ETERNALBLUE vs Internet Security Suites and nextgen protections

Due to the recent #wannacry ransomware events, we initiated a quick test in our lab. Most vendors claim to protect against the WannaDecrypt ransomware, and some even claims they protect against ETERNALBLUE exploit (MS17-010). Unfortunately, our tests shows otherwise. Warning: We only tested the exploit and the backdoor, but not the payload (Wannacry)! We don’t want to disclose our test results until a fair amount of time is given to vendors to patch their product, but meanwhile we feel that we have to inform the public about the risks. The following 3 5 products protected the system against the ETERNALBLUE exploit …

read more

MRG Effitas Comparative assessment of Data protection/backup products

This report provides an independent comparative assessment of a group of data protection (a.k.a backup) products: Focus on ransomware protection – 10 ransomware family tested Performance tests Usability test 8 data protection product tested Download report

read more

TestMyAV - an independent next-gen testing vendor?

There is a new cat in town – TestMyAV. Instead of my words, let’s introduce TestMyAV by the words from Tom Wright, from . “Security MSP Cognition has launched an anti-virus (AV) testing website to fight against the “misleading” testing culture in the cybersecurity industry. Cognition – a Cylance and Palo Alto Networks partner – launched the website to give resellers and end users the resources to test AV products themselves instead of relying on tests sponsored or commissioned by vendors.” After a short signup process, you can access the whole article in case you are interested. Here is a new …

read more

Uninstall your AV today! Or maybe not?

This week was popcorn-time on Twitter. The good old debate started again. On one side, browser developers, penetration testers and AV bug hunters, on the other side, members of the AV industry. It is hard to get the essence what the debate is about, but it is mostly around this statement: “AV increases attack surface. AV introduces more risks with this increased attack surface than it reduces.” I agree with the first sentence. I don’t agree with the second sentence. If you are interested why, here it is. My definition of AV is that it should protect the users from …

read more

Vulnerability found and fixed in macOS and iOS kernels

Our Research Director, Balazs Bucsay made an exhaustive research on the topic of chroot bypass techniques early last year. The chroot system call is used to create restricted environments for specific processes. This research was presented on several international IT-Security conferences for example: PHDays V @ Moscow, Russia Hacktivity @ Budapest, Hungary DeepSec @ Vienna, Austria The evasion technique that he found affected almost all UNIX based operating systems including Mac OS X and iOS as well. These operating systems are running on iPhones, iPads, Macs and Macbooks so basically all Apple products were affected. The technique is called by move-out-of-chroot, which …

read more

MRG Effitas @ Ethical Hacking, Budapest

  Ethical Hacking conference organised by Netacademia

read more

Our partners