WHAT IS EMAIL BOMBARDMENT?

-
Image
An email bombing is an attack on your inbox that involves sending massive amounts of messages to it. Sometimes these messages are incomprehensible. But more often, they will be confirmation emails for newsletters and subscriptions. Thus, in the latter case, the attacker uses a script to search for forums and newsletters on the internet. Then they sign up for an account with your email address. Each will send you a confirmation email, asking you to confirm your address. Also, this process is repeated on as many unprotected sites as the script can find. The term Email Bombing or Email Bombing; it can also refer to flooding an email server with too many emails. In an attempt to overwhelm the server and disable it. But that's not the goal here; it would be a challenge to cut down on the modern email accounts used. Meanwhile, Google or Microsoft email servers, anyway. So instead of a denial of service (DOS) attack; against the email servers you are using. Also, the flood of messages...
2 comments

VIRUS SCANNER

-


An antivirus program protects computers from harmful software. These can be Trojans, worms or spyware and other malware, for example. The antivirus software is able to detect, block and eliminate malware.

Virus scanner in process
Virus scanners, often also called malware scanners, can basically be divided into different types depending on their function. 

THE DIVISION INTO THREE TYPES:

·         Real-time scanner

·         Manual scanner

·         Online scanner

 

a)  Real-time scanners: They are active in the background on a computer. They work as a system service under the Windows operating system. The antivirus software does its work in real time and constantly scans the programs that are running, the data traffic on the computer and the main memory. Whenever the computer accesses programs, memory or online data or saves and changes files, the antivirus program searches for suspicious data. If the signature of malware is recognized, the antivirus program blocks further access to the affected data. Users then usually have the choice of moving the file to a quarantine directory, deleting it, or repairing it.

b)  Manual scanners: It start on manual request by the user or automatically time-controlled. After the start, the antivirus software checks the data on the computer for harmful software. If signatures are recognized, manual scanners can delete the affected files, move them to quarantine or clean them. Some manual scanners lack the virus removal function. They can only find malware, but not eliminate it.

c)  Online scanners: It load the virus signatures and their program code online via the Internet or another network. To check the data on the computer, they require an online connection. These scanners are often run in addition to permanently installed virus programs in order to obtain a second independent opinion in the event of suspicious actions.

IMPORTANT TERMS FROM THE VIRUS SCANNER ENVIRONMENT

In the field of antivirus software, the term scan engine is often used. The scan engine is a fundamental part of the antivirus program. The engine is responsible for actually examining the computer's data and is largely responsible for the efficiency of the antivirus program.

In the way the virus scanner works, a distinction can be made between reactive and proactive. Reactive programs can only detect malware if the manufacturer provides a signature for the malware in question. It is therefore necessary to keep the signatures up to date at all times. In the case of new malware, it may take a certain time before a signature is available. Until then, the reactive scanner cannot detect the malware.

Proactive virus scanners do not recognize malware on the basis of signatures, but rather examine programs for certain characteristics (heuristics). In theory, you are able to recognize new, unknown viruses based on your behavior alone. However, heuristic scanners may have an increased false alarm rate.

HOW DOES VIRUS SCAN WORK?

A virus scanner is nothing more than a vaccination for the computer. Like an antibody in a serum, a virus scanner is able to recognize computer viruses and thus prevent them from spreading uncontrollably on the computer. But this is not that easy. Because now there are countless different computer viruses, all of which can cause great damage to a computer. A computer virus is actually just a computer program. By downloading infected files from the Internet, through e-mails or through weak points in programs, the virus can get onto your own computer. There it is initially attached to existing software without being noticed. Only when the unsuspecting user starts the infected program,

The task of the virus scanner is to detect viruses before this happens. The antivirus software takes advantage of the fact that each virus has a unique signature. This “fingerprint” distinguishes the virus from “healthy” programs. The virus scanner therefore searches every file, every e-mail and every network packet for these signatures. If the scanner finds something unusual, it sounds the alarm.

This principle works well, but has the same disadvantage as a flu vaccination: It only protects against known viruses that have already caused damage somewhere and are therefore available to the manufacturers of the antivirus software. As with the vaccine cocktail of the flu vaccination, which has to be adjusted to the current pathogens every year, it is also with the antivirus software: It has to be updated again and again. Only in this way does it offer effective protection. This type of software is powerless against brand new viruses.

Unfortunately, virus scanners, which also protect against unknown viruses, have so far been unreliable. One strategy is to monitor system files. For example, if a file is changed by the operating system, the alarm bells can ring. However, a common update can trigger a false alarm. The so-called sandpit principle is far more promising. With this method, each program is first executed and observed in a protected environment, the sandbox. Only if nothing unusual is noticeable can the program be started correctly. For example, it would be unusual if the program rewrote itself, as many viruses do. Unfortunately, even this approach does not help completely, as one would have to know the typical behavior of all programs to be executed.

So-called worms are also very common today. They too belong to the large family of computer viruses, but are particularly dangerous. Because worms don't wait for a user to download them. They reach the computer from the Internet on their own and then spread immediately.

WHAT HAPPENS WHEN VIRUS SCANNER DETECTS A CYBER THREAT?

As we know, a virus scanner is a part of antivirus software so it detects all the viruses and cyber threats. So when the virus scanner is running and it detects the cyber threat and it disinfects it and move it to its original place. Sometimes it’s not possible to disinfect the virus at one go than it is kept in quarantine to stop further infection or damage and it's treated slowly and then removed from your device.

Virus scanner is always in action and performing its task without letting you know so as its part of antivirus, so a good antivirus will have good virus scanner and to keep your device in perfect condition and to make it run properly we should have a good antivirus that will have a great virus scanner.

 

 

Comments

Post a Comment

Popular posts from this blog

WHAT IS EMAIL BOMBARDMENT?

-
Image
An email bombing is an attack on your inbox that involves sending massive amounts of messages to it. Sometimes these messages are incomprehensible. But more often, they will be confirmation emails for newsletters and subscriptions. Thus, in the latter case, the attacker uses a script to search for forums and newsletters on the internet. Then they sign up for an account with your email address. Each will send you a confirmation email, asking you to confirm your address. Also, this process is repeated on as many unprotected sites as the script can find. The term Email Bombing or Email Bombing; it can also refer to flooding an email server with too many emails. In an attempt to overwhelm the server and disable it. But that's not the goal here; it would be a challenge to cut down on the modern email accounts used. Meanwhile, Google or Microsoft email servers, anyway. So instead of a denial of service (DOS) attack; against the email servers you are using. Also, the flood of messages...
Read more

TESTING THE ANTIVIRUS THAT YOU USE

-
Image
Have you ever wondered how antivirus is tested before it is available on the market? The truth is that, despite what you may think at first, these applications pass a series of tests that have the mission, obviously, of verifying their effectiveness. Well, for most IT security vendors these assessments are now out of date. Testing an antivirus before its launch is something that is done regularly. Thus, the AV Tests (name by which the aforementioned tests are known) allow users to choose which antivirus they want to install on their computers, knowing what their main characteristics are and what they protect against. So far everything normal. So what is the problem? Some manufacturers of security solutions have raised their voices against the fact that these tests are “not modernized”. In what sense? Some companies claim that, although the complexity of security applications has grown considerably in recent times, when conducting evaluations they do not test the new technologies w...
Read more

WHAT IS PAZERA TROJAN AND HOW TO AVOID IT

-
Image
Pazera Trojan is a recently discovered computer malware that spreads in active attack campaigns. The current wave of infections is due to a complex Android mobile threat, including this Windows-based malware. The mechanisms of infection depend on the manipulation of the victim. Once installed on a given computer, the built-in engine will lead to many dangerous actions. Read our in-depth analysis of the samples and learn how to eliminate active infections in this article. Pazera Trojan - Virus Infection Methods The Pazera Trojan is a dangerous threat that is sent as part of a targeted campaign with the main malware being the Trojan. Originally, this has been used in an attack carried out by an Android Trojan, seeking to infect mobile users. Through the elaborate and complex chain of infections, the Pazera Trojan will install itself. Some of the observations made by security experts who analyze this malware are that the main Trojan infection that has been created by an unknown hackin...
Read more