Has anyone battled the cryptowall virus?
It hit our network and spread to mapped drives. Decrypt files show up on several excel; word; and pdf files.
The machines hit were running Intune Endpoint Protection but we are phasing that out and currently installing Symantec Endpoint Protection in its place.
I'm wondering if the IPS component of SEP would help stop this type of attack? I've read mixed reviews on this component.
Maybe a little late to answer the question, my apologies I just registered one a couple of days ago.
We had also to deal with the same incident and unfortunately we had to use backups to recover lost files.
But, did you give a try to AppLocker?
Once I will have implemented it I can provide you with some feedback.
According to what I read on Internet, some configured file screening on file their servers to prevent cryptolocker. I did not try it though.