Tag Archives: Virus protection

Over the last week we have seen an increase in the amount of companies receiving emails containing Zepto Ransomware, a file encrypting virus based on the infamous Locky cryptoware.
Most of the emails have been carefully crafted to ensnare the victims using social engineering techniques, typically greeting the recipient by first name and asking them to open an attachment which they had requested.
zepto image
The attachment will typically be either a .zip extension or .docm extension and once opened will run a malicious JavaScript which then encrypts all files on the users machine with the .zepto extension

To try and combat the infection, we offer the following advice
1. To protect against JavaScript attachments, tell Explorer to open .JS files with Notepad.
2. To protect against VBA malware, tell Office not to allow macros in documents from the internet.
3. Ensure your AntiMalware program is upto date
4. Ensure your users are careful with email attachments and only open the ones they are sure they have requested
5. If possible set email filtering to quarantine all .zip and .docm files

Brian-A-Jackson1

On a weekly basis there are now articles regarding a big brand company which has been hacked, these usually relate to what data has been lost, how they are notifying those affected and what they are going to be doing to prevent this from happening again.

So how do you prevent it from happening in the first place?

From experience I can see that if a hacker wants to get details from somewhere they will take the easiest target, the ‘Low Hanging Fruit’ as they say, in ensuring your company has some basic security principles in place can help mitigate this.

So how do you ensure you are not the ‘Low Hanging Fruit’

Simple measures can be taken within your environment to help secure it. As a basic level you should be meeting the following guide - CyberEssentials Requirements

This sets out some advice regarding Firewalls, User access control, Passwords, Malware protection and Patch management.

Once you have met the standards given within this document you should be looking to increase the security standards within your organisation. The most effective we have found is the use of education, once educated your staff will be able to react to the threats quicker and reduce the risks to your company.

The National Crime Agency (NCA) are urging everyone to protect themselves against the latest powerful malware attack. The NCA are working to combat the two forms of software virus called GOZeuS (also known as P2PZeuS) and CryptoLocker.

Users are infected when they click on attachments or links and with an unprotected computer, this malware is downloaded and will monitor a user’s activities. The short video below explains how this virus allows cyber criminals to access your PC, capture private information and extract cash from users.

It’s estimated that GOZeuS (also known as P2PZeuS) is responsible for the fraudulent transfer of hundreds of millions of pounds globally. There are potentially more than 15,500 infected computers in the UK.

Individuals are advised to back up all files, photos, videos - all important information. Businesses are also advised to make sure their anti-virus protection is up-to-date and to make their employees aware of this threat and the implications of downloading attachments from unknown sources.

While the NCA are working with the FBI, Europol, banking organisations, internet security and ISP sectors, their Get Safe Online campaign is providing advice and tools to help everyone understand how they can protect themselves online.

Trend Micro have launched tools to help you find out if you have been infected and you can download them at their Threat Encyclopedia page

Blue Solutions are a leading distributor for Trend Micro internet security products and are able to advise any MSPs and resellers who are looking for internet content security and cyber threat management solutions. More information about Trend Micro products are available at our website and you can contact one of our account managers on 0118 9898 222.