Saturday, April 7, 2012

One reason why browser-based exploits win over Antivirus

As widely known, malware authors could make of SSL to bypass detection by proxy-based/host-based antivirus to deliver web-based malwares. Unlike HTTP, with the aid of anti-cache control header, malwares via HTTPS would never be saved to disk (which makes it undetected via on-access scanning mechanism by Antivirus softwares) and could be run directly from browser memory.

[click to enlarge]

No comments:

Post a Comment

secure configurations for Laravel - The PHP Framework

This framework is makes security simple to achieve.  Out of all non-default settings, the little following can be set to achieve higher secu...