of the program, BUT will leave files behind for some unknown reason- rollbackRX completely reverts to the time before the program was installed- so there are no files left over- everything, all files, all registry settings, everything, goes back to before the program was installed- it also can be initiated before windows boots which saved my bacon a couple of times- system restore would not have done that- thatr i know of unless htere is a way to do it with the windows isntall/repair disk-
Do note though that rollbackRX will take over the bios (in order to allow it to be used before windows starts)- and that might be important to some folks who do al to of stuff with their computers, but i never ran into any problems with that-
another great point of RollbackRX is that if an update goes bad, just do a rollback
Also- system restore gets rid of snapshots when the system has a lot of activity (like installing large programs, or massive widows updates etc ) and you can’t always go back in time before a problem started because of that- but with rollbackRX- you can make a snapshot, and always have it until you decide to delete it- so you know you can always get back to a time before a problem happens-
It’s a great program- especially if a person likes to try things with their computer, but are afraid something might go wrong- or try different programs, but aren’t sure if they will mess up the computer or not- with RollbackRX- no worries- It was the best $40 i ever spent- wait for sales- they sell it cheaper at times-
I have always maintained that the only penalty that is acceptable for being convicted of hacking is swift and painful execution. No exceptions. That would make the enterprise quite a bit less attractive.
The problem is apprehension and conviction.
VirtualBox is your friend, just run it in non-bridged mode.
I agree, Windows 10 Pro’s built in Hyper V doesn’t support sound in Linux which is a bit sucky on Microsoft’s part. Other than that is kind of a toss up between VirtualBox and VMWare’s free offerings depending on what you want to do.
The other issue is correctly determining who is really doing the “hacking”. I have had angry people call me up accusing me of making spam phone calls after my phone number was spoofed. It is the same with computer hacking, you might think the hacker is the kid across the street when it is actually someone in China. And if politics are involved you could definitely be looking at selective and false prosecution.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.