Ransomware

Software Restriction Policies to Prevent Ransomware

Software Restriction Policies top stop executables from running within a compressed file (example from http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information#prevent): GPO -> User Configuration/Windows Settings/Security Settings/Software Restriction Policies Block executables run from archive attachments opened with WinRAR: Path if using Windows Vista/7/8: %LocalAppData%\Temp\Rar*\*.exe Security Level: Disallowed Description: Block…

File Screens to Monitor File Shares for Ransomware

File Screens will monitor your Windows file share and can notify you when certain files or file types are created. File Screens do not prevent ransomware.  See this article for prevention http://www.questiondriven.com/2016/03/07/how-to-prevent-ransomware-infections/. I wanted to monitor the file shares for ransomware related…

%d bloggers like this: