[Owasp-egypt] Ransomware

Saafan, A. a.m.saafan at gmail.com
Thu Jun 30 08:24:17 UTC 2016


Some measures I found helpful:

   - Prevent files from running from %temp% and %appdata% using group policy
   - Block office macros on all users with a very tight exception process
   - Prevent cmd and powershell for normal users
   - Administrative users to use a non-administrative account for daily
   interactions (office, web...etc) and use separate account for their
   administrative actions (preferably via a staging server).




--
Saafan

On Thu, Jun 30, 2016 at 9:37 AM, Hassan Mourad <hassan.mourad at owasp.org>
wrote:

> I came across this comprehensive list of ransomware and thought i'd share
> it with you
>
>
> https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml#
>
> Not AppSec, but definitely a nightmare for everyone in the security field
>
> What do you think is the best defense against ransomware
>
> Hassan
>
> _______________________________________________
> Owasp-egypt mailing list
> Owasp-egypt at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-egypt
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-egypt/attachments/20160630/161307a8/attachment.html>


More information about the Owasp-egypt mailing list