Connect with us

Cyber Security

CryptoLocker 2.0 – Are You Ready? We Are

Avatar

Published

on

Reading Time: 4 minutes

While other security companies and their users are still struggling to deal with the infamous ransomware Cryptolocker, we have no worries at Comodo.  In fact, if you use our Comodo Endpoint Security, with our unique Auto-Sandbox technology, you are already safe and secure from Cryptolocker 2.0 (officially entitled Prison Locker or Power Locker) and other soon-to-go-wild copycats roaming the Internet.

How can we be so sure?  Because with over 70 million total installations of Comodo Antivirus there has not been a single reported incident of Cryptolocker on a Comodo protected computer. In fact, we provide a $5,000 virus free warranty to protect users of Comodo Endpoint Security and have not paid a single claim in over 6 years!  That is why we call our protection “ironclad”.

We’ll explain why, but first let’s review.  What is Cryptolocker?

Cryptolocker is a Trojan virus known as ransomware, spread predominantly through emails to infect Windows computers and extort money from its victims. Some analysts have called it the perfect criminal virus, almost impossible to defeat. We beg to differ, but we digress.
Endpoint Security
After being installed on your computer CryptoLocker takes control and locks up your data files, including all MS Office files. It then displays a message demanding you pay a ransom to unlock your files, around $300 in bitcoins or MoneyPak .  CryptoLocker itself can be removed by many anti-virus programs. Unfortunately your files will remain locked using encryption that is virtually impossible to break.  Pay up or you’re out of luck!

Last December, Dell SecureWorks published an estimate that the original version of the program had infected around 200,000-300,000 PCs in 100 days.  Approximately 0.4 percent of these victims probably paid the demanded ransom. That may seem like a small percentage, but it would be haul of up to $360,000 for the hackers in just 3 months. With that kind of loot in play it is not surprising to see copycats appear, and they have.

Of particular concern is an identified copycat we’ll euphemistically call CryptoLocker 2.0, aka Prison Locker.  It differs most significantly from the original CryptoLocker in that it encrypts more file formats and spreads through USB drives instead of email.  It reportedly opens up a new locked up Window and disables Windows and Escape Key.  It prevents you from running taskmgr.exe, regedit.exe, cmd.exe, explorer.exe, msconfig.exe while disabling the ALT+TAB key feature.

The following is a side by side comparison.

CryptoLocker vs. CryptoLocker 2.0 (Copycat)

 
CryptoLocker
CryptoLocker 2.0 (PrisonLocker)
Form of Encryption RSA-2048 RSA-1024 (weaker)
Ransom Payment Options Bitcoin plus other forms of payment are accepted pay via Bitcoin only
Code Microsoft’s Visual C++ C# programming language
File Types Likely to be Stolen Business Files Business, Images, Video, and Audio Files
Spreads Via… Drive-by-Downloads, Phishing Emails USB

So, CryptLocker 2.0 or similar will soon be here and more copycats are sure to follow.  Why aren’t users of Comodo Endpoint Security concerned? Because thanks to Comodo’s Default/Deny strategy with Auto Sandboxing, these malicious programs will never have the opportunity lockup their files.

Comodo Endpoint Security focuses on prevention, not purely detection. Comodo’s patent-pending Auto Sandboxing technology creates a real time, isolated environment that identifies safe, unsafe, and questionable files and executables and automatically isolates both unsafe and unknown files, allowing only known, trusted files to penetrate your system.

If a threat is known to be malicious, Comodo’s Antivirus (AV) will detect its signature and prevent any damage from occurring, i.e. the encryption of your files. If the threat is unknown, the HIPS and Auto-Sandbox will intercept the malware, stopping it in its tracks, as the virus is never actually installed on your system. Comodo AV labs detect blacklist signatures for malicious files such as CryptoLocker, so the ransomware would go straight into the Quarantine or Sandbox Management consoles of Comodo Endpoint Security Manager (CESM) where the admin could delete it.

CESM 3 packages unsurpassed protective power within our next-generation remote administrative console. This enables the administrator to receive real-time alerts through list or panoramic views of all endpoints and system management capabilities, a feature generally found only in dedicated RMM systems. So, when the user opens the malicious message containing CryptoLocker, CES will detect the malicious (or unknown) file, automatically sandbox it, and alert the administrator. If the admin gets to the alert before Comodo labs, the administrator is able to remotely remove the ransomware from the end user’s computer, regardless of the end user’s location.
esm-firewall
Four clicks to security:

  1.  Administrator views the list of files within the sandbox.
  2. Administrator selects the malicious executable(s) to be removed.
  3. Administrator remotely accesses the end user’s computer to select the malicious file running on the sandbox.
  4. Administrator deletes the file location to rid the user’s system of the malicious application.

Four clicks to security. It’s really that simple! But don’t just take our word for it. Comodo Endpoint Security (CES) is powered by the same patent-pending prevention-based technology that our consumer product, Comodo Internet Security (CIS), uses to protect consumers against CryptoLocker. CIS was recently awarded the top position in the Proactive Security Challenge 64 by matousec.com, a project run by a respected group of independent security experts dedicated to improving end user security. Following the challenge, matousec.com named CIS the “Ultimate Protection Machine.”

In addition to its ability to protect enterprises from malware like CryptoLocker, ESM has many other great capabilities. For instance, the latest upgrade to ESM added several capabilities such as centralized monitoring of sandboxed (unknown) and malicious files, endpoint auto-synchronization via Active Directory, encrypted VNC sessions to local and remote endpoints, and support for Windows 7 Embedded Standard.

To become protected against Prison Locker and its variants download a 60-Day, 60 user free trial now or contact cesmsales@comodo.com for the date of our next webinar.

TEST YOUR EMAIL SECURITY GET YOUR INSTANT SECURITY SCORECARD FOR FREE Source: https://blog.comodo.com/comodo-news/cryptolocker-2-0-are-your-ready-we-are/

Cyber Security

What’s an IP location CDN?

Avatar

Published

on

CDN providers-1606951_640

If you are a business leader or a website owner who is determined to take on newer heights for your business, you need to make an effort to study the digital world and everything it encompasses. For example, the phrase that has been typed a lot in search engines is ‘IP location CDN.’

Table of Contents

Do you have an idea why?

We are talking about the CDN IP location for this article, how they are both different entities, why the search phrase begins to be ranked, and what components you can take into consideration when shopping for CDN providers.

Let’s get started!

IP location CDN: what is it?

It is essential to understand that the CDN IP location is not an actual piece of technology. They are two separate entities. The IP location is one thing, while the CDNs, short for Content Delivery Networks, are another. A quick definition of an IP address, also known as an IP address, is a network address for your device so that the internet is informed as to where the data, emails, or pictures of dogs and beaches can be transmitted.

Every gadget has now it. Whether it’s a personal computer or a tablet, there are IP addresses in every device that can access the internet. Hundreds of IP address tracker devices are available online, so you can simply turn to these automated resources to find out what the answer is if you curry where any users are.

On the other hand, CDNs are a bunch of servers scattered around the world. This is how global internet users can use media from the internet much faster and easier wherever they are. Unknown to the large majority, CDNs run half the internet. These cloud content delivery platforms distribute data more effectively to users worldwide. Without the help of a CDN, visitors to websites must collect data from the host of the origin of a site, which means that the host responsible for keeping the website and its content alive. While nothing is wrong here, the host origins are not made to accommodate hundreds of thousands of people at once.

That means that if your website is not backed up by CDN and you all visit your website from your ocean of users, it will more likely crash because your visitors will request data from the host of origin. This host of origin is also situated in one region of the globe. This means that users of your site who are seas other than origin will notice a significant delay in loading the web page. In the meantime, your users who live near the origin will not experience the same browsing encounter. CDNs are therefore helpful: because they reduce latency, and several servers around the globe help to relay your web data much faster.

Why are people looking this up?

Understandably, a lot of CDN IP positions have been searched for. If you’re shopping for CDNs, you’d like to find out where the location of your CDN providers is. It is because you would like to make sure that their positions are close to where your primary markets are located. You may be a company based in Atlanta, for example, but your website has an extensive follow-up in Sweden and Japan. In that particular case, you would like to make sure that the CDN providers you find have locations in those areas as well.

You can turn to an IP address tracker for support if you are not certain where your site visitors are. These kinds of digital tools help you find out where your digital markets are. Of course, your web host should have this information ready, but if you want to single out a single user or visitor, and you want to know where they come from, the IP address tracker should be enough. Look around online, and you’re going to find a lot of them.

How to choose CDN providers

As stated earlier, the number one thing you would like to ask CDN providers is where they are located. They might have the most advanced equipment and prices, but if their presence points are far from where your web site needs to be strongest, it may be pointless to sign up. Please note that the very essence of why you first sign up with a provider is that your sets can be loaded quickly. Check out where our locations are on this link.

Customer service is something you can’t overlook. If you entrust your Web data to CDN providers, you would want a trustworthy team to be responsible if anything goes wrong. It’s also extremely helpful to be able to turn to a talented pool of trusted professionals, particularly when you run an e-commerce business.

Source: https://cybersguards.com/whats-an-ip-location-cdn/

Continue Reading

Cyber Security

Facebook Announced Rewards for Vulnerabilities in Hermes and Spark AR

Avatar

Published

on

Facebook

On Friday, Facebook revealed it is providing substantial incentives for vulnerabilities found in Hermes and Spark AR through its bug bounty programme.

Hermes is a JavaScript engine which was released a year ago by Facebook as an open source. Hermes is used for Android and other applications by the social media giant’s React Native apps, including Spark AR, an augmented reality tool used to create effects on Facebook , Instagram, and even on Facebook’s Portal smart displays.

Its bug bounty program has covered vulnerabilities found in native Facebook code, but the company says it wants to encourage security researchers to analyze Hermes and Spark AR, which is why bug bounties have increased significantly.

For example, if a white hat hacker discovers a vulnerability or an exploit chain that allows remote execution of code while running a Spark AR effect, they will receive $25,000. The exploit can either directly target the Spark AR platform, or the Hermes JavaScript VM.

“May adjust the amount depending on the particular bug and exploit. For instance, an exploit chain that lacks an ASLR bypass will result in a slightly lower payout. Likewise, an out-of-bound writing where the route to RCE is not clear would receive a lower payout, “explained Facebook.

On average, a vulnerability that allows an attacker to read user data might be worth $15,000. Denial-of – service (DoS) flaws resulting from out-of-bound read or write bugs will yield between $500 and $3,000 to researchers.

They can also receive a bonus of up to $15,000 if they provide a complete proof-of – concept (PoC) exploit, meaning they might get $40,000 for a flaw in remote code execution.

Last year, Facebook paid out more than $2.2 million through its bug bounty program, and a total of almost $10 million since its program was launched in 2011.

Source: https://cybersguards.com/facebook-announced-rewards-for-vulnerabilities-in-hermes-and-spark-ar/

Continue Reading

Cyber Security

Google Announced New Policy Updates to Reject Ads for Spyware

Avatar

Published

on

Google

Google announced this week that it will effectively reject ads for surveillance technology starting next month, by updating its policy.

The revised Google Advertising Promoting Unethical Behavior Policy, which would “prohibit the promotion of goods or services that are advertised or targeted for the express purpose of tracking or controlling another person or their activities without their authorisation,” will be implemented beginning August 11, 2020, the Internet giant announced.

Google must enforce the policy internationally in an attempt to combat spyware ads and other forms of surveillance.

Such technology, explains the company, involves using spyware, malware, and other means to monitor a person’s messages, phone calls, or browsing habits, or keep an eye on their whereabouts using GPS trackers.

In addition, Google’s revised policy would also strike the sale of surveillance devices such as audio recorders, cameras, dash cams and nanny cams that are “marketed for the purpose of clear spying.”

“It does not include (a) private investigative services or (b) products or services designed to track or control parents’ underage children,” explains the company.

If any violations of the new policy are found, Google will initially issue a alert, and delete offending accounts within 7 days.

Advertisers are told, before August 11, to delete any advertisements that might result in a policy breach.

Source: https://cybersguards.com/google-announced-new-policy-updates-to-reject-ads-for-spyware/

Continue Reading
Blockchain1 hour ago

Decentralized File Sharing, Explained

Esports2 hours ago

Here are dev1ce’s CS:GO settings and crosshair

Esports2 hours ago

Scores and standings for the PMWL East opening weekend

Blockchain2 hours ago

Comparing Apple to Bitcoin? Crypto Occupies a Class of Its Own

Blockchain2 hours ago

Review: ‘HOW ARE WE’ – Tokenized Performance Art Film

Esports2 hours ago

The Problem With Forced LEC Narratives

Esports3 hours ago

PUBG Mobile esports unveils new documentary titled “Between the Battlegrounds”

Blockchain3 hours ago

Japanese Exchange Holdings of Bitcoin Surged During the Pandemic

Blockchain4 hours ago

This Exchange Crashed Bitcoin Price to $9K: Here’s Why That’s Bullish

Esports5 hours ago

CDEC take the OGA Dota PIT Season 2: China championship title

Supply Chain6 hours ago

Volumes fall post-July Fourth (as expected) but remain strong

Esports7 hours ago

Dota 2: The New Anti-Mage Persona Is Live

Nano Technology10 hours ago

Oxford Instruments Plasma Technology Releases PTIQ: Intelligent Control Software for Plasma and Ion beam Processing Equipment

venezuela-raises-petrol-prices-mandates-support-for-petro-at-gas-stations-3.jpg
Blockchain10 hours ago

This Eerie Shanghai Composite Fractal Predicts Bitcoin Will Surge Past $10k

Blockchain10 hours ago

The Encrypted Messaging Dilemma: Balancing Censorship and Freedom

Publications10 hours ago

World’s First FDA IDE Coronary Patient Treated With a DEB

IOT10 hours ago

EFF’s 30th Anniversary Livestream | Electronic Frontier Foundation @eff

IOT10 hours ago

Juno Captures Amazng Image of ‘Clyde’s Spot’ on Jupiter #SpaceSaturday

IOT10 hours ago

This Map Crowdsources Police Brutality Data

Esports11 hours ago

Is ex-OG carry ana hinting at a return to competition?

Cannabis11 hours ago

3 weed products rap legend Wyclef Jean can’t live without

Cyber Security11 hours ago

What’s an IP location CDN?

venezuela-raises-petrol-prices-mandates-support-for-petro-at-gas-stations-3.jpg
Cannabis11 hours ago

CATCH 22 – DAY 11: Man facing charges for brake checking, DUI, marijuana

Cleantech11 hours ago

Is Honda Waking Up?

Business Insider12 hours ago

Presidential advisers, confidants claim Trump has made himself into a victim amid the pandemic, according to report

Business Insider12 hours ago

Health department shuts down production at Dov Charney’s clothing company, Los Angeles Apparel, after ‘flagrant’ health violations and death of 4 workers

Fintech12 hours ago

FinovateAsia: Innovation in Customer Experience, Regtech, and Financial Crime

Cyber Security12 hours ago

Facebook Announced Rewards for Vulnerabilities in Hermes and Spark AR

one-step-forward-2-steps-back-harvards-dr-thomas-tsai-assesses-trumps-response-to-covid-19-and-tells-us-his-fears-and-hopes-about-the-months-ahead.jpg
Business Insider12 hours ago

One step forward, 2 steps back: Harvard’s Dr. Thomas Tsai assesses Trump’s response to COVID-19, and tells us his fears and hopes about the months ahead

IOT12 hours ago

It’s Time for Watch Clocks to Make a Comeback

Cannabis12 hours ago

Upper Princeton area storage buildings could offer future cannabis use

Cyber Security12 hours ago

Google Announced New Policy Updates to Reject Ads for Spyware

CNBC12 hours ago

President Donald Trump commutes ally Roger Stone’s prison sentence

Blockchain12 hours ago

Demand for Synthetix Continues To Grow Despite ‘Concerning Signs’

Blockchain13 hours ago

Correlation Between Bitcoin Price and Stocks Reaches a New All-Time High

Gaming13 hours ago

Shapshot VR – Developer Interview with GIANT SCAM

Biotechnology13 hours ago

Jurassic fossils from northeastern China reveal morphological stasis in the catkin-yew

an-ex-goldman-sachs-exec-thinks-ethereum-is-on-the-verge-of-outpacing-bitcoin.jpg
Blockchain13 hours ago

An ex-Goldman Sachs exec thinks Ethereum is on the verge of outpacing Bitcoin

venezuela-raises-petrol-prices-mandates-support-for-petro-at-gas-stations-3.jpg
Blockchain13 hours ago

Unless Bitcoin Breaks Through These 2 Levels, a Crash to $7,000 Is “Logical”

Blockchain13 hours ago

Researcher Says Ethereum 2.0 May Be Delayed — Increasing Risk to ETH Bulls

Trending