locked
WastedLocker Protection RRS feed

  • Question

  • With the recent news of Garmin being held hostage by the WastedLocker ransomware, in what ways would Microsoft Defender ATP have prevented this attack, or not?  From the news it seems that the malware may have come in from either an employee falling victim to a phishing email, or perhaps through a fake program update.  If our employees don't fall victim to the phishing scheme, and we use comprehensive endpoint policies and Microsoft Defender ATP, how would an attach through a false program update been stopped in encrypting that user's computer?  In what ways could WastedLocker have penetrated other companies on our Office 365 Azure AD domain computers? 
    Wednesday, August 5, 2020 8:34 PM