Does anyone know if Webroot SecureAnywhere protects against infection by the current WannaCrypt malware? I haven't seen anything about this in e.g. a Webroot news release.
Page 1 / 1
I have the same urgent question. Who responds to these??
Hello Kevin2,
Welcome to the Webroot Community.
This question was posed to Webroot threat researcher DanP, in a private forum. According to him, yes, WSA protects against this malware.
Also, check these out. ;)
https://community.webroot.com/t5/Security-Industry-News/The-Best-Ransomware-Protection-of-2017/m-p/291845/highlight/true#M34419
https://community.webroot.com/t5/Knowledge-Base-Business/Helpful-Guides-for-Preventing-Ransomware/ta-p/274892
Hope this info helps,
BD
Welcome to the Webroot Community.
This question was posed to Webroot threat researcher DanP, in a private forum. According to him, yes, WSA protects against this malware.
Also, check these out. ;)
https://community.webroot.com/t5/Security-Industry-News/The-Best-Ransomware-Protection-of-2017/m-p/291845/highlight/true#M34419
https://community.webroot.com/t5/Knowledge-Base-Business/Helpful-Guides-for-Preventing-Ransomware/ta-p/274892
Hope this info helps,
BD
Hi bettytonsing / Kevin2
Welcome to the Community Forums.
If I may add to what Dave has posted...the best protection of all is vigilence & (i) not opening emails from unknown sources or (ii) unexpected emails from known sources...and certainly not clicking on and/or opening any attachments they may contain.
And then if something does unfortunately get through then WRSA should have your back.
Regards, Baldrick
Welcome to the Community Forums.
If I may add to what Dave has posted...the best protection of all is vigilence & (i) not opening emails from unknown sources or (ii) unexpected emails from known sources...and certainly not clicking on and/or opening any attachments they may contain.
And then if something does unfortunately get through then WRSA should have your back.
Regards, Baldrick
OK, Thanks BurnDaddy
Thanks, Baldrick!
Yes, "Braces and Suspenders" is best approach...
Yes, "Braces and Suspenders" is best approach...
@ wrote:
OK, Thanks BurnDaddy
You're welcome, Kevin. And,as Baldrick has wisely stated, using common-sense practices to minimize the avenues of infection is certainly the first place start. ;)
Cheers,
BD
ps. Be sure to use an Adblocker as well. This will greatly minimize things like fake technical support popups/warnings and popups that may try and direct you towards malicious sites/links.
These are some we use and recommend here in the Community;
For Internet Explorer Ad Block Plus: https://adblockplus.org/
For Firefox uBlock Origin: https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/?src=ss or Privacy Badger: https://addons.mozilla.org/en-us/firefox/addon/privacy-badger-firefox/
Google Chrome uBlock Origin: https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=en or Privacy Badger: https://chrome.google.com/webstore/detail/privacy-badger/pkehgijcmpdhfbdbbnkijodmdjhbjlgp
Hi bettytonsing,@ wrote:
Who responds to these??
Welcome to the Webroot Community.
We are a community of Webroot users who volunteer their time here helping other Webroot users. Many of us have been using Webroot for many years. There is a wealth of information here regarding Webroot and other issues as well. If you have any questions, feel free to ask. If you need to contact technical support then please submit a support ticket (24/7) or contact Webroot suppport by phone during normal business hours. ;)
Cheers,
BD
I follow a few AV testers on youtube, one of them posted about this ransomware yesterday and I did see in VIRUSTOTAL webroot was one of them that did recognize the threat and would block it. Just another way to check if you ever want to.
Also check https://community.webroot.com/t5/Announcements/Webroot-added-to-VirusTotal/td-p/285432 for more info on virustotal and webroot.
Also check https://community.webroot.com/t5/Announcements/Webroot-added-to-VirusTotal/td-p/285432 for more info on virustotal and webroot.
Adguard AdBlocker browser extension
https://adguard.com/en/adguard-adblock-browser-extension/overview.html
https://adguard.com/en/adguard-adblock-browser-extension/overview.html
We only post and suggest free ad blocker products. Adguard is not free. Also WSA already protects you from Phishing and Malicious Websites. https://docs.webroot.com/us/en/home/wsa_pc_userguide/wsa_pc_userguide.htm#ManagingIdentityProtection/ManagingIdentityProtection.htm%3FTocPath%3DManaging%2520Identity%2520Protection%7C_____1@ wrote:
Adguard AdBlocker browser extension
https://adguard.com/en/adguard-adblock-browser-extension/overview.html
@ wrote:
We only post and suggest free ad blocker products. Adguard is not free. Also WSA already protects you from Phishing and Malicious Websites. https://docs.webroot.com/us/en/home/wsa_pc_userguide/wsa_pc_userguide.htm#ManagingIdentityProtection/ManagingIdentityProtection.htm%3FTocPath%3DManaging%2520Identity%2520Protection%7C_____1@ wrote:
Adguard AdBlocker browser extension
https://adguard.com/en/adguard-adblock-browser-extension/overview.html
Adguard AdBlocker browser extension are FREE and block Ads
https://addons.mozilla.org/en-us/firefox/addon/adguard-adblocker/
https://chrome.google.com/webstore/detail/adguard-adblocker/bgnkhhnnamicmpeenaelnjfhikgbkllg?hl=en
As we've discussed before. Simply remove what ever does not satisfy you or Guidelines.
We posted this yesterday on another thread, that was mentioned earlier, but just in case you didn't see it, here's a link to our latest blog post about WannaCry.
As the second wave of WannaCry spreads across the globe, the latest estimate from the leading European police agency Europol suggests the malware has hit over 200,000 victims over 150 countries. You can catch up on some of the latest news here.
Although a second kill switch has been identified and registered today, there is no certainty that this second kill switch will address all malware variants. Europol continues to recommend that one of the best defenses is to take advantage of the patches released by Microsoft.
Webroot currently has strong protection in place for WannaCry, and has already reviewed and fortified its protection and detection routines to protect its users against future variants that may appear. As Webroot sees every new executable file introduced on systems where Webroot SecureAnywhere is installed, we get rapid insight into all types of new malware.
This allows us to quickly create and/or improve upon our best-in-class detection mechanisms for zero day threats.
More information on our blog here.
Although a second kill switch has been identified and registered today, there is no certainty that this second kill switch will address all malware variants. Europol continues to recommend that one of the best defenses is to take advantage of the patches released by Microsoft.
Webroot currently has strong protection in place for WannaCry, and has already reviewed and fortified its protection and detection routines to protect its users against future variants that may appear. As Webroot sees every new executable file introduced on systems where Webroot SecureAnywhere is installed, we get rapid insight into all types of new malware.
This allows us to quickly create and/or improve upon our best-in-class detection mechanisms for zero day threats.
More information on our blog here.
I still wouldn't recommend or use it. I personally like and recommend uBlock Origin.@ wrote:
@ wrote:
We only post and suggest free ad blocker products. Adguard is not free. Also WSA already protects you from Phishing and Malicious Websites. https://docs.webroot.com/us/en/home/wsa_pc_userguide/wsa_pc_userguide.htm#ManagingIdentityProtection/ManagingIdentityProtection.htm%3FTocPath%3DManaging%2520Identity%2520Protection%7C_____1@ wrote:
Adguard AdBlocker browser extension
https://adguard.com/en/adguard-adblock-browser-extension/overview.html
Adguard AdBlocker browser extension are FREE and block Ads
https://addons.mozilla.org/en-us/firefox/addon/adguard-adblocker/
https://chrome.google.com/webstore/detail/adguard-adblocker/bgnkhhnnamicmpeenaelnjfhikgbkllg?hl=en
As we've discussed before. Simply remove what ever does not satisfy you or Guidelines.
Thank you for posting,@ wrote:
We posted this yesterday on another thread, that was mentioned earlier, but just in case you didn't see it, here's a link to our latest blog post about WannaCry.
BD
Of course. Happy to share. In case you haven't seen our latest blog post, we've got another update as the 2nd wave of WannaCry spreads here.
Over the past couple of days I've seen a few questions coming in from the community about WannaCry and wanted to share with the rest of you:
As a reminder, to prevent this threat from propagating within your environment, in any way, please review our Ransomware Prevention Guide and implement the suggestions listed.
4. At what point in time did Webroot detect this new version of WannaCry?
Our threat intelligence platform encountered it at 8:30 a.m. UTC. Shortly thereafter, we blocked it for customers.
- How does Webroot detect and prevent infection by Wannacry or other Trojans?
- Does this mean that no customer running Webroot has been, or indeed will be, affected by WannaCry?
As a reminder, to prevent this threat from propagating within your environment, in any way, please review our Ransomware Prevention Guide and implement the suggestions listed.
- Do you have evidence that the initial infection vector was email?
4. At what point in time did Webroot detect this new version of WannaCry?
Our threat intelligence platform encountered it at 8:30 a.m. UTC. Shortly thereafter, we blocked it for customers.
Good info in this thread already, regarding protection.
Here are a few of the steps that I take and so far it has worked. Even if you can't stop them.... you can still recover if you follow best practices.
1) USE WEBROOT!!!!
2) Keep you OS version up to date.
3) Keep you OS patches up to date.
4) Keep your software patched, ie: flash and others.
5) Perform weekly full image or conventional dependable backups and daily incremental or differential backups.
6) Validate images and or backups.
7) Store at least one copy of the image or backup offline.
8) Immediately copy important files or emails that arrive between imaging or backups offline.
9) Disconnect from the internet whenever you don't need to be online or you are away from your computer.
I do this by simply unbinding IP and re-binding when I am ready to go back online. It only takes a second.
10) Don't open emails from sources that you are not familiar with. If you can't control your curiosity, do it in an environment that disables links and images or text mode.
11) Don't click on email links unless you are sure of the source and destination.
12) Don't download files or images that you are not absolutely sure of.
13) Don't visit sites that do not have a good reputation.
14) Block popups in your browser.
15) Use a good ad-blocker.
These are just a few and not inclusive of all possible techniques.
Stay safe out there,
Dave
Here are a few of the steps that I take and so far it has worked. Even if you can't stop them.... you can still recover if you follow best practices.
1) USE WEBROOT!!!!
2) Keep you OS version up to date.
3) Keep you OS patches up to date.
4) Keep your software patched, ie: flash and others.
5) Perform weekly full image or conventional dependable backups and daily incremental or differential backups.
6) Validate images and or backups.
7) Store at least one copy of the image or backup offline.
8) Immediately copy important files or emails that arrive between imaging or backups offline.
9) Disconnect from the internet whenever you don't need to be online or you are away from your computer.
I do this by simply unbinding IP and re-binding when I am ready to go back online. It only takes a second.
10) Don't open emails from sources that you are not familiar with. If you can't control your curiosity, do it in an environment that disables links and images or text mode.
11) Don't click on email links unless you are sure of the source and destination.
12) Don't download files or images that you are not absolutely sure of.
13) Don't visit sites that do not have a good reputation.
14) Block popups in your browser.
15) Use a good ad-blocker.
These are just a few and not inclusive of all possible techniques.
Stay safe out there,
Dave
Again Thank you for this information. i have also bookmarked this as@ wrote:
Good info in this thread already, regarding protection.
Here are a few of the steps that I take and so far it has worked. Even if you can't stop them.... you can still recover if you follow best practices.
1) USE WEBROOT!!!!
2) Keep you OS version up to date.
3) Keep you OS patches up to date.
4) Keep your software patched, ie: flash and others.
5) Perform weekly full image or conventional dependable backups and daily incremental or differential backups.
6) Validate images and or backups.
7) Store at least one copy of the image or backup offline.
8) Immediately copy important files or emails that arrive between imaging or backups offline.
9) Disconnect from the internet whenever you don't need to be online or you are away from your computer.
I do this by simply unbinding IP and re-binding when I am ready to go back online. It only takes a second.
10) Don't open emails from sources that you are not familiar with. If you can't control your curiosity, do it in an environment that disables links and images or text mode.
11) Don't click on email links unless you are sure of the source and destination.
12) Don't download files or images that you are not absolutely sure of.
13) Don't visit sites that do not have a good reputation.
14) Block popups in your browser.
15) Use a good ad-blocker.
These are just a few and not inclusive of all possible techniques.
Stay safe out there,
Dave
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.