KB Printer & Computer Support

KB Printer & Computer Support

Share

Information on Data Security Incident | Michigan State University 11/19/2016

Michigan State University has confirmed that on Nov. 13, 2016, an unauthorized party gained access to a university server containing certain sensitive data.

The database, which contained about 400,000 records, included names, social security numbers, MSU identification numbers, and in some cases, date of birth of some current and former students and employees. It did not contain passwords, financial, academic, contact, gift or health information. Of those records, 449 were confirmed to be accessed by the unauthorized party. The affected database was taken offline within 24 hours of the unauthorized access.

MSU has undertaken a number of efforts to notify all students, alumni, staff and faculty who were affected.

MSU has set up a website to be the central location where all updates regarding this incident will be posted. It includes a background of the incident, FAQ's section, and all future comments to the incident will be posted on https://msu.edu/datasecurity/.

Information on Data Security Incident | Michigan State University Spartans discover solutions for the world's most challenging problems—from alternative energy to the environment, from health to education. Spartans Will.

MBRFilter - Can't Touch This! 10/21/2016

Cisco's Talos team has launched a tool that helps protects PCs from master boot record attacks, which are widely used by ransomware developers. Called MBRFilter, the tool "functions as a signed system driver and puts the disk's sector 0 into a read-only state." Cisco is currently offering the tool to 32-bit and 64-bit Windows users. It has also published the source code on GitHub. You can read the blog post from Cisco's Talos Group http://blog.talosintel.com/2016/10/mbrfilter.html .

The Github executables, and source code can be found here https://github.com/vrtadmin/MBRFilter/releases/tag/1.0.

The summary from the blog post reads:
Ransomware has become increasingly prevalent in the industry, and in many cases, unless there is a publicly released decryptor available, there is often not an easy means of retrieving encrypted files once a system has been infected. In addition to the creation and maintenance of regular system backups, it is increasingly important to focus on a multi-tiered defense-in-depth network architecture in an effort to prevent initial endpoint infection. This is often difficult in an evolving threat landscape where new ransomware families are being developed and deployed seemingly every day by threat actors of varying levels of sophistication.

While many ransomware families focus on the encryption of all or portions of a target system’s files others, such as Petya, rely on overwriting the contents of the Master Boot Record (MBR) to force a system reboot then only encrypt the Master File Table (MFT) of the hard drive on infected systems as a way to coerce users into paying the threat actors to retrieve the encryption keys required to decrypt their files.

To help combat ransomware that attempts to modify the MBR, Talos has released a new tool to the open source community, MBRFilter, a driver that allows the MBR to be placed into a read-only mode, preventing malicious software from writing to or modifying the contents of this section of the storage device.

Microsoft has already attempted to fight back against bootkit attacks with the inclusion of cryptographic verification in the bootloader of Windows "Microsoft's Secure Boot". However Secure Boot does not work on every computer and is only included in Windows 8 and up.

Computer World has an article Lucian Constantin By Lucian Constantin of IDG News Service covering the MBR Filter tool in plain english for the average user. http://www.computerworld.com/article/3133349/security/free-tool-protects-pcs-from-master-boot-record-attacks.html .rss_all. While the Cisco's Talos Groups blog post goes into much more detail.

MBRFilter - Can't Touch This! This post was authored by Edmund Brumaghin Summary Ransomware has become increasingly prevalent in the industry, and in many cases, u...

Want your business to be the top-listed Computer & Electronics Service in Canton?
Click here to claim your Sponsored Listing.

Address


Canton, OH
44706

Opening Hours

Monday 9:30am - 6pm
Tuesday 9:30am - 6pm
Wednesday 9:30am - 6pm
Thursday 9:30am - 6pm
Friday 9:30am - 6pm
Saturday 10am - 5pm
Sunday 12am - 12am