Author Topic: Who reads such articles like these?  (Read 2182 times)

0 Members and 1 Guest are viewing this topic.

Online polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 34001
  • malware fighter
Who reads such articles like these?
« on: September 30, 2015, 03:12:45 PM »
See: http://www.infoworld.com/author/Roger-A.-Grimes/?start=12

According to this man everybody in IT Security is concentrating on the wrong things. We do not need threat detection statictics we need statistics of what threats went undetected and for how long. Unpatched software and social engineering as attack vectors do not get the attention it should get. We can have 500 Poodle threats on our network but when the firewall blocks them all, we do not have to worry about it. We should focus to detect malware in 0-day status, not when all AV finally has detection for it etc. We want the metric to see what AV really does in the long run and more important what it fails to do properly. So even Technical IT is after the wrong facts. etc. etc.

Why we do not comment such articles as these. We can learn a lot from years and years of experience by this Colunnist.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48706
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Who reads such articles like these?
« Reply #1 on: September 30, 2015, 04:06:44 PM »
You can't comment on undetected Malware. If it was undetected, you wouldn't know about it. :)
Knowing how long it takes to patch something once it's known is always helpful.
(Probably more helpful to the hacker...)
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v24H2 64bit, 32 Gig Ram, 1TB SSD, Avast Free 24.4.6112, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Online polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 34001
  • malware fighter
Re: Who reads such articles like these?
« Reply #2 on: October 01, 2015, 02:27:04 PM »
Hi bob3160,

Probably the man here isn't talking about those behind a home solution, as in that situation many live in ignorant bliss, as they do not know what has been rattling their windows and are unaware about their backdoors. They probably also do not have any notion of what their resident AV solution is up to or where it may fail or already has failed. We call that a blind trust situation. Alas many have come to live that way. But there is even some things these folks can do.

There are two situations a user can make the difference where the two main vectors for malware are concerned as there is social engineering (do not fall for it or get educated about it, not all social engineers go by the name Mitnick, who only did not mean a threat when he was in full isolation without any peripheral (mobile phone etc.). The second main vector of infection is enabled by old, outdated OS and third party software and not to use left software that is no longer being maintained by the developer(s). Things that have gone off are not kept in the fridge anymore either.  ;D

The remaining threats can be tackled by layered defense measures, a program like MBAM and CCleaner, hardening of the OS like emet etc.  (when is the Win10 version coming?). Going through the event viewer logs can be an eye-opener. In-browser defenses, like ad- and script-blocking and pre-scanning.

I know these measures aren't for the happy-go-lucky clicking-ignorants as they can never be made more secure as they are - only by others watching over them, but even with wrongly installed and applied defenses they will stay a danger to themselves. The only thing that helps here is education. Oh and remember, a dumped infested computer can be a joy for the poor after being properly crap- and malware-cleansed.  ;)

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!