https://community.isc2.org/t5/Threats/Ransomware-Fighting-CPUs/m-p/42585#M235 <P><SPAN>Intel also <A href="https://www.securityweek.com/intel-packs-ransomware-detection-directly-vpro-platform" target="_blank" rel="noopener">announced</A> at this years CES that It has entered a partnership with Israel-based Cybereason to help protect businesses against ransomware attacks. As part of the agreement, the cybersecurity company will develop new Intel "Hardware Shield protections" on the Intel Core vPro platform.&nbsp;</SPAN></P><P>&nbsp;</P><P>Intel is offering a&nbsp;developer’s&nbsp;kit and pre-written scripts for security vendors to use.The processors leverage data aggregated for performance improvements as a data source&nbsp;that security products can then tap. While ransomware makers can try to&nbsp;obfuscate&nbsp;their processes&nbsp;to operating system level controls, Intel reasons&nbsp;it’s&nbsp;nearly impossible&nbsp;to hide&nbsp;the processor activity&nbsp;required&nbsp;to perform bulk encryption of documents.&nbsp;&nbsp;</P><P>&nbsp;</P> Mon, 18 Jan 2021 02:46:50 GMT AppDefects 2021-01-18T02:46:50Z https://community.isc2.org/t5/Threats/Ransomware-Fighting-CPUs/m-p/42585#M235 <P><SPAN>Intel also <A href="https://www.securityweek.com/intel-packs-ransomware-detection-directly-vpro-platform" target="_blank" rel="noopener">announced</A> at this years CES that It has entered a partnership with Israel-based Cybereason to help protect businesses against ransomware attacks. As part of the agreement, the cybersecurity company will develop new Intel "Hardware Shield protections" on the Intel Core vPro platform.&nbsp;</SPAN></P><P>&nbsp;</P><P>Intel is offering a&nbsp;developer’s&nbsp;kit and pre-written scripts for security vendors to use.The processors leverage data aggregated for performance improvements as a data source&nbsp;that security products can then tap. While ransomware makers can try to&nbsp;obfuscate&nbsp;their processes&nbsp;to operating system level controls, Intel reasons&nbsp;it’s&nbsp;nearly impossible&nbsp;to hide&nbsp;the processor activity&nbsp;required&nbsp;to perform bulk encryption of documents.&nbsp;&nbsp;</P><P>&nbsp;</P> Mon, 18 Jan 2021 02:46:50 GMT https://community.isc2.org/t5/Threats/Ransomware-Fighting-CPUs/m-p/42585#M235 AppDefects 2021-01-18T02:46:50Z https://community.isc2.org/t5/Threats/Ransomware-Fighting-CPUs/m-p/42598#M238 We've been pushing the idea of hardware-based malware protection for over thirty<BR />years, now, and so far every one of the "solutions" has been more trouble than it<BR />is worth.<BR /><BR />I remember one early one that almost got me in BIG trouble. Not only did it<BR />*not* keep a virus from infecting the machine, but, once the machine *did* get<BR />infrected, the device actually prevented me from disinfecting it! (It was only the<BR />shareware DISKSECURE utility that got me out of trouble.<BR /><A href="http://victoria.tc.ca/int-grps/books/techrev/pcdsksec.rvw" target="_blank">http://victoria.tc.ca/int-grps/books/techrev/pcdsksec.rvw</A> )<BR /><BR />Then there was Immunizer. Not only did Western Digital stiff me on doing the<BR />review for them, but it was a really, really terrible product. (Their mess did,<BR />though, significantly add to my virus "zoo.")<BR /><A href="http://victoria.tc.ca/int-grps/books/techrev/pcwdimmn.rvw" target="_blank">http://victoria.tc.ca/int-grps/books/techrev/pcwdimmn.rvw</A><BR /><BR />I recall the "Trusted Computing Platform" initiative and group. Aside from<BR />proposing that they have the power to determine who did what to a computer,<BR />*any* computer, they also basically destroyed the concept of "trusted platform,"<BR />which is still something you need to know for the exam.<BR /><BR />So, while I don't know all the details of this latest plan, I'm fairly sure they will<BR />mess it up. (And history is on my side.)<BR /><BR />====================== (quote inserted randomly by Pegasus Mailer)<BR />rslade@gmail.com rmslade@outlook.com rslade@computercrime.org<BR />For I desire mercy, not sacrifice, and acknowledgment of God<BR />rather than burnt offerings. - Hosea 6:6<BR />victoria.tc.ca/techrev/rms.htm <A href="http://twitter.com/rslade" target="_blank">http://twitter.com/rslade</A><BR /><A href="http://blogs.securiteam.com/index.php/archives/author/p1/" target="_blank">http://blogs.securiteam.com/index.php/archives/author/p1/</A><BR /><A href="https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413" target="_blank">https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413</A> Mon, 18 Jan 2021 17:46:47 GMT https://community.isc2.org/t5/Threats/Ransomware-Fighting-CPUs/m-p/42598#M238 rslade 2021-01-18T17:46:47Z https://community.isc2.org/t5/Threats/Ransomware-Fighting-CPUs/m-p/42674#M247 <P><SPAN>Intel unveiled new anti-</SPAN>ransomware<SPAN>&nbsp;capabilities for its 11</SPAN>th<SPAN>&nbsp;generation Core vPro&nbsp;</SPAN>processors<SPAN>, requiring little from security chiefs to reap the rewards. The&nbsp;</SPAN>processors<SPAN>&nbsp;leverage data aggregated for performance improvements as a data source that security products can then tap.</SPAN></P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P><FONT size="1 2 3 4 5 6 7"><A href="https://www.omegle.run/" target="_blank" rel="noopener"><SPAN><FONT color="#FFFFFF">Omegle</FONT></SPAN></A></FONT></P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Thu, 21 Jan 2021 11:52:35 GMT https://community.isc2.org/t5/Threats/Ransomware-Fighting-CPUs/m-p/42674#M247 Darla526 2021-01-21T11:52:35Z