|
We have a client get hit by Cryptowall every week when a new variation rolls around. I'd love for someone to correct me but as far as we can tell, there is no PERFECT solution to block Cryptowall or any future variants. Sure, GPO restrictions may help but then they will just avoid the folders like %AppData%. OpenDNS is great but every client that has been hit is using them... they just changed the variant to encrypt before sending to C&C so even if it can't contact the C&C you're still hosed. If anyone wants to enlighten me with a perfect solution for MSPs I'd be flabbergasted-- we can't come up with one.
|
# ¿ Nov 17, 2014 19:49 |
|
|
# ¿ Apr 25, 2024 01:42 |