Other issues in this category (32)
When armour stops a projectile
Thursday, May 18, 2017
It is common knowledge that the battle between virus makers and anti-virus developers is, in a way, an arms race or, to be more precise, a technology race. For example, because the malware development process has been automated, virus makers can significantly increase their output of malicious programs. The mass media loves stories about targeted attacks, but they fail to mention that attacks involving specially crafted malicious files that remain undetected for months are quite rare compared with other types of attacks. Why waste time writing a high-quality malicious program if, in the event it fails, it will be detected within an hour or two once the anti-virus has gotten its next update?
Sadly, at an information security conference in Novosibirsk, it was stated that companies only ask for their malware incidents to be investigated six months after the incidents actually occurred!
Why is that? It’s because companies don't want to spend that much on anti-virus security. They use obsolete anti-virus applications (some people believe they’re faster), free anti-viruses (those don't include advanced protection technologies), and simple anti-viruses (these only detect malware programs by their signatures).
Many people also believe that an anti-virus doesn't need anything except virus databases. Is that true? Verizon Data Breach Investigations Report 2016 indicates that most malware strains are encountered just once!
Anti-viruses that incorporate only virus databases simply don't have time to receive the updates that are necessary to neutralise brand new Trojans. That's why to protect a system from the latest threats, Dr.Web incorporates Preventive Protectionwhich enables it to detect malicious files that disappear before their signatures are received as part of the next update.#Dr.Web_settings #Preventive_Protection
The Anti-virus Times recommends
- In Anti-virus Times issues we often remind users that timely updates are important. The number of malicious programs that appear every hour is huge. That's why the importance of anti-virus updates is hard to overestimate. To maintain effective protection, prompt updates aren't enough: an anti-virus should be able to detect threats nobody knows about yet. Here’s what Dr.Web needs Preventive Protection for.
- To put it briefly, it is one of the Dr.Web components whose default settings should remain unchanged—let it work the way its developers configured it for you. We strongly recommend that under no circumstances should you change the values for the options "Integrity of running applications" and "Integrity of user files". They must always be set to "Block".
If you don't quite understand what a certain option does, consult Doctor Web technical support before you change its parameters.
- Please don't forget that the Dr.Web Preventive Protection settings are recorded in the Dr.Web log, and our support engineers take them into account when analysing any virus-related computer incident (VCI) you request assistance with. If you have configured Dr.Web in such a way that it missed detecting a malware sample, Doctor Web may decline your request to recover your files if they get compromised by encryption ransomware.