Firewall Firm is a Managed Cyber Security Company in India
Home » Tag: Sophos XG

Tag Archives: Sophos XG

Home » Tag: Sophos XG

New JobCrypter ransomware variant captures screenshots of infected devices

Security researchers have discovered a new variant of the two-year-old JobCrypter ransomware that now features an additional encryption layer and a much longer decryption key, making it more powerful and difficult to evade compared to its earlier variants.

While analysing the ransomware, researchers at Trend Micro also observed that it features the ability to send a screenshot of a targeted device to an email address via SMTP and can even change the wallpaper of infected devices to include a ransom note as well as a display box containing details of ransom demands and instructions.

“Once it finds a file, it encodes all the file’s content to Base64 and encrypts the encoded content with Triple DES algorithm, and then encodes the encrypted file again to Base64. It also prepends the ransom note with the encrypted file instead of dropping another file in the system as most ransomware routines do before it finally deletes the original file in the drive.

“The ransom note demands a payment of €1,000 within 24 hours to get the decrypter. The key is made of 67 digits of random numbers between 0 to 9 – found in the registry and body of the sent email – but is deleted by the malware itself during encryption of the files,” they noted in a blog post detailing the ransomware’s traits.

Commenting on the discovery of JobCrypter’s new and more powerful variant, Roy Rashti, cyber-security expert at BitDam, told SC Magazine UK that the earlier variant of JobCrypter wasn’t among the most potent ones of its time as it decrypted files with a relatively weak 20-character decimal key which made it conducive to brute-force attack methods.

The original ransomware also displayed several predictable behaviours which made it easy for security professionals to assess the source of the random function which, in turn, made it possible to discover the encryption key in about 10 seconds.

“In the new version, the attackers have significantly improved the encryption method using the Triple DES algorithm and longer keys,” Rashti added.

Despite such improvements, the new JobCrypter variant does have an Achilles heel after all. According to researchers at Trend Micro, the 67-digit decryption key required by victims to recover their files is initially stored in the registry and body of the sent email before it is deleted by the malware itself during encryption of the files.

“Since the key used in encrypting the files was in the system prior to deletion, decryption is possible. Experienced cybersecurity practitioners will notice and know that while the routine is unconventional, the ransom note always ends in “;” and is prepended before the encrypted file content, making it possible to recover important data files,” they added.

Rashti added that there are more tell-tale signs of the presence of the ransomware before it starts encrypting files stored in targeted devices. The ransomware is usually stored in zip files or business folders that serve as attachments to phishing or spam emails sent to targeted individuals or businesses.

By deploying advanced threat protection solutions that can detect sophisticated threats as well as a reputed endpoint solution, victims of ransomware attacks can prevent their devices from getting infected by the new variant. Considering that the ransomware initially stays dormant and only registers itself to run after a reboot, targeted businesses and individuals will need to be alert at all times to spot/preempt its arrival.   

According to Martin Jartelius, CSO at Outpost24, a simple and easy ways to decrease impact is to ensure that users have write access only where needed, that local users are not administrators on their devices and that the system does not execute software from the temporary internet files or temporary email file folders.

“The most important steps users can take is ensuring that their systems are up-to-date, and they have endpoint protection software with the latest definitions installed. AV vendors and independent researchers are constantly finding and reporting new strains of malware, and it’s critical to stay on top of updates to ensure you remain protected from emerging threats. It is also important to take regular, full backups to ensure your data is protected in case of disaster,” says Ben Schmidt, CSO at PolySwarm.

Best Enterprise Firewall 2018

Best Enterprise Firewall 2018

Best Enterprise Firewall 2018
Fortinet FortiGate
Cisco ASA
Sophos UTM
pfSense
Meraki MX Firewalls
Sophos Cyberoam UTM
WatchGuard XTM
Juniper SRX
SonicWall TZ
SonicWall NSA
Barracuda NextGen Firewall
Sophos XG
FortiGate-VM
Cisco Firepower NGFW
Zscaler Web Security
Cisco Sourcefire Firewalls
Check Point UTM-1
Check Point VSX
Kerio Control
Untangle NG Firewall
Palo Alto Networks VM-Series
Cisco ASAv
Check Point Next Generation Firewall
Cisco IOS Security
Palo Alto Networks Next-Generation Firewall
Stormshield Network Security
OPNsense
Check Point VPN-1
McAfee StoneGate
Check Point Power-1
Trustwave Firewalls
McAfee Firewall Enterprise MFE
3Com H3C Firewall
A10 Networks Thunder CFW
Hillstone E-Series
NetFortris Hosted Firewall
NetFortris Threat Analyzer
WatchGuard Firebox
Hillstone T-Series
Fortinet FortiOS
Hillstone X-Series Data Center Firewalls
Hillstone CloudEdge
Sonatype Nexus Firewall
Comodo Dome Firewall
Sangfor NGAF

Best business firewalls: Which firewall is suitable for your business?

Best business firewalls: Which firewall is suitable for your business?

Best business firewalls: Which firewall is suitable for your business?

Best business firewalls: Which firewall is suitable for your business?

There are countless options to choose from when considering firewall protection. Should you invest in an external firewall, stick with a virtual firewall or take the plunge with both?

The firewalls listed here cater to most sizes of organisation, from small businesses that only require virtual firewalls to larger enterprises that should house external firewall hardware.

With recent data breaches highlighting the importance of securing your network, IT Monteur Firewall Firm investigates the best firewalls on the market for every business’ first line of defence.

Firewalls – Buyer’s Guide and Reviews

A10 Networks
A10 Networks Thunder CFW
Barracuda Networks
Barracuda Networks NG Firewall
Check Point
Check Point Power-1
Check Point
Check Point UTM-1
Check Point
Check Point VPN-1
Check Point
Check Point VSX
Cisco
Cisco Sourcefire Firewalls
Cisco
Cisco ASA
Cisco
Meraki MX Firewalls
Cisco
Cisco Firepower NGFW
Cisco
Cisco ASAv
Fortinet
Fortinet FortiGate
Fortinet
FortiGate-VM
GFI
Kerio Control
Hewlett Packard
Enterprise
3Com H3C Firewall
Hillstone Networks
Hillstone E-Series
Hillstone Networks
Hillstone T-Series
Hillstone Networks
Hillstone X-Series Data Center Firewalls
Hillstone Networks
Hillstone CloudEdge
Intel Security
Intel Security StoneGate
Intel Security
Intel Security Firewall Enterprise MFE
Juniper
Juniper SRX
NetFortris
NetFortris Hosted Firewall
NetFortris
NetFortris Threat Analyzer
OPNsense
OPNsense
Palo Alto Networks
Palo Alto Networks WildFire
Palo Alto Networks
Palo Alto Networks VM-Series
pfSense
pfSense
SonicWall
SonicWall TZ
SonicWall
SonicWall NSA
Sophos
Sophos Cyberoam UTM
Sophos
Sophos UTM
Sophos
Sophos XG
Stormshield
Stormshield Network Security
Trustwave
Trustwave Firewalls
Untangle
Untangle NG Firewall
WatchGuard
WatchGuard XTM
WatchGuard
WatchGuard Firebox
Zscaler
Zscaler Web Security

Top Firewalls Solutions

1 Fortinet FortiGate
The FortiGate family of NG firewalls provides proven protection with unmatched performance across the network, from internal
segments, to data centers, to cloud environments. FortiGates are available in a large range of sizes and form factors and are key
components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats
throughout the entire network
2 Cisco ASA
Adaptive Security Appliance (ASA) is Cisco’s end-to-end software solution and core operating system that powers the Cisco ASA
product series. This software solution provides enterprise-level firewall capabilities for all types of ASA products, including blades,
standalone appliances and virtual devices. Adaptive Security Appliance provides protection to organizations of all sizes, and
allows end-users to access information securely anywhere, at any time, and through any device.Adaptive Security Appliance is
also fully compatible with other key security technologies, and so provides organizations with an all-encompassing security
solution.
3 Sophos UTM
The global network of highly skilled researchers and analysts, protecting businesses from known and emerging malware – viruses,
rootkits and spyware.
4 pfSense
Providing comprehensive network security solutions for the enterprise, large business and SOHO, pfSense solutions bring
together the most advanced technology available to make protecting your network easier than ever before. Our products are built
on the most reliable platforms and are engineered to provide the highest levels of performance, stability and confidence.
5 Palo Alto Networks WildFire
WildFire™ cloud-based threat analysis service is the industry’s most advanced analysis and prevention engine for highly evasive
zero-day exploits and malware. The cloud-based service employs a unique multi-technique approach combining dynamic and
static analysis, innovative machine learning techniques, and a groundbreaking bare metal analysis environment to detect and
prevent even the most evasive threats.
6 Sophos Cyberoam UTM
Cyberoam Unified Threat Management hardware appliances offer comprehensive security to organizations, ranging from large
enterprises to small and branch offices. Multiple security features integrated over a single, Layer 8 Identity-based platform make
security simple, yet highly effective.
7 SonicWall TZ
The secure, sophisticated SonicWALL TZ is widely deployed at small businesses, retail, government, remote sites and branch
offices. It combines high-performance intrusion prevention, malware blocking, content/URL filtering and application control.
8 Meraki MX Firewalls
With the proliferation of modern applications and mixed-use networks, host and port based security is no longer sufficient. Cisco
Meraki’s layer 7 “next generation” firewall, included in MX security appliances and every wireless AP, gives administrators
complete control over the users, content, and applications on their network.
9 WatchGuard XTM
Small businesses need big security, too, and the WatchGuard XTM Series firewall/VPN appliances deliver that strong protection Ð
but without the hefty price tag. Enterprise-grade security includes full HTTPS content inspection, VoIP support, and optional
security subscriptions like Application Control and Intrusion Prevention Service.
10 Juniper SRX
High-performance security with advanced, integrated threat intelligence, delivered on the industry’s most scalable and resilient
platform. SRX Series gateways set new benchmarks with 100GbE interfaces and feature Express Path technology, which enables
up to 1 Tbps performance for the data center.

For more details just call or email us on

Sales Number : +91 9582 90 7788
Support Number : +91-9654016484
Sales Email : sales@itmonteur.net
Support Email : support@itmonteur.net

Register & Request Quote
Submit Support Ticket

Read More »