Category: События_en

Cyberpolice informs about the spread of a new virus

Ukrainian cyberpolice recorded cases of the spread of a new virus disguised as a message from state institutions. Malicious software is aimed at users who are private notaries of Ukraine, and work on PCs running MS Windows.

For the transfer of malicious software offenders used postal services of Ukrainian companies www.ukr.net and www.i.ua. The message with harmful applications came allegedly on behalf of government agencies, including courts of various instances. To infect users’ computers, attackers used several types of viruses that have similar functionality. At the same time, various methods of their distribution were used, for example, users received archive files that externally looked like PDF files, reports the Department of Cyber ​​Police.

The criminals even falsified the contents of these files – outwardly they looked like a scanned document created on behalf of a state institution. In other cases, the spread of the virus occurred with the help of documents of the DOCX format with an embedded malicious “OLE” object. After the user opened the document, the malicious software was launched and an entry was automatically added to the registry of the operating system for its automatic loading.

During the in-depth analysis, the cyber police experts installed: each time the virus was launched from the system disk folder by the link: \ ProgramData \ Microtik \ winserv.exe. After that, the malicious software went into a hidden connection standby mode and provided full access to the victim’s computer resources.

According to the analysis, this virus is a modified version of TektonIT’s legal RMS software (RMS is a professional computer remote control product)

The Department of Cyber ​​Police, in order to avoid infecting their computers, advises users to adhere to the following tips:

First, in no case do not open letters from dubious recipients with dubious content. Before opening it is better to receive confirmation from the sender of such a letter by other possible means of communication.

Second, install licensed operating system software and use anti-virus software.

Third, systematically update the operating system and software products.

Fourth, do not allow access by unauthorized persons to the personal computer.

Also, users can independently prevent the automatic launch of such a virus, for which the following steps should be performed:

• Start the registry editor (to do this, press the “Start” key and enter the “regedit” entry for the search);

• Locate the following registry branch – HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run

• Personally delete the found entry with the following content – “Microtik”

• On the system disk of the operating system, delete the folder -: \ ProgramData \ Microtik

• Restart computer

Leading global information security companies such as Trend Micro and F-Secure always recommend users to be careful with open links and attachments, as well as with the files you install on your computer. It is worth remembering that the majority of viruses, phishing and malware come to corporate networks via mail or a web browser, so you should carefully pay attention to which links you click and download on your PC. The presence of anti-virus, anti-spam solutions significantly minimizes the risk of “catching” the virus in corporate networks. That is why solutions (antiviruses, antispam) for safe work with PC from Trend Micro and F-Secure help to level the threat of virus penetration on PCs, experts of AXOFT recommend.

More information about Trend Micro and F-Secure software solutions can be obtained from AXOFT managers by phone at +38 044 201 03 03 or by e-mail: axoft@axoft.ua

Trend Micro started selling Apex One launched and technical support in Ukraine

Trend Micro, the global leader in cybersecurity solutions, announced the official launch of its Trend Micro Apex One™ endpoint security product. The product redefines endpoint security with a wide range of capabilities, delivered as a single agent, with SaaS consistency and local deployments. This simplified offering improves automatic detection and response and provides effective information that increases customer safety and offers channel growth opportunities.

Apex One Solution Overview ↵

Apex One is an evolutionary solution (renamed from OfficeScan) provides three key points: automatic detection and response, insight and research, and the all-in-one ability to simplify deployment.

Test version of Apex One ↵

Also, the other day Trend Micro announced the expansion of technical support for Russian-speaking corporate users of its software products. Now, technical support of Trend Micro software solutions is provided in a number of CIS countries (including Belarus, Kazakhstan, Russia, Moldova and Ukraine) and Georgia.

For assistance in Ukraine, you can call the toll-free phone number: +380-44-392-13-97 or promptly make a request on the technical support page: https://trendmicro.alp.ru

About the company: Trend Micro, a Japanese company founded in 1988, creates innovative information security solutions that allow enterprises and individual users to securely share digital data. With more than 25 years of experience in the field of security, the company is a recognized leader in the market for the protection of servers, “cloud” security systems and small businesses.

For questions regarding the purchase of Trend Micro solutions, you can contact AXOFT Ukraine sales and development department by calling +38 044 201 03 03 or by e-mail: sales@axoft.ua

F-Secure introduced a new endpoint protection solution Rapid Detection & Response

Solutions and prevention of endpoint protection are very effective when it comes to combating cyber threats, such as malware. F-Secure and its managed service providers now provide businesses with even better weapons with the new F-Secure Rapid Detection & Response and its innovative features, including Broad Context Detection ™ and Elevate to F-Secure.

F-Secure Rapid Detection & Response, available through F-Secure’s global partner network, is an industry-leading end-point detection and response (EDR) solution that monitors organizations ’IT environments and their security status to detect suspicious behavior, says company message.

It provides contextual visibility for the automatic identification and visualization of advanced threats by combining light endpoint sensors with advanced data analysis, artificial intelligence and machine learning capabilities.

The solution, developed by an experienced threat search team, allows you to use your own IT team or a local, managed and certified service provider supported by F-Secure experts to protect your organization from advanced threats.

Broad Context Detection ™ narrows data and differentiates patterns of malicious behavior from regular user behavior to quickly identify real attacks, which significantly reduces the number of alerts that IT staff must pay attention to.

According to an EMA study, 79% of security personnel are overwhelmed with a large number of warnings about threats, and they are forced to send out most of the alerts that are triggered daily every day, without attention. Verizon’s data breach report in 2018 Verizon reveals that 68% of violations take months or more to detect, and overloading security warnings, including false alarms, can tire on company IT personnel with constant alarms.

“F-Secure Rapid Detection & Response quickly detects targeted attacks and allows you to effectively respond to incidents with built-in automation to stop attacks when they occur,” explains Jyrki Tulokas, vice president of products and services, Cyber ​​Security in F-Secure.

However, some detections may require more in-depth threat analysis and guidance from specialized cybersecurity experts. F-Secure’s rapid detection and response has been enhanced with the ability to send tough incidents to threat hunters.

This service is activated by selecting the F-Secure “Promote” feature on demand. It employs cybersecurity experts from the F-Secure 24/7 monitoring and response team. It has now become available as an on-demand promotion service to provide expert advice on how to deter and eliminate targeted attacks.

“In this unique service, F-Secure cybersecurity security experts analyze methods and technologies, network routes, traffic origins and time frames when an attack is detected,” says Tulokas. “This means that companies can now be confident that the required skills and resources will respond to even the toughest targeted attacks.”

F-Secure’s unified endpoint protection, detection, and intelligent response are cloudy managed and provide one client for Windows and MacOS. It also works in conjunction with other endpoint security vendor software.

Detailed review of Rapid Detection & Response ↵

SolarWinds bought 8MAN, access rights management platform

SolarWinds acquired acquired German company 8MAN, an access rights management platform (ARM), which expands MSP’s software security and IT management portfolio.

8MAN was renamed SolarWinds ARM and immediately available to SolarWinds MSP partners and corporate IT clients. According to Jim Hansen, vice president of security products, software was particularly easy to present to SolarWinds customers, since its ease of use and ease of trial capabilities coincide with the business model of SolarWinds, the company said in a press release.

The new security software product, SolarWinds ARM, is an access rights management tool that helps IT administrators and security administrators manage user privileges, improve adherence to policies, automate the provision of users, and protect against malicious internal abuse. With automated user accessibility, policy analysis and reporting, compliance and prevention reports, and increased productivity and processes, SolarWinds is committed to making life easier for IT and security administrators. SolarWinds ARM is designed to help companies of all sizes take the first step and help them build their security knowledge.

“8MAN is pleased to be part of the SolarWinds family, and this step was part of our strategic plan, which allowed us to reach the next level of security innovation,” said Stephan Brack, CEO of 8MAN. “We have developed a solution that will help IT security professionals and security administrators improve security by managing user access, matching and automating time-consuming tasks such as user accessibility.” Their technological expertise and growing security portfolio make SolarWinds the ideal Partner solution to sell our product worldwide. ”

About the company: SolarWinds is a leading provider of powerful and affordable IT infrastructure management software. Our products provide organizations around the world, regardless of the type, size, or complexity of their IT infrastructure, with the ability to monitor and control the performance of their IT environments, whether in the field, in the cloud, or in hybrid models.

JetBrains announced the release of Kotlin version 1.3

JetBrains team announced Kotlin version 1.3 release. The developers stabilized the coroutine’s work and introduced the Kotlin / Native beta. The language is now supported by the Google Cloud Platform, the Spring framework and the Gradle system.

New in Kotlin 1.3

◊ Library release kotlinx.coroutines version 1.0 for working with coroutines.

◊Beta release of Kotlin / Native – LLVM backend for compiling the source Kotlin-code into separate binaries. The new version provides fully automated memory management and is able to interact with C, Objective-C and Swift. In addition, the Kotlin / Native runtime promotes the use of immutable data and prevents any attempts to share unprotected changeable code in threads.

◊New libraries to support multiplatform projects. In addition to kotlinx.coroutines for coroutines, the JetBrains team presented libraries for handling HTTP requests and serialization. You can create such a tool yourself by adding dependencies specific to the platform to the public API.

◊Support for innovations introduced in Kotlin 1.3 in three IDEs: IntelliJ IDEA Community Edition, IntelliJ IDEA Ultimate and Android Studio.

◊Implementation of “contracts”

◊Experimental support for inline classes and four subspecies of the unsigned integer type.

◊Ability of nested ads in annotation classes.

◊Inclusion in the standard support library Kotlin / Native and Kotlin / JS.

You can read more about Kotlin 1.3 on What’s New page on the Kotlin website. Many innovations presented by developers on KotlinConf: a playlist with performances is available on the YouTube-channel JetBrains.

The previous version, Kotlin 1.2, was released in November 2017. She suggested compiling both in JVM bytecode and in JavaScript for using the language in both the frontend and backend. In that version, the compiler was significantly optimized, the standard library was replenished with new packages, and extensions for working with sequences and collections appeared.