![[How-to] Block Cryptolocker at Exchange/Office 365](http://35.204.150.161/content/images/wordpress/2017/03/032917_1223_HowtoBlock13.png)
Office 365 and Exchange Online has a market adoption over 70% in enterprises. An easy way to block cryptolocker viruses that come with mail attachments is to block executable files in Exchange Admin Center. There is no reason to receive executables by email. The solution below will block executables in Exchange environments, including in zipped files. Logon to the Exchange Admin Center: With Exchange 2010 and 2013/2016 go to the URL https://<FQDN of the mailserver>/ecp i.e. https://mail.brankovucinec.com/ecp. In Office 365, go to the admin portal and click Exchange in the…
All posts in Security
As more and more webservers on the internet are disabling SSLv3, because of the Poodlebleed Bug (OpenSSL Announcement, PDF), It is maybe time to disable it aswell in your on-premise environment. In this article I’ll show how to disable this protocol for Microsoft Windows Servers with a simple registry key. Although SSL 3.0 is almost 15 years old, many servers and web browsers still use it today. When web browsers fail at connecting on a newer SSL version (i.e. TLS 1.0, 1.1, or 1.2), they may fall back to a SSL 3.0…
You got a virusscanner and maybe also some other mitigation tools to protect your or company computers, but still viruses and malware can get thru into the system. Here is a method to create an extra layer of defense for your systems. We’ll be using Software Restriction Policies that can be found in the Local Security Policy for standalone PC’s or in the Group Policy Management for domain joined systems. We will be gonna use this for blocking executables from %APPDATA% and %USERPROFILE% directories, but also from compressed archives that can be mailed with an executable…
Today it’s time to show the installation of EMET (Enchanced Mitigation Experience Toolkit) on a standalone computer. Helps raise the bar against attackers EMET helps protect against new and undiscovered threats even before they are formally addressed through security updates or antimalware software. EMET includes 12 security mitigations that complement other defense in-depth security measures, such as Windows Defender and antivirus software. EMET installs with default protection profiles, which are XML files that contain preconfigured settings for common Microsoft and third-party applications. We’re using EMET 4.1 update 1 for this installation. The homepage for EMET…
At the end of April, Microsoft updated the Enhanced Mitigation Experience Toolkit to version 4.1 update 1 (download) and after testing this for a couple of weeks on several systems, and this, in my honest opinion, should become the standard installation on all your networks as Systems Administrator. No matter where you are today, software is there. Whether it’s your phone, your car, your work or even in the grocery store. One thing that is common to all these software’s is vulnerabilities. Vendor market share, the motivation of the attackers and the profile of a…