« previous next »
Pages: [1]   Go Down

Author Topic: Ranstop, how effective is it really against ransomware?  (Read 8166 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33900
  • malware fighter
Ranstop, how effective is it really against ransomware?
« on: December 28, 2019, 01:37:12 PM »
Read: https://temasoft.com/information/ranstop-stops-clop-ransomware/  ::)
Read translated from Russian: https://translate.google.ru/translate?hl=ru&tab=wT&sl=ru&tl=en&u=https%3A%2F%2Fid-ransomware.blogspot.com%2F2019%2F02%2Fclop-ransomware.html

This in the light of the recent ransomware attack on Dutch Maastricht University:
https://securityaffairs.co/wordpress/95687/malware/maastricht-university-ransomware.html

Main line of infection vulnerable MS Windows - all of Windows dhcp-servers, Exchange-servers, domaincontrollers & Windows network disks were hit. Entrance point as for now unknown.

polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33900
  • malware fighter
Re: Ranstop, how effective is it really against ransomware?
« Reply #1 on: December 30, 2019, 12:21:08 PM »
L.S.

Strange that I cannot get any reactions here. This just seen from the enormous engulfment of ransomware against Microsoft OS lately.
With ransomware against firms and institutions that have to pay 1% of their annual income to buy keys to unlock their encrypted data  >:( like Clop ransomware, malcreated by the Russian TA505 group, that could be identified by the server and methods they used.

Microsoft is not coming up with a Fix-it for this within foreseeable time, so mitigation of this threat is far away.
Going on like this everywhere around the planet ransomware could cost us all our free Interwebz. Is that what you wait for?

Read: https://cybersecurity-excellence-awards.com/candidates/temasoft-ranstop/

polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33900
  • malware fighter
Re: Ranstop, how effective is it really against ransomware?
« Reply #2 on: December 30, 2019, 12:54:51 PM »
When the threat comes in through the mail (PHISHING - ransomware) installing DMARC would certainly help.
Europol has already advised us to implement DMARC -  Domain Message Authentication Reporting & Conformance (DMARC),
an email-authentication-protocol. A missed chance for organisations. Check: https://dmarcian.com/dmarc-inspector/
& https://dmarcian.com/phishing-scorecard/

polonus
« Last Edit: December 30, 2019, 01:18:44 PM by polonus »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33900
  • malware fighter
Re: Ranstop, how effective is it really against ransomware?
« Reply #3 on: January 02, 2020, 04:12:16 PM »
In the recent Maastricht University clop ransomware attack Windows Defender Tamper Protection was not installed.
In that way Windows Defender could be halted to function.
Also older versions of MBAM ransomware protection do not work to stop Clop.
MBAM version 4 is not vulnerable.

Also support this Dutch initiative together with Europol: https://www.nomoreransom.org/

polonus
« Last Edit: January 02, 2020, 04:19:45 PM by polonus »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »