Skip to main content

Massive hack of another Ransomware cyber attack

WASHINGTON – The Department of Homeland Security is aware of reports of ransomware known as WannaCry affecting multiple global entities.  Ransomware is a type of malicious software that infects a computer and restricts users’ access to it until a ransom is paid to unlock it.  Microsoft released a patch in March that addresses this specific vulnerability, and installing this patch will help secure your systems from the threat. Individual users are often the first line of defense against this and other threats, and we encourage all Americans to update your operating systems and implement vigorous cybersecurity practices at home, work, and school.
These practices include:
- Update your systems to include the latest patches and software updates.
- Do not click on or download unfamiliar links or files in emails.
- Back up your data to prevent possible loss, whether you are at a family computer or company data.
We are actively sharing information related to this event and stand ready to lend technical support and assistance as needed to our partners, both in the United States and internationally.  DHS has a cadre of cybersecurity professionals that can provide expertise and support to critical infrastructure entities.
DHS also leads the federal government’s efforts to protect civilian executive branch agency systems and networks. In partnership with each agency’s Chief Information Officer we are ensuring our own networks are protected against the threat.
For more information, DHS has previously released information on best practices to address ransomware. That information is available on our website at https://www.us-cert.gov/security-publications/Ransomware
Source: Department of Homeland Security
At QUE.com and partners, we have weekly and monthly schedule to check the security posture of our web servers and services. We also check our network of websites daily and apply updates if needed to keep it up, safe and secure.
And sometimes it is very inconvenient to apply extra layer of security because of added step, this is the reason why. We don't want to be one of the victims of any cyber attacks.
As of writing this email, the sad part is some 20+ already paid using bitcoins. They have no assurance that they will be able to get their data anyway and absolutely no refunds.
Keep in mind, when a hacker owned your computer. It is no longer yours.
If you spot a ransomware incident, take a picture of their bitcoins so we can track their activity.

Source: Que.com

Popular posts from this blog

Alternative Social Networks

If you are planning to create your social network e.g. similar to Facebook. Here's a short list of alternative software's:

Open Source and Free​
http://buddypress.org/ - Wordpress (Open Source and Free)http://elgg.org/ - (Open Source and Free)Commercial Social Networks software
http://www.socialengine.com/ ($299 Stand Alone, $29/mo Cloud)http://www.jomsocial.com/ (run with Joomla, need to know CMS)http://www.boonex.com/ (very expensive, $399 for Standard)http://www.anahitapolis.com/http://www.oxwall.org/http://sharetronix.com/http://www.moosocial.com/http://www.jcow.net/http://phpdolphin.comhttp://www.grou.ps (from free to Commercial, I left my networks and they are selling it http://www.phpfox.com/ (I used this before, it's hard to maintain. I moved to NING but left too after it was sold to another company)http://www.ning.com (I don't recommend using this service, it's hard to export your data when it's time to move)Something to check when selecting your next soc…

Example of Out of Office Reply for Terminated Employee

This is a sample message that I used for terminated employees, unless HR staff specified a different message.
=== Example for KING.NET Employee === John Doe (employee or consultant) is no longer with KING.NET effective June 1, 2008 (termination date). For matters relating to "Project Name here" please direct your concerns to John Smith at johnsmith@king.net (Manager or Supervisor). For all other matters, please direct your email to Mary Smith HR at marysmith@king.net.
Please call our main office 703-345-6789 if you have other concerns.
Thank you.
=== end of message ===

Frequent Account Lockout in Active Directory

I have a user in Windows Pro 7, and Windows Server 2003 environment that is frequently account locked out. I tried many different scenarios to resolve this account lockout issue, from resetting his password, changing a new password, remove and re-join the domain, rebooting the workstation and active directory servers.

I tried to use the command prompt utility to run "rundll32.exe keymgrdll, KRShowKeyMgr" (case sensitive) to delete the account in Windows 7 password cache, and still no luck.

Still searching for answer ... Let me know if you encounter a similar issue in Windows Pro 7 and Windows Server 2003.

Continue reading updated post here:
http://www.whaddya.com/2011/09/windows-needs-your-credentials.html