You can also use proper pixies to restrict where software can run. I've blocked the user profile folder and added an exception for the desktop and a couple of other places that I can't recall. Users have to move downloaded apps to ther desktop to install. I haven't had a Cryptowall infection in 2 years.
On Friday, July 3, 2015, Susan Bradley <[email protected]> wrote: > It changes so fast that as soon as they do the bad guys code up something > new. > > there's no silver bullet here. > > Silverlight/flash/java. Use it,patch it or lose it. > > Web filtering at the firewall. If your firewall doesn't provide web > filtering/UTM options it's time to upgrade. Home users look at OpenDNS > (yes even now that Cisco is buying them) > > Filter attachments/zips. > > Least priv/non admin. > > Block the app location (yes this impacts firefox and office installs) > Google foolishit for non domain or cryptolocker group policy toolkit > > Education to your users that that email you got isn't a legit email. > > On 7/3/2015 10:09 AM, David McSpadden wrote: > > Quick, anyone know of a VirusScanning software that is catching > CryptoWall 3.0 yet? > > > > > > *David McSpadden* > > Systems Administrator > > Indiana Members Credit Union > > P: 317.554.8190 | F: 317.554.8106 > > [image: Description: imcu email icon] <http://imcu.com/> [image: > Description: facebook email icon] > <https://www.facebook.com/IndianaMembersCU> [image: Description: twitter > email icon] <https://twitter.com/IndMembersCU> > > > > [image: Description: email logo] > > [image: mcp2] > > > > This e-mail and any files transmitted with it are property of Indiana > Members Credit Union, are confidential, and are intended solely for the use > of the individual or entity to whom this e-mail is addressed. If you are > not one of the named recipient(s) or otherwise have reason to believe that > you have received this message in error, please notify the sender and > delete this message immediately from your computer. Any other use, > retention, dissemination, forwarding, printing, or copying of this email is > strictly prohibited. > > Please consider the environment before printing this email. > > >
