Amazon shoppers and users beware! There is a new Locky ransomware campaign targeting you. Please take the time to closely inspect your email messages and take caution when receiving unexpected attachments. It is highly unlikely that Amazon would ever send you a Word document, so don’t click. Simply delete!
Please take a moment to review this information concerning ZCryptor. This type of ransomware is particularly disturbing due to its worm-like characteristics.
I fully realize this decision by Microsoft is going to annoy a variety of people, but frankly this type of obvious, heads up change should be made by vendors across the industry. Weak passwords are stupid. It is as simple as that. People need to comply and move forward.
http://www.securityweek.com/microsoft-may-ban-your-favorite-password
To all of my friends out there working in a PCI-applicable environment, this is good and very relevant news. You have been granted a reprieve. A couple of the more difficult compliance requirements in DSS 3.2 (SSL/TLS & multi-factor authentication) have been deferred until 2018. Please take this time to plan and implement accordingly.
http://www.infosecurity-magazine.com/news/pci-standards-multifactor/
In all honesty, this never should have happened in the first place. What Microsoft did was truly sneaky and nasty, so this reverse in course was very much warranted.
Marketing value aside, this is good, sound advice from the team at Fortinet. Please take a moment to review the recommendations in this article and consider the value of segmentation and monitoring for your B2B connections.
http://blog.fortinet.com/2016/05/25/securing-business-to-business-environments
Cut the head off one Ransomware version and at least one more pops up and takes its place. It looks like the shift from Teslacrypt has already begun. Please beware of this new shift in attack vectors.
