With the UK National Crime Agency and the FBI issuing urgent alerts about Cryptolocker - are we safe? I always run my browser fully virtualized, can this alone stop Cryptolocker/plus, in addition are my file(s) then safe from encryption?
I understand that all descent AV’s can stop Cryptolocker, but many cannot stop vital file(s) from being encrypted
You should be safe because you are running your browser as fully virtualized. This means that anything run from it will be fully virtualized as well, and can therefore not affect the real system.
However, to check on another attack vector, for which setting do you have the Behavioral Blocker configured?
In that case you should be fine unless you explicitly allow the malware. Even with the browser run normally the BB set to Untrusted should be able to stop any ransomware. However, I will note that it’s still a good idea to run the browser as FV, although not necessary for this particular type of malware.
Everyday I’d say. There is a cloud based TVL where analysts can update it in real time and a local TVL that can be updated with a simple AV database if I’m not wrong.