Tag Archives: blockchain

3rd May AVIEN resources updates

Updates to Anti-Social Media 

Kaspersky Threat Post: TENS OF THOUSANDS OF MALICIOUS APPS USING FACEBOOK APIS – “At least 25,936 malicious apps are currently using one of Facebook’s APIs, such as a login API or messaging API. These allow apps to access a range of information from Facebook profiles, like name, location and email address.”

The Register:

Talking of Zuckerberg, here’s his summary of the forthcoming ‘Clear History’ control.

Updates to Cryptocurrency/Crypto-mining News and Resources

Catalin Cimpanu for Bleeping Computer: New MassMiner Malware Targets Web Servers With an Assortment of Exploits

The Register: Whoa, Gartner drops a truth bomb: Blockchain is overhyped and top IT bods don’t want it – “Didn’t you know it’s panacea to all corporate woes, bro?!”

Gad Naveh for Help Net: Dig this: The future of crypto-mining botnets

Trend Micro: Cryptocurrency-Mining Malware Targeting IoT, Being Offered in the Underground

Updates to Meltdown/Spectre and other chip-related resources

Hilbert Hagedoorn for The Guru of 3-D: Eight new Spectre Variant Vulnerabilities for Intel Discovered – four of them critical

The Register: Hands off! Arm pitches tamper-resistant Cortex-M35-P CPU cores – “Sneaky processors look to keep lid on sensitive IoT data”

ESET: further updates to Meltdown and Spectre CPU Vulnerabilities: What You Need to Know

Updates to Internet of (not necessarily necessary) Things

The Register: Hands off! Arm pitches tamper-resistant Cortex-M35-P CPU cores – “Sneaky processors look to keep lid on sensitive IoT data”

Trend Micro: Cryptocurrency-Mining Malware Targeting IoT, Being Offered in the Underground

Sophos:

Richi Jennings for Tech Beacon: VW bugs: “Unpatchable” remote code pwnage – “Two security researchers have excoriated Volkswagen Group for selling insecure cars. As in: hackable-over-the-internet insecure.”

Updates to Specific Ransomware Families and Types

Paul Ducklin for Sophos: “SamSam” ransomware – a mean old dog with a nasty new trick

David Harley

Advertisements

Backup and Ransomware – a Contender?

Backup is a critical component of any realistic strategy for countering ransomware.

I’ve been aware of Acronis in the area of backup software for some while but haven’t been familiar with their products, though I seem to remember seeing their trial versions on magazine giveaway CDs back in the days when I actually used to read ‘real’ IT magazines.

Recently I was contacted by their VP of Communications regarding their personal backup program, which apparently includes anti-ransomware and blockchain technology. Well, I can’t endorse the product because I haven’t used it, and I don’t do reviews. Well, not of other security-related products: that would be rather flaky ethically, since much of my income currently comes from providing services to a specific security company. (So if you’re one of the many people who’ve wanted me to tell them which anti-malware product they should buy, that’s why I’ve generally politely declined, in case I didn’t say so at the time.)

But I don’t see any harm in noting it as a possible layer of defence.

Acronis Active Protection  is claimed to ‘Ensure[s] constant data availability even when faced with a ransomware attack.’ As described here, it seems to use techniques not unlike those used by some mainstream anti-malware products* to detect a ransomware attack in process generically and in real time, and take appropriate countermeasures. I can’t, of course, say how effective those measures are, and I’m not going to take Acronis’s claim that it ‘solves…the nightmare’ without a large dollop of salt. However, the product isn’t pitched as replacing other security products, and the press release suggests better understanding of the nature of the ransomware problem than some other backup solution PR I’ve seen. So while I can’t make a recommendation as such, Acronis may indeed be worth looking more closely at if you’re not sure what to do about your backup strategy as one of your concerns about ransomware.

And if you’re not thinking about backup, you don’t understand the ransomware problem.

*However, the site does claim that Active Protection ‘doesn’t conflict with antivirus software and Windows Defender.’

David Harley