|
|||
Rule General Information |
---|
Release Date: | 2018-09-10 | |
Rule Name: | Observed DNS Query to Gryphon CnC Domain/GlobeImposter Payment Domain | |
Severity: | ||
CVE ID: | ||
Rule Protection Details |
---|
Description: | GlobeImposter is a ransomware that encrypts files on an infected computer and demands that the victim pay a ransom for the decryption key. The ransomware usually spreads through email attachments, malicious links or implanted malicious advertisements. | |
Impact: | Infecting the GlobeImposter ransomware may result in data being encrypted and business disruption. | |
Affected OS: | Windows | |
Reference: | ||
Solutions |
---|
Update vendor's patch |