Geeks for your information Security Independent Organizations Reports v
AV-TEST - Fending off Ransomware even Against State-of-the-art Attack Techniques
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
AV-TEST - Fending off Ransomware even Against State-of-the-art Attack Techniques
harlan4096 Offline
MalWare Zoo Team
*******
Posts: 12,787
Threads: 8,835
Thanks Received: 8,729 in 6,890 posts
Thanks Given: 9,631
Joined: 12 September 18
#1
Bug  07 May 23, 09:54
Quote:
[Image: avtest_logo_300_113.png]

Fending off Ransomware even Against State-of-the-art Attack Techniques

APT groups that attack with ransomware use many different attack tactics to achieve their objectives. AV-TEST staged attacks on security products for consumer users and corporate users in 10 currently used scenarios each deploying the techniques ".Net Reflective Assembly loading”, ".Net Dynamic P/Invoke" and "AMSI Bypass". The Advanced Threat Protection tests were quite exciting as some of the programs were not able to withstand all the attack techniques.

The Advanced Threat Protection tests are indeed quite special, but they continuously test security software using the latest attack techniques of the APT groups. Such as ".Net Reflective Assembly loading", a technique used in a basic form in attacks from Cobalt Strike, Cuba or Lazarus. The techniques ".Net Dynamic P/Invoke" and "AMSI Bypass" are also popular, however, in latest attacks with ransomware. Following a successful attack, the systems are encrypted, and the blackmail by the APT groups ensues. Unless of course: the security products for consumer users and corporate users detect the attack techniques being used, stop the attack and liquidate the ransomware.

Who passes the Advanced Threat Protection test?

Each product examined in the Advanced Threat Protection test receives a special security certificate in case of strong performance. To do so, a solution is required to achieve a final security score at the end of the test that corresponds to at least 75% of the maximum 30 points – this adds up to 22.5 points.

Consumer user products then receive the "Advanced Certified" certificate, and corporate user products receive the "Advanced Approved Endpoint Protection" certificate.

In order to find a more detailed explanation of the evaluation tables and the individual color codes in the traffic light system please see also the article ”Test and Study: Do Security Solutions stop Current Ransomware under Windows 11?“.

It is worth noting: even if the Advanced Threat Protection tests occur regularly, the attack techniques used in the test are always different!
...
Full Report
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
Advanced SystemCare PRO 17
Advanced SystemCare ...zevish — 10:04
How to install iOS 16 or iPadOS 16 publ...
IPhone X I Just buyi...thomasan — 08:30
Brave 1.65.114
Release Channel 1....harlan4096 — 06:53
Brave Search: Answer with AI takes over,...
Brave Search's new...harlan4096 — 06:33
Waterfox G6.0.12
Waterfox G6.0.12​ ...harlan4096 — 15:56

[-]
Birthdays
Today's Birthdays
avatar (47)oapedDow
avatar (40)Sanchowogy
Upcoming Birthdays
avatar (43)wapedDow
avatar (42)techlignub
avatar (41)Stevenmam
avatar (48)onlinbah
avatar (49)steakelask
avatar (43)Termoplenka
avatar (41)bycoPaist
avatar (47)pieloKat
avatar (41)ilyagNeexy
avatar (49)donitascene
avatar (49)Toligo
avatar (36)RobertUtelt

[-]
Online Staff
There are no staff members currently online.

>