Category Archives: Antivirus Vendors

Antivirus Vendors

Panda Security

TrickBot, new spam campaign against companies

attack panda security

On November the 2nd we witnessed a new spam campaign delivering emails each with a Word document attachment targeting UK companies. Each email message had the subject “Companies House – new company complaint” and the Word document attachment was titled “Complaint.doc”. When users open the document, this is what they see:

windows trickbot

How TrickBot works?

If the user follows the instructions given, the macro in the document will be executed. It will download a file called dododocdoc.exe which will be saved in %temp% as sweezy.exe and then executed. This file is a variant of the TrickBot malware family. Once executed it will install itself in the computer and will inject a dll into the system process svchost.exe. From there it will connect to the command and control server.

This has not been a massive campaign, but it has been targeted to UK companies – we’ve just seen a few hundred e-mails to our clients, and all of them were protected proactively without needing any signature or update. However taking a look at the potential victims, all of the emails were to companies, no home users were targeted, and it turns out that most of them were to businesses in the UK. There were 7 cases in Spain, and one in Belgium, Ireland and Thailand. The campaign was short, the first case happened at 10:55am and the last one at 12:11pm (GMT).

The macro uses PowerShell to execute the malware, which is a common technique that is becoming more and more popular recently, being used in ransomware attacks or even to infect Point of Sale terminals.

From Panda Security we recommend that businesses ensure all software is updated, have a reputable security solution in place  and hold regular staff security awareness training.

The post TrickBot, new spam campaign against companies appeared first on Panda Security Mediacenter.

Avast

Investigation of regular high load on unused machines every 7 hours

We recently decided to make our DNS infrastructure inside each of our core data centers more robust and therefore installed three virtual servers on three different hypervisors to function as DC-local recursive DNS servers. We chose an unbound DNS recursive resolver for this task, as we had positive experience with it from the past and we already had collectd scripts for its performance monitoring, as well as the necessary puppet modules.

Avast

Five ways to speed up your slow PC

nitro-AV-Comparatives-test-oct2016.jpg

When you turn on your computer in the morning, do you have enough time to brew a cup of coffee while it starts up? Is your PC so tired that you can take a walk around the block waiting for a program to open? If your machine seems like it’s on life support, there are a few things you can do to help put some pep back in its processors.

Panda Security

Microsoft and Apple unveil new computers with improved security features

apple microsoft security

In events that took place on consecutive days, the two tech giants presented last week their new ‘weapons’ in the fight for computer supremacy. Whereas Microsoft has decided to go for more pricey, sophisticated and innovative computers, Apple has decided to stay with what the company knows works well and has limited itself to introducing some improvements in its acclaimed laptop computers.

The Redmond company has taken everyone by surprise by rolling out an ‘all-in-one’ device, Microsoft Studio, aimed at knocking the iMac off its perch as the favorite tool among creative pros. The new computer is one part PC, one part graphics tablet. It can be folded, allowing artists and designers to use it in a similar way to a tablet, while offering at the same time an extremely powerful computer very reminiscent of Apple’s iMac for all kinds of professionals.

Additionally, the company founded by Bill Gates has upgraded its Surface Book tablet and presented the new update of its Windows 10 operating system: Windows Creators Update. This new version is stuffed with new features, including the first revision in a long time of its security tool Windows Defender.

The program ditches its classic look and feel in favor of a more Windows 10-style appearance, with a responsive interface adapted to touch screens. It also looks like Windows Defender will be integrated with other tools, like Windows Firewall or Family Safety, allowing for central management of all security aspects of Microsoft’s operating system.

As for Apple, the new MacBook Pro features some significant enhancements with regards to security. First, it incorporates Touch ID for the first time ever. Touch ID, already present in the company’s iPhones, is a fingerprint scanner which, despite posing certain security risks, introduces a new mechanism to verify a user’s identity on Apple’s computers beyond traditional passwords.

This biometric security system will be integrated into Apple’s laptops through the new Touch Bar, a multi-touch strip located above the keyboard and which displays contextual menus and allows for different actions depending on the program you are using. With the Touch Bar, for example, you will be able to do something as simple as paying for an online purchase just by placing your finger on the small display.

If this were not enough, the new MacBook Pro comes equipped with a secondary processor that will perform all security-related tasks, including managing Touch ID and the new Touch Bar. This secondary processor includes what is called ‘Secure Enclave’ technology, specifically designed to manage personal and confidential data most securely.

 

The post Microsoft and Apple unveil new computers with improved security features appeared first on Panda Security Mediacenter.