CIO News Hubb
Advertisement
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
CIO News Hubb
No Result
View All Result
Home Information Security

Think twice before making them

admin by admin
January 12, 2023
in Information Security


Think twice before you add anything to exceptions, even if an antivirus detection dialogue annoys you in the moment.

Have you ever allowed some “exceptions” to slip through the cracks, even after your security software warned you that it wasn’t safe to do so? Probably – it’s a safe bet that most people have. But while you might think that you know better than the software — or you might just really want to access that thing you downloaded — adding too many exceptions can be really dangerous. And even if you’ve gotten away virus-free so far, that doesn’t mean your luck is going to hold. 

Most digital infections occur because a person took a direct action that led to the infection. Sometimes it’s through social engineering, like a phishing attack that gets you to click on something. Sometimes it’s because you downloaded something you shouldn’t have. Or sometimes it’s from clicking an email attachment. Whatever the delivery method, your device likely got infected because of an action you took. 

In some cases, people are doing something that they know is questionable, immoral, or even illegal, like downloading pirated software, cracked games, or pirated TV shows. Those people might think that they’re getting the warning pop-up because they’re breaking the law, but they’re actually getting it because the file is infected. 

You might think you have nothing to hide or that you’re not important enough to be targeted by malware. But it’s exactly that attitude that leaves you more vulnerable to attack, because cybercriminals rely on that type of thinking. They know that the average user isn’t being super vigilant, which makes them an easier and cheaper target. Or, think about it this way: your data might be pretty much worthless, but that does not mean bad guys can’t sell it.

Exceptions that shouldn’t be exceptions

In 2020, the Avast Threat Labs team detected cryptomining malware inside of cracked games and key generators. Attempts to download the malware — which the team named CoinHelper — were detected on more than 220,000 Avast users’ devices from the beginning of 2020 to the end of 2021. While most of the attempted downloads were through pirated software and torrents, the team also detected it in clean software distributed through unofficial sources. 

The Threat Labs team detected another piece of malware, which they named Crackonosh, midway through 2021. Like CoinHelper, Crackonosh was distributed via infected files in illegal, cracked software. As part of its anti-detection and anti-forensics methods, Crackonosh tried to disable antivirus programs, including Avast, Windows Defender, Windows Updates, and more.

Every Avast user who attempted to download a file that contained CoinHelper or Crackonosh was given a pop-up warning that they were about to be infected. But, unfortunately, some users chose to ignore that warning and create an exception anyway. Bad move.

Antivirus isn’t here to police your actions; we’re here to provide protection against cybercriminals. So if you see that little pop-up when you’re doing something you know you probably shouldn’t be doing, pay attention. It could mean the difference between a nasty infection and getting off virus-free.

Creating an exception because you think it’s a false positive

Other times, people think that the warning is a “false positive” that’s detecting something as malware when it actually isn’t. And while most of the detections Avast makes are accurate, sometimes a false positive does slip through.  

At Avast, we take false positives seriously and we evaluate each case as fast as possible. But, please, let us make the assessment about whether or not it’s actually a false positive – we have the equipment to do so and you’re really rolling the dice if you choose to download anyway. When in doubt, you can always report the false positive directly from the detection, from the quarantine, or you can reach us on our forum as well as fill in an official false positive form on our web.

Creating dangerous exceptions

And, finally, some people choose to make dangerous exceptions that exclude an entire drive on their device, perhaps because they routinely download illegal or cracked files. Many choose to exclude C: drive and we’ve even seen a user exclude C:, D:, and E: drives, effectively disabling their File Shield protection on the whole computer. That move leaves your antivirus significantly weakened and leaves you open to all kinds of attacks.

How to stay safe from dangerous exceptions

So if exceptions create such a potential risk for users, why do cybersecurity companies allow for them at all? Well, there are circumstances in which exceptions make sense, like when an advanced user who, for example, wants to tweak something on their system/network or even use a hack tool for security purposes. Avast might detect usage of such a tool because it is frequently misused by bad actors.

But, for the average user, best practices is to allow for as few exceptions as possible. Think twice before you add anything to exceptions, even if our detection dialogue annoys you in the moment. Take a deep breath, and ask:

  • Where did I download the software from? Can the source be trusted? Spending just a few minutes to retrace your steps will keep your PC safe in the long run.
  • Is the software from a well-known company or a shady website? There are copycat websites that could trick you into downloading malware.
  • Is the software asking me to change the settings of my antivirus? In order to infect your PC with their malware, cybercriminals will recommend adding exceptions. 
  • Did a stranger ask me to install the software? There is always a higher risk of infection when someone tries to persuade you to install software.
  • Did I download the software from torrents or unofficial forums? Files downloaded from unofficial sources are more likely to be infected with malware. Antivirus doesn’t police your actions, it protects you against cybercriminals. If we detect something, we think it is malicious.

At the end of the day, antivirus products are here to protect you – so leave it to our team’s experts to keep you safe. After all, you never know what might be hiding out there in the dark. 



Source link

Previous Post

3 Ways Data-Driven Organizations Enable the Future of Work

Next Post

Active Directory Domain Compromised in Under 24 Hours

Related Posts

Information Security

New Russian-Backed Gamaredon’s Spyware Variants Targeting Ukrainian Authorities

by admin
February 2, 2023
Information Security

AWS achieves ISO 20000-1:2018 certification for 109 services

by admin
February 2, 2023
Information Security

Everything you need to know

by admin
February 2, 2023
Information Security

Researchers Uncover New Bugs in Popular ImageMagick Image Processing Utility

by admin
February 1, 2023
Information Security

How to set up ongoing replication from your third-party secrets manager to AWS Secrets Manager

by admin
February 1, 2023
Next Post

Active Directory Domain Compromised in Under 24 Hours

Recommended

Initiatetogoapproach

February 2, 2023

New Russian-Backed Gamaredon’s Spyware Variants Targeting Ukrainian Authorities

February 2, 2023

AWS achieves ISO 20000-1:2018 certification for 109 services

February 2, 2023

Everything you need to know

February 2, 2023

Influentialleadership ~ Future of CIO

February 1, 2023

Researchers Uncover New Bugs in Popular ImageMagick Image Processing Utility

February 1, 2023

© 2022 CIO News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

Newsletter Sign Up

No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

© 2022 CIO News Hubb All rights reserved.