Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x

RansomwareSponsored by Webroot

80

Solutions

220

Contributors

Ransomware is malicious software, designed to block data access in order to extort money. As a form of malware, ransomware is most often used to infiltrate devices through infected emails or links that, in turn, recognize and take advantage of vulnerabilities in the operating system and installed third-party software.

Share tech news, updates, or what's on your mind.

Sign up to Post

Topic Sponsored by Webroot
Good day,

Is there a device or any technology that prevents users from opening emails with ransomware and infecting the network shares?

I believe tiers of protection to help minimize but nothing concrete to stop.

regards,
1
Are You Ready for GDPR?
Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Hi,
I'm in the process of setting up SSO for users so we can control our internet access. We only want domain users to access internet and none domain users such (visitors) need to be blocked.

I have read a couple of articles but am still a little unsure which method to use, so here I am asking experts for guidance. I would also appreciate if someone can write step-by-step setup guide or an article that I can follow with some screen prints?

Please also point out any "gotcha"

This article says that "Event Log Monitor” has to be installed on all domain controllers, but later its talks about pushing out SSO client to machines which is also used for authentication, so am a bit confused if this is needed or not? Please clarify
http://www.skype4badmin.com/watchguard-sso-part-1/


and then this video also talks about "Exchange Monitor" for authentication.. do I need all of these options or will one suffice?
https://www.youtube.com/watch?v=qw8e85hXVcg

much appreciated!

Thanks
0
Hello Everybody:

I saw with a company which was affected with some files with a ransomware Gryphon on their Synology NAS, but we need to know the files or user where affected the NAS, in order to avoid more infection on the NAS.

Is there any kind of command in synology using with ssh conection on the Synology or by web in order to investigate where was infection?

Note: We disconect the NAS from the network, to avoid more infection, but we need to find where or which user started the infection.
0
I had this question after viewing SYSVOL corrupted.

I have a server that was fully corrupted by ransomware without a good restore option available.

I now know I need to rebuild the NETLOGON and SYSVOL shares from scratch and plan to do that per this article:
https://support.microsoft.com/en-us/help/290762/using-the-burflags-registry-key-to-reinitialize-file-replication-servi

I also know I need manually seize the roles and remove the old DC:
https://community.spiceworks.com/how_to/9942-complete-force-removal-of-a-domain-controller-from-active-directory-guide

The question I have is:

Which to do first?   I imagine I need to fix the shares first as they are required for proper AD operation, though I fear that will fail due to the lingering DC.  

Perhaps someone here has done this before?

Thanks in Advance,
Fred
0
What's a good option ?

If we get hit with ransom ware want to have a cloud option in place

Something not too expensive

Thanks
0
We are looking for a software that we can install  on a server that contains critical information that detects and prevents ransomware aggressively.  Something that we can literally halt it in its tracks and lock down any ports etc open areas in comes in.  

Thanks
0
We have a few small clients where in place we have a Netgear FVS 336v3, which is a simple firewall at best.  Using Worryfree 9.0 and moving to Worryfree 9.5 (which although Trend is not being specific), it "supposed to not allow encryption of 3 files within a 30 second period"  I can't get proof of this. Under behavior monitoring in 9.x there are settings to prevent encrypting files, a site of ours although configured correctly to prevent encryption was just compromised. Lost about 2000 files. .aes extension.  All systems are patched pretty much up to date with generally a two week lag (unless a serious security vulnerability).  We NEED to prevent any future ransomware attacks.
Based on experience what would be the best practices/enhancements that you guys are using?  
Are Trend products not reliable?  Do I really need to beef up the firewall to like a low-end sonicwall for all?
They also require ipsec or other means of VPNing in which is a built-in feature of the fvs336G.
Any/suggestions/ideas - would be appreciated!
Thanks guys so much!
0
Hello,

one of my co-workers got himself infected with the nasty Osiris randsomware.

I think we got it removed using multiple tutorials online, but I was unable to find a took to decrypt the files modified and make them work again. Kaspersky seams to have multiple tools, but nothing for Osiris.

Any ideas?
0

RansomwareSponsored by Webroot

80

Solutions

220

Contributors

Ransomware is malicious software, designed to block data access in order to extort money. As a form of malware, ransomware is most often used to infiltrate devices through infected emails or links that, in turn, recognize and take advantage of vulnerabilities in the operating system and installed third-party software.