Tag Archives: Virus

Bitdefender have updated their GravityZone cloud console with some new features over the weekend and here at Blue Solutions we are happy to guide you through these changes and how they will affect you and your customers.

Anti-Ransomware

The big news is that Bitdefender has now incorporated Anti Ransomware vaccine to all its cloud customers, and will be rolling this out through the on-premise version on Tuesday 27th Sep 2016.  This module is activated through the policy section  Antimalware --> On Access settings

Gravityzone Ransomware Vaccine Policy Setting
Gravityzone Ransomware Vaccine Policy Setting

By activating this module, machines will be protected from all currently known forms of Ransomware.

Other New Features

Update Rings - this feature allows Administrators of the program to  chose when in the validation cycle an update is received.

Anti-Exploit Techniques - a new set of powerful techniques which further enhances existing technologies to fight targeted attacks.  These are integrated into the existing Advanced Threat Control module.

Web Access Control Rules - The categories list has been updated with multiple new categories added.

Exchange Protection - This can now be enabled/disabled when editing a customer with a monthly license subscription.

 

The above features are now in place for all current users of Bitdefender Gravityzone in the cloud and will be rolled out to Bitdefender Gravityzone on-premise users from the 27th Sep 2016.

For more details on the above features and a look at the other features included please click here

logo     bs-logo

Over the last week we have seen an increase in the amount of companies receiving emails containing Zepto Ransomware, a file encrypting virus based on the infamous Locky cryptoware.
Most of the emails have been carefully crafted to ensnare the victims using social engineering techniques, typically greeting the recipient by first name and asking them to open an attachment which they had requested.
zepto image
The attachment will typically be either a .zip extension or .docm extension and once opened will run a malicious JavaScript which then encrypts all files on the users machine with the .zepto extension

To try and combat the infection, we offer the following advice
1. To protect against JavaScript attachments, tell Explorer to open .JS files with Notepad.
2. To protect against VBA malware, tell Office not to allow macros in documents from the internet.
3. Ensure your AntiMalware program is upto date
4. Ensure your users are careful with email attachments and only open the ones they are sure they have requested
5. If possible set email filtering to quarantine all .zip and .docm files

Brian-A-Jackson1

On a weekly basis there are now articles regarding a big brand company which has been hacked, these usually relate to what data has been lost, how they are notifying those affected and what they are going to be doing to prevent this from happening again.

So how do you prevent it from happening in the first place?

From experience I can see that if a hacker wants to get details from somewhere they will take the easiest target, the ‘Low Hanging Fruit’ as they say, in ensuring your company has some basic security principles in place can help mitigate this.

So how do you ensure you are not the ‘Low Hanging Fruit’

Simple measures can be taken within your environment to help secure it. As a basic level you should be meeting the following guide - CyberEssentials Requirements

This sets out some advice regarding Firewalls, User access control, Passwords, Malware protection and Patch management.

Once you have met the standards given within this document you should be looking to increase the security standards within your organisation. The most effective we have found is the use of education, once educated your staff will be able to react to the threats quicker and reduce the risks to your company.

The National Crime Agency (NCA) are urging everyone to protect themselves against the latest powerful malware attack. The NCA are working to combat the two forms of software virus called GOZeuS (also known as P2PZeuS) and CryptoLocker.

Users are infected when they click on attachments or links and with an unprotected computer, this malware is downloaded and will monitor a user’s activities. The short video below explains how this virus allows cyber criminals to access your PC, capture private information and extract cash from users.

It’s estimated that GOZeuS (also known as P2PZeuS) is responsible for the fraudulent transfer of hundreds of millions of pounds globally. There are potentially more than 15,500 infected computers in the UK.

Individuals are advised to back up all files, photos, videos - all important information. Businesses are also advised to make sure their anti-virus protection is up-to-date and to make their employees aware of this threat and the implications of downloading attachments from unknown sources.

While the NCA are working with the FBI, Europol, banking organisations, internet security and ISP sectors, their Get Safe Online campaign is providing advice and tools to help everyone understand how they can protect themselves online.

Trend Micro have launched tools to help you find out if you have been infected and you can download them at their Threat Encyclopedia page

Blue Solutions are a leading distributor for Trend Micro internet security products and are able to advise any MSPs and resellers who are looking for internet content security and cyber threat management solutions. More information about Trend Micro products are available at our website and you can contact one of our account managers on 0118 9898 222.