Curious if anyone is leveraging LM for first line Ransomware detection.  Reading indicators typically include a high number of file name changes on the server/PC.  Seems like that would be something that LM could help us identify early on and alert out to take action before additional servers are compromised.  Looks like a working number is about 4 renames a second for the threshold.



Share this post

Link to post
Share on other sites

1 answer to this question

Recommended Posts

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now