One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 508204 |
| Date de publication | 2018-03-12 13:00:00 (vue: 2018-03-12 13:00:00) |
| Titre | Countering Crypto-Malware: A Guide to Preventing a Ransomware Infection |
| Texte |
Ransomware had what Malwarebytes describes as a "banner year" in 2017. In the 2017 State of Malware report, telemetry gathered by the anti-malware provider reveals that business and consumer ransomware detections swelled by 90 percent and 93 percent, respectively. The monthly rate of ransomware attacks against businesses grew by approximately 10 times the rate of 2016 over the same period in 2017. A 700 percent increase in ransomware helped drive that surge, with GlobeImposter and WannaCry leading the way.
Malwarebytes 2017 State of Malware report page 6
Overall, Malwarebytes saw new ransomware development stagnate in the second half of 2017 as digital criminals shifted their focus to bring back old threats like banking Trojans and embrace new techniques, most notably malicious cryptocurrency miners. Those trends notwithstanding, ransomware isn't going away anytime soon. Users should therefore follow these five simple steps that can help them stay safe from a ransomware attack.
Install an Anti-Malware Solution
While some digital attackers are turning to fileless malware, many ransomware strains still come with a digital signature. Anti-malware solutions can use these imprints to detect and block a crypto-malware threat before it has time to execute on a computer. Victims of ransomware can also use these tools to clean their computers of ransomware before they restore their data using a free decryption tool or available backup.
Update Your Systems Regularly
A common delivery vector for ransomware is an exploit kit. It's a type of software package that scans for known vulnerabilities in Adobe Flash Player and other programs. If it finds a match with its hardcoded exploits, the kit launches code that exploits the vulnerability and in turn downloads ransomware onto the vulnerable machine. By staying current with software patches, however, users can block exploit kits from activating on their computers.
How Exploit Kits Work. (Source: Barkly)
Avoid Suspicious Links and Email Attachments
As seen in the graphic above, one of the most common beginnings of an exploit kit campaign involves a phishing email recipient clicking on a malicious link that redirects them to a compromised website. Users aren't powerless against these tactics. They can make a point of not clicking suspicious links and email attachments, including those that come with messages sent to them from unfamiliar senders.
Disable Macros for Office Documents
Microsoft Office documents come with what's called macros. They are essentially rules that users can craft in order to save time by automating repetitive tasks. Unfortunately, digital attackers often hide ransomware executables within Office macros and attempt to capitalize on users' curiosity by tempting them with an unknown attachment. Users can protect themselves against this trick by disabling macros in Office, by steering clear of unsolicited attachments, and by making it a rule to not enable macros in any document should they receive a prompt to do so.
Install a Pop-Up Blocker
Bad actors don't just rely on ema |
| Envoyé | Oui |
| Condensat | 2016 2017 700 above abuse acknowledging activating active actor actors adobe ads advertisements advertising advice against all along also anti any anytime approximately are aren't attachment attachments attack attackers attacks attempt automatic automating available avoid away back backup bad banking banner barkly before beginnings block blocker bring business businesses called campaign can capitalize chance choosing clean clear click clicking code come common compromised computer computers consumer could countering craft create criminals crypto cryptocurrency curiosity current data decryption delivery described describes detect detections development digital disable disabling distribute document documents don't downloads drive email embrace enable essentially evasive… even executables execute execution exploit exploits fileless finds five flash focus follow free from gains gathered globeimposter going graphic grew guide had half hardcoded has help helped here hide how however implement important imprints including increase infection install involves isn't it's its just kit kits known launches leading learn like link links luck machine machines macros make making malicious malvertising malware malware: malwarebytes many match messages microsoft miners monthly most network new not notably notwithstanding office often old one onto order other over overall package page patches percent period phishing player point pop possibility posting powerless precautions prevent preventing programs prompt protect provider ransomware rate receive recipient redirect redirects regularly rely repetitive report respectively respond restore reveals robust rule rules safe same save saw scans second seen senders sent shifted should signature simple sites software solution solutions some sometimes soon source: stagnate state stay staying steering steps strains strategy suffer surge suspicious swelled systems tactics tasks techniques telemetry tempting test them themselves then therefore these they've those threat threats time times tool tools trends trick trojans trust turn turning type typical unfamiliar unfortunately unknown unsolicited update use user users users' using vector victims visit vulnerabilities vulnerability vulnerable wannacry way website what what's within work year your |
| Tags | Guideline |
| Stories | Wannacry |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.