Warning: Trying to access array offset on value of type bool in /home/isafecomplete/public_html/wp-content/plugins/elementor-pro/modules/dynamic-tags/tags/post-featured-image.php on line 39

Warning: Trying to access array offset on value of type bool in /home/isafecomplete/public_html/wp-content/plugins/elementor-pro/modules/dynamic-tags/tags/post-featured-image.php on line 39

Warning: Trying to access array offset on value of type bool in /home/isafecomplete/public_html/wp-content/plugins/elementor-pro/modules/dynamic-tags/tags/post-featured-image.php on line 39

Warning: Trying to access array offset on value of type bool in /home/isafecomplete/public_html/wp-content/plugins/elementor-pro/modules/dynamic-tags/tags/post-featured-image.php on line 39
Protection against the Locky Virus - iSAFE Managed IT Service Provider

Protection against the Locky Virus


Warning: Trying to access array offset on value of type bool in /home/isafecomplete/public_html/wp-content/plugins/elementor-pro/modules/dynamic-tags/tags/post-featured-image.php on line 39

According to recent reports, massive volumes of JavaScript attachments are being spammed out that contain dangerous ransomware. We recommend taking the following additional precautions to protect your install base:

  1. Make sure your mail protection solution is blocking macro-enabled documents and .js scripts
  2. Ensure that you have blocked user access to downloading Tor by blacklisting the following URL: https://www.torproject.org/download/download-easy.html (the Locky virus in particular relies on downloading and installing the Tor browser and some versions may use Tor to contact the command and control servers)
  3. Block any items falling under the category of “proxy avoidance” or “anonymizers.” If you use Web Protection, this can be done by going to “Settings > Web Protection > Protection Policy > [select applicable policy] Edit > Web Security > Proxy Avoidance and Anonymizers > Block”
  4. Disable Java in client browsers (for more information, see the following links)
    And we suggest that access to the following IPs be completely blocked at the firewall:
    5.34.183.195
    51.254.19.227
    185.14.29.188
    31.184.197.119
    91.219.29.55

To learn more about the Locky Virus click Here.

 

You Can Also Email Us

Just fill out and submit the form below and someone will contact you as soon as possible.