10 Critical Steps to Survive a Ransomware Attack, Step 6: Restrict Access to File Shares (aka “Silo Your Data”)

Posted Posted in Ransomware, Security, Uncategorized

10 Critical Steps to Survive a Ransomware Attack, Step 6: Restrict Access to File Shares (aka “Silo Your Data”) Most small firms we work with have a single file repository on their network, and every staff member has full access to it, and all of its contents. This means that anyone, from the CEO all […]

10 Critical Steps to Survive a Ransomware Attack, Step 4: Configure Your Firewall to Filter OUTbound Traffic.

Posted Posted in Ransomware, Security, Uncategorized

A firewall is a type of security device that blocks network traffic to and from unauthorized sites, and allows traffic to authorized sites. Firewalls range from high end devices designed to protect the likes of Amazon and Facebook, down to SOHO (Small Office/Home Office) devices from Linksys. While there is a tremendous range of features […]

10 Critical Steps to Survive a Ransomware Attack, Step 3: Use a Web Content Filter to Limit Internet Access.

Posted Posted in Business Continuity, Ransomware, Security

If you and your staff don’t need unfettered Internet access to do your job, don’t allow it. Period. Most of your employees do not need access to Facebook, Amazon, CNN, YouTube, and a majority of the websites they’re accessing every day. Every time you go online and access a website, you are increasing your exposure to […]

10 Critical Steps to Survive a Ransomware Attack, Step 2: Patch, Patch, Patch.

Posted Posted in Ransomware, Security, Uncategorized

What are software patches? Patches are fixes for “bugs,” or flaws in programs. While some people still like to say “computers don’t make mistakes,” one must remember that computers are designed, built, and programmed by humans… and humans certainly make mistakes. Software patches are created when a problem is found, and the author of the […]

10 Critical Steps to Survive a Ransomware Attack

Posted Posted in Best Practice, Business, Business Continuity, Internet, Phishing, Ransomware, Scams, Security

We’re seeing a rash of ransomware sweeping across IT systems, ranging from large enterprises to microbusinesses with only a few PCs. As I am writing this, we are in the middle of responding to an incident where a business has been entirely shut down due to being infected with the Locky ransomware. The entire business has […]

Time to remove Quicktime for Windows

Posted Posted in Apple, Best Practice, Windows

The US-CERT (Computer Emergency Readiness Team) (a division of the Department of Homeland Security) recently published an advisory to immediately ditch Apple’s QuickTime product on Windows systems. They cited a blog post from Trend Micro, which noted that Apple has dropped security updates for the product on Windows, and that there are known security holes […]

A good discussion on ransomware

Posted Posted in Breaches, Ransomware, Security

Last week, WBUR’s On Point with Tom Ashbrook dedicated an episode to the topic of ransomware. The guests included ransomware victims, as well as a security professional who discussed the problem. Unfortunately, the expert occasionally used jargon that may be foreign without some context, but Tom did a decent job of getting definitions from him. […]