Creating and developing a extensive av solution

[hacxx]

Hi,

I will be creating a extensive av solution called hacxx av blocker. I have a few TB of data to filter processes to add to the app. Does anyone want tp join the project?

Note: The archives that the user will be downloading contain private data. The user only require to extract executables filepaths from proccesses.txt.

Note: The user may use passwords.txt and use at it's own discretion. At the moment there is a hacknotifierplus address to notify the user that the password was been breached. And how to fix it. A combination of both files is enough to isolate the infection.

pm me.

 

[DVDR_Dog]

No PMs here unfortunately. I probably have a system I could spare for the project. Let me know.

 

[JohnnyBob]

This sounds exhilarating I would like to learn something here

 

[Hotrod369]

I've got several TB of storage not in use and hope to be freeing up around 20 more TB in the next month or two. So I'm in if you need me.

 

[casanova]

Güvenli mi

 

[DVDR_Dog]

Güvenli mi

burada sadece ingilizce, üzgünüm

 

[hacxx]

Thanks for the support. At the moment i will postpone the project. If anyone wants the archives leave me a message.

 

[DVDR_Dog]

I am now working for a company that is wholely owned and managed by a member of the EU. A couple of years ago, they had what they call "The Event", a ransomware attack across the companies loacations all across North America and Europe. They have since hired a couple of Europen security companies to oversee and secure IT assets.
Now here's what I find refreshing in comparison to the US firms I have dealt with in the past. Like it or not the EU based agencies have concluded the biggest threat is a company's own users. Yes they do institute some fairly strict procedures in network architechure and permissions but they do keep in mind most attacks (including "The Event") took place by some current or recently separated employee's invervention. A term that seems to have faded away in the US is Social Engineering. That's the tool that's constantly under evolution and modification depending on current events by the real successful cyber criminals that make big money. The European firms we deal with seem to have made this their #1 offensive weapon to guard systems. To do so requires them to constantly monitor current techniques being employed and develop strategies to prevent the systems from being compromised. They are constantly monitoring traffic and rouge email from sources that do not match the database they developed. Domains not seen frequently on the mail server have a highlighted disclaimer on those emails in the opening lines, most times blocking everything but the raw text content of that email. The disclaimer also plainly asks recipients to notify specific individuals if there is any question of the content or sender's name or address.
So my take is the same sermon I have been preaching for some time. 99% of systems are breached b/c a user has granted permission one way or another and not a hardware or software security failure. The companies try to react in whatever way needed to neutralize the current social engineering scheme to prevent infection. What a brilliant idea! Yes it's going to take some serious resoures both time and individuals to monitor traffic but that same wisdom can be shared (and sold) across a large client base that contracts them to do so. I don't really find it any more instrusive than the a/v programs that bug the shit out of you for no reason, in fact it's more like we are working together for the same goal rather than having some referee constantly blowing the whistle.
That's how I see the evolution of really effective computer security taking place. AI may either be a big assitance or just the opposite. Right now I look at AI as a curiousity and a buzzword to attact investor money whose knowledge is they don't know about what they are investing in much but do know how to count a stack of paper money.

 

[JohnnyBob]

Hey that was an interesting read! Thank Ya DVDR_Dog