With the rise of malware, ransomware, etc. even web browsing may lead you to some zero-day exploits that end up encrypted machine or an unbootable devices. Especially in nulled software cracking, I experienced OS lost after tried to crack a software. That's why we need a safer method to try software before use it in production.
[00:18] "Sandboxing programs can provide a very strong defence against malicious programs. When a program is sandboxed properly, it can only access the memory and disk space assigned to it. Therefore, opening sensitive documents in a sandbox will usually prevent the malicious program’s ability to access them because the document isn't in in the same memory space as the malicious program" - comparitech.com http://bit.ly/what-is-sandbox
Multi-cores, multitasking, parallel computing with great power of processing make the land of crypto mining malware grow rapidly more than ever. So you need a sandbox to try every suspect executable file, for example, in an isolated environment that document stealing, system file modifying are impossible, in theory.
Virtual machines are the heaviest form of the sandbox because besides it runs independent operating systems on top the host OS, VM comes with extensive features like Clone, Snapshot that make the sandbox work effectively. VirtualBox or VMware require Virtualization-enabled chipset: AMD-V/VT-x with a great amount of RAM and hard drive allocation.
[01:33] [ Sandboxes Explained: How They're Already Protecting You and How ]
[01:40] "Most leading security vendors use a range of approaches such as malicious traffic detection capabilities and emulation to supplement signature-based detection. However, if your data or credentials are valuable enough to the attacker, they will have spent time discovering what type of security you are using and tested their unique malware to ensure that it will evade detection by your defenses" - sophos.com http://bit.ly/sophos-sandbox
With the rise of security concerns, modern software comes with sandbox concept in mind: Chrome and Firefox with isolated processes, Windows with DEP, UEFI BIOS, security suite like Sophos, ESET automatic do early sandbox analyzing with files. If you need a native sandbox solution, let's upgrade to Windows 10 1903.
[03:05] "Once you are done with testing, you can close the Sandbox like any other app. This will destroy the snapshot entirely, including any changes you’ve made to the OS and any files you copied there. Microsoft has been kind enough to provide warning first" - howtogeek.com http://bit.ly/windows-10-sandbox [ How to Use Windows 10’s New Sandbox (to Safely Test Apps) ]
http://marvel-it.icu Do not forget to LIKE, SHARE, SUBSCRIBE and feel free to ask me questions or discuss with everyone :3
Be the first to comment