CTB-Locker

The Latest on Ransomware: CTB – Locker

Ransomware is malware that limits access to data on devices and demands a ransom be paid to the developer. Some forms of ransomware encrypt files on the systems hard drive, while some simply lock the system and display messages intended to persuade the user into paying.

In the past week there have been several cases of ransomware called CTB-Locker also known as Critroni Ransom. Generally spread via e-mail as an attachment; CTB-locker is released from time to time with the most recent cases occurring 18/19/20 January 2015.

CTB locker is run by a user. The application encrypts common file-types such as Excel and Word documents and images files such as Jpegs. The user then receives a display message stating that the data has been encrypted and that they need to pay a ransom.

It is not likely that the encrypted files are recoverable, in some cases users may be able to use Volume Shadow Copy, but essentially the most effective means of “recovery” is to back-up data/files on a regular basis and restore the most recent back-up.

CTB Locker doesn´t always remove the volume shadow copy (VSS), so depending on the affected operating system, if it is Windows Vista or higher, it is possible to retrieve a copy of the files affected by malware.

In this case, it is necessary to follow the steps below:

  1. Download and install the following software: http://www.shadowexplorer.com/downloads.html
  1. Once installed, browse to the location where the affected files are located
  1. Select a date prior to the infection.
  1. Select the affected file or folder, and choose the option “Export”.

(more…)

2015-PandaLabs-Forecast

2015 Malware Predictions from PandaLabs

PandaLabs have released their predictions for IT security in 2015, based on reports and attacks in 2014.

CryptoLocker

This type of malware was in the spotlight in 2014, and these types of attacks are set to increase in 2015.

CryptoLocker operates in straightforward fashion: Once it gets into a computer, it encrypts all types of documents that could be valuable to the user (spreadsheets, documents, databases) and blackmails the victim into paying a ransom to recover the files. This type of malware is also known as ransomware.

Payment is most often demanded in bitcoins, so that it cannot be traced by the police, making this type of attack ideal for cyber-criminals – as many users choose to pay in order to recover the “hijacked” information.

Targeted attacks

A small percentage of the millions of new malware strains that appear every month are specifically created to attack previously defined targets. These attacks, known as targeted attacks, are becoming more common and will be highly significant during 2015.

Many companies are unaware that they could be the targets of such attacks and therefore do not have appropriate measures for detecting or stopping them.

(more…)

Q3-Image

PandaLabs Q3 Results: Trojans exceed PUPs in the third quarter

The results for the third quarter show that malware continues to break records, averaging at 227 747 new samples created daily.

The last four months has seen large high profile organisations fall victim to cyber-attacks; companies such as JP Morgan Chase, Target, Home Depot and online services such as Dropbox and iCloud.

The most recent victim is Sony. The hack on the company led to upcoming films and workers’ personal data, such as social security numbers and salaries being leaked online. The malware used in the attack was undetectable by industry standard antivirus software and was damaging and unique enough to cause the FBI to release a flash alert to warn other international organisations of the critical threat.

Trojans continue to be the most common malware during Q3, accounting for 75% of infections, compared to 62.80% in the previous quarter. PUPs ranked second, representing 14.55%of infections, decreasing since Q2. Adware/spyware comprises 6.88% of infections, worms at 2.09% and viruses at 1.48% – down since the second quarter.

The global infection rate increased from 36.87% in Q2 to 37.93% in Q3. The results for each country shows that China is still at the top, reaching an infection rate of 49.83%. China is followed by Peru at 42.38% and Bolivia at 42.12%.

Europe remains the region with the lowest infection rate, with nine European countries ranking in the top ten most secure countries.

The full report is available here.

PCOP

Panda Cloud Office Protection 7.1: What you need to know

Panda Security, has announced the new features of version 7.1 of Panda Cloud Office Protection (PCOP), Panda’s cross-platform solution that offers the best cloud-based protection.

This version includes improvements aimed at meeting the requirements of medium and large enterprises. Version 7.1 incorporates various technological and functional innovations, with emphasis on providing the user with greater control and management.

The new features include:

  • Content filtering for the Exchange protection, which allows emails to be filtered by the extension of the attachment, neutralizing dangerous attachments or attachments with a multiple file extension. All content gets filtered before it arrives at the endpoint, endpoint performance is unaffected.
  • White-lists included in device control. This feature allows different exclusions to be applied to different groups of computers selected by profile. In addition, white-listed devices can be used without any restrictions, regardless of the settings.
  • Mobile device control. This option allows the user to block access to mobile devices and white-list devices.
  • New local console on the endpoint. This console provides PCOP administrators and partners with a tool to enable or disable the endpoint protection in a rapid and timely manner, making troubleshooting easy and painless.
  • Ability to upgrade to new versions from the PCOP Web console. Notifications will appear in the console to indicate that a new version is available. Administrators then decide to apply the latest version from the console.

For more information on PCOP click here.

Passwords

How to Protect Your “P@ssw0rd”

According to recent reports “password,” “iloveyou” and “123456” are still some of the most commonly used passwords. In an era where most of our interactions take place online, it’s time to consider setting up stronger and more efficient passwords. There is no doubt that almost every aspect of our online lives requires a password, whether you are doing online banking, connecting to social media, checking your email or even registering to certain websites. Like most people you probably use the same “soundproof” password that you’ve been using for years.

It is this mind-set that leads to an increased risk profile. With 2014 fast becoming “the year of the breach,” people need to take necessary precautions to avoid falling victim to hacking or cyber-crime.

(more…)

Kids-Safety

Who’s Afraid of the Big Bad Web?

“My Google, what big lies you have. All the better to trick you with.” This might very well become the line from a bedtime story that you tell your kids. Children tend to be more tech savvy than most adults, but they are also more vulnerable. They might know how a game is played or how a particular app works, but they are ignorant to the risks involved.

There are many different ways to protect your child online. It is important to communicate with your children and to enforce rules and restrictions.

Here are 10 tips from Panda on how to protect your children.  

  • Install strong security software on your computer – Panda’s 2015 consumer range, boasts the new XMT Smart Engineering engine providing complete protection with minimal performance impact. These products harness protection capabilities against viruses, malware, hackers and Wi-Fi intrusions. 
  • Monitor your children’s activity on the web – the 2015 range includes an advanced parental control feature that allows parents to monitor their children’s activities online. The dashboard provides a summary of the most visited Web pages and categories, and a detailed report of all pages accessed (page, category, date/time). The Parental Control technology is fully browser-independent, so deleting the browser history or using other browsers won’t affect the monitoring feature.
  • Teach your children about social media and the risk involved – Social media and online communication is a huge factor in the lives of youngsters today. Talk to your children about the content they post to social media sites; such as photos, statuses or personal information. Make sure that the privacy settings are set up correctly, so that their content and information is not visible to the public. Make them aware of the dangers involved in talking to and sharing information with people online.

(more…)