Microsoft detects 400 percent ransomware increase

[_CyberGhosT_]

Devices running Microsoft's Windows 10 Anniversary Upgrade are 58 percent less likely to become infected with ransomware than machines that use Windows 7, according to a new report from Microsoft.

Windows Defender, the antivirus suite included in Windows 10 detected a 400 percent increase in the number of ransomware encounters from December 2005 to July 2016, the report stated.

Microsoft said its data intelligence tools blocked on average 200,000 exploit kit attempts per day during the last six months.

The software maker hardened the Microsoft Edge browser, blocking email attachments as a ransomware distribution method, and making use of machine learning to identify and block malware.

Windows enterprise and security group's director of program management Rob Lefferts wrote in a Microsoft blog post that Windows 10 “locked down Microsoft Edge so that an exploit running in the browser cannot execute another program.”

 

[Ink]

The software maker hardened the Microsoft Edge browser, blocking email attachments as a ransomware distribution method, and making use of machine learning to identify and block malware.

Only Windows 10 Enterprise or for home consumers editions as well?

 

[_CyberGhosT_]

I think only Enterprise brother.

 

[koko]

Good news for enterprises, not that good news for us..

 

[novocaine]

don't panic, VS is free

 

[frogboy]

don't panic, VS is free

A very good observation you got there @novocaine

 

[tim one]

Good news for enterprises, not that good news for us..

Well as we have always done then we will continue to do

 

[Entreri]

Ransomware is where the money is. Almost no corporation or individual will have daily backups. $$$$$$$$$.

Most people will click/open anything, monkey see, monkey click.

 

[Jake Miguel]

How do you prevent ransomware? What's the best antivirus/anti-malware for it?

 

[Davidov]

don't panic, VS is free

Unfortunately most secure is if you check the box. Check the threads of a trusted parent process. But this is not in the free version.And some credible zero day malware can create harmful under process in the free version.Therefore, it is good to have a full version.

Automatically allow parent process

 

[tim one]

How do you prevent ransomware? What's the best antivirus/anti-malware for it?

It is a long story, here you can find dozens of posts about the topic.
In short: common sense and good up-to-date and offline backup plan.

 

[novocaine]

How do you prevent ransomware? What's the best antivirus/anti-malware for it?

Voodooshield or Appguard, it's not blacklisting AV but whitelisting, everything not explicitly allowed is prohibited a.k.a. default-deny

 

[Davidov]

[Quote = "Jake Miguel, post: 565.162, člen: 56918"] Jak se bráníte Ransomware? Jaký je nejlepší antivirus / anti-malware za to? [/ Quote]
WinAntiRansom | Protects you like no other Anti-Ransom. Prevents encryption of your files. It's great product and does not require a knowledge of the user. Kaspersky Anti ransomware is good too. A maintenance-free.

 

[jamescv7]

I believe that Microsoft have decent laboratories for collecting some samples including ransomware, thus easily register to the database of Windows Defender and IE/Edge. So not surprise since all AV's are attentive for these trendy threats.

 

[Antimalware18]

Is comodo sandbox with all rules set to "block" a good alternative to a program such as voodooshield?

That's my security approach, I have a traditional signature AV (avast) then comodo firewall with all sandbox rules set to "block" so they are not alowed to run even sandboxed...

 

[jamescv7]

@Antimalware18: Good approach as long the programs will not out turn to be false positive.

But why not use the HIPS instead rather autosandbox? Since you want everything to be lockdown.

 

[RoboMan]

How do you prevent ransomware? What's the best antivirus/anti-malware for it?

Common sense, virtualizing any file that is potentially likely to be infected with a SandBox or VM, and updated AV and Firewall. Also have regular updates on an external drive and a backup software.

 

[Antimalware18]

@Antimalware18: Good approach as long the programs will not out turn to be false positive.

But why not use the HIPS instead rather autosandbox? Since you want everything to be lockdown.

I'm not the only user on this PC, its my wife as well and shes not quite as computer savvy...if she got a HIPS popup while i was at work perse and couldn't choose a action it wouldn't be good.