Go Premium for a chance to win a PS4. Enter to Win

x

RansomwareSponsored by Webroot

98

Solutions

246

Contributors

Ransomware is malicious software, designed to block data access in order to extort money. As a form of malware, ransomware is most often used to infiltrate devices through infected emails or links that, in turn, recognize and take advantage of vulnerabilities in the operating system and installed third-party software.

Share tech news, updates, or what's on your mind.

Sign up to Post

Topic Sponsored by Webroot
i have admins rights but i can't stop it,i stop it from services.msc i tried taskkill /f /im etc nothing works
I try to open webroot icon and nothing hapens, sometimes i receive a message, contact network admin etc..
is there a way to shut downnnn this antivirus?
1
Cyber Threats to Small Businesses (Part 2)
Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

One of our clients has a ransomware vires, in every folder there is a text document with the following info:

All your files have been encrypted. If you want to restore them, write us to the e-mail writefordecrypt@openmailbox.org
013CCCAC1509577167

I am guessing all is lost when there is no backup?
0
I have been trying to connect to a Watchguard XTM 330 L2TP vpn using the windows client, keep getting the message that it can't resolve the server name. Using a Windows 2012 Radius server that I can authenticate to from inside the network. DNS is configured on the policy for the watchguard etc. When we use the Watchguard SSLVPN client it works just fine. We use roaming profiles so the SSLVPN client won't work with them. Anyone have any suggestions?
0
I have a wireless envorment with:

Server 2012 R2 running the NPS service for RADIUS authentication to the AD
Ubiquiti UniFi APs that are set to forward auth to the RADIUS NPS server

Now I have that setup, and it works, and authenticates the users AD login, and connects to the network just fine, the issue I have, comes after that, when the user is not authenticated through the single sign on through RADIUS for the WatchGuard firewall. I have followed what little information WatchGuard has on this, but most of their information points to MSDN pages, that get me no where.  I understand that the WatchGuard needs to receive accounting packets with information from the NPS server, but it doesn't seem to be getting them, as the firewall still tries to route users to authenticate through the web portal.

Not sure where to go from here in order tell which system to send to what and where, and how.
0
At NY Data Center, and UK and US Offices the IP addresses accessing in and being accessed out.


Objective is to identify suspicious / unauthorized access or data transfer .
0
I had this question after viewing SYSVOL corrupted.

I have a server that was fully corrupted by ransomware without a good restore option available.

I now know I need to rebuild the NETLOGON and SYSVOL shares from scratch and plan to do that per this article:
https://support.microsoft.com/en-us/help/290762/using-the-burflags-registry-key-to-reinitialize-file-replication-servi

I also know I need manually seize the roles and remove the old DC:
https://community.spiceworks.com/how_to/9942-complete-force-removal-of-a-domain-controller-from-active-directory-guide

The question I have is:

Which to do first?   I imagine I need to fix the shares first as they are required for proper AD operation, though I fear that will fail due to the lingering DC.  

Perhaps someone here has done this before?

Thanks in Advance,
Fred
0
What's a good option ?

If we get hit with ransom ware want to have a cloud option in place

Something not too expensive

Thanks
0
We are looking for a software that we can install  on a server that contains critical information that detects and prevents ransomware aggressively.  Something that we can literally halt it in its tracks and lock down any ports etc open areas in comes in.  

Thanks
0

RansomwareSponsored by Webroot

98

Solutions

246

Contributors

Ransomware is malicious software, designed to block data access in order to extort money. As a form of malware, ransomware is most often used to infiltrate devices through infected emails or links that, in turn, recognize and take advantage of vulnerabilities in the operating system and installed third-party software.