Ransomware waxay caddaynaysaa inay caqabad weyn ku tahay isticmaaleyaasha kombuyuutarrada oo dhan, oo ay ku jiraan Microsoft marka ay timaaddo wax ka qabashada malware-ka Windows 11/10 . Dhab ahaantii, shirkaddu waxay sheeganeysaa in noocyada kala duwan ee ransomware ay wax ka badan labanlaabmeen 12 bilood ee la soo dhaafay. Iyo halka noocyada kale ee fayrasyada iyo trojansku ay yihiin kuwo gaaban oo la soo saari karo, Ransomware waxay ka shaqeysaa dhismaha lacag baadda si ay u tirtirto dhammaan faylashaada iyo dukumentiyadaada muhiimka ah. Si taas loogu daro, hababka iyo micnaha ay weeraryahanadu u isticmaalayaan fulinta weerarada ransomware waa kala duwan yihiin, adag oo qaali ah. Waa kan sida Windows 11/10 uu ula tacaalo khatarta ransomware-ka ee kombayutarkaga.

^(Ransomware)Ilaalinta Ransomware gudaha Windows 11/10

Windows waxa ay ku dartay tignoolajiyad cusub si ay u kordhiso ka ilaalinta malware-ka, oo ay ku jiraan hanjabaadaha la xidhiidha ransomware. Microsoft waxa ay ka dhigtay in ay aad ugu adagtahay ka faa'iidaysiga qaar ka mid ah in ay shaqeeyaan marka la isticmaalayo Microsoft Edge , iyo kor loo qaaday sumcad URL si ay si fiican kuu ogeysiiyaan ku saabsan mareegaha suurtagalka ah ammaan. Waxaan kordhinay awooda aan uga hortagayno weerarada iimaylka inay waligood soo gaaraan macaamiishayada iyo kuwa wax soo saarka ganacsiga. Microsoft waxa ay sii daysay Windows Defender ATP si ay ugu fududaato shirkadaha in ay baaraan oo ay ka jawaabaan weerarrada madaxfurasho, iyo in ka badan!

Akhri^(Read) : Sida loo suurtageliyo oo loo habeeyo Ilaalinta Ransomware ee Difaaca Windows^{(Ransomware Protection in Windows Defender)} .

RANSOMWARE PROTECTION IN WINDOWS 11/10

Si looga hortago weeraryahannada keenaya ransomware, Windows 11/10 waxay leedahay horumar la taaban karo oo ku saabsan kombayutarkaaga. Markaa waxaad u baahan tahay inaad samayso waxyaalahan soo socda marka hore si aad u ilaaliso:

• Cusbooneysii nooca ugu dambeeyay Windows 11/10 oo u beddel goobaha caadiga ah.
• Ka dhig nidaamkaaga qalliinka iyo software-ka ku rakiban oo la cusboonaysiiyay noocyadii ugu dambeeyay.
• Maamul kaydintaada oo si fiican u soo celi istiraatiijiyadda.

Codso^(Apply) tallaabooyinkan ilaalinta gudaha Windows 11/10 si aad ammaanka shabakadaada uga dhigto mid xooggan, ayay Microsoft tiri :

1. Kala saar furaha sirta ah ee maamulaha deegaanka adigoo isticmaalaya qalab sida LAPS .
2. Codso Siyaasadda Qufulka Koontada .
3. Hubi amniga wareegyada wanaagsan adoo dhejinaya nidaamyada daboolan.
   Codso^(Apply) qodobbada yaraynta, sida MFA ama hagidda yaraynta uu keeno iibiyuhu, ee dayacanka.
4. Ka faa'ideyso darbiyada martida loo yahay si loo xaddido dhaqdhaqaaqa dambe.
5. Ka ilaali meelaha dhamaadka ah inay ku wada xiriiraan dekedda TCP 445 ee SMB . Tani waxay saameyn xun ku yeelan doontaa inta badan shabakadaha, laakiin waxay si weyn u carqaladayn kartaa dhaqdhaqaaqyada iska soo horjeeda.
6. Daar ilaalinta daruuraha lagu bixiyo ee Microsoft Defender Antivirus ama wax u dhigma alaabtaada ka hortagga si ay u daboosho qalabka iyo farsamooyinka dhaqsaha leh ee weerarka.
7. Daar sifooyinka ilaalinta Tamper si aad uga hortagto weeraryahannada inay joojiyaan adeegyada amniga.
8. Daar xeerarka dhimista dusha weerarka, oo ay ku jiraan xeerarka xannibi kara dhaqdhaqaaqa ransomware:
   1. Isticmaal^(Use) difaac horumarsan oo ka dhan ah ransomware
   2. Jooji^(Block) habka abuurista ee ka yimid amarada PsExec iyo WMI
   3. Ka jooji xatooyada^(Block) aqoonsiga ee nidaamka hoosaadka maamulka amniga maxalliga ah ee Windows (lsass.exe)

Akhrinta la xidhiidha:^{(Related reads:)}

• Sida loo suurtageliyo oo loo isticmaalo gelitaanka Folderka la xakameeyey
• Sida loogu oggolaado Apps-ka gelitaanka galka la xakameeyey
• Sida loo habeeyo gelitaanka galka la xakameeyey iyadoo la adeegsanayo Siyaasadda Kooxda & PowerShell^{(How to configure Controlled Folder Access using Group Policy & PowerShell)}
• Ku dar amarada gelitaanka galka la xakameeyey ee Menu Context .

KA HORTAGGA RANSOMWARE

• Adkeynta Browser^{(Browser Hardening)}

Sidii la arkay bishii hore, qaar ka mid ah kuwa weeraray malware waxay isticmaalayeen software sida Adobe Flash si ay u galaan daalacashada oo ay u waxyeeleeyaan kombuyutaradaada. Marka, casriyeynta cusub, Microsoft waxay cusboonaysiisay Adobe Flash si ay ugu shaqeyso weel go'doonsan browserka Microsoft Edge . Cusboonaysiinta ayaa sidoo kale keenaysa muuqaal Edge ah oo aan u oggolaan malware-ka inuu ka tago browserka oo uu saameeyo barnaamijyada kale. Adkeynta soohdinta ee Microsoft Edge waxay gacan ka geysan doontaa kakoobnaanta madax-furashada waxayna adkeyn doontaa habka saarista. Horumarradan ayaa sidoo kale xannibaya malware-ka inuu si aamusnaan ah u soo dejiyo oo u fuliyo culeysyo dheeri ah oo ku saabsan nidaamyada macaamiisha.

• SmartScreen la hagaajiyay^{(Improved SmartScreen)}

Si loo qabto shaqo ka wanaagsan oo lagaga hortagayo ransomware-ku-salaysan browser-ka si uu u gaadho isticmaalayaasha meesha ugu horeysa, Microsoft waxay kordhisay SmartScreen Filter iyada oo kobcinaysa xog balaadhan oo laga helay ilo qayb ka ah Microsoft Intelligent Security Graph . Markaad si ula kac ah u gujiso isku xirka u horseedi kara degel aan badbaado lahayn, Windows 10 wuxuu awood u leeyahay inuu ku ogeysiiyo in goobta ay noqon karto xaasidnimo.

• Ilaalinta iimaylka^{(Email Protection)}

Kanaal kale oo weyn oo loogu talagalay weeraryahannada ransomware waa iyada oo loo marayo lifaaqyada iimaylka. Waxay ku diri karaan xiriirinta xaasidnimada leh iimaylo, ka dib ay riixaan isticmaalayaasha nugul. Microsoft waxay sheeganeysaa inay horumarisay moodooyinka barashada mashiinka iyo heuristics si ay u qabato malware-ka lagu qaybiyo iimaylka oo ay horumarisay kanaal saxeex ah oo degdeg ah si loogu cusbooneysiiyo Difaaca Windows^{(Windows Defender)} si dhakhso leh boostada. Natiijadu waxay noqon doontaa horumarinta heerarka ilaalinta ee macaamiisha iyo ganacsiga labadaba. U fiirso taxaddarrada aad sameyneyso marka aad fureyso lifaaqyada iimaylka^{(when opening email attachments)} ama ka hor intaadan gujin xiriirinta shabakadda^{(clicking on web links)} .

• Barashada Mashiinka^{(Machine Learning)}

Marka laga reebo ilaalinta dhammaan darafyada dabacsan ee browserkooda iyo iimaylada, Microsoft waxa ay sidoo kale soo bandhigtay ^(Microsoft)Barashada Mashiinka oo ka wanaagsan oo ka hufan taas oo waddada u xaari doonta hirgelinta adag ee difaaca ransomware. Farsamooyinka barashada mashiinka ee la hagaajiyay waxay si dhakhso ah u ogaan karaan malware. Geedi socodka oo dhan ee ogaanshaha, falanqaynta, ka dibna isku dayga in meesha laga saaro malware waxa ay noqotaa hawl lagu dhammeeyo daqiiqado gudahood.

Akhri^(Read) : Ka ilaali oo ka hortag weerarada Ransomware^{(Protect against and prevent Ransomware attacks)} .

Ogaanshaha RANSOMWARE

• Daafaca Daaqadaha^{(Windows Defender)}

Difaaca Windows wuxuu ahaa software-ka badbaadada ee Windows, kaas oo arkay iftiinka maalinta waqtiyada XP. Software-ku wuxuu noqday mid adag oo xoog badan. Cusboonaysiinta ayaa hadda si degdeg ah uga jawaabi karta hanjabaadaha cusub iyadoo la adeegsanayo ilaalinta daruuraha oo la hagaajiyay iyo sifada muunad soo gudbinta tooska ah si loo joojiyo malware-ka iyo marka la arko. Dabeecadda dabeecadda difaaca Windows waa la hagaajiyay si ay u caawiso go'aaminta haddii faylku qabanayo waxqabadyada la xiriira ransomware, ka dibna la ogaado oo qaado tallaabo degdeg ah. Waxa kale oo ay ka caawisaa in ay iska difaacdo caabuqyada Ransomware ee Shabakadaha Shirkadaha .

Akhri: ^(Read:) Weerarada Ransomware iyo Ilaalinta.^{(Ransomware Attacks and Protection.)}

TALLAABADA LAGU QABAN DOONO

Marka madaxfurasho la helo iyadoo la kaashanayo Difaaca Windows^{(Windows Defender)} , waa waqtigii wax laga qaban lahaa weerarka. Windows 10 waxa uu la imanayaa adeega cusub ee difaaca Windows Advanced Threat Protection kaas oo ku daraya awooda ay shirkaduhu u leeyihiin in ay ogaadaan oo ay ka hortagaan weerarrada ka dhex sameeyay hababka kale ee ilaalinta. Daafaca Windows ATP^{(Windows Defender ATP)} wuxuu isku daraa dhacdooyinka amniga ee laga soo aruuriyay mishiinada iyo falanqaynta daruuraha si loo ogaado calaamadaha weerarada oo looga caawiyo PC-gaaga inuu ka fogaado.

Marka laga reebo tan, Microsoft waxa ay sidoo kale bilaabaysaa muuqaal cusub - ' Block at First Sight ' - kaas oo ah adeegga ilaalinta daruuraha oo si toos ah loo shiday.

Markaa waa sidaan Windows 11/10 waxay kaa caawinaysaa inay kaa ilaaliso Ransomware , iyadoo la kaashanayo astaamo cusub oo uu soo bandhigayo.

In kasta oo werarada internetka aan si buuxda looga baxsan karin, Microsoft waxa ay raadinaysaa mustaqbalka si ay u yarayso saamaynta weerarradan oo ay u ilaaliso Windows mar kasta.

Hadda akhri: ^{(Now read:)} Maxaa la sameeyaa ka dib weerarka Ransomware ee kombiyuutarkaaga Windows?^{(What to do after a Ransomware attack on your Windows computer?)}

Ransomware protection in Windows 11/10

Ransomware is proving to be a major challenge for computer users all over, including Microsoft when it comes to handling malware on Windows 11/10. In fact, the company claims that the variants of ransomware have more than doubled in the past 12 months. And while other kinds of viruses and trojans are short-term and extractable, Ransomware works on the premise of extorting funds in return for non-deletion of all your important files and documents. To add to that, methods and means attackers are using to perpetrate ransomware attacks are varied, complex and costly. Here is how Windows 11/10 deals with the threat of ransomware on your PC.

Ransomware protection in Windows 11/10

Windows has added new technology to increase protection against malware, including ransomware-related threats. Microsoft has made it so that it is extremely difficult for certain exploits to work when using Microsoft Edge, and enhanced URL reputation to better notify you about potentially unsafe websites. We increased the ability to block email attacks from ever reaching our consumer and commercial productivity suite customers. Microsoft has released Windows Defender ATP to make it easier for companies to investigate and respond to ransomware attacks, and more!

Read: How to enable and configure Ransomware Protection in Windows Defender.

RANSOMWARE PROTECTION IN WINDOWS 11/10

For protection against attackers causing ransomware, Windows 11/10 has some significant improvements for your computer. So you need to do the following things first to stay protected:

• Update to the latest Windows 11/10 version and switch to default settings.
• Keep your operating system and installed software updated with the latest versions.
• Manage your backup and restore strategy well.

Apply these protection measures in Windows 11/10 to make your network security stronger, says Microsoft:

1. Randomize local administrator passwords using a tool such as LAPS.
2. Apply Account Lockout Policy.
3. Ensure good perimeter security by patching exposed systems.
   Apply mitigating factors, such as MFA or vendor-supplied mitigation guidance, for vulnerabilities.
4. Utilize host firewalls to limit lateral movement.
5. Prevent endpoints from communicating on TCP port 445 for SMB. This will have limited negative impact on most networks, but can significantly disrupt adversary activities.
6. Turn on cloud-delivered protection for Microsoft Defender Antivirus or the equivalent for your antivirus product to cover rapidly evolving attacker tools and techniques.
7. Turn on Tamper protection features to prevent attackers from stopping security services.
8. Turn on attack surface reduction rules, including rules that can block ransomware activity:
   1. Use advanced protection against ransomware
   2. Block process creations originating from PsExec and WMI commands
   3. Block credential stealing from the Windows local security authority subsystem (lsass.exe)

Related reads:

• How to enable and use Controlled Folder Access
• How to allow Apps through Controlled Folder Access
• How to configure Controlled Folder Access using Group Policy & PowerShell
• Add Controlled Folder Access commands to Context Menu.

RANSOMWARE PREVENTION

• Browser Hardening

As seen last month, some malware attackers were using software like Adobe Flash to get into browsers and harm your computers. So, with the new update, Microsoft has updated Adobe Flash to work in an isolated container on the Microsoft Edge browser. The update also brings in a feature on Edge that doesn’t allow malware to leave the browser and affect other programs. This border tightening on Microsoft Edge will help contain the ransomware and fasten the removal process. These improvements also block malware from silently downloading and executing additional payloads on customers’ systems.

• Improved SmartScreen

In order to do a better job of preventing browser-based ransomware from reaching users in the first place, Microsoft extended SmartScreen Filter by cultivating a broad set of data from sources that are part of the Microsoft Intelligent Security Graph. When you unwittingly click on a link that could lead to an unsafe website, Windows 10 has the ability to notify you that the site could be malicious.

• Email Protection

Another major distribution channel for ransomware attackers is via email attachments. They can send across malicious links via emails, which are then clicked by vulnerable users. Microsoft claims to have advanced the machine learning models and heuristics to catch malware distributed in the email and developed a faster signature delivery channel to update the Windows Defender faster on mail. The result will be improved protection levels for both consumer and commercial customers. Take a look at the precautions to take when opening email attachments or before clicking on web links.

• Machine Learning

Apart from protecting all the loose ends on their browser and email servers, Microsoft has also introduced a better and more efficient Machine Learning that will pave the way for the tougher implementation of ransomware defense. The improved machine learning techniques can detect malware quickly. The entire process of detecting, analyzing, and then trying to remove malware becomes a task that is completed in minutes.

Read: Protect against and prevent Ransomware attacks.

RANSOMWARE DETECTION

• Windows Defender

Windows Defender has been Windows’ default security software, which saw the light of day during the XP times. The software has become tougher and stronger. The update can now respond to new threats faster using improved cloud protection and automatic sample submission features to block malware as and when they are spotted. Windows Defender’s behavioral heuristics have been improved to help determine if a file is performing ransomware-related activities, and then detect and take action more quickly. It also helps defend against Ransomware infections in Corporate Networks.

Read: Ransomware Attacks and Protection.

ACTION TO BE TAKEN

Once the ransomware has been detected with the help of Windows Defender, it is time to tackle the attack. Windows 10 brings with it the new Windows Defender Advanced Threat Protection service which adds the ability for companies to detect and prevent attacks that have made it through the other protection methods. Windows Defender ATP combines security events collected from the machines with cloud analytics to detect signs of attacks and help your PC stay away.

Apart from this, Microsoft is also initiating a new feature – ‘Block at First Sight‘ – which is a cloud protection service that has been turned on by default.

So this is how Windows 11/10 helps to keep you protected against Ransomware, with the help of new features that it introduces.

While cyber-attacks are never completely avoidable, Microsoft is pursuing a future with to minimize the impact of such attacks and keep Windows protected at all times.

Now read: What to do after a Ransomware attack on your Windows computer?

Related posts

• Sida loo tuso qaybta Faahfaahinta gudaha File Explorer gudaha Windows 11/10

• Sida loo isticmaalo Charmap iyo Eudcedit qalabyada ku dhex dhisan ee Windows 11/10

• Sida loo hubiyo xidhitaanka iyo bilawga Log in Windows 11/10

• Microsoft Intune miyaanay wada shaqayn? Ku qas Intune in ay isku xidho Windows 11/10

• Dejinta isku xidhka oo aan shaqaynayn ama ka cirroonayn Windows 11/10

• Sida loo sahlo ama loo joojiyo Win32 Wadooyinka Dheer ee Windows 11/10

• Habka fog-fog ayaa wacaya khalad markii la isticmaalayo DISM gudaha Windows 11/10

• Qoraalka PDF wuu baaba'aa marka la tafatirayo ama kaydinayo faylka Windows 11/10

• Sida loo suurto geliyo ama loo joojiyo astaanta abka Archive gudaha Windows 11/10

• Sida loo khariidado Network Drive ama loogu daro FTP Drive gudaha Windows 11/10

• Boostada iyo kalandarka abka way qaboojiyaan, burburaan ama kuma shaqeeyaan Windows 11/10

• Hagaaji dib u dhaca codka Bluetooth gudaha Windows 11/10

• Software-ka ugu Fiican Tijaabada Battery ee Laabtoobka & Qalabka lagu baadho ee Windows 11/10

• Sida loo cabbiro Reaction Time gudaha Windows 11/10

• Tirtir profile-kii hore iyo faylalka si toos ah gudaha Windows 11/10

• Sida loo uninstall ama dib loogu rakibo Notepad gudaha Windows 11/10

• CPU kuma soconayso xawli buuxa ama awood gudaha Windows 11/10

• Sida loo xaliyo dhibaatada isku dhaca Saxeexa Disk ee gudaha Windows 11/10

• Sida loo abuuro Shaxda Radar gudaha Windows 11/10

• Sida loo beddelo kamaradaha caadiga ah ee kumbuyuutarka Windows 11/10