Infected Businesses spreading infections to customers

Galdorf

Galdorf

Well-Known Member
Reaction score
501
Location
Ontario, Canada
Seem there are alot of infected business computers infecting other businesses by changing links in email before they are mailed out the user clicks on what they think is a safe link infecting the computer.
Seems lots of tiles, window,siding businesses have infected computers thing is no antivirus will stop getting infected i have tried every AV i know in a virtual system none will stop it from getting infected.
Seems to be using zero day java exploit it also looks for adobe reader, and flash and exploits that as well even though they are up to date.
Only way i found to stop getting infected is to uninstall java,flash and adobe reader even malwarebytes pro version does not prevent infection.
The websites it uses do get shutdown but as soon as that happen it pops up somewhere else email links change almost daily.
I have not tried any hips yet nothing new has been released for quite some time seems antivirus programs just don't cut it anymore.
Only thing that seems to find it is boot from vba rescue cd and scan from that seems it is only thing that finds this stuff, it disables all AV's even spybot's and malwarebytes protection.
 
We filter our clients e-mail BEFORE it gets to their networks, their mail servers, etc. We've done our own in-house filtering for years...have an anti-spam appliance that the clients MX records points to, mail gets washed, clean e-mail continues on to our clients networks/mail servers. Works very well, dual AV engine including Kaspersky, plus many other anti spam technologies.

And as you've noticed....lots of current malware infects machines via outdated "web players"...(Java, Flash, Shockwave, PDF Reader, Quicktime)...so keeping those updates is just as important as antivirus.

And putting in Safe DNS services for the network (like OpenDNS, Norton ConnectSafe, Comodo, etc). Adds yet another layer to security.

AdBlockers also! Either on the edge device/gateway (such as Untangle)...or in browsers. Adds yet another layer.

Many laters of security results in greatly dimished exposure to malware.
 
You must log in or register to reply here.

Similar threads

britechguy
Microsoft Defender - "Threat Detected" and then, later, it seems to change its mind . . .
Replies
12
Views
1K
britechguy
britechguy
sapphirescales
EVERYONE Needs to Close or Do Drop-Off Only - NOW!
Replies
18
Views
5K
britechguy
britechguy
phaZed
[SOLVED] How to uninstall Forticlient AV that was installed from EMS management dashboard?
Replies
2
Views
17K
Your PCMD
Your PCMD
bertie40
"Handbags at 12 paces" between me and ........ Mel.
Replies
3
Views
2K
gadgetfixup
gadgetfixup
frederick
AV Programs that continue to dissapppoint
2 3
Replies
41
Views
7K
YeOldeStonecat
YeOldeStonecat
Back
Top