The Reddit recap highlights last week’s top trending posts on the r/msp subreddit. This is the largest MSP-related group on Reddit with more than 40,000 members. Looking for a quick answer to a question or some valuable input? This is the place to be.
A bug in Cylance’s AI-based antivirus engine had the subreddit in a frenzy last week. While the bug has likely since been fixed – one user posted what appeared to be an email from Cylance saying a hotfix was incoming – it’s caused Redditors to rally behind the notion that artificial intelligence is not the silver bullet when it comes to malware detection.
When it comes to the specific gap in the Cylance engine, the issue can be broken down to this:
Researchers took some code from an online video game and attached them to the end of malicious files, tricking the AI engine into thinking the file was benign, and allowing it to pass through.
It’s tough to tune machine learning algorithms so they don’t flag games on a PC – behaviours that are common in malware to avoid detection by antivirus are often found in games. They use these techniques to make it harder for people to modify the games and cheat with their own programming. Aim assist, for example. These attributes create a lot of false positives, but it’s easy to over-tune, potentially opening the door for malware to easily abuse the new parameters.
This Redditor working for an MSP says they’ve recently been asked to do a bit of forensics work so their boss doesn’t have to pay a third party data analyst team $10,000 for the same work. One of this company’s clients had an Office 365 breach, and are now in the process of processing their claim, which requires some information that a forensics team is best suited to obtain. The Redditor behind this post was worried about doing a poor job without the adequate resources, and getting sued. When asked if they should tell their boss to reconsider and pay the forensics firm, most commentors responded with a resounding “yes”.
The list of MSP tips, tricks and guidelines continues to expand.