@dbeato said in Ransomware Detection Service- Anyone tried this?:

@dashrender said in Ransomware Detection Service- Anyone tried this?:

@scottalanmiller said in Ransomware Detection Service- Anyone tried this?:

@tim_g said in Ransomware Detection Service- Anyone tried this?:

Haven't looked at that.

The best way to prevent ransomware is to keep your systems up to date.

Next is to have decent AV and use good file permissions practices.

Above that is LANless design. Ransonware primarily preys on LAN-based Windows network design for its ability to spread.

Actually, typical ransomware doesn't spread. It simply encrypts everything it can write too. Most of them are not worms.

Just wannacry 🙂

lol, of course, making it one of, if not, the worst ones.

@stuartjordan said in NextCloud Introduces a Ransomware Protection App:

That is Great to hear, they are constantly developing on the project.

They really are. It's very busy.

Here is a batch file for anyone who wants to do this "lazily"

@echo off REM Vaccince for NotPetya/Petya/Petna/SortaPetya. echo Administrative permissions required. Detecting permissions... echo. net session >nul 2>&1 if %errorLevel% == 0 ( if exist C:\Windows\perfc ( echo Computer already vaccinated for NotPetya/Petya/Petna/SortaPetya. echo. ) else ( echo This is a NotPetya/Petya/Petna/SortaPetya Vaccination file. Do not remove as it protects you from being encrypted by Petya. > C:\Windows\perfc echo This is a NotPetya/Petya/Petna/SortaPetya Vaccination file. Do not remove as it protects you from being encrypted by Petya. > C:\Windows\perfc.dll echo This is a NotPetya/Petya/Petna/SortaPetya Vaccination file. Do not remove as it protects you from being encrypted by Petya. > C:\Windows\perfc.dat attrib +R C:\Windows\perfc attrib +R C:\Windows\perfc.dll attrib +R C:\Windows\perfc.dat echo Computer vaccinated for current version of NotPetya/Petya/Petna/SortaPetya. echo. ) ) else ( echo Failure: You must run this batch file as Administrator. ) pause

@stus Thanks. Was just reading about it here.

Never used this but take a look...

http://www.smikar.com/

I mean I know it all sucks and it would be awesome if all the right people got all the right info and took all the right actions. but they don't and won't. So we need to push everyone that we can to do what they can. It's just what we have to work with.

@Dashrender said in Australia Post Ransomwared Its Own Staff:

I guess the reason the government cares about this is all FUD then?

Why else did you think that HIPAA has no real value. It doesn't require that things be even remotely secure and doesn't create any security practices that good IT and management would have been worlds beyond already. So given that its purpose clearly wasn't to secure data but to pretend to secure data, what else could it be for?

@Dashrender Exactly see new thread here.

0_1485431142097_fdyhfr-meme-generator-hide-yo-kids-hide-yo-wife-5dc51d.png

@JaredBusch Awesome, just found it.

@RojoLoco said in Ransomfree:

Download link: https://ransomfree.cybereason.com/download/

edit: Hooray, it's an .msi file! Easy deployment, here we go....

With training your staff to read? I wish you luck!

Wow, that IS a scary one.

Very cool, looks like a good tool.

https://vimeo.com/182707041

Tagging @stus

I mean, glad I know about it now, but honestly, the only comment on the article is correct.

That's like saying,

Oh watch out the forest fire is coming this way, when its already past, but avoided your house by only a few feet. And was already contained in a tiny area*.

@BBigford said in TeslaCrypt shuts down and Releases Master Decryption Key:

I heard a lot people say that they gave it up to relieve some legal pressure. But you can't commit crimes then just apologize and wash your hands. You can't save face by admitting guilt in this case. You'd get in trouble by admitting you were at fault and release the keys.

I agree that this is just to make the old code completely useless. Want to keep using software? You're gonna be buying all new software. Bold move!

It often does receive legal pressure because the total loss to a company is not so large. Because civil suits require there to be a damages number, making the damages smaller greatly reduces the value of a lawsuit which in turn reduces the likelihood of someone pursuing one.