07Oct 2020 by nathan

Interesting advisory from the Treasury Dept. regarding ransomware

CTC NEWS, Industry News, Tech news
If you are a potential ransomware victim, an insurance company who provides ransomware protection, an IT Services provider or financial institution who may provide services to a ransomware victim, the latest advisory from the U. S. Treasury Department suggesting that you may be subject to civil penalties if you pay, recommend paying or facilitate the payment of a ransom may be worth a read. The U.S. Department of the Treasure's Office of Foreign Assets Control (OFAC) released an advisory on 1 October 2020 that suggests that it can and may pursue civil penalties against victims of ransomware who pay the ransom as well as third parties who recommend or facilitate ransomware payments. I've linked the advisory below and have copy / pasted some of the pertinent sections of the advisory…
Read More
17Apr 2020 by nathan
Beware, fake ransomware attacks are making the rounds again.

Beware, fake ransomware attacks are making the rounds again.

CTC NEWS, Industry News, Tech news
Don't get me wrong, there are still tons of legitimate ransomware attacks circulating about but the fake ones seem to ebb and flow as well. Below is an email that we received this morning. The domain is one that's legitimately ours but a) it's unused and b) there's no database there. So, it's a complete farce but it's an excellent opportunity to highlight some key things to watch out for to protect yourself. If you get a similar email (these tend to be pretty boilerplate), know that it's likely false. Another popular pretext is that some random attacker has caught you in 'compromising positions' or watching 'illicit material'. The email is regarding an unused domain.Since the domain name is unused, there's no database there for the attackers to have download.The…
Read More
21Dec 2018 by nathan

Is your network safe while you’re gone for the holidays?

Industry News
I just saw this article about the ordeal a Network / Systems Administrator went through as the result of a ransomware attack. If you're a business owner or Network / Systems Administrator for your organization, here are some quick lessons learned to consider before leaving for the holidays. Lessons Learned Do not expose RDP to the Internet - Remote desktop is a tool that's built into Windows to connect to other Windows computers remotely. It's incredibly convenient way to get remote access to a computer for legitimate users as well as the bad guys. A good rule of thumb, do not expose RDP to the Internet. FortiGate firewalls include both an SSL VPN and a web-based portal that makes accessing RDP over the Internet securely trivial. All of the backups…
Read More