Author Topic: Ransomware bypassed SAP  (Read 24603 times)

Offline Overkill

  • Newbie
  • *
  • Posts: 15
  • Kudos +1/-0
Ransomware bypassed SAP
« on: June 07, 2016, 05:42:32 AM »

Offline hendy

  • SecureAPlus Developer
  • Sr. Member
  • *****
  • Posts: 351
  • Kudos +16/-0
Re: Ransomware bypassed SAP
« Reply #1 on: June 07, 2016, 09:57:35 AM »
The tester may has clicked on the wrong button when he tried to block the ransomware from running. Instead of block, he accidentally clicked on unblock, because the unblock is red color, and usually people associate the red color with stop. The best will be if it is switched to lockdown mode, so this will eliminate the chance of clicking on the wrong button. From our side we will think of how to improve the UI so it will minimize the possibility of clicking on the wrong button.

Offline Overkill

  • Newbie
  • *
  • Posts: 15
  • Kudos +1/-0
Re: Ransomware bypassed SAP
« Reply #2 on: June 08, 2016, 03:57:28 AM »
New video...SAP blocked all, but notifier crashed @6:42
https://www.youtube.com/watch?v=IP2j25JHhsI&feature=em-uploademail

Offline hendy

  • SecureAPlus Developer
  • Sr. Member
  • *****
  • Posts: 351
  • Kudos +16/-0
Re: Ransomware bypassed SAP
« Reply #3 on: June 28, 2016, 09:33:57 AM »
Thank you for informing us.
We are trying to fix the crash in SecureAPlus v4.2.4.
Since we can't reproduce the crash, we will rely on user report to find out whether the crash has been fixed.