Active Malware Remediation: Ransomware

Jelan from Sophos Support goes over how to handle Ransomware attacks as well as the Sophos best practices to prevent this from happening in the future.


Skip ahead to these sections:

0:00 Overview
1:13 Identification
4:28 Best Practices
6:16 Restoration
7:25 Additional Information

Sophos MTR Rapid Response: https://www.sophos.com/en-us/products/managed-threat-response/rapid-response.aspx

Sophos MTR self help guide document: https://docs.sophos.com/central/MTR/selfhelp/en-us/central/MTR/concepts/ActiveMalware.html

Useful tools: https://community.sophos.com/intercept-x-endpoint/early-access-program/f/recommended-reads/122523/useful-tools-for-malware-investigation-and-remediation

Submit Sample files: https://support.sophos.com/support/s/article/KB-000033301?language=en_US

Submit SPAM emails: https://support.sophos.com/support/s/article/KB-000033301?language=en_US

Best practices for Sophos products: https://support.sophos.com/support/s/article/KB-000036284?language=en_US

Microsoft RDP recommendations: https://www.microsoft.com/security/blog/2020/04/16/security-guidance-remote-desktop-adoption/

Sophos system requirements:
-Ednpoint: https://support.sophos.com/support/s/article/KB-000035144?language=en_US
-Server: https://support.sophos.com/support/s/article/KB-000034920?language=en_US