Listening to Michael Gough he had a fantastic idea. It’s near impossible to retrain the end user from double-clicking. Rather we need to be smart and disassociate the malicious filetype with the underlying engine running it. This was done OOTB with .ps1 files. We should just do the same with all the other file types. This can be done via group policy. For home users, this is not possible. So…I wrote a script to do this for you. Feel free to download it here.
Sorry for the late notice, but I honestly didn’t think about posting this until just now. I’m headed to Houston for a few days to discuss ransomware at the (ISC)2 Houston chapter monthly meeting. It should be fun. I’ve given the talk a handful of times now, but this time it’s been updated with some more recent events and whatnot.
I’m a little supprised they’re offering tickets to the event, but they’re free and there’s plenty of them. So come get some food, buy me a few drinks, and listen to me talk about some of the crazy ransomware I’ve been seeing.
This is a little dated now, but this was my original slide deck for my ransomware presentation. I’ve presented this all over the nation from Infragard in Little Rock, AR to the Dallas Hackers Association. An updated version of this will be presented to a large group of Law Enforcement sometime in October.
It’s full of good info about the history of ransomware as well as how it works, and where I see ransomware evolving. I’ve already been proven right with ransomware moving into the realm of IoT. I’m curious to see where things go next. Read more “Ransomware: History, Analysis, & Mitigation”