After first being prevented from encrypting the files directly thanks to endpoint protection being in place, a new ransomware group known as Memento Team devised a novel way to put its victims in a bind by copying files to a password-protected archive, before encrypting the password, and then deleting the original files,
It is believed that a vulnerability in VMWare\s vCentre Server web client allowed the gang in. They demanded a ransom of $1,000,000, but thankfully, most of the data was restored from a backup and the hackers went away empty-handed, but it shows that any gap can be exploited and it is essential that companies and organisations keep their guard up.
Source: techradar pro
Informed Sauce is hosting an event in London on 2 December about protecting businesses from cyber crime, and particularly ransomware attacks.
Short talks from the Metropolitan Police, a data governance expert from Commvault and Infinidat’s EMEA Field CTO will be followed by a panel-led, room-wide moderated discussion, with plenty of opportunities for you to contribute your thoughts and ask questions.
Visit the event microsite for more details and to sign up.