Re: [Skunkworks] skunkworks Digest, Vol 28, Issue 120

21 Sep 2016


      For Windows Server shares, one way to mitigate the spread of ransomware
files is by using FSRM to create a filter for files with the ransomware
payloads file name extension. It should block the writing of such files and
notify you which user's pc is attempting to write the offending file onto
the network shared.

Regards
On 21 Sep 2016 19:33, <skunkworks-request@lists.my.co.ke> wrote:
...
Send skunkworks mailing list submissions to
        skunkworks@lists.my.co.ke
To subscribe or unsubscribe via the World Wide Web, visit
        http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
or, via email, send a message with subject or body 'help' to
        skunkworks-request@lists.my.co.ke
You can reach the person managing the list at
        skunkworks-owner@lists.my.co.ke
When replying, please edit your Subject line so it is more specific
than "Re: Contents of skunkworks digest..."
Today's Topics:
1. Re: Cerber Ransomware (Marcus Cicero)
   2. Re: Cerber Ransomware (Alex Watila)
   3. Re: Cerber Ransomware (Chris Ochieng)
----------------------------------------------------------------------
Message: 1
Date: Wed, 21 Sep 2016 11:12:39 -0400
From: Marcus Cicero <marcus.cicero@protonmail.com>
Cc: Skunkworks Mailing List <skunkworks@lists.my.co.ke>
Subject: Re: [Skunkworks] Cerber Ransomware
Message-ID:
        <x368ubtrymCZ_ug0pEmj4n4JFV8GPyWgD8aZim_
PscDuJQQvIpK2PR4f003MhERl6D5u2Nv8-Qv0g0i5mVwQ8g==@protonmail.com>
Content-Type: text/plain; charset="utf-8"
You do know M$ Windows has had this ability built in since the days of XP?
-------- Original Message --------
Subject: Re: [Skunkworks] Cerber Ransomware
Local Time: 21 September 2016 3:36 PM
UTC Time: 21 September 2016 12:36
From: skunkworks@lists.my.co.ke
To: Maisiba Bravo <riggson87@gmail.com>, Skunkworks Mailing List <
skunkworks@lists.my.co.ke>
While you guys are working on this, I have seen two situations where both
Cerber and Zepto ransomware messed up two entities.
Since then, I have been thinking about how to always be ready to mitigate
the effects. And the surest way is backup, backup, backup.
In situations where files are stored on shared drives on the network, the
situation is even worse should the share not have a backup elsewhere.
In the meantime, this tool should help Windows users create backups ->
http://www.2brightsparks.com/download-syncbackfree.html

Emmanuel Sekyewa

tags

participants (1)