Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
6 Things To Know About the Ransomware That Hit Norsk Hydro
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 2 / 2
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
3/30/2019 | 2:16:34 PM
consequence
"The consequence is that in many cases, the victim may not even be able to view the ransom note, let alone attempt to comply with any ransom demands," Interesting. What would be the purpose of attach in that case I wonder.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
3/30/2019 | 2:14:13 PM
Ransomware
Ransomware-related events have declined 91% year over year and the number of new ransomware families in the marketplace has declines 32%, Some good news. May be we are becoming more carefull clicking the links anymore.
sgreene02101
100%
0%
sgreene02101,
User Rank: Apprentice
3/28/2019 | 4:56:38 PM
Re: Pending Review
Second the off-site backup. Datto Box (cloud) might be one place to start. We do a "fire drill" every year - stress test UPS's, Restore servers from the cloud, restore desktops, restore NAS's Kill the power to the building to insure that the on-site generator kicks in and the auto cut-over operates nominally.

Desktops are backed up concurrently with timestamped histories

Same with servers.

It all goes out to the cloud.

We're a tiny little outfit. Others should try and do at least these things. Especially larger organizations.

I hope you all land on your feed at the firm. Good luck.
California4
100%
0%
California4,
User Rank: Apprentice
3/28/2019 | 2:31:10 PM
More Definitive Security Required
Additionally, for critical industrial infrastructure we are finding success with a more effective application process and filesystem monitoring in conjunction with fileless attack protection and a full-scale memory defense.  
REISEN1955
100%
0%
REISEN1955,
User Rank: Ninja
3/28/2019 | 9:00:48 AM
Re: Pending Review
Disaster Recovery plan.  Business continuity.  Your six points do not address this one.  After September 11, and I am a survivor of the south tower so I know something of the subject, my manager became a certified expert in this area.  It is crucial that IT departments have a plan, test it and update it every six months.  It is crucial to have offsite, rotating backup media.  It is crucial to consider that at 2:30 am working on a data center restoration is a mental nightmare.  TEST the plan ensures that staff knows what they ARE doing.  Our data tapes for Aon went offsite on September 10 and thus we had our portion of the network up FAR faster than Risk services.  They were months recovering data.  Now the destruct of a data center is AS bad as ransomware if not worse if not addressed.  So once again plans gone bad and rebuild of everything seems the only process known.  I have said this a thousand times here. HAVE A PLAN, TEST AND UPDATE. 
<<   <   Page 2 / 2


Look Beyond the 'Big 5' in Cyberattacks
Robert Lemos, Contributing Writer,  11/25/2020
Why Vulnerable Code Is Shipped Knowingly
Chris Eng, Chief Research Officer, Veracode,  11/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: I think the boss is bing watching '70s TV shows again!
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-26250
PUBLISHED: 2020-12-01
OAuthenticator is an OAuth login mechanism for JupyterHub. In oauthenticator from version 0.12.0 and before 0.12.2, the deprecated (in jupyterhub 1.2) configuration `Authenticator.whitelist`, which should be transparently mapped to `Authenticator.allowed_users` with a warning, is instead ignored by ...
CVE-2020-28576
PUBLISHED: 2020-12-01
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version and build information.
CVE-2020-28577
PUBLISHED: 2020-12-01
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal server hostname and db names.
CVE-2020-28582
PUBLISHED: 2020-12-01
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal number of managed agents.
CVE-2020-28583
PUBLISHED: 2020-12-01
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version, build and patch information.