The Reddit Recap – Cylance engine gets tricked, a strange request, and the tips list grows

The Reddit recap highlights last week’s top trending posts on the r/msp subreddit. This is the largest MSP-related group on Reddit with more than 40,000 members. Looking for a quick answer to a question or some valuable input? This is the place to be.



Researchers Easily Trick Cylance’s AI-Based Antivirus Into Thinking Malware Is ‘Goodware’ from r/msp

A bug in Cylance’s AI-based antivirus engine had the subreddit in a frenzy last week. While the bug has likely since been fixed – one user posted what appeared to be an email from Cylance saying a hotfix was incoming – it’s caused Redditors to rally behind the notion that artificial intelligence is not the silver bullet when it comes to malware detection.

When it comes to the specific gap in the Cylance engine, the issue can be broken down to this:

Researchers took some code from an online video game and attached them to the end of malicious files, tricking the AI engine into thinking the file was benign, and allowing it to pass through.

It’s tough to tune machine learning algorithms so they don’t flag games on a PC –  behaviours that are common in malware to avoid detection by antivirus are often found in games. They use these techniques to make it harder for people to modify the games and cheat with their own programming. Aim assist, for example. These attributes create a lot of false positives, but it’s easy to over-tune, potentially opening the door for malware to easily abuse the new parameters.

 

My boss is asking me to do forensics data analysis for one of our customers, I’m concerned about legality and ramifications. from r/msp

This Redditor working for an MSP says they’ve recently been asked to do a bit of forensics work so their boss doesn’t have to pay a third party data analyst team $10,000 for the same work. One of this company’s clients had an Office 365 breach, and are now in the process of processing their claim, which requires some information that a forensics team is best suited to obtain. The Redditor behind this post was worried about doing a poor job without the adequate resources, and getting sued. When asked if they should tell their boss to reconsider and pay the forensics firm, most commentors responded with a resounding “yes”.

Tools & Info for MSPs – Monitoring Tool, Resource List, PowerShell Book & More from r/msp

The list of MSP tips, tricks and guidelines continues to expand.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Alex Coop
Alex Coophttp://www.itwc.ca
Former Editorial Director for IT World Canada and its sister publications.

Related Tech News

CDN in your inbox

CDN delivers a critical analysis of the competitive landscape detailing both the challenges and opportunities facing solution providers. CDN's email newsletter details the most important news and commentary from the channel.