Ransomware

Software Restriction Policies to Prevent Ransomware

Software Restriction Policies top stop executables from running within a compressed file (example from http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information#prevent): GPO -> User Configuration/Windows Settings/Security Settings/Software Restriction Policies Block executables run from archive attachments opened with WinRAR: Path if using Windows Vista/7/8: %LocalAppData%\Temp\Rar*\*.exe Security Level: Disallowed Description: Block…

%d bloggers like this: