Extreme Hacking | Sadik Shaikh
Ethical Hacking Institute Course in Pune-India

We just released a new version of our Malwarebytes Anti-Exploit software which is packed with new and advanced exploit detection and blocking techniques, making it the most complete anti-exploit product available in the market today.

New Features:

• Dynamic Anti-HeapSpraying mitigation
• Anti-Exploit fingerprinting mitigation
• Finetuned VBScript mitigation for IE
• ROP-RET gadget detection mitigation
• Application Behavior rules
• Protection for Microsoft Edge
• Protection for LibreOffice
• Failover upgrade mechanism
• Auto-recovery for Anti-Exploit service

One particular feature we are excited about is fingerprinting detection. As criminals try and hide their activity, they have been playing naughty games to blind us from their wrongdoing, including setting up large malvertising campaigns.

Here’s one way they have been doing it which involves checking if the victim’s machine has our software installed and quietly exiting:

MBAE_detect

While this is great for our customers – the simple fact of having Malwarebytes installed means you are of no interest for the bad guys – it leaves us in the dark from the malicious activity going on.

We know that the most famous exploit kit, Angler, has been doing that as well as several rogue advertisers. But this is time for a change and for us to detect who is trying to detect us.

MBAE_vs_Angler

The screen above shows the Angler exploit kit landing page which pokes fun at us with a couple of images showing our software. The new fingerprinting technique will now show a notification that the bad guys were there and attempted to exploit the machine.

However we still detect Angler and its exploits regardless. Below is a test where we disable fingerprinting and each protection layer one by one (protip: don’t do this at home!) to block Angler EK at various levels.

IE exploit via VBScript

VBSript_block

ROP Gadget attack

ROP

Protecting our users while making the bad guys’ lives more difficult is something we take pride in. This year more than ever before, proactive tools to fend off drive-by download attacks via zero-days or quickly weaponized exploits are critical to your security posture.

www.extremehacking.org
CEHv9 CHFI ECSAv9 CAST ENSA CCNA CCNA SECURITY MCITP RHCE CHECKPOINT ASA FIREWALL VMWARE CLOUD ANDROID IPHONE NETWORKING HARDWARE TRAINING INSTITUTE IN PUNE,Certified Ethical Hacking, Center For Advanced Security Training in India, ceh v9 course in Pune-India,ceh certification in pune-India, ceh v9 training in Pune-India, Ethical Hacking Course in Pune-India