Trend Micro

security-banner

Our top security updates in the news and on the web this week

1.10 tips to avoid Cyber Monday scams

Shoppers familiar with the Cyber Monday circus know they’re stepping into the lion’s den. The Internet has always been a lawless place. First posted on Malwarebytes.

For the original post and further information click here

2. More POS malware, just in time for Christmas

Threat researchers are warning of two pieces of point of sales malware that have gone largely undetected during years of retail wrecking and now appear likely to earn VXers a haul over the coming festive break. First posted on The Register.

For the original post and further information click here

3. Some simple security advice for computer and smartphone users

Demonstrated how easy it can be to compromise users computers and 'steal' very personal video and photos, here's some really simple advice to help prevent this happening. First posted on Pen Test partners.

For the original post and further information click here

4. CryptoWall Updates, New Families of Ransomware Found

The ransomware threat isn't just growing—it's expanding as well. There has been a recent surge of reports on updates for existing crypto-ransomware variants. First posted on Trend Micro.

For the original post and further information click here

ransomware-update

5. Blast from the Past: Blackhole Exploit Kit Resurfaces in Live Attacks

The year is 2015 and a threat actor is using the defunct Blackhole exploit kit in active drive-by download campaigns via compromised websites. First posted on Malwarebytes.

For the original post and further information click here

6. Another Day, Another HMRC Tax Phish…

We could all do with a bit of a tax refund right before the festive season, and wouldn’t you know it. First posted on Malwarebytes.

For the original post and further information click here

7. Diving into Linux. Encoder’s predecessor: a tale of blind reverse engineering 

Linux.Encoder.1 has earned a reputation as the worlds first Ransomware family tailored for Linux platforms. First posted on Bitdefender Labs.

For the original post and further information click here

If you have any security news that you would like to see on our blog please send it to us at bluesolutions, please include the link from the original article in the email.

trend-micro

 

Originally published on the Trend Micro Blog

A recent Trend Micro report carried out by the Ponemon Institute uncovered an interesting new dynamic in the workplace. Increasing numbers of U.S. consumers are bringing wearable technology into the office.

This raises a difficult problem for enterprise IT managers keen on keeping IoT devices from swamping the workplace as the influx of BYOD devices did a few years ago. So what’s the best way to move forward?

Growth and risks

Let’s be clear, the use of IoT devices and wearables in the workplace is by no means soaring. According to our study – Privacy and Security in a Connected Life – just 25 percent of U.S. consumers said they even plan to use a fitness tracker. For Google Glass, this figure was an even lower 16 percent. Yet adoption is increasing, and as it does, these devices will inevitably find their way into the corporate world, just as the smartphone and tablet did before them. From smart watches to activity trackers and smart glasses, there’s a growing feeling that these devices can help our productivity and well-being. Given we spend the majority of our lives at work, it’s a no-brainer that employees will want to wear them in the office.

While they may support productivity, connected devices present risks for the IT department, especially those that could auto-sync corporate data, making them a potential target for hackers and thieves. Even data tracking the movements of mobile sales staff could tip off competitors about new leads. Many IT leaders will want to manage this risk by ensuring any workplace IoT devices are controlled with MDM, security tools and policies. However, according to our research, 50 percent of U.S. consumers do not believe their employer has the right to access personal data on their smart device, despite connecting to the corporate Wi-Fi.

Staff versus employer

This dilemma brings the usual arguments raised by BYOD, namely that sensitive corporate or customer data could be at risk if accessed or stored on an employee-owned device. Now if IT managers try to shackle devices with MDM or security tools, they could risk the wrath of users.

A recent court case highlights that such problems are no longer theoretical. A U.S. District Court in Texas heard the case of a staff member who sued his employer for loss under the Computer Fraud and Abuse Act. The former employee was forced to use his own iPhone for accessing customer emails at work since one was not provided. When he resigned, the company’s network administrator remotely wiped his phone, deleting not just work information, but also his personal data. In the end, the employer won, but it won’t be the last case of this kind as staff and their employers increasingly clash over BYOD.#
Best practice BYOD

So what can the under fire IT manager do to walk this fine line, protecting both enterprise data and staff expectations of personal privacy, while enabling staff productivity? Here are a few tips for starters:

  • If you haven’t already, classify enterprise data and perform a risk assessment to better understand what is at stake if it ends up in a competitor’s hands.
  • Find out how many personal smart devices are already being used at work.
  • Familiarize yourself with the operating systems, devices and security shortcomings of these devices.
  • Consider enforcing remote lock/wipe and password protection for all devices allowed to connect to the corporate network.
  • Utilize a ‘containerized’ security approach which keeps corporate and personal data separate on devices.
  • Apply policies so that the most sensitive corporate data is encrypted.
  • Assess any new IoT devices before they are allowed to connect to the network.

 

 

 

 

trend-micro

How to Win the Cloud Security Game by Balancing Risk with Agility

The cloud is changing the way organisations around the world do I.T. Attracted by lower costs, improved efficiency and faster development and deployment times for apps, users everywhere are migrating to this new computing model in droves, with or without the blessing of I.T. Yet security is a top concern due to the loss of control of a physical infrastructure.

The challenge of balancing that greater business agility with security risk while keeping costs down is not an easy job. But it’s one that cloud managers will have to confront to be successful. And just like in a game of football, a winning strategy must be built on solid defence.

Shared responsibility

To articulate the challenges of cloud security, Trend Micro recently commissioned Forrester Consulting to survey I.T. professionals tasked with public cloud security projects. 70 percent said the public cloud was an integral part of the product or service they offered to customers.

It’s no surprise that security was a concern to three-quarters (76 percent) of them. In the public cloud, security is a shared responsibility. The cloud service provider will secure up to the hypervisor (including data centre and infrastructure), while the customer must take care of securing the OS, apps, users and data.

Kicking off

When determining how to best augment the secure infrastructure of their cloud provider, cloud managers should start by considering three aspects:

  1. Time to value – This is all-important to developers. It’s why two of the top three barriers to adopting best practice cloud security were given as “too time intensive” (43 percent) and “would slow down cloud usage” (36 percent). Forrester believes cloud resources must be made available in under 15 minutes, automated and out of sight, or developers may look to circumvent IT controls.
  2. Security risks – Cutting down on security in order to speed time to value will expose organisations to the risk of a data breach, including the financial penalties, damage to brand, legal costs, and consumer trust issues this could bring. Adding protection like data encryption, monitoring and logging, intrusion detection/prevention and patch management and other controls to cloud workloads provides multi-layered protection that reduces security risks.
  3. Cost – Applying maximum levels of security to every workload will drive up cost unnecessarily, impacting one of the main reasons of migrating to the cloud. It could also force developers to bypass security. But if you don’t add enough security, you become an easy target for hackers, leading to expensive data breaches. It’s a delicate balance.

Deep Security for the win!

Forrester believes the answer lies with security solutions offering pre-made templates with different levels of security to match the needs of individual workloads:

Optimal cloud security controls would be:

  • Automated: so when a developer launches a workload, it is automatically protected.
  • Personalized: with policies that fit the workload type, sensitivity and regulatory context.
  • Pre-built in a template: so the developer doesn’t have to know what the right security is for their workloads.

With Trend Micro Deep Security, we believe we have the best solution: enabling automated, comprehensive security that won’t get in your way. What’s more, Deep Security can protect your entire organisation – across physical, virtual and cloud environments and includes comprehensive protection in a single product and agent. Making management easier and lowering costs.

Contact our sales team today on 0118 9898 222 to find out more about Trend Micro Security Solutions.

bluesolutions_logo-colour

 

Trend Micro Silverstone

Some of our team joined Trend Micro for a day at Silverstone.

The day was a great opportunity for our team and Trend Micro to enjoy the races and also get to sit behind the wheel of a few of the cars.

Here's some of the images from the day:

 

 

Our Sales Manager, Emma Wale enjoyed the day, although it was a bit noisy!

Emma Trend Silverstone

 

 


 

Sandra from Trend Micro enjoys her time behind the wheel of the car...Sandra Trend Silverstone

 

 

 

 

Aaron from Trend Micro is looking concerned that his favourite car might not win the race...

Aaron Trend Silverstone

 

 

 

 

 

Other pictures from the day:

Trend DayTrend car2 Silverstone  Trend Car 21Apr

 

 

Cryptolocker Banner

This important notification is being released by Trend Micro for AWARENESS of the Ransomware Cryptolocker family. The main purpose of this Threat Awareness is to provide complete information about the threat and communicate the recommended solutions and best practices so that customers can apply them and avoid being affected or contain the threat from spreading further. If similar infections are being experienced in your respective regions, please contact your support engineer.

Threat brief

We are experiencing a resurgence of the malware family named Cryptolocker (and others variant). This is a crypto-ransomware variant which has the capability to encrypt files. It uses many technics (HTTPS, P2P, TOR…) to mask its command-and-control (C&C) communications. Usually, this attack is delivered thought spear-phishing method as an email attachment. Upon execution, it connects to several URLs to download the crypto-ransomware. It displays a ransom message. Users must pay the ransom before the set deadline is done. Otherwise, all the files will permanently remain encrypted. But beware, ransom payment is no guarantee that the original files will be restored!

Notable Variant
•  A particular variant, TROJ_CRYPCTB.XX , offers users the option of decrypting 5 files for free—as proof that decryption is possible.
•  Users are also given 96 hours, instead of 72 hours, to pay the ransom fee.
•  The displayed ransom message has options for four languages, namely, English, Italian, German and Dutch.
•  In some case, infection could occur through embedded URL over email or compromised web site with drive-by download technics.
Ransomware Image

How to protect from CRYPTOLOCKER attack ?
•  Use Reputation for real-time protection using cloud automatic sharing system (Smart Protection Network)

◦  Email Reputation to block malicious and suspicious email.
◦ Web Reputation to block compromised websites, newly C&C remote hosts and other disease vectors.
◦  File Reputation through SmartScan technology for real-time security updates on your solutions.

• Leverage sandbox, emulation and heuristic integration in current Trend Micro product with Custom Defense approach

◦ Automatic execution of suspicious content on innovative dynamic engines
◦ Native & easy deployment to existing Trend Micro solutions (OffiScan, IMSva, IWSva, ScanMail…)
◦ Empower Deep Discovery approach to detect over network any cryptolocker attack, ransomware, 0-day, targeted attack and any others unkown malware/variant

• Apply Best Practices on your Trend Micro solutions
Block potentially dangerous file over email (exe, scr, cab filetype…)
◾IMSva : http://esupport.trendmicro.com/solution/en-us/1099617.aspx
◾WFBS & ScanMail : http://esupport.trendmicro.com/solution/en-us/1099619.aspx

◦Tune Endpoint security solutions with Trend Micro recommendations
Malware : http://esupport.trendmicro.com/solution/en-us/1054115.aspx
◾Ransomware : http://esupport.trendmicro.com/solution/en-us/1099423.aspx
http://esupport.trendmicro.com/solution/en-us/1101715.aspx

•Education to end-user is key to pro-active defense:
◦ Always check who the email sender is.
◦ Double-check the content of the message.
◦ Refrain from clicking links in email.
◦ Backup important data.

• Coming soon into OfficeScan 11 Service Pack 1 !!! Anti-Cryptolocker feature to protect your personal file against encryption or malware action. Beta will start in few weeks. Contact your support engineer for more information.

How te remediate if Cryptolocker infection is running ?
• Détection and removal tool for Cryptolocker :

Threat Cleaner for GOZ and CryptoLocker (32-bit and 64-bit)
• Most of the time, encrypted personal file are lost even if user pays the ransom. Backup restore is the best solution to retrieve original and unmodified personal files.
• For Windows users, in case of system backup & restore features were active, lost files could be restored based on last automatic backup :

http://windows.microsoft.com/en-us/windows7/previous-versions-of-files-frequently-asked-questions

If you have any queries about Trend Micro Solutions and the Ransomware Cryptolocker family, call our support team on 0118 9898 245.

Communication continues to evolve through technology over the years. Unfortunately, cybercriminals are keeping pace and attacking the most popular means of communication.

This  Trend Micro infographic below is a good look at how threats evolve.

If you're looking for a solution to protect your clients' businesses from malware and cybercrime, contact our sales team on 0118 9898 222.
INFOGRAPHIC: How Attacks Adapt

Trend Micro Worry Free

 

 

 

How soon must IT groups patch vulnerable servers? The following windows of exposure timelines show the varying levels of risk enterprises face once a vulnerability is found or an exploit is in the wild.

Any delay in patching after a vendor releases a patch, therefore, is an additional window of exposure.
INFOGRAPHIC: Dodging a compromise

Contact our product and sales specialists today on  0118 9898 222 to find out how Trend Micro Solutions can help your business.

Trend Micro Worry Free

 

 

 

We have been informed by Trend Micro that the issue with the AOL.com domain has been resolved.

The issue with the BT.com domain is still being investigated and we will update you again when we have received another update.

If you are experiencing issues, please contact our support desk on 0118 9898 245 or email us at support@bluesoultions.co.uk during these times:
•   Monday - Thursday 8.30 – 5.30pm
•   Friday – 8.30 – 5.00pm

 

Trend Micro Worry Free

 

 

 

We are aware of the current issues with the Trend Micro Hosted Exchange (HES) platform.
We are aware that there are intermittent issues with:

  • AOL.com
  • BT.com

This issue could potentially affect other domains and we will update you on those as well. We have escalated the issue with the Trend Micro Support team.

If you are experiencing issues, please contact our support desk on 0118 9898 245 or email us at support@bluesoultions.co.uk during these times:

  • Monday - Thursday 8.30 – 5.30pm
  • Friday – 8.30 – 5.00pm

 

Trend Micro Worry Free

 

A service pack for Trend Micro™ Worry-Free™ Business Security 9.0 (Standard and Advanced) has been released.

It contains new product features, improvements, hotfixes, and critical patches. Visit the Trend Micro website and download the service pack for Standard and Advanced.

Got any questions about Trend Micro™ Worry-Free™ Business Security 9.0?  Contact our product specialists on 0118 9898 222