Cerber Ransomware

The well known Cerber ransomware continues to be active this summer. The size of the cryptolocker varies between 244 to 292 Kbytes, with the new builds spreading via spear phishing email campaigns, targeting enterprises. The latest Cerber ransomware easily bypasses traditional defenses. The analyzed Cerber sample (MD5: cfd2d6f189b04d42618007fc9c540352) was only detected as a suspicious malicious object by nine out of 64 antiviruses on the first submission to Virustotal. The low detection rate can be explained by the fact that the cryptolocker is using a polymorphic encryptor and API call obfuscation to protect its copies from being detected by antiviruses.

 

Toro Rosso Access Advanced

Formula 1 teams share large amounts of data between racing locations, home base, and partners. Scuderia Toro Rosso is no exception. With a small army of trackside engineers and hundreds of devices following the racing calendar around the globe, the data flow never stops.

Some data, like telemetry, pumps through the standard channels for a live feed at the factory. Other information, race-specific calculations and sensitive data, may fall outside of the always-on telemetry stream and require extra attention. While there’s always been sufficient security in place, secure data exchange required manual setup, which prompted Scuderia Toro Rosso to deploy Acronis Access Advanced to streamline the process.

Patya Wiper

Remember that fast-moving cyberattack that slashed its way across the globe in late June? Turns out it wasn’t really ransomware but an even more malicious piece of malware called a “wiper” that left victims with no hope of getting back their data.  

A new ransomware variant avoided detection by being spread through a spear phishing email campaign as an obfuscated PowerShell script. Many traditional anti-malware solutions are not ready for the next generation of ransomware attacks. Acronis, however, has been very successful.

File Manager in True Image’s WinPE Recovery Media

a43 file manager

When it comes to running and restoring your system, the more control and customization you have the better. Yet it seems that in their efforts to make computers less prone to user error, the default options for managing files have become a bit watered down.

But did you know that Acronis True Image’s WinPE bootable recovery media contains a very useful file manager that can help you retain control? Here’s how you can access it.

Move Data from Android to iPhone

If you need to transfer data from one smartphone to another, try Acronis True Image. Just install, run a backup on one device and restore it on the other. The entire process is transparent and you’ll even be able to select what photos, videos (and other data) to restore. There are no surprises and you’ll see exactly what happens during this process.

Protect from Industroyer

If you are interested in cybersecurity, you may remember Stuxnet, an infamous worm which stopped uranium enrichment plants in Iran back in 2010. It’s no longer a secret that it was an Israeli-American cyberweapon. Since that time there were a lot of cases where critical infrastructure was attacked without any political motivation. One recent case is Industroyer — a mix of cyber weapon and ransomware-like products. We were contacted by our big OEM partners running process control systems who asked about this threat, wondering if our newest anti-ransomware technology, namely Acronis Active Protection™ could help. And guess what? Acronis Active Protection does help!

Acronis Universal Restore

Nobody likes change. But while changing hardware can be a challenge, Acronis Universal Restore makes it simple.

That’s because when it comes to moving an existing Windows system to a new computer, Acronis Universal Restore is the tool you need. Windows systems may not boot properly when loaded on a new computer with dissimilar hardware, but Universal Restore solves that problem and makes booting the system in the new hardware environment seamless.

Petya Ransomware

The new Petya-like ransomware just served a big blow to hundreds of banks, corporations, government organizations, post offices and shopping outlets around the world, spreading like fire, taking advantage of the EternalBlue exploit used by WannaCry ransomware only a few weeks before.

Petya, Petrwrap, EternalPetya — while the world is still deciding what to call this damaging ransomware worm, let’s pull it apart and see what it’s made of.

Petya Ransomware

Another fast-moving ransomware attack is tearing across the globe, striking a number of high-profile businesses, transportation networks, public utilities and government agencies in Europe and the United States.

The attack was initially focused in Ukraine and Russia. The National Bank of Ukraine saw ATMs across the country go down, and systems monitoring radiation at the former Chernobyl nuclear power plant were also affected. Russia’s largest oil company, Rosneft, was also hit.

Within hours the ransomware had spread in a manner reminiscent of last month’s WannaCry attack, victimizing the Copenhagen-based A.P. Moller-Maersk, the world’s largest container shipping company, and WPP in London, the world’s largest advertising agency, as well as entities in France and Spain.

It eventually hopped the Atlantic and landed in the United States.