Yep starting from now, pay special attention at what you visit / click on / open
I'm afraid a ransomware campaign is waiting the signal to start (remember the talk about the 'digital vax', they could look like good boys providing us a 'software to decrypt the data and protect your pc!'), with payloads already delivered in systems worldwide (to many windows updates lately) and sleeping
if you can, put a strict firewall / pfsense between your local lan / device and the uplink network, at least for the next month, it should prevent any kind of direct reverse shell / connection to a Command and Control server (normally a ransomware kicks in while he can reach a C&C server where the encryption / decryption key is generated)
My fail safe is to have a clean image of my hard drive, stored offline. In the event of a catastrophe (hard drive failure, ransomware infection or simply screwing up my drivers and software all by myself), I have a fairly painless way to get the wheels turning again.
It's a good point, but also try always to keep at least 2 copy of the important data, both offline and online in a place you trust (you never know, specially with the shit hitting lately, you may need to rush out, better to have a safe somewhere to which you can access if you lose the device)
If you keep an image of the system to recover, i'd suggest you look for software's like acronis that can create a safe zoon on the hard drive or a boot device (protected from the system), from where you can restore the OS (and also the configs, applications, etc, depending on when you did the image) in 10 minutes, and at the same if you need you can boot the image up in an esxi or hyper-v server
FBI trying to extort the 50mil that China extorted from us via hacking.
Yep starting from now, pay special attention at what you visit / click on / open
I'm afraid a ransomware campaign is waiting the signal to start (remember the talk about the 'digital vax', they could look like good boys providing us a 'software to decrypt the data and protect your pc!'), with payloads already delivered in systems worldwide (to many windows updates lately) and sleeping
if you can, put a strict firewall / pfsense between your local lan / device and the uplink network, at least for the next month, it should prevent any kind of direct reverse shell / connection to a Command and Control server (normally a ransomware kicks in while he can reach a C&C server where the encryption / decryption key is generated)
My fail safe is to have a clean image of my hard drive, stored offline. In the event of a catastrophe (hard drive failure, ransomware infection or simply screwing up my drivers and software all by myself), I have a fairly painless way to get the wheels turning again.
It's a good point, but also try always to keep at least 2 copy of the important data, both offline and online in a place you trust (you never know, specially with the shit hitting lately, you may need to rush out, better to have a safe somewhere to which you can access if you lose the device)
If you keep an image of the system to recover, i'd suggest you look for software's like acronis that can create a safe zoon on the hard drive or a boot device (protected from the system), from where you can restore the OS (and also the configs, applications, etc, depending on when you did the image) in 10 minutes, and at the same if you need you can boot the image up in an esxi or hyper-v server