Emsisoft Blog News Update

Discussion in 'Emsisoft' started by jasonX, Jul 10, 2016.

  1. jasonX

    jasonX Giveaways Moderator Staff Member

    Emsisoft Blog News Update


    The malware landscape has shifted – These online threats are waiting for you in 2016_July 7, 2016

    The blog team at Emsisoft share news and articles on the Emsisoft Blog, today about another evolution of malware / ransomware etc. and what we can do to protect ourselves against it.

    Have you ever wondered what you’d do if all of a sudden the data from your your laptop was held hostage? What if you went to make an online payment and your bank account was empty without reason? This is the sort of nightmare one always imagines happens to someone else. Unfortunately, these are just two of far too many threats that we all face in a climate of heightened cyber crime.

    Today’s attackers don’t seem to be deterred at all by modern security measures and the use of malicious software is still a rampant issue for banks, businesses and at home users.

    More Info from Source HERE

    You can view more news from Emsisoft from the Emsisoft Blog HERE
    LowcyGier, revC0de and wwd like this.
  2. Google Adsense

  3. jasonX

    jasonX Giveaways Moderator Staff Member

    Pokemon GO: giving hackers direct access to your phone


    Pokemon fanatics beware! App's developer, Niantic Labs, opens up full unlimited access to your Google account. Abilities included in the access are send/read email, access/edit documents in your Google Drive/Photos.

    The Emsisoft blog team share news and articles today about you can keep your data safe.

    Pokemon GO took the world by storm over one weekend. Clusters of teens and adults alike are sweeping the streets nabbing animated creatures with their mobile phones.

    More Info from Source HERE
    LowcyGier, revC0de, wwd and 2 others like this.
  4. jasonX

    jasonX Giveaways Moderator Staff Member

    Computer Protection Software, made in: the world
    A look behind the scenes. By Haylee Read.

    The Emsisoft blog team shares news and articles today about how Emsisoft can keep you safe in this brave new world.

    At Emsisoft, there is no corner office with a view, no central headquarters that I could wander through unseen. Only a blue and grey logo, existing only online, with an untold story behind it. The lack of office makes Christian Mairoll a hard man to interview, yet, here I am with an appointment, winding up a back road through the heights of a valley, near Nelson, New Zealand. Population 5,321. I cannot see any of them, the road is deserted. Locals call this part of the country the Top of the South, I call it the beginning to nowhere. Not even a cafe at sight.

    The gravel pit road is cradled by mountains and tall pine trees. Christian Mairoll is the face of a company that – apparently – doesn’t have a company face. Given that Emsisoft was founded in Austria in 2003 and is now run from Christian Mairoll’s eco lifestyle block in rural New Zealand, there are many questions to be asked. If only I can find the house in the raising fog.


    More Info from Source HERE
  5. jasonX

    jasonX Giveaways Moderator Staff Member

    Emsisoft explores the worst passwords of 2016
    In Security Knowledge by Haylee on March 28, 2017

    Almost everyone of us has in one way or another have memorized their passwords to some encrypted file or anything that require us to use a password (or in the case of ATM cards the PIN#). That is generally the most human thing to do "memorize it/remember it". But with that you are limited to securing "your password" as you will be kept in a bind so you'll make one easy to remember often. You can write it down but there also lies the problem that it isn’t secure as well as you might misplace it or lose it and their goes your password. A good password should be at least consists of 10 characters with special characters but then again the problem is there, "memorize it/remember it" or "write it down". Some use phrases which in fact will produce more than 10 characters. Some abbreviate those words in those phrases they use and insert numbers and special characters. It is really a trial and error and it is up to you to find that "balance" of creating a "secure password" which is simple to remember/memorize but is not as easy to crack (with the 10 characters with numbers/special character usage).

    The Emsisoft blog team share news and articles about the dangers of using weak passwords and a guide how to create safe passwords for our safety.


    Related Info

    Yahoo Breach

    Yahoo hack hits half a billion users


    Best Free Web Form Filler and Password Manager

    Best Password Manager — For Windows, Linux, Mac, Android, iOS and Enterprise
    LowcyGier, revC0de, Petrovic and 3 others like this.
  6. jasonX

    jasonX Giveaways Moderator Staff Member

    Spotlight on Ransomware: Common infection methods
    In Security Knowledge by Haylee on March 30, 2017

    Ransomware infection differs from most viruses, but it is usually packaged with files masking itself as official software updates. Most if not all are advertised as legit updates for Adobe Acrobat, Java and Flash Player. Frequenting underground websites like torrent file sites and the like will definitely make you across Ads used to distribute this kind of malware. A popup appears telling you that you need to update Adobe Acrobat. Upon infection, malware finds files with JPG, XLS, PNG, DOC and PPT file extensions. These files will now be encrypted. After encryption, the malware tells you that your data is being held for ransom and gives you a website to access.

    Then the hacker states that you need to buy bitcoins to pay him and if not goodbye to your files! Data has been shown that many pay the ransom because they need their files back and because decryption is sometimes no guarantee. Take a look at the Cerber Ransomware. Still no decrypter available. There has been two successes from Trend Micro and Check Point (the makers of ZoneAlarm Security products) but that was only for versions 1 and 2.

    The Emsisoft blog team share news and articles about ransomware common infection methods and how to be safe/protected from it.



    Spring clean your PC in 5 simple steps and prevent malware

    Related Info

    MongoDB Apocalypse: Professional Ransomware Group Gets Involved, Infections Reach 28K Servers

    Major sites including New York Times and BBC hit by 'ransomware' malvertising

    USPS Malware Emails

    Ransomware FAQ: How Ransomware Infects Your Computer
    LowcyGier, revC0de, Petrovic and 3 others like this.
  7. jasonX

    jasonX Giveaways Moderator Staff Member

    Emsisoft Surf Protection Campaign


    Emsisoft is currently running their #surfprotection campaign.

    Emsisoft Surf Protection Campaign Video

    Emsisoft Surf Protection Campaign Page

    Related Story
    LowcyGier, revC0de, wwd and 3 others like this.
  8. jasonX

    jasonX Giveaways Moderator Staff Member

    Emsisoft Blog News : Global WannaCry ransomware outbreak uses known NSA exploits

    As we all know the world is now under a whole new ransomware attack by the so-called WannaCry Ransomware. Our very own MTAC team has also shared pertinent info on the ransomware variant so as to help us here know what is it and what can be done for out own safeguards.

    MTAC Team Special Analysis HERE

    Below is Emsisoft's take on the WannaCry Ransomware.

    The Emsisoft blog team share news and articles about WannaCry ransomware infection methods and how to be safe/protected from it.


    Meet WannaCry Ransomware
    The WCry ransomware, also referred to as WNCry, WannaCry, WanaCrypt0r or Wana Decrypt0r, was originally spotted in campaigns in early February 2017, with more campaigns following in March. But it wasn’t until now that a global attack had been registered.

    It has been written in C++ and no attempts have been made to hide the majority of the code. Like most ransomware families, WCry renames files it encrypts, adding the .WNCRY extension.

    When infecting a system, it presents a ransom screen asking to pay $300 worth of bitcoins:


    Unlike most ransomware campaigns, which usually target specific regions, WCry is targeting systems around the globe. So it comes as no surprise that the ransomware authors provide localised ransomware message for more than 20 languages:

    Bulgarian, Chinese (simplified), Chinese (traditional), Croatian, Czech, Danish, Dutch, English, Filipino, Finnish, French, German, Greek, Indonesian, Italian, Japanese, Korean, Latvian, Norwegian, Polish, Portuguese, Romanian, Russian, Slovak, Spanish, Swedish, Turkish, Vietnamese

    How do you get infected with WCry ransomware?
    At the moment, WCry is primarily spreading via the leaked NSA exploits that the Shadow Brokers group released recently. More specifically, French researcher Kaffine was the first to suspect that WCry was being spread via the ETERNALBLUE exploit.

    ETERNALBLUE exploits a vulnerability in the Microsoft SMBv1 protocol, allowing an attacker to take control over systems which:

    • have the SMBv1 protocol enabled
    • are accessible from the internet and
    • have not been patched by the MS17-010 fix released back in March 2017

    In addition, it appears that the malware authors are also taking advantage of DOUBLESPEAR, a backdoor that is usually installed via the ETERNALBLUE exploit and persisting on the system. So if your system was compromised by ETERNALBLUE previously, chances are your system is still vulnerable, even if the initial SMBv1 vulnerability was patched.

    More HERE

    Related Info on Emsisoft Blog

    Related Tweakbytes Info HERE
  9. jasonX

    jasonX Giveaways Moderator Staff Member

    Doxware: Ransomware evolution or merely media hype?


    The internet is getting a bit more scary by the day...Doxware - a whole new spin-off of ransomware. Emsisoft talks about "Doxware" and "Doxing" the threat and its underlying actions. Information/news lifted from their Blog. Related info are also shared below.

    -- Sandra Garcia - Wired.com

    The world of ransomware continues to evolve, finding clever new ways to extort victims for higher sums of money. Case in point? Doxware. This spin on ransomware not only holds your personal information for ransom but also threatens to publish identifiable details online. Imagine if someone made your name, address and private chat conversations public if you refused to pay a ransom. Scary right?

    In this blog post we will explore doxing, and how ransomware criminals are turning to this morally dubious practice to extort higher ransoms. Netflix and Larson Studios are learning about doxing the hard way. Don’t be the next victim. Stick around and stay ahead of malware criminals.

    But before we dive into the ins and outs of doxware, let’s start at the beginning…

    What is doxing?

    Doxing or doxxing derives from the word “docs” (documents). It refers to the act of exposing someone publicly by means of posting private conversations and identifiable details such as phone numbers or a physical address online. It is commonly associated with internet harassment and usually conducted with malicious intent.

    Source HERE

    Related Info HERE

    Petrovic, LowcyGier, wwd and 2 others like this.
  10. jasonX

    jasonX Giveaways Moderator Staff Member

    Petya Ransomware Cyberattack!

    A resurgence of Petya ransomware is underway in the globe as we have come across the news lately. Here is Emsisoft's Blog news about it alongside some additional related news info.


    Hot on the heels of last month’s Wannacry attack that caught global media attention arrives the latest outbreak of ransomware that is spreading rapidly across Europe and other continents. The culprit? A new variant of the Petya ransomware family, also known as Petna in IT security circles. For the remainder of the article we will refer to the ransomware simply as Petya.

    Spotted earlier this morning, the ransomware hit the Ukraine particularly badly, affecting government branches, Kiew airport, the metro system, the state energy provider Ukrenergo, the central bank and even the defunct Chernobyl nuclear power plant.

    Further infections have been confirmed by businesses in other parts of Europe, including British ad agency WPP, French construction company Saint-Gobain, Russian oil company Rosneft and Danish shipping giant AP Moller-Maersk. Until now, the ransomware infection has been confirmed in more than 14 countries including the US, Mexico, Iran and Brazil; yet we expect a lot more countries to be affected.

    Perhaps most surprising is the fact that this latest Petya ransomware variant uses the same NSA exploits that allowed Wannacry to infect more than 200,000 computers in May this year. Despite security patches and advice that followed, it appears many companies did not heed the advice from security experts.

    Will this latest ransomware attack be even worse than Wannacry? And what can be done to secure your computer and networks?

    Meet Petya Ransomware
    In a way, the latest Petya variant seems to be closely related to the existing Petya ransomware family. Petya was first seen spreading at the end of March 2016. What made Petya unique was the implementation of its own little operating system that it installed and booted instead of Windows, so it could encrypt various critical file system structures on the boot disk during the next restart. The new Petya variant copied this method and even the code of the Petya operating system almost completely but implements its own methods to spread, encrypt files and infect the system.

    Source HERE

    Related News HERE

    Related Info HERE

    Related Info HERE

    Related Info HERE
    Petrovic, wwd, LowcyGier and 2 others like this.
  11. jasonX

    jasonX Giveaways Moderator Staff Member


    Emsisoft Internet Security to be merged with Emsisoft Anti-Malware by October 1, 2017!!!!

    Alert to all those users of Emsisoft Internet Security!!!! Wheels are turning and Emsisoft has announced that it will merge Emsisoft Internet Security to Emsisoft Anti-Malware by Octoiber 1, 2017!!! Frankly, I don't like it as I never did like the built-in Windows firewall. Seems Emsisoft is moving away from the firewall business just like it did with Online Armor.

    They said, "Less risk of misconfiguring the protection features." -- I say, getting theirs hands-off on firewalls period! The default allow behavior of the Windows Firewall will eat up all users and they would have to get something that would restrict connections.

    Read on below (as directly quoted from Emsisoft Blog)

    Merging Emsisoft Internet Security with Emsisoft Anti-Malware
    In Emsisoft News by Emsi on August 10, 2017 | English, Deutsch

    Starting 1 October 2017, Emsisoft Internet Security will be merged with Emsisoft Anti-Malware. While this may come as a bit of a surprise, there are many factors that have prompted this decision, and I would like to use this as an opportunity to share our reasoning:

    A common base
    Technically, both products have shared the same code base and even the same file feeds for online updates for the last couple of years. From a branding perspective, Emsisoft Internet Security has kind of been framed as an extended feature set edition of Emsisoft Anti-Malware. The only difference between the two products is Emsisoft Internet Security’s built-in firewall component, which is responsible for its slightly higher price tag. While Emsisoft Internet Security was definitely a valuable product in years gone by, we believe that whatever protective advantages desktop firewalls once had over Windows Firewall are now minimal, if not negligible.

    The job of firewalls
    The main purpose of a desktop firewall is to shield your computer from attacks from the Internet. It does so by interrupting network communications initiated by foreign computers when they attempt to connect to a program that listens for input on your computer.

    However, there are two things to consider here:

    Most attack attempts from the outside are made impossible by the use of NAT routers (which includes just about every modern DSL modem), as they separate your inside network (LAN) from the Internet.

    The built-in Firewall in Windows 7, 8 and 10 already does a pretty good job of blocking connection attempts from potentially dangerous computers that reside in the same network (e.g. in public WiFi) or on the Internet.

    Malware and firewalls
    We see our main job as protecting your computer from malware – and today’s malware is generally quite unimpressed by firewalls. Connection attempts from the outside in are blocked by the Windows Firewall by default, and connections from the inside out are prevented by Emsisoft’s multi-layer real time protection, and the Behavior Blocker in particular.

    Emsisoft Firewall vs Windows Firewall
    When Microsoft introduced the Windows Firewall in a late Windows XP Service Pack update, it was a bit of an embarrassing performance and the software could not be taken too seriously, which led us to build a stronger alternative. But with the release of Windows 7, the Windows Firewall started to do its job much more effectively, and the latest Windows 10 version pretty much does everything you could expect from a desktop firewall. Its only architectural flaw is that its settings (and firewall rules) can be freely edited by anyone or anything that attains the required permission level. In other words, if malware manages to run on the PC, it’s able to allow itself to get through the firewall. That was one of the main reasons for us to maintain our own firewall component.

    A better approach: Fortifying the Windows Firewall
    Emsisoft Internet Security has always been highly configurable. While some of our more technically minded users might have appreciated the freedom to tweak settings to their heart’s content, it has to be said the majority of our customers are (understandably!) not familiar with the technical intricacies of firewalls and were not always confident when using the software. This was problematic given the fact that a wrong configuration can potentially cause a lot of damage when it comes to malware protection. So, in the interests of protecting our customers, we thought it would be most beneficial if, moving forward, we simply rely on the Windows Firewall and use our software to cover its blind spot and ensure its settings can’t be manipulated by malware from the inside.

    How are we going to do that?

    Well, one of Emsisoft’s key strengths is creating Behavior Blocking technology that works. It allows us to detect and intercept malicious actions from active programs in real time before they can cause any damage. This technology now allows us to define behavior patterns that indicate illegitimate manipulations of Windows Firewall rules. We make sure Windows Firewall is as safe to use as our own firewall, so we can remove the redundancy of building and maintaining our own firewall code.

    Therefore, we decided to end the product life-cycle of Emsisoft Internet Security and merge it with Emsisoft Anti-Malware, which receives the Windows Firewall fortifying enhancements in the version 2017.8 release.


    September 1st, 2017:
    The new Windows Firewall Fortify feature will be part of the version 2017.8 release of Emsisoft Anti-Malware.

    October 1st, 2017:
    Existing Emsisoft Internet Security software will directly update to Emsisoft Anti-Malware version 2017.9 and the remaining license period will be extended as described below. No manual actions required.

    Advantages for Emsisoft Internet Security customers
    We appreciate that the decision and swift merging will come as a surprise to our loyal customers, so apart from the additional features already mentioned that ensure capable and secure firewall protection, we are sweetening the transition for existing Emsisoft Internet Security license holders:

    • By switching to Emsisoft Anti-Malware, your annual software license fee gets about 20% cheaper.
    • To compensate for the already paid higher product price, we will extend all active Emsisoft Internet Security license periods by 50%. E.g. if you have 1 year left on your license, it will change to 1.5 years for free.
    • Malware protection capabilities of Emsisoft Anti-Malware will be improved due to less interference with firewall code.
    • Your Emsisoft protection software will get lighter on the system and there will be fewer incompatibilities with other products.
    • Less risk of misconfiguring the protection features.

    Source HERE

    frogboy, Trim, leojohnpc and 3 others like this.
  12. jasonX

    jasonX Giveaways Moderator Staff Member

    When Emsisoft ended Online Armor they said the quoted text below so as the Online Armor crowd will accept it. They downgraded HIPS because they embraced the notion that HIPS has been so disturbing and annoying always (I say those who do not know how to configure it yes, but to those who know it's not!). HIPS wasn't so popular (only to those who know how to use it) so they got rid of it.

    Are firewalls a waste of time? No. Here’s why.


    Emsisoft says, "use Windows Firewall instead!"

    Trim, leojohnpc, grr and 3 others like this.
  13. jasonX

    jasonX Giveaways Moderator Staff Member

    So if we use the new EAM by October 1st, we still "may want to use" Windows Firewall Control for other features. As I already mentioned users will have to get something to effectively restrict connections --and some other features as Mr. Wosar said. Hello Binisoft we need sponsorship right away!

    Trim, leojohnpc, jerzy6012.50 and 4 others like this.
  14. Trim

    Trim MTAC Moderator Staff Member Member Of Month - Tweakbytes Defender

    Thanks for posting these updates @jasonX ! :)
    frogboy, jasonX, wwd and 2 others like this.
  15. jasonX

    jasonX Giveaways Moderator Staff Member

    Along this line as they (Emsisoft) are abandoning the firewall business, I've asked Comodo devs (Umesh) for an opt-out to the AV component of Comodo Premium offline-installer as Comodo does not anymore post an offline installer of their free firewall. This is slated for release October 2017.

    Maybe your guys can post a comparison of the remaining 3rd party-free firewall versions out in the market today... We have Glasswire and Evirom review now here perhaps we can post something on TinyWall, Privatefirewall or ZoneAlarm Free (have asked devs there for an offline installer but they declined).

    Also perhaps a guide to properly setting-up Windows firewall would be nice here. I mean we can check out the net for it but it'll be nice if we have one here of our own so members readers can get that info first hand.
    wwd, Trim, grr and 1 other person like this.
  16. Trim

    Trim MTAC Moderator Staff Member Member Of Month - Tweakbytes Defender

    Hey good idea Jason. I can do a review of TinyWall :)
    wwd, jasonX, RGiskardR and 1 other person like this.
  17. jasonX

    jasonX Giveaways Moderator Staff Member

    Thanks guys you all rock!
    wwd and RGiskardR like this.
  18. Umbra Polaris

    Umbra Polaris Board Enthusiast Silver Member

    Read more here

    jasonX, revC0de, kram7750 and 2 others like this.
  19. kram7750

    kram7750 Member Known Member

    @Umbra The award was well-deserved and I could see it coming for a long time, because Emsisoft is an outstanding product for sure. You are very lucky to be working for an honest and hard-working vendor like them, some vendors just care about the money... Anyone can see that Emsisoft are truly passionate and caring for customers and protection, because of their privacy policies, free removal tools (e.g. including decryption for ransomware they can reverse the encryption for), free malware removal assistance over on their forum, and constant updates for the software.

    Umbra Polaris and revC0de like this.
  20. jasonX

    jasonX Giveaways Moderator Staff Member

    Cheers to Emsisoft!

    Emsisoft has been performing well and I am proud to be a user. Too bad about the firewall component (I will miss how it is easy to create rules and use pre-defined rules for applications) but I have moved on without it. But with all the awards and the accolades, it is also important that Emsisoft tries it's very best to reach some parts of the world, say, perhaps in Asia and Middle East. I remember when I introduced Emsisoft in the office when they ditched Norton Symantec, literally nobody, as in zero "0" knew about it's existence. When they started to love it (EIS) they took out the firewall (made it simpler as they put it -- not to the beginners/first level intermediate..but it's final now) so it's back to Norton again for most of them.
    Umbra Polaris and RGiskardR like this.
  21. Umbra Polaris

    Umbra Polaris Board Enthusiast Silver Member

    Thanks Kram, we do our best to satisfy our users or those needing our help, and so do i ;)

    Yes removing the FW wasn't an easy choice, but it had to be made. It was a time i needed a 3rd party FW, now i live quite well since Win8 with Windows Firewall.
    About Asia and Middle-East, we try first to be better exposed in our mains markets before focusing resources on new ones; doesn't mean we are ignoring and didin't think about them. ;)
    RGiskardR and kram7750 like this.
  22. Umbra Polaris

    Umbra Polaris Board Enthusiast Silver Member

    Emsisoft awarded VB100 certification in latest Virus Bulletin test

    silversurfer and RGiskardR like this.
  23. Umbra Polaris

    Umbra Polaris Board Enthusiast Silver Member

    New in 2018.1: Revamped Behavior Blocker user experience

    Read more here

    About the BB's advanced options discontinuation:

    Der.Reisende and RGiskardR like this.
  24. jasonX

    jasonX Giveaways Moderator Staff Member

    RULES have disappeared! Can't make my own rules? User will just have to select from what is given......



  25. Umbra Polaris

    Umbra Polaris Board Enthusiast Silver Member

    Yes because the incoming BB will be revamped and will take into consideration the whole impact on the system of a file behavior.

    To use an approximative analogy:

    With the actual BB , you have the view of soldiers on a battlefield, they just see what is around them, and what the enemies close to them are doing.
    With the new BB, you have the "eagle" view, you see as the general, you see the big picture.

    Also the Application Rules were mostly ignored by most of our users, only an handful of security geeks were able to understand and used them.
    Der.Reisende and RGiskardR like this.
  26. jasonX

    jasonX Giveaways Moderator Staff Member

    When will the new BB be released?
    Der.Reisende and RGiskardR like this.

Share This Page