Cách giữ cho công ty được bảo vệ khỏi Qilin và các mối đe dọa ransomware hiện đại khác

Cách giữ cho công ty được bảo vệ khỏi Qilin và các mối đe dọa ransomware hiện đại khác.

The post https://www.trendmicro.com/en_us/research/24/c/agenda-ransomware-propagates-to-vcenters-and-esxi-via-custom-pow.html provides the following IoCs:

73b1fffd35d3a72775e0ac4c836e70efefa0930551a2f813843bdfb32df4579a – our products detect the sample with this hash by File Threat Protection as Trojan-Ransom.Win32.Qilin.af and HEUR:Trojan-Ransom.Win32.Generic
e4cbee73bb41a3c7efc9b86a58495c5703f08d4b36df849c5bebc046d4681b70 – our products detect the sample with this hash by File Threat Protection as Trojan-Ransom.Win32.Qilin.ah and HEUR:Trojan-Ransom.Win32.Generic

Files with the following hashes have not been discovered:
afe7b70b5d92a38fb222ec93c51b907b823a64daf56ef106523bc7acc1442e38
dd50d1f39c851a3c1fce8abdf4ed84d7dca2b7bc19c1bc3c483c7fc3b8e9ab79

Customers can check the information about different IoCs on https://tip.kaspersky.com/ or https://opentip.kaspersky.com/

Overall, our products detect Qilin ransomware by File Threat Protection with verdicts Trojan-Ransom.Win32.Qilin, Trojan-Ransom.Linux.Qilin.
Additionally, products with the System Watcher component detect even unknown variants of this malware proactively as PDM:Trojan.Win32.Generic, PDM:Trojan.Linux.Generic.

To keep the company protected against Qilin and other modern ransomware threats, Kaspersky experts recommend:

  • Do not expose remote desktop services (such as RDP) to public networks unless absolutely necessary and always use strong passwords for them.
  • Promptly install available patches for commercial VPN solutions providing access for remote employees and acting as gateways in your network.
  • Always keep software updated on all the devices you use to prevent ransomware from exploiting vulnerabilities
  • Focus your defense strategy on detecting lateral movements and data exfiltration to the Internet. Pay special attention to the outgoing traffic to detect cybercriminals’ connections.
  • Back up data regularly. Make sure you can quickly access it in an emergency when needed.
  • Use the latest Threat Intelligence (https://www.kaspersky.com/enterprise-security/threat-intelligence) information to stay aware of actual TTPs used by threat actors.
  • Use solutions like Kaspersky Endpoint Detection and Response (https://www.kaspersky.com/enterprise-security/endpoint-detection-response-edr) and Kaspersky Managed Detection and Response service (https://www.kaspersky.com/enterprise-security/managed-detection-and-response) which help to identify and stop the attack on early stages, before attackers reach their final goals.
  • To protect the corporate environment, educate your employees. Dedicated training courses can help, such as the ones provided in the Kaspersky Automated Security Awareness Platform (https://www.kaspersky.com/small-to-medium-business-security/security-awareness-platform).
  • Use a reliable endpoint security solution, such as Kaspersky Endpoint Security for Business that is powered by exploit prevention, behavior detection and a remediation engine that is able to roll back malicious actions. KESB also has self-defense mechanisms which can prevent its removal by cybercriminals.

Vina Aspire is a consulting company, providing IT solutions and services, network security, information security & safety in Vietnam. Vina Aspire’s team includes skilled, qualified, experienced and reputable experts and collaborators, along with major domestic and foreign investors and partners to join hands in building.

Businesses and organizations wishing to contact Vina Aspire Company with the following information:

Email: info@vina-aspire.com | Website: www.vina-aspire.com
Tel: +84 944 004 666 | Fax: +84 28 3535 0668

Vina Aspire – Vững bảo mật, trọn niềm tin


Bài viết liên quan

About Us

Learn More

Vina Aspire is a leading Cyber Security & IT solution and service provider in Vietnam. Vina Aspire is built up by our excellent experts, collaborators with high-qualification and experiences and our international investors and partners. We have intellectual, ambitious people who are putting great effort to provide high quality products and services as well as creating values for customers and society.

may ao thun Kem sữa chua May o thun May o thun đồng phục Định cư Canada Dịch vụ kế ton trọn gi sản xuất đồ bộ
Translate »