email is constant cat and mouse game. It’s the next unknown attack that’s always the concern, the one we don’t know to block yet. Have to try and push as much egress filtering / content scanning for data loss prevention as feasible.
But, why are you saying a good backup schedule isn’t helping your defense? If you can restore to a known pre-incident state, at least you’ve limited your loss. At least losing a few hours of data from the backup delta is better than losing months. > On Mar 29, 2016, at 3:55 PM, Edmund Cramp <e...@motion-labs.com> wrote: > > We’re commercial with customers and agents worldwide (including in China) so > geo-blocking is not an option although since we run our own mail server it > would be easy to do. I find that these attacks come and go - in general we > see a few crypto attempts most days and some spearfishing every now and then > - what got my attention today was that these .js attachments have started > coming in at a very much higher rate than normal - the .doc and .exe > attachment rates haven’t changed. > > Before I started blocking *.js at the mail-server about 6 months ago the AV > software was consistently letting them through - and some of the emails with > these have looked very realistic, QuickBooks credit card settlements and > unpaid invoices. People are going to open these. > > I’m rethinking by backup strategies - real-time and daily backups are no > defense against these if they get through. > > Regards, > Edmund Cramp > -- > It is only an auctioneer who can equally and impartially admire all schools > of art. - Oscar Wilde > > > From: General [mailto:general-boun...@brlug.net > <mailto:general-boun...@brlug.net>] On Behalf Of Ray > Sent: Tuesday, March 29, 2016 3:26 PM > To: general@brlug.net <mailto:general@brlug.net> > Subject: Re: [brlug-general] Anybody have a all-in-1 PC that I can hang from > a wall? > > > > On Tue, Mar 29, 2016 at 3:10 PM, Karthik Poobal <kart...@poobal.net > <mailto:kart...@poobal.net>> wrote: > > Are you serious? Don’t have any of your users collaborating with folks in > China? > > Yeah I have noticed that there is an uptick of spam/infected messages from > China in the last month or so. Google Apps is doing a damn good job of > filtering these messages out of us. > > Nah, we considered it though haha. We temporarily started stripping zip and > rar attachments. Google wasn't catching quite a few of them. > > > _______________________________________________ > General mailing list > General@brlug.net <mailto:General@brlug.net> > http://brlug.net/mailman/listinfo/general_brlug.net > <http://brlug.net/mailman/listinfo/general_brlug.net>
_______________________________________________ General mailing list General@brlug.net http://brlug.net/mailman/listinfo/general_brlug.net
