A new Ransomware attack named GoldenEye is rapidly spreading throughout Europe and Asia shutting down businesses and government networks alike.

Details are still emerging but experts believe the GoldenEye Ransomware attack is exploiting the same Windows vulnerabilities that were targeted by the WannaCry ransomware attack.  Microsoft released a patch to this vulnerability in March which was distributed to all potentially vulnerable PCs and servers via Tier1Net’s Windows Update services.

Nonetheless, it is possible this new Ransomware variant can exploit heretofore unknown exploits within Windows so Tier1Net recommends alerting all employees to be extra vigilant of all emails which request the recipient to click a link within the body of the email.  The GoldenEye attack has been using common phishing techniques so employees should be warned to suspect even emails coming from supposed trusted sources.

For more information or assistance please contact Tier1Net Support at 781-935-8050 or at help@tier1net.net.

A new ransomware spam campaign has been detected.  Cerber Ransomware is a file-encrypting virus distributed via spam email.  Cerber is designed to rename and encrypt file extensions on your machine, forcing you to purchase a decryption key from the perpetrators of this ransomware.

The Cerber Ransomware will appear as a spam email containing an RTF file attachment.  The spam email will have forged header information and may have a request to “Please check your invoice attached.”  The RTF attachment contains the Cerber Ransomware virus.  Victims of Cerber must open the RTF attachment in order to be infected with ransomware.

Please see below for an example of the Cerber Ransomware Spam Email.

How This Impacts You

Please alert all employees to not open any RTF file attachments from email.

Tier1Net has recently blocked RTF files through McAfee Email Security, so any Cerber Ransomware Spam Emails sent after 2:00pm on April 28, 2016 will be blocked for all clients enrolled in McAfee Email Security.

If you already received a Cerber Ransomware Spam Email, please do not open the RTF attachment.  Please delete the spam email permanently from your machine.  You cannot be infected with the virus if you do not open the attachment.

If anyone believes they have been infected by Cerber Ransomware, please contact Tier1Net immediately.

 

Steps Tier1Net is Taking

Tier1Net has recently blocked RTF files through McAfee Email Security which will deny delivery of any Cerber Ransomware Spam Emails.

Tier1Net encourages all clients to be vigilant as always about suspicious emails with attachments. Never open any file attachments without confirming authenticity with the sender first.

 

If you have any questions about the Cerber ransomware campaign, please call our office at (781)935-8050.