Profile cover photo
Profile photo
Jacob Smock
92 followers
92 followers
About
Posts

Post has attachment
Photo
Add a comment...

Post has shared content
Microsoft is bringing a new feature to Windows10 to stop Ransomware. Called "Controlled Folders", Windows Defender will watch folders and only allow whitelisted applications to modify their contents. If an application running on your machines attempts to change the folder contents and isn't whitelisted, it will be denied access.

This may actually work against several strains of malware - until authors just work around it by manipulating powershell or other whitelisted apps to do the work or turn the feature off. And of course, no one will turn it on because it will ship disabled by default.

But it's still a good move.
Add a comment...

Post has attachment
Photo
Add a comment...

Post has shared content
Add a comment...

Post has attachment

Post has attachment
Add a comment...

Post has shared content
So last week I wrote about a patch for escaping hyperv guests. Well, now it's VMware's turn, with two proven guest escapes shown at pwn2own. No patch from VMware as yet.
Add a comment...

Post has attachment
Photo
Add a comment...

Post has attachment
Photo
Add a comment...
Wait while more posts are being loaded