R
RAJU.MSC.MATHEMATICS
Recently Maze Ransomeware compromised one of the IT services computers. This Ransomeware encrypts most of the files in different extensions formats and aks the money to decrypt.
so we must aware of this maze ransomware, how it works, hows it enters into users' computers.
for more information visit below McAfee official blog website
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/ransomware-maze/
Take the following precautions to avoid entering maze ransomware.
01. Block built-in Administrator account
02. Rename the builtin Administrator account other than Administrator
03. Block built-in Guest account
04. Rename the builtin Guest account other than Guest
05. Use Standard Account with a strong Complex password at least 12 length
06. Enable Windows Defender Smartscreen for Microsoft edge chromium-browser,
06a. Never open unknown sender emails
07. Download and install the Windows Application Guard Extension app from Microsoft store
08 .Download and install the extension of Windows Defender Application Guard Extension to chrome browser and to Firefox Browser
09. Update the latest browsers to Edge chromium v81.0.416.58, Chrome v81.0.4044.113, and Firefox v75.0.0.7398
10. Block the Maze ransomware IP address in windows firewall and other firewall applications
10a. Enable Software Restriction Policy to Disallowed as default ( after this setting all programs will not open) so allow the required programs in SRP
10b. Allow this command Gpupdate /force
11. If possible Block IP address in HOSTS file
12. Enable all features in windows defender
13. Enable Core memory integrity
14 Enable Virtualization Based security
15. Enable Exploit protections and adjust the policy in system settings, i enable On by Default ( some programs will not work after enabling these ) so adjust according to your programs
16. Enable windows defender application guard from windows features
16a Always scan before the downloaded files using windows defender and other antivirus software
17. Enable Isolated Browsing under windows security under apps & browser control
18. Restrict the applications through Group Policy Editor
19. Enable Secure Boot and EUFI mode in bios
20. Always update released windows updates to Windows OS
21. Update the other Programs updates or patches released by their respective developers.
22. Keep updated device drivers
23. Enable early antimalware launch driver, enable as Good only via GPE
24. Always create a system restore point before modifying changes
25. Don't store your personal files in users folders, use other Free partition to store users files
26, Enable PUP in the chromium-based browser via policy
27. Always create a backup of complete windows os partition in to other partitions
28. Use separate harddisk or SSD for windows os, use separate harddisks for storing datas, games
Still more points will be added later , addition points orr steps are needed from the experienced users, i will add those points, after the reply from users
Thanks for reading my post, If any user finds this useful means, then give me UPVOTES.
Continue reading...
so we must aware of this maze ransomware, how it works, hows it enters into users' computers.
for more information visit below McAfee official blog website
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/ransomware-maze/
Take the following precautions to avoid entering maze ransomware.
01. Block built-in Administrator account
02. Rename the builtin Administrator account other than Administrator
03. Block built-in Guest account
04. Rename the builtin Guest account other than Guest
05. Use Standard Account with a strong Complex password at least 12 length
06. Enable Windows Defender Smartscreen for Microsoft edge chromium-browser,
06a. Never open unknown sender emails
07. Download and install the Windows Application Guard Extension app from Microsoft store
08 .Download and install the extension of Windows Defender Application Guard Extension to chrome browser and to Firefox Browser
09. Update the latest browsers to Edge chromium v81.0.416.58, Chrome v81.0.4044.113, and Firefox v75.0.0.7398
10. Block the Maze ransomware IP address in windows firewall and other firewall applications
10a. Enable Software Restriction Policy to Disallowed as default ( after this setting all programs will not open) so allow the required programs in SRP
10b. Allow this command Gpupdate /force
11. If possible Block IP address in HOSTS file
12. Enable all features in windows defender
13. Enable Core memory integrity
14 Enable Virtualization Based security
15. Enable Exploit protections and adjust the policy in system settings, i enable On by Default ( some programs will not work after enabling these ) so adjust according to your programs
16. Enable windows defender application guard from windows features
16a Always scan before the downloaded files using windows defender and other antivirus software
17. Enable Isolated Browsing under windows security under apps & browser control
18. Restrict the applications through Group Policy Editor
19. Enable Secure Boot and EUFI mode in bios
20. Always update released windows updates to Windows OS
21. Update the other Programs updates or patches released by their respective developers.
22. Keep updated device drivers
23. Enable early antimalware launch driver, enable as Good only via GPE
24. Always create a system restore point before modifying changes
25. Don't store your personal files in users folders, use other Free partition to store users files
26, Enable PUP in the chromium-based browser via policy
27. Always create a backup of complete windows os partition in to other partitions
28. Use separate harddisk or SSD for windows os, use separate harddisks for storing datas, games
Still more points will be added later , addition points orr steps are needed from the experienced users, i will add those points, after the reply from users
Thanks for reading my post, If any user finds this useful means, then give me UPVOTES.
Continue reading...
