Skip to main content
Tag

ransomware news

|||

Massive Ransomware Attack Strikes 23 Texas Towns

By BlogNo Comments

Massive Ransomware Attack Strikes 23 Texas Towns

The state of Texas has been hit with a rare coordinated ransomware attack that disrupted systems of 23 different local governments.
[vc_empty_space]
[vc_single_image image=”33206″ img_size=”full”]

Use Patch Management to Prevent Ransomware Attacks

23 cities in Texas were hit with a coordinated ransomware attack this weekend. A research firm which studies ransomware, has said that attacks aimed at state and local government are on the rise, with at least 169 examples of government computer systems hacked since 2013. There have been more than 60 already this year.

One of the most popular ways of tapping into government networks is through remote desktop systems, which can be vulnerable to hackers. Last week, Microsoft included a patch for RDS which had a CVSS score of 9.8. Windows RDS has been exposed for a plethora of network hacks and global data thefts. It’s also one of the chosen weaknesses used to spread ransomware.

The biggest lesson to come out of these attacks is that applying security updates as soon as possible can go a long way toward avoiding victimization when vulnerabilities are exploited by ransomware.

The Best Offense is a Solid Defense

The Top 5 Patching Mistakes whitepaper breaks down the assumptions that many IT professionals have about managing their environment. When a future ransomware attack occurs, these mistakes could significantly contribute to the spread of it. Or, when the next doomsday strikes, you could be completely bulletproof.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.
[vc_btn title=”Get Started with Syxsense” color=”warning” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial|||”]
|

Ransomware Disrupts Massive Shipping Company

By NewsNo Comments
[vc_single_image image=”24788″ img_size=”full”]

Cyberattack Causes Shipping Industry Disaster

COSCO, one of the world’s largest shipping companies, has experienced a ransomware attack on their US network. Their Long Beach terminal reported that their website and telephone network went down on July 25.

The company initially downplayed the event, however it quickly became apparent this was much more than a technical difficulty.

There is a legitimate fear this current attack is “a proxy for the entire industry.” Hackers might be testing the waters for lessons learned after the NotPetya attacks in June 2017. The losses and response times will be studied closely by many companies, and future malicious actors.

With the increasing rate of cybercrime, many are starting to accept these attacks as an unavoidable hazard of running a business. But there is a way to combat such threats and mitigate risk. Keeping up to date on patching is the #1 strategy for protecting your company from ransomware.

Syxsense has a comprehensive patch manager. With a quick scan, you can see what devices need updates and the severity of those patches. The deployment task is easily configured and can be set to happen on demand or scheduled around business hours.

There’s a better way to manage your environment. See how with a trial of Syxsense.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
|||||

BadRabbit: Newest Ransomware to Target Corporate Networks

By NewsNo Comments
[vc_single_image image=”13132″ img_size=”full”]

Updated 10/25/17 at 09:51am 

Ransomware Alert: BadRabbit is the New NotPetya

A new ransomware attack from the actors behind ExPetr/NotPetya has jumped into the spotlight. The outbreak began in Russia, infecting big Russian media outlets, but it has already spread. Several US and UK firms, with corporate entities in the Ukraine and Russia, have already been infected. An increase of US infections is expected. BadRabbit is currently running wild over Europe, thanks to its close ties to the source region.

The US computer emergency readiness team has released a statement and “discourages individuals and organizations from paying the ransom, as this does not guarantee that access will be restored.”

Several security agencies are reporting that a false Adobe Flash Update is the infection method. Without utilizing exploits, the ‘drive-by’ attack tricks the victim into downloading the fake installer from a convincing website. The victim, assuming it is a legitimate Flash update, then manually launches the .exe file. From there, BadRabbit has a hold of the device and can spread to more devices on the connected network.

There are several recommended steps for stopping the spread of this new ransomware. The first step is to disable WMI Service to prevent the hopping of ransomware throughout your connected networks. It may be inconvenient, but especially if you have offices in the Ukraine or Russia, disabling that connection could be the key to preventing your entire company from being infected.

There is also now a ‘vaccine’ for BadRabbit. The security researcher Amit Serper posted his findings on Twitter.

[vc_single_image image=”13141″ img_size=”large” alignment=”center” onclick=”custom_link” img_link_target=”_blank” link=”https://twitter.com/0xAmit/status/922911491694694401″]

The tweet reads: “I can confirm – Vaccination for #badrabbit: Create the following files c:windowsinfpub.dat && c:windowscscc.dat – remove ALL PERMISSIONS (inheritance) and you are now vaccinated.“

With a software distribution solution, like Syxsense, you can easily deploy this file to every device you manage. Utilizing the simple deployment wizard, you can have a task running in seconds to protect your environment.

Another important step to protect yourself from ransomware is to have a rigorous patching strategy in place. Syxsense ensures the security of your content. We have both Microsoft updates and the industry’s leading library of third-party updates.

[vc_single_image image=”12545″ img_size=”180×180 px” alignment=”center”]

We obtain all our content directly from their source and don’t change the code. The update you deploy through our patch manager is the same one you would get directly from the vendor. The difference is we put logic around the update to ensure an accurate deployment.

Ransomware attacks have picked up in the last few months, and will only get more bold and pervasive. Protect your company and environments by implementing Syxsense.

[vc_separator css=”.vc_custom_1494871528028{padding-top: 15px !important;padding-bottom: 5px !important;}”]

Start Patching

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]