The most recent content from our members.
Seems like a common question I get asked doing demos is "How would this detect CryptoLocker?" That's a complicated question, but someone was kind enough to point me to an article that broke down what CW3 does. I've spent some time putting a rule together. Now, caveats: * I haven't (to my knowledge) been infected by CW3, so…
It would be really awesome to have the ability to monitor certain files/folders/etc for encryption. This would be a great defense against the CryptoLocker style ransom-wares that are still hitting some of our clients pretty hard. We would then be able to proactively run a script to stop all access to client directories,…
It looks like you're new here. Sign in or register to get started.