AMD fixes dozens of Windows 10 graphics driver security bugs
Void Balaur hackers-for-hire sell stolen mailboxes and private data
Russian ‘King of Fraud’ sentenced to 10 years for Methbot scheme
Windows 10 App Installer abused in BazarLoader malware attacks
The Week in Ransomware – November 12th 2021 – Targeting REvil
Microsoft Intune bug forces Samsung devices into non-compliant state
QBot returns for a new wave of infections using Squirrelwaffle
FTC shares ransomware defense tips for small US businesses
Qualys BrowserCheck
STOPDecrypter
AuroraDecrypter
FilesLockerDecrypter
AdwCleaner
ComboFix
RKill
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Toksearches.xyz Search Redirect
Remove the Smashapps.net Search Redirect
Remove the Smashappsearch.com Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
eLearning
IT Certification Courses
Gear + Gadgets
Security
FTC shares ransomware defense tips for small US businesses
The US Federal Trade Commission (FTC) has shared guidance for small businesses on how to secure their networks from ransomware attacks by blocking threat actors’ attempts to exploit vulnerabilities using social engineering or exploits targeting technology.
The first step businesses are advised to take to fend off such attacks is to ensure their tech teams follow the best practices outlined by CISA in this Ransomware Guide and the Fact Sheet on Rising Ransomware Threat to Operational Technology Assets.
“One key protective step is to set up offline, off-site, encrypted backups of information essential to your business,” the FTC said. “This isn’t something to save for a slow day at the office. Your IT team should immerse themselves in the latest advice from CISA and other authoritative experts.”
The second step, addressing the employees’ exploitable human nature, is to train their staff to recognize the tricks ransomware operators use to infiltrate their target’s network, including phishing messages that deliver malware designed to deploy backdoors on infected systems.
Attackers will also drop and install malware on victims’ devices via malicious online ads (also known as malvertising) or infected sites under their control designed to exploit browser vulnerabilities.
As such, employees should avoid potentially risky sites and, as much as possible, only visit websites vetted by their companies’ IT staff.
“In addition, educate your staff on the folly of using the same password on different platforms, and consider the many benefits of multi-factor authentication,” the US government agency added.
Businesses hit by a ransomware attack should limit the damage by isolating compromised devices from the rest of the network, report the attack to the authorities (e.g., the local FBI office), and notify their customers if any data was stolen before the systems were encrypted.
The FTC also provides a detailed guide with all the steps businesses have to take to respond to a ransomware attack effectively.
This guide also includes a template notification letter for notifying impacted people whose names and Social Security numbers were stolen in ransomware attacks.
The FTC has also shared a shortlist of commonsense steps in a previous advisory published last year which would help businesses reduce the risk posed by ransomware attacks:
Last month, the Treasury Department’s Financial Crimes Enforcement Network (FinCEN) has revealed the actual scale of financial losses suffered by ransomware targets lately by linking almost $5.2 billion in outgoing BTC transactions to ransomware payments.
FinCEN’s analysis is derived from Suspicious Activity Reports (SARs) linked to ransomware incidents and filed by US financial institutions this year, between January 2021 and June 2021, as required by the Bank Secrecy Act.
Microsoft: Iran-linked hackers target US defense tech companies
The Week in Ransomware – November 12th 2021 – Targeting REvil
Magniber ransomware gang now exploits Internet Explorer flaws in attacks
New bill sets ransomware attack response rules for US financial orgs
US Senate Passes Bill in Response to Rampant Ransomware, CyberAttacks
Not a member yet? Register Now
Costco discloses data breach after finding credit card skimmer
Microsoft: New security updates trigger Windows Server auth issues
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.

source

You May Also Like

MediaMarkt hit by Hive ransomware, initial $240 million ransom

State hackers breach defense, energy, healthcare orgs worldwideMediaMarkt hit by Hive ransomware,…

Cisco fixes hard-coded credentials and default SSH key issues

CISA orders federal agencies to fix hundreds of exploited security flawsUS sanctions…

TrickBot phishing checks screen resolution to evade researchers

Hackers exploit Microsoft MSHTML bug to steal Google, Instagram credsApple sues spyware-maker…

US universities targeted by Office 365 phishing attacks

Grafana fixes zero-day vulnerability after exploits spread over TwitterGoogle disrupts massive Glupteba…