Re: Locky Attack

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Johan, On 5/2/16 9:50 AM, Johan Compagner wrote: > How did they get in? what security hole was used there? Most likely the usual: a raw meat vulnerability. Someone opened a document they shouldn't have trusted and enabled macros and let it do

Re: Locky Attack

I can't say how I "have dealt" with it. Only how I plan to in case it hits: Restore backups, educate colleagues. If it hasn't hit yet, there's an argument to have watchdogs that watch out for suspicious massive file changes on file servers. But I'm not sure if they already exist, and if they're

Re: Locky Attack

How did they get in? what security hole was used there? On 2 May 2016 at 15:18, Thess Bermudez wrote: > Hi, > > Has anyone been attacked by a ransomware named Locky? Our company was hit > with the encryption of the js files running in our Apache Tomcat 7.0. Good >

Locky Attack

Hi, Has anyone been attacked by a ransomware named Locky? Our company was hit with the encryption of the js files running in our Apache Tomcat 7.0. Good thing that we have daily app backups that made us not give in to the "ransom" requirement. We also reinstalled everything in our server..