Sysmon 14 Blocks Hackers’ Malware
Hackers today are skilled at computer programming and are constantly busy developing new, and more advanced malware that may quickly infect victims’ Android and iOS devices.
One of the top high-tech companies have actively apply strategies to halt criminal hackers’ con games. Recently, Microsoft released a new software to enhance security against the spread of malware created by hackers. The release of Sysmon 14 includes a new “FileBlockExecutable” option, with increased security by adding a new innovative layer.
Microsoft dubbed its latest creation as a new ‘System Monitor’ that attacks and blocks viruses launched by threat actors. Thus, the new development should help in the fight against dark web’s hacking communities, that have always been creating ingenious ways to defraud people out of money.
Microsoft now allows tech users to restrict the creation of harmful executable files on their devices.
Extensions like EXE, DLL, and SYS are among the banned executable file types. System administrators now possess the ideal tool to prevent the creation of malicious executables. However, a number of variables, such as the file location and matched specific hashes, affect its success, with some executables coded to delete extension files.
Harmful Microsoft Office Attachments
The technical team behind the Sysmon program disclosed that its construction was intended to stop the generation of executables, and as a result, it includes a list of some of the well-known malware hashes used by malicious hackers. Additionally, Sysmon enables IT users to halt the creation of executables on Word or Excel files. Therefore, it stops the maliciously programmed Office attachments from disseminating the dangerous payloads of the criminal hackers by preventing the executable creation process in Sysmon.
A free Microsoft tool called Sysmon, commonly referred to as System Monitor, has the ability to check Android and iOS tech systems for harmful code. After malware has been found, its behavioral events are copied and recorded in the Windows Event Log.
The new System Monitor can automatically keep track on routine activities like file time changes and file creation processes. Sysmon can simply monitor or block harmful executable malware through the software’s Event Viewer. However, users have the choice to customize a configured file even more.
Tech gadget owners can read the Sysmon schema and become familiar with the whole list of System Monitor directives by using the sysmon -s command from the command line.
The ‘FileBlockExecutable’ configuration option is supported by the Sysmon schema as of version 4.82, according to Microsoft’s technical team. Above all, this special system setting stops executables from being generated based on their path, name, hash, or the application that is attempting to produce them.