Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Security recommendations from the FBI in response to LockerGoga and MegaCortex malware
LockerGoga and MegaCortex are currently two of the ransomware strains that caused the biggest damage in 2019 with a series of large-scale attack campaigns worldwide, causing tens of millions of dollars in damage. These two types of malicious code tend to be used by professional cybercriminal organizations, targeting primarily the business - the object that helps them earn more ransom.
Prior to this situation, the US Federal Bureau of Investigation (FBI) recently issued an "FBI Flash Alert" which warns about threats from LockerGoga, MegaCortex and how they operate, specifically as follows:
- LockerGoga and MegaCortex are spread mainly through methods of exploiting system vulnerabilities, phishing attacks, SQL injections and the use of stolen login information.
- Upon successful penetration into a system, malicious agents will install a penetration testing tool called Cobalt Strike. This tool allows them to execute PowerShell scripts, escalate privileges or create spying tools on victim systems.
- Attackers will stay in the victim's system for a long time until they understand the specifics of the system, and then they deploy ransomware.
- During ransomware deployment, the attacker will firstly check the processes and services related to the security system. If any security tools and programs are found on the victim's system, they will attempt to completely disable them.
- Both ransomware infections use secure encryption algorithms, so it's almost impossible for victims to decode them for free.
FBI recommendation
The following guidelines are recommended by the FBI to minimize the risks posed by LockerGoga and MegaCortex:
- Ensure that all software and operating systems of all devices in the system are updated to the latest version.
- Apply additional authentication methods and strong passwords to prevent phishing attacks, login credentials theft, and other fraudulent acts.
- Monitor all remote servers to prevent an attacker from accessing the intranet.
- Scan open ports on the network, ready to disconnect access when necessary.
- Disable SMBv1 because many vulnerabilities and weaknesses exist in this protocol.
5 ★ | 1 Vote
Jessica TannerYou should read it
- Another large Data Center service provider became a victim of ransomware
- Warning: These 3 dangerous ransomware could explode all over the world, 1800 large enterprises were 'shot'.
- 7 kinds of ransomware you didn't expect
- List of the 3 most dangerous and scary Ransomware viruses
- Take a look at the most significant threats from the security world in 2019
- Ransomware can encrypt cloud data
- General guidelines for decoding ransomware
- What is Ransomware Task Force (RTF)?
May be interested
- Overview of building enterprise security detection and response system
security policies of enterprises are usually built through the specific identification of the types of data assets, information needed or play an important role in ensuring the stable performance of the apparatus. - 80% of new malware easily bypass antivirus softwareall of the most popular anti-virus tools are now available to 80% of new malware recently. this awe-inspiring information was made by auscert, australia's emergency response task force. according to the director general
- Prepare the total force to respond to DDoS attacks in 2014mr. vu quoc khanh, director of vietnam computer emergency response center (vncert) said in 2014, the risk of hacker attacks by denial of service (ddos) is not ruled out.
- A new kind of malware is spreading through Messenger and Skype spam messagesrecently, network security experts at avast security have warned of a new malware that attacks computers in two steps and spreads through messaging services like facebook messenger and skype.
- Response (Response) in HTTPafter receiving and interpreting a request message, a server sends a response signal with an http response message.
- Review IObit Malware Fighter 7 and give you the 100 key Pro versionrecently, iobit has released the latest version of the system protection toolkit, iobit malware fighter 7. as an advanced security solution for windows, iobit malware fighter has won praise from newspapers and people. use.
- Tips to increase security for Mac OS Xfacing the risk of malware attacks for mac users, kaspersky lab has provided valuable advice to enhance mac protection.
- What is Incident Response Retainer (IRR)?all businesses face cyber attacks. when successful, they not only cause disruption, but also allow cybercriminals to steal personal information, which can harm both businesses and their customers.
- Fileless malware - Achilles heel of traditional antivirus softwareby the definition of being unified and widely recognized by many industry-leading security experts, the malware fileless is the type of malicious code that does not write malicious executable files to the file system.
- 5 ways malware can easily infect a Macthere are actual mac security threats and many problems resulting from user behavior. here are some dangerous practices that can infect malware on a mac.
Attack the network
- What is Domain Hijacking? How dangerous is it?
- You will receive $ 7000 right from OnePlus if you do this
- Warning of increased email fraud before the 2020 Tokyo Olympics
- Another major health facility was attacked, affecting nearly half of the Canadian population
- Detecting cryptocurrency mining Botnet using photos of Taylor Swift to spread malicious code
- Post-thanks corner: Google, Microsoft award millions of dollars to white-hat hackers, Toyota, NEC say 'thank you'
What is Domain Hijacking? How dangerous is it?
You will receive $ 7000 right from OnePlus if you do this
Warning of increased email fraud before the 2020 Tokyo Olympics
Another major health facility was attacked, affecting nearly half of the Canadian population
Detecting cryptocurrency mining Botnet using photos of Taylor Swift to spread malicious code
Post-thanks corner: Google, Microsoft award millions of dollars to white-hat hackers, Toyota, NEC say 'thank you'