Ransomware- Part 2: Reality Check

Ransomware- Part 1 – Reality Check
Ransomware- Part 2: Reality Check
Ransomware- Part 3 – Reality Check
Ransomware comes in many varieties
Bad Rabbit: It was distributed via a fake Adobe Flash Update on a corrupt website. Fake Adobe Flash Update; once downloaded, your data will be compromised.
Crypto wall: Malware lurks in zip files and email attachments and then makes its way to your device. After you have installed them, it attempts to find Java vulnerabilities to encrypt your data or withhold it.
Patia: This crypto-ransomware targets your Windows servers, laptops or PCs and mainly takes advantage of Server Message Block (SMB) and tries stealing your credentials and spreading them to your machine.
Wanna cry? It was first discovered in a large-scale cryptocurrency-ransomware attack in 2017. It was found on nearly a quarter-million computers worldwide.
Black Byte is a well-known variant that has compromised numerous US and foreign businesses, as well as three crucial US infrastructure sectors. It encrypts files and compromises Windows’ host system, including virtual and physical servers.
These are the defense mechanisms or countermeasures that can be used to ensure safe data transfers:

Firewall to its fullest potential
Firewalls are the most reliable. Firewalls are the most reliable. Users will not be able to send malicious emails or receive malicious requests if they do not allow malicious web requests. However, if the firewall fails to work, backup plans should be in place.
Log4j attack: An Apache web server with the Log4j vulnerability has been attacked in the wild. It allows you to execute games and transform from exploiting the game servers into the actual corporate servers.
User Education
If an email is sent through an email security gateway or firewall and the user is not aware of possible phishing emails, it can be used to create an attack surface.
Kevin Mitnick, the most well-known hacker, began phishing the telephone. The FBI spent a lot of time searching for him. This company, KnowBe4, offers training that teaches users how to spot suspicious emails and how to avoid phishing.
Disabling Macros execution
People are now able to exploit the execution of macros. A malicious document may be attached to a message that the user receives, but he doesn’t know about it and assumes it is legitimate. The user then opens the documents and, if he uses an organization network, the macros are enabled in the organization.
When an office application is based solely on visuals, macros are small blocks of code that run in the background. These codes are designed to exploit any vulnerabilities in the computers.
Implement web security
Cross-site scripting attack – Let’s say your browser is susceptible to any attack. These vulnerabilities can be exploited by visiting malicious websites.
Jamie Oliver, a well-known chef, was able to make his website vulnerable. Everybody visiting his website had already downloaded the malicious code. Every organization should implement WAF rules to disable adblock in order to overcome malicious code.

Incorporate least privilege policies
Our backup and rule-based access control are essential. Part of a defense in depth strategy is the provision of privileged access to individuals only for the purpose of performing the activity.
Network Segmentation
The HR Department receives more PDF files and documents from external sources than the software development department. Are you convinced that both should work together to implement high security?
HR can spread malware by clicking on malicious emails sent to them. Wipro, for example, was a victim of the MSSP attack. A supply chain attack was infected after another team clicked on a URL that led to peo

Author: Kody