Warning - this blog contains opinions, strong language, occasional bold text, and HTML. Viewer discretion is advised.

2016/02/25

"Locky" Ransomware Alert from BulletproofIT

New Ransomware Notice from Bulletproof InfoTech:

We wanted to make you aware of a new Ransomware that has started to raise its ugly head.  The IT world is calling it "Locky" and it works in a similar way to other “Ransomwares” such as CryptoLocker and CryptoWall.  Please review the following information and share it with your staff members.

The main point?
  • Be careful!  If activated on your computer, Locky will encrypt your files, change your file names, and you will see a message telling you that you can’t access the data unless you pay the hackers for a password.
How do you avoid it?
  • Locky is sending fake invoices that look like a Microsoft Word document.  Once you open one, the text is illegible and you are prompted to enable macros in the document.  DON’T DO IT. See a sample photo below of what such a message might look like.

  • While Bulletproof works to ensure your systems have multiple levels of security software in place, the main way Ransomware gets into a system is by tricking you into opening something bad รข€“ particularly via email attachments.  By “you” I mean me too -€“ it can happen to anyone.  So we all need to be careful.
Reminders
  • Use great caution when opening attachments in emails you aren’t expecting and/or from people you don’t know.
  • Never open zipped file attachments unless you are specifically expecting them to be sent to you from known senders.
  • Never enable macros in an email attachment unless you are very sure about the source of the document.
  • Never click on a link in a fishy (phishy) looking email.
  • If you’re unsure - call BulletproofIT for assistance and we will look at the email with you.
  • If you think you’ve clicked on something bad -€“ call BulletproofIT right away for assistance.
We highly recommend you share this information with your staff.

If you have any questions or concerns, please contact us!

bleepingcomuterexample

More detailed information can be found here: http://www.bleepingcomputer.com/news/security/the-locky-ransomware-encrypts-local-files-and-unmapped-network-shares/

"Locky" Ransomware Alert from BulletproofIT

BulletproofIT achieves CompTIA Security Trustmark+ Certification

BIT-582x125

FOR IMMEDIATE RELEASE

Bulletproof InfoTech Earns CompTIA Security Trustmark+ - Validation that BulletproofIT uses industry accepted security best practices

Calgary, AB, Dec 9 2015  Bulletproof InfoTech, an IT Managed Services Provider for small and medium sized business, announced today it has received the CompTIA Security Trustmark+ from CompTIA, the non-profit association for world's information technology (IT) industry.

The CompTIA Security Trustmark+ validates that BulletproofIT uses the security processes identified by the IT industry as generally accepted best practices and has been evaluated by an independent third-party assessor as meeting the criteria established by the CompTIA Security Trustmark+. Based on the National Institute of Standards and Technology (NIST) Cybersecurity Framework, the CompTIA Security Trustmark+ is a comprehensive review of the security posture of any IT business, applicable across multiple industries and compliance regulations.

"The CompTIA Security Trustmark+ signifies that BulletproofIT adheres to our industry's highest standards for security practices and business processes in critical components of identification, protection, detection, response, and recovery as related to data security," said Nancy Hammervik, senior vice president, industry relations, CompTIA. "Earning the Security Trustmark+ demonstrates a true commitment to address the challenges of security compliance facing our industry today."

Security Trustmark+ really makes you think hard about all of the various processes that simply have to be put in place to handle any situation, security or otherwise.  We feel equipped to handle any scenario while following the Trustmark framework - Sean Tindall, P.Eng, President, Bulletproof InfoTech

To earn the CompTIA Security Trustmark+ Bulletproof InfoTech successfully passed an independent assessment of their security policies, capabilities, practices, and processes against industry best practices in areas such as:
  • Security technologies, including firewalls, anti-Virus/ malware/ spyware and intrusion detection
  • Vulnerability assessment detection
  • Data encryption
  • Technical employee knowledge/expertise
  • Security clearances and background checks
  • Physical and hardware security
  • Permissions, passwords and other security requirements
For more information on the CompTIA Security Trustmark visit http://www.comptia.org/trustmarks/security-trustmark-plus.

About Bulletproof InfoTech
Bulletproof InfoTech is celebrating its 29th year supporting small business networks in Alberta and beyond.  They specialize in delivering flat fee managed services to IT dependent companies, allowing clients to have greater budget predictability and focus more on their business instead of worrying about leveraging technology.

Contact:Sean Tindall, P.Eng., President
Bulletproof InfoTech Inc
403 340 1011

BulletproofIT achieves CompTIA Security Trustmark+ Certification