Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×
Security Microsoft

Microsoft and McAfee Headline Newly-Formed 'Ransomware Task Force' (zdnet.com) 28

Posted by msmash from the fighting-back dept.
A group made up of 19 security firms, tech companies, and non-profits, headlined by big names such as Microsoft and McAfee, have announced on Monday plans to form a new coalition to deal with the rising threat of ransomware. From a report: Named the Ransomware Task Force (RTF), the new group will focus on assessing existing technical solutions that provide protections during a ransomware attack. The RTF will commission expert papers on the topic, engage stakeholders across industries, identify gaps in current solutions, and then work on a common roadmap to have issues addressed among all members. The end result should be a standardized framework for dealing with ransomware attacks across verticals, one based on an industry consensus rather than individual advice received from lone contractors.
This discussion has been archived. No new comments can be posted.

Microsoft and McAfee Headline Newly-Formed 'Ransomware Task Force' More

Microsoft and McAfee Headline Newly-Formed 'Ransomware Task Force'

Comments Filter:

  • Microsoft AND McAfee (Score:5, Funny)

    by fuzznutz ( 789413 ) on Tuesday December 22, 2020 @11:38AM (#60856760)
    I feel safer already.
  • Comment removed based on user account deletion
    • We wont directly pay for it. It will be free to trick people into giving up all the data.
    • Oh... we won't pay for it.... "with money".
    • You can block all ransomware using Windows Defender Application Control on any version of Windows 10 from 1909 onwards. It acts as a form of Mandatory Access Control policy which prevents the execution of code you haven't approved, including drivers and kernel modules. It's not very hard to use and a simple "don't run anything that isn't digitally signed by trusted parties" approach will already block 99.99% of all malware (including rootkits) without you having to do anything special. If you want old, uns

      • While this is all good advice, it will not stop ransomware. If I e-mal you a Microsoft Word document with macros, and you open it, those macros will execute. They are not signed by a trusted party, and if you get a popup that asks if you are sure, you will of course say yes.

        Those macros will send me all of the computer data you can read, and encrypt all of the computer data you can write, without running any privileged code or subborning the operating system. They will also send themselves to everyone in

        • On Windows, that type of social engineering attack has been dealt with since Office 2016. Just apply the security baselines from aka.ms/baselines and users are no longer able to shoot themselves in the foot anywhere near as easily as they will not be able to override macro prompts for files from the Internet. This is also assuming you are not using Windows Defender Antivirus set to Zero Tolerance, which can scan for other unknown code (not just that from EXEs) and still quarantine if the files are sourced f

          • Re: (Score:1)

            by Anonymous Coward
            Option number 1, just doesn't work all that well. Recently I brushed up against this type of rule at work; I downloaded an excel spreadsheet from Intel.com (Cyclone 10 LP Early Power Estimator) and Morphisec proudly announced that (likely because of the embedded macros) this was a Dangerous File(tm) and I was not permitted to open it, it had just saved me from catastrophic demise. More like prevented me from doing my job. Good thing I work at home, and my home PC is right next to it. I opened it up on

          • ... I still say PEBKAC because the issues have been dealt with and the security is there, it just cannot be enabled by default to avoid upsetting suits,

            Why can it not be enabled? Is the inconvenience to the suits greater than the threat of ransomware? Is that still true after a successful ransomware attack?

            There is an anonymous anecdote parallel to this reply in which the writer had to bypass security to do his job. Is that what you mean?

            • Said commenter could just sign the files himself with an internally trusted cert from the corporate CA, so his example isn't that hard to deal with. However, finance/accounts departments still routinely exchange legitimate (unsigned) macro-enabled documents via unprotected e-mails... because accountants can't put their heads together and design a superior replacement system (no macros, no email). Changing the default breaks those types of users, who then need bailing out and see the problem as a fault, no

              • Reading your post I am reminded of a story I heard about Shell Oil years ago. It seems that they had written some analysis software for the IBM 704. When they got their IBM 7090, they re-wrote the software, making it more accurate. However, the exploration people trusted the old software so they ran it on the 7090 in 704 emulation mode. When they got their IBM 360 model 65, they ran the 7090 emulator so they could run the 704 emulator under it, so they could continue running the old applicaion.

                If "the s

      • Please do not give my employer's IT department any ideas. I really like having PortableApps, Anaconda Python, and a MinGW C compiler on my company-issued laptop without having to jump through hoops only to get ancient versions installed - and still not being able to install python packages that come with DLLs.

        Or do you mean that only the plebs (i.e. other people than yourself) should suffer from fully locked-down computers? Or that people who need to write code are immune to social-engineering attacks?

  • Microsoft and McAfee together (Score:4, Funny)

    by willoughby ( 1367773 ) on Tuesday December 22, 2020 @11:43AM (#60856796)

    A dream team, indeed.

  • McAfee? (Score:5, Funny)

    by btgarner ( 238001 ) <btgarner@gmai l . c om> on Tuesday December 22, 2020 @11:50AM (#60856824) Homepage

    So, you mean to tell me that all this time the McAfee stuff on my PC wasn't ransomware?

  • So ... (Score:2)

    by PPH ( 736903 )

    ... John is coming out of retirement?

  • If any companies know about malware (Score:3)

    by UnknowingFool ( 672806 ) on Tuesday December 22, 2020 @01:26PM (#60857208)
    it certainly is Microsoft and MacAfee. They have decades of experience creating it. Thanks, I’ll be here all week. Try the fish.
  • I mean, isn't out there a lot of best practices to set-up a network in your organization and keep it safe from attacks?

    The targets hit by ransomware attacks have in common the following:
    - Microsoft Windows OSes.
    - lax set-up of their systems and networking.

    This RTF is like an excuse for their shortcomings on security. It is like if they were saying: "Oh! shit! this is something completely new, we have caught unguarded." When in reality is the same old thing just this time the bad people behaved reall

  • New Managerial Position (Score:3)

    by JimMcc ( 31079 ) on Tuesday December 22, 2020 @01:53PM (#60857300) Homepage

    Will the new manager of this group abbreviate their position as RTFM?

Slashdot Top Deals

If you have a procedure with 10 parameters, you probably missed some.

Close