L'entrada How does @Varonis #protectyourfileservers and #protectyourNAS from #ransomware and #cyberattacks? ha aparegut primer a Andorsoft, S.A..

L'entrada Com et podem ajudar a protegir-te dels #ciberatacs. Amb @ZeedSecurity i les seves eines de monitoratge diari, es la millor prevenció en front als #ciberatacs. ha aparegut primer a Andorsoft, S.A..

Below we detail the origin and process that this cyberattack has used for its rapid spread.

The origin of the attack was associated with an MS Office vulnerability, a vulnerability published on 3/14 and its corrective measures.
Other exploits linked to perimeter defensive systems (Firewall, Antivirus, Certified Email...) would also have been executed due to lack of maintenance on them and have "opened the doors" to the exposure of the devices.
Once devices are infected, ransomware can spread freely across the network due to the lack of good IT health practices by leaving SMB protocols open and unencrypted.

* Server Message Block (SMB) is a network protocol that allows sharing files, printers, etc., between nodes of a computer network that use the Microsoft Windows operating system and, using a remote command execution vulnerability, is distributed to the rest of the Windows machines on the same network.

In summary, three simple recommendations; present in all EAIS – Zeedsecurity audits, which, if implemented correctly after detection, would have acted preventively, contributing to preventing infection of the device.

EAIS/EAES 24/7 is an excellent tool for daily monitoring of security and management of corrective measures to be implemented.

L'entrada NOTÍCIA #CIBERATAC #RANSOMWARE ha aparegut primer a Andorsoft, S.A..