• 0 Posts
  • 38 Comments
Joined 1 year ago
cake
Cake day: July 18th, 2023

help-circle







  • Locking a company out of their systems isn’t the most lucrative part of ransomware anymore. Data exfiltration and threatening to release the data to the highest bidder is now the norm.

    Ransomware also typically sits on a system doing nothing for ~6 weeks before ever starting to encrypt and upload data. Even if companies have backups to restore from, they need to choose whether they’re going to restore entire machines quickly and risk still having the ransomware on the restored machine. Or they can take the long a painful route of spinning up new machines, then restoring just the data itself to individual apps/services to ensure you don’t still have ransomware after the restore.


  • This is actually the worst type of end-user.

    Doesn’t make a ticket or notify anyone that there is a problem and then proceeds to try and fix it themselves incorrectly. When it does become a ticket, they won’t remember exactly what steps they took to troubleshoot and will waste 5x as much time from support staff trying to fix it than if they just didn’t touch it in the first place.

    Guaranteed didn’t wipe the machine from the built in reset/recovery screen and instead used a windows installer that was created on a different computer and doesn’t have the correct network drivers in the image.