Spora ransomware has been active since the beginning of this year. Typically, it is distributed through spear phishing and watering hole attacks, but the recently discovered variant spreads through the HoeflerText pop-ups on infected websites in EITest campaigns.

Even though Spora ransomware is not new, the latest modification, when it was first discovered, was only blocked by a limited number of anti-malware programs. This could be due to the fact that the new build is using the polymorphic encryptor to create new copies of itself for further spreading and extra code obfuscation. It also has a slightly changed payload.

Whenever there’s a large-scale ransomware attack like WannaCry and EternalPetya, the number of infected computers reported by the media can be overwhelming.  It’s easy to forget there are thousands of individuals who need to rebuild their digital lives in the aftermath.  

But hearing customers talk about how Acronis saved their data is a great reminder that our solutions help real people every day. Take yesterday’s email titled “How Acronis True Image 2017 NG proved to be a lifeguard.”

The well known Cerber ransomware continues to be active this summer. The size of the cryptolocker varies between 244 to 292 Kbytes, with the new builds spreading via spear phishing email campaigns, targeting enterprises. The latest Cerber ransomware easily bypasses traditional defenses. The analyzed Cerber sample (MD5: cfd2d6f189b04d42618007fc9c540352) was only detected as a suspicious malicious object by nine out of 64 antiviruses on the first submission to Virustotal. The low detection rate can be explained by the fact that the cryptolocker is using a polymorphic encryptor and API call obfuscation to protect its copies from being detected by antiviruses.

Formula 1 teams share large amounts of data between racing locations, home base, and partners. Scuderia Toro Rosso is no exception. With a small army of trackside engineers and hundreds of devices following the racing calendar around the globe, the data flow never stops.

Some data, like telemetry, pumps through the standard channels for a live feed at the factory. Other information, race-specific calculations and sensitive data, may fall outside of the always-on telemetry stream and require extra attention. While there’s always been sufficient security in place, secure data exchange required manual setup, which prompted Scuderia Toro Rosso to deploy Acronis Access Advanced to streamline the process.