Category: Новости_en

Cyberpolice informs about the spread of a new virus

Ukrainian cyberpolice recorded cases of the spread of a new virus disguised as a message from state institutions. Malicious software is aimed at users who are private notaries of Ukraine, and work on PCs running MS Windows.

For the transfer of malicious software offenders used postal services of Ukrainian companies www.ukr.net and www.i.ua. The message with harmful applications came allegedly on behalf of government agencies, including courts of various instances. To infect users’ computers, attackers used several types of viruses that have similar functionality. At the same time, various methods of their distribution were used, for example, users received archive files that externally looked like PDF files, reports the Department of Cyber ​​Police.

The criminals even falsified the contents of these files – outwardly they looked like a scanned document created on behalf of a state institution. In other cases, the spread of the virus occurred with the help of documents of the DOCX format with an embedded malicious “OLE” object. After the user opened the document, the malicious software was launched and an entry was automatically added to the registry of the operating system for its automatic loading.

During the in-depth analysis, the cyber police experts installed: each time the virus was launched from the system disk folder by the link: \ ProgramData \ Microtik \ winserv.exe. After that, the malicious software went into a hidden connection standby mode and provided full access to the victim’s computer resources.

According to the analysis, this virus is a modified version of TektonIT’s legal RMS software (RMS is a professional computer remote control product)

The Department of Cyber ​​Police, in order to avoid infecting their computers, advises users to adhere to the following tips:

First, in no case do not open letters from dubious recipients with dubious content. Before opening it is better to receive confirmation from the sender of such a letter by other possible means of communication.

Second, install licensed operating system software and use anti-virus software.

Third, systematically update the operating system and software products.

Fourth, do not allow access by unauthorized persons to the personal computer.

Also, users can independently prevent the automatic launch of such a virus, for which the following steps should be performed:

• Start the registry editor (to do this, press the “Start” key and enter the “regedit” entry for the search);

• Locate the following registry branch – HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run

• Personally delete the found entry with the following content – “Microtik”

• On the system disk of the operating system, delete the folder -: \ ProgramData \ Microtik

• Restart computer

Leading global information security companies such as Trend Micro and F-Secure always recommend users to be careful with open links and attachments, as well as with the files you install on your computer. It is worth remembering that the majority of viruses, phishing and malware come to corporate networks via mail or a web browser, so you should carefully pay attention to which links you click and download on your PC. The presence of anti-virus, anti-spam solutions significantly minimizes the risk of “catching” the virus in corporate networks. That is why solutions (antiviruses, antispam) for safe work with PC from Trend Micro and F-Secure help to level the threat of virus penetration on PCs, experts of AXOFT recommend.

More information about Trend Micro and F-Secure software solutions can be obtained from AXOFT managers by phone at +38 044 201 03 03 or by e-mail: axoft@axoft.ua

Trend Micro started selling Apex One launched and technical support in Ukraine

Trend Micro, the global leader in cybersecurity solutions, announced the official launch of its Trend Micro Apex One™ endpoint security product. The product redefines endpoint security with a wide range of capabilities, delivered as a single agent, with SaaS consistency and local deployments. This simplified offering improves automatic detection and response and provides effective information that increases customer safety and offers channel growth opportunities.

Apex One Solution Overview ↵

Apex One is an evolutionary solution (renamed from OfficeScan) provides three key points: automatic detection and response, insight and research, and the all-in-one ability to simplify deployment.

Test version of Apex One ↵

Also, the other day Trend Micro announced the expansion of technical support for Russian-speaking corporate users of its software products. Now, technical support of Trend Micro software solutions is provided in a number of CIS countries (including Belarus, Kazakhstan, Russia, Moldova and Ukraine) and Georgia.

For assistance in Ukraine, you can call the toll-free phone number: +380-44-392-13-97 or promptly make a request on the technical support page: https://trendmicro.alp.ru

About the company: Trend Micro, a Japanese company founded in 1988, creates innovative information security solutions that allow enterprises and individual users to securely share digital data. With more than 25 years of experience in the field of security, the company is a recognized leader in the market for the protection of servers, “cloud” security systems and small businesses.

For questions regarding the purchase of Trend Micro solutions, you can contact AXOFT Ukraine sales and development department by calling +38 044 201 03 03 or by e-mail: sales@axoft.ua

F-Secure introduced a new endpoint protection solution Rapid Detection & Response

Solutions and prevention of endpoint protection are very effective when it comes to combating cyber threats, such as malware. F-Secure and its managed service providers now provide businesses with even better weapons with the new F-Secure Rapid Detection & Response and its innovative features, including Broad Context Detection ™ and Elevate to F-Secure.

F-Secure Rapid Detection & Response, available through F-Secure’s global partner network, is an industry-leading end-point detection and response (EDR) solution that monitors organizations ’IT environments and their security status to detect suspicious behavior, says company message.

It provides contextual visibility for the automatic identification and visualization of advanced threats by combining light endpoint sensors with advanced data analysis, artificial intelligence and machine learning capabilities.

The solution, developed by an experienced threat search team, allows you to use your own IT team or a local, managed and certified service provider supported by F-Secure experts to protect your organization from advanced threats.

Broad Context Detection ™ narrows data and differentiates patterns of malicious behavior from regular user behavior to quickly identify real attacks, which significantly reduces the number of alerts that IT staff must pay attention to.

According to an EMA study, 79% of security personnel are overwhelmed with a large number of warnings about threats, and they are forced to send out most of the alerts that are triggered daily every day, without attention. Verizon’s data breach report in 2018 Verizon reveals that 68% of violations take months or more to detect, and overloading security warnings, including false alarms, can tire on company IT personnel with constant alarms.

“F-Secure Rapid Detection & Response quickly detects targeted attacks and allows you to effectively respond to incidents with built-in automation to stop attacks when they occur,” explains Jyrki Tulokas, vice president of products and services, Cyber ​​Security in F-Secure.

However, some detections may require more in-depth threat analysis and guidance from specialized cybersecurity experts. F-Secure’s rapid detection and response has been enhanced with the ability to send tough incidents to threat hunters.

This service is activated by selecting the F-Secure “Promote” feature on demand. It employs cybersecurity experts from the F-Secure 24/7 monitoring and response team. It has now become available as an on-demand promotion service to provide expert advice on how to deter and eliminate targeted attacks.

“In this unique service, F-Secure cybersecurity security experts analyze methods and technologies, network routes, traffic origins and time frames when an attack is detected,” says Tulokas. “This means that companies can now be confident that the required skills and resources will respond to even the toughest targeted attacks.”

F-Secure’s unified endpoint protection, detection, and intelligent response are cloudy managed and provide one client for Windows and MacOS. It also works in conjunction with other endpoint security vendor software.

Detailed review of Rapid Detection & Response ↵

SolarWinds bought 8MAN, access rights management platform

SolarWinds acquired acquired German company 8MAN, an access rights management platform (ARM), which expands MSP’s software security and IT management portfolio.

8MAN was renamed SolarWinds ARM and immediately available to SolarWinds MSP partners and corporate IT clients. According to Jim Hansen, vice president of security products, software was particularly easy to present to SolarWinds customers, since its ease of use and ease of trial capabilities coincide with the business model of SolarWinds, the company said in a press release.

The new security software product, SolarWinds ARM, is an access rights management tool that helps IT administrators and security administrators manage user privileges, improve adherence to policies, automate the provision of users, and protect against malicious internal abuse. With automated user accessibility, policy analysis and reporting, compliance and prevention reports, and increased productivity and processes, SolarWinds is committed to making life easier for IT and security administrators. SolarWinds ARM is designed to help companies of all sizes take the first step and help them build their security knowledge.

“8MAN is pleased to be part of the SolarWinds family, and this step was part of our strategic plan, which allowed us to reach the next level of security innovation,” said Stephan Brack, CEO of 8MAN. “We have developed a solution that will help IT security professionals and security administrators improve security by managing user access, matching and automating time-consuming tasks such as user accessibility.” Their technological expertise and growing security portfolio make SolarWinds the ideal Partner solution to sell our product worldwide. ”

About the company: SolarWinds is a leading provider of powerful and affordable IT infrastructure management software. Our products provide organizations around the world, regardless of the type, size, or complexity of their IT infrastructure, with the ability to monitor and control the performance of their IT environments, whether in the field, in the cloud, or in hybrid models.

JetBrains announced the release of Kotlin version 1.3

JetBrains team announced Kotlin version 1.3 release. The developers stabilized the coroutine’s work and introduced the Kotlin / Native beta. The language is now supported by the Google Cloud Platform, the Spring framework and the Gradle system.

New in Kotlin 1.3

◊ Library release kotlinx.coroutines version 1.0 for working with coroutines.

◊Beta release of Kotlin / Native – LLVM backend for compiling the source Kotlin-code into separate binaries. The new version provides fully automated memory management and is able to interact with C, Objective-C and Swift. In addition, the Kotlin / Native runtime promotes the use of immutable data and prevents any attempts to share unprotected changeable code in threads.

◊New libraries to support multiplatform projects. In addition to kotlinx.coroutines for coroutines, the JetBrains team presented libraries for handling HTTP requests and serialization. You can create such a tool yourself by adding dependencies specific to the platform to the public API.

◊Support for innovations introduced in Kotlin 1.3 in three IDEs: IntelliJ IDEA Community Edition, IntelliJ IDEA Ultimate and Android Studio.

◊Implementation of “contracts”

◊Experimental support for inline classes and four subspecies of the unsigned integer type.

◊Ability of nested ads in annotation classes.

◊Inclusion in the standard support library Kotlin / Native and Kotlin / JS.

You can read more about Kotlin 1.3 on What’s New page on the Kotlin website. Many innovations presented by developers on KotlinConf: a playlist with performances is available on the YouTube-channel JetBrains.

The previous version, Kotlin 1.2, was released in November 2017. She suggested compiling both in JVM bytecode and in JavaScript for using the language in both the frontend and backend. In that version, the compiler was significantly optimized, the standard library was replenished with new packages, and extensions for working with sequences and collections appeared.

ManageEngine Strengthens Unified Endpoint Management with Voice Commands and Geo-Fencing

ManageEngine, the real-time IT management company, today announced the launch of voice assistant and geo-fencing features for Desktop Central, its unified endpoint security and management solution. Available immediately, the latest version of Desktop Central allows IT teams to manage endpoints via voice commands from the solution’s mobile app. This version includes a geo-fencing feature that closes IT security gaps by enforcing location-specific IT policies on mobile devices.

ManageEngine employs artificial intelligence (AI) in Desktop Central’s new virtual assistant, which comes integrated with its mobile app for Android devices. With the AI-powered virtual assistant, IT teams can perform complex tasks – such as scanning, detecting and deploying missing patches; performing asset scans; uninstalling software; blocking unauthenticated executables; prohibiting software; establishing remote connections; and shutting down and waking up computers – with a few quick voice commands. To further streamline endpoint management, Desktop Central adds geo-fencing capabilities that provide IT teams with location-specific security commands.

“Endpoint management is critical to IT security because most security breaches originate from the endpoints,” said Mathivanan Venkatachalam, vice president at ManageEngine. “IT teams today spend a lot of time on redundant tasks, with one or more tools. Infusing AI, we could automate most of the complex endpoint management tasks using simple voice commands, saving a lot of time. Also, features like geo-fencing and remote OS deployment will reduce IT time and efforts as well as increase productivity.”

Highlights of the New Desktop Central

Virtual Assistant

Administrators can use voice commands on Desktop Central’s mobile app for Android devices to perform the following operations:

• Patch Management: Scan a network for patches, detect and deploy missing patches, and ask for details on which computers in the network are vulnerable.
• Software Deployment: Uninstall software, prohibit or block non-productive software and applications, apply licenses, and more.
• IT Asset Management: Ask for hardware and software details of network computers as well as check license compliance status.
• Remote Control: Initiate remote connections to a machine by saying its name.
• Tools: Remotely wake up and shut down computers.

Geo-Fencing

The new geo-fencing will help IT teams automate IT security policies on a device based on its location, including locking it or completely wiping corporate data from the device if it leaves the established geographical range.

Remote Office OS Deployment

OS deployment to remote computers, being the most challenging and time-consuming task, is now made easy with the newest version of Desktop Central. Deploying OS images to a computer anywhere in the world at any time with a few simple clicks allows IT teams to master onboarding activities.

Pricing and Availability

Desktop Central is priced device per year and available for download at site. A fully functional, 30-day trial version is also available for download. Desktop Central can be installed on-premises or hosted on various cloud platforms and has a fully-functional free edition that can manage up to 50 endpoints.

About Desktop Central

Desktop Central is a unified endpoint management solution that helps in managing thousands of servers, desktops and mobile devices from a central location. It automates the complete desktop and mobile device management life cycle, ranging from a simple system configuration to complex software deployment. Used by more than 6,500 customers around the globe, it helps businesses cut costs on IT infrastructure, achieve operational efficiency, improve productivity, and combat network vulnerabilities.

Desktop Central Solution Overview ↵

Trend Micro announced the improvement of the level of protection workstations

Trend Micro Incorporated, a global leader in cybersecurity solutions, has announced improvements to its offer to secure workstations. The product, which has undergone rebranding and has received the name Trend Micro Apex One™, sets a new level of security for workstations thanks to a wide range of new features available through a single software agent, managed from a local area network or within the SaaS infrastructure. The new offer from the company offers a simple way to significantly increase the effectiveness of automatic detection and response to complex threats, as well as provides up-to-date information on the state of protection, providing the maximum level of security for customers, the company said in a press release.

Information security professionals are increasingly overworked with the products that are required to protect endpoints. Increasing the number of alerts from security systems and logs that you want to monitor creates obstacles to respond promptly to advanced threats.

«The latest version of our program includes improvements that help solve the most common end-point security issues in the industry today, “says Kevin Simzer, executive director of Trend Micro. “Despite the claims of some so-called” next-generation vendors “, effective protection requires several levels of protection, which is a fundamental element of our strategy. Apex One ™ is a good choice for companies seeking to crowd out traditional anti-virus or looking for next-generation solutions».

Trend Micro Apex One™ offers customers the following three key features:

• Automatic detection and response:

Apex One ™ is based on XGen ™ security technology, a combination of multi-generation protection features and intelligent use of the right technology at the right time. Thanks to the Zero Day Initiative, under the auspices of Trend Micro, the product provides the most operational in the industry virtual patches for vulnerabilities, as well as protection technologies against the latest threats and complex attacks, such as non-file malicious code.

• Provision of up-to-date information:

Apex One ™ offers significantly enhanced Detection and Response (EDR) capabilities on workstations. Additionally, the Trend Micro Remote Detection and Response Service (MDR) is offered, providing expert support teams with threat control and monitoring alerts.

• Complexity of the solution:

Apex One ™ offers the widest industry-wide range of features offered through a single software agent, while many vendors still offer two or more programs. In particular, this is a multifunctional EDR Apex One ™ system that includes automated detection and response tools that simplify deployment processes and eliminate blind areas.

«Currently, decision-makers in the field of information technology can be confused with the emerging noise in the cybersecurity market. As for the safety of the workstations, I urge you to focus on actual performance, security enhancements, and flexibility of each solution being considered”, said Doug Cahill, senior cyber security analyst and ESG director. “Offering Auto Detection and Threat Investigation (EDR) capabilities in one agent, capable of providing all necessary protection promptly, Trend Micro offers the most up-to-date approach to endpoint protection.».

«In our work, we are faced with constant security challenges that require protection from growing threats, such as non-file malware and extortion programs, as well as compliance with security standards,” said Tim Masey, Carhartt Cybersecurity Director . “Currently, Trend Micro provides us with an effective endpoint security system, and we place high hopes on the advanced capabilities of Apex One™».

The form factor of the product, available from November 2018, as a single software agent, simplifies the deployment process at the same time and at the same time meets the most up-to-date security requirements. Apex One ™ is a substantially enhanced version of an existing Trend Micro OfficeScan product; Current OfficeScan users will receive Apex One ™ as a regular update without additional surcharges; Some features, such as the EDR investigation function, will require the purchase of an additional license.

Overview of the Apex One solution ↵

F-Secure joins forces with Zyxel to protect home networks

The offer for Internet service providers will include routers that provide fast connectivity and security to all user devices, such as laptops, tablets, smartphones, and even smart washing machines or refrigerators.

As part of the company’s collaboration, Zyxel network gateways are equipped with F-Secure Connected Home Security technology. The solution uses the F-Secure Security Cloud service and new ways to combat cyber threats thanks to artificial intelligence. The combination of these elements provides adequate protection against malicious software. The user will also be able to use the privacy protection function or parental controls, says the F-Secure press release .

According to Allen Lin, vice president of the Zyxel Broadband EMEA Business Unit:

“The popularity of Internet of Things (IoT) devices is growing, and they need to be properly maintained. That is why, together with F-Secure, we have developed a solution that protects all devices in the home network that Internet providers can now offer to their users.”

It is predicted that by 2021, up to 25 billion devices that connect to the Internet will be connected in the world, and, unfortunately, they are not always created to ensure the safety of users. In this case, routers are another “door” in our homes that also needs to be secured. F-Secure cooperates with more than 200 operators around the world and believes that the new solution will better protect users who use their services.

Zyxel has been a global network solutions provider operating in 150 markets for almost 30 years. Currently, 100 million of the company’s devices are used by operators, businesses and private users. The companies will present a new solution at the World Broadband Forum in Berlin, which will be held from October 23-25, 2018.

F-Secure Solution Overview

SolarWinds released Database Performance Analyzer 12

SolarWinds, a leading provider of powerful and affordable IT management software, today announced the launch of SolarWinds® Database Performance Analyzer (DPA) 12.0, powerful database and query performance monitoring, analysis and customization tool built for many popular, popular databases. The latest enhancements are designed to help database professionals quickly identify and determine the root cause of slow database queries, and easily optimize database tables to ensure the speed of business critical applications that rely on them.

The SolarWinds database performance analyzer is designed to provide high visibility to the performance of databases in hybrid environments – in the field, virtualized and in the cloud. The SolarWinds DPA provides effective information for database professionals with two completely new features: Table Tuning Advisor and Query Performance Analyzer.

The Query Performance Analyzer can help users determine the root cause of slow SQL queries. Detailed query profile data is intelligently displayed in a single view, which reduces the time spent searching for sources and correlating information.

“The table tuning advisor answers about 99% of what I want to know,” said Dale Fanning, director of database development and systems development, Regent University. “I think that he provides all the data necessary to make a decision about setting.”

The table tuning advisor is designed to proactively address one of the most difficult aspects of database management: indexing. The SolarWinds Advisor, DPA Table Tuning Advisor, helps identify and test index capabilities by tracking workload patterns and then advising users where a new index can help optimize inefficiencies.

“Databases are on the verge of application performance, and a slow database often leads to a slow application,” said Christoph Pfister, executive vice president of SolarWinds products. “Solving application performance issues without deep understanding of the database is a challenge at best. SolarWinds DPA 12.0 can help database professionals quickly solve performance problems with these new features that are designed to pinpoint where to focus on customization and indexing efforts to optimize the performance of their environment and reduce manual processes.”

The SolarWinds DPA is designed to provide seamless integration with SolarWinds network and system tools, including Network Performance Monitor (NPM) and Server & Application Monitor (SAM). Integration with features such as the SolarWinds® PerfStack™ toolbar is built to provide additional support for lock analysis that can help users find out where the lock-in incident occurred and the overall impact of this action, guided by information on future troubleshooting strategies.

SolarWinds DPA can be deployed on Windows or Linux, and it controls physical and virtual databases located on the background or in the cloud, including Microsoft® SQL Server®, Oracle®, MySQL®, MariaDB®, IBM® DB2® for Linux, UNIX® and for Windows (LUW), SAP® Adaptive Server Enterprise (ASE) SAP, as well as platform-like service (PaaS) databases, including Microsoft Azure® DB, Amazon® RDS and Aurora.

Detailed Review and System Requirements Database Performance Analyzer