| |
|
|
#1
13th November 2014, 08:14 PM
|
||||
|
||||
Beware of cryptolocker emails!
Beware of cryptolocker emails!
http://www.smh.com.au/it-pro/securit...30-11egcy.html Cryptolocker Email Campaign – 12th Nov 2014 Symantec has observed a new variant of the “Cryptolocker” email campaign appearing to originate from the “NSW Office of State Revenue”. This new campaign was seen on 12th November at approximately midnight and is similar to a campaign initially observed on 30th October. The subject line of the email this time reads “Traffic Offence ID: <series of random numbers> - carries 3 demerit points”. The email is well crafted - delete it immediately!
__________________
MY'03 Foz AT XS with centre lock-up MY'10 Triton AT GLX-R 2.5 DiD www.subaruclub.com.au 
|
|
#3
13th November 2014, 09:05 PM
|
||||
|
||||
|
Cryptolocker is nasty stuff made me change my backup procedure. I now have an almost current backup off the LAN at all times. I rotate them between two Synology NAS boxes.
|
|
#4
4th December 2014, 06:44 PM
|
|||
|
|||
|
We've just received an alert for an email that claims to be "Annual Form - Authorization to Use Privately Owned Vehicle on State Business". Keep an eye out for this nasty!
|
|
#5
29th March 2015, 10:04 PM
|
||||
|
||||
|
Crypto ransomware attacks
There is a utility program that alters the Windows Local Security Policy settings that effectively blocks any/all executable files from running from all the usual locations (email folders, etc).
For a review on this program, see BleepingComputer.com here: http://www.bleepingcomputer.com/viru...re-information The utility program is available from Foolish IT here: http://www.foolish it.com/download/c...ent-installer/ (copy and paste the URL, then remove the space between "foolish" and "it", the language filter here destroys the URL otherwise ... ). One of my (ex-)clients got this nasty pox on one of their computers last Friday. That computer has had all document data completely destroyed on it (.txt, .doc, .xls, .pdf, .jpg, .zip, etc), by being encrypted using 2048 bit encryption. Fortunately, their main Outlook .PST file appears to be undamaged. One of the staff opened a .ZIP file attached to an email ...   Of course, ethics forbids the paying of any kind of ransom ... The only thing that saved the rest of the computers was the (deliberate, on my part) lack of explicit drive mappings! Always use UNC path names for mapping devices, folks (e.g. \\computername\drive_letter\path_name). NOT explicit drive mappings (e.g. "Z:"). DO NOT leave backup HDDs plugged in and turned on!!
__________________
Regards, Ratbag MY06 2006 Forester XS 5MT/DR - aka Roo2; and MY10 2009 Fox XS auto - aka RonnyRoo; my Camper Trailer Last edited by Ratbag; 29th March 2015 at 10:06 PM. Reason: language filter - RB
|
|
#6
29th March 2015, 10:15 PM
|
||||
|
||||
|
Quote:
|
|
#7
30th March 2015, 01:43 AM
|
||||
|
||||
|
Perhaps also worth setting an automatic AV update and full scan to occur just prior to the auto backup ...
  .
__________________
Regards, Ratbag MY06 2006 Forester XS 5MT/DR - aka Roo2; and MY10 2009 Fox XS auto - aka RonnyRoo; my Camper Trailer
|
|
#8
22nd July 2015, 06:03 PM
|
||||
|
||||
|
I believe these are surfacing again disguised as emails from Australia Post
__________________
MY'03 Foz AT XS with centre lock-up MY'10 Triton AT GLX-R 2.5 DiD www.subaruclub.com.au
|
 |
| Thread Tools | |
|
|
