|
|
|||
| Rule General Information |
|---|
| Release Date: | 2018-09-10 | |
| Rule Name: | Observed DNS Query to Gryphon CnC Domain/GlobeImposter Payment Domain | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | GlobeImposter is a ransomware that encrypts files on an infected computer and demands that the victim pay a ransom for the decryption key. The ransomware usually spreads through email attachments, malicious links or implanted malicious advertisements. | |
| Impact: | Infecting the GlobeImposter ransomware may result in data being encrypted and business disruption. | |
| Affected OS: | Windows | |
| Reference: | ||
| Solutions |
|---|
| Update vendor's patch |