Endpoint Protection

 View Only

  • 1.  New article: CTB-Locker and other forms of Crypto malware

    Posted Jan 21, 2015 04:57 AM

    Please read the following article about a new wave of Cryptolockers currently in the wild (Trojan.Cryptolocker.G and Trojan.Cryptolocker.E especially).  This article includes a tip on how to use SEP's ADC component to increase your security.

     

    Support Perspective: CTB-Locker and other forms of Crypto malware
    https://www-secure.symantec.com/connect/blogs/support-perspective-ctb-locker-and-other-forms-crypto-malware

     

    I also recommend ensuring that mail servers are using the latest definitions.  It would be a good idea to apply Rapid Release defs to SMSMSE and other products protecting mail servers a couple times per day.  This will improve detection of the very latest Downloaders (usually Downloader.Ponik) that are used to deliver the ultimate cryptolocking payload.

    Virus Definition Update Methods Available for Symantec Mail Security for Microsoft Exchange (SMSMSE)
     http://www.symantec.com/docs/TECH131756

     

    Many thanks!

    Mick

     



  • 2.  RE: New article: CTB-Locker and other forms of Crypto malware

    Posted Jan 29, 2015 05:13 AM

    Just a quick update: in recent days we have seen the malicious .scr file arrive inside of a .cab file.  This is a container less commonly used than .zip and other compression formats.  Please alert end users to treat any unexpected .cab attachments with caution!  As ever, please do submit the malicious samples to Security Response for analysis.

    Many thanks,

    Mick