Jump to content
Dave

Protect yourself from the WannaCrypt0r WannaCry Ransomware

Recommended Posts

Dave    277
Dave

Seems to be an epidemic on ransomware again.  Microsoft has a patch but you need to make sure your Windows systems are patched up.  

Here is Microsoft's patch - https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

Quote

In a statement Friday, Microsoft said: “Today our engineers added detection and protection against new malicious software known as Ransom:Win32.WannaCrypt. In March, we provided a security update which provides additional protections against this potential attack. Those who are running our free antivirus software and have Windows Update enabled, are protected. We are working with customers to provide additional assistance.”

Kaspersky Software will also block the bad bits.  https://usa.kaspersky.com/home-security

 

Read more on WordFence.  (a security blog/company for WordPress)

https://www.wordfence.com/blog/2017/05/massive-global-ransomware-attack-underway-patch-available/

more on Washing Post - https://www.washingtonpost.com/world/hospitals-across-england-report-it-failure-amid-suspected-major-cyber-attack/2017/05/12/84e3dc5e-3723-11e7-b373-418f6849a004_story.html

  • Like 2

Share this post


Link to post
Share on other sites
GavinCampbell    11
GavinCampbell

I just got called into work about this... way to ruin my weekend.  Its actually a bit scary.

Share this post


Link to post
Share on other sites
Trig0r    118
Trig0r

My boss rang up and said to go into the main office and tell everyone not to open email attachment's and be careful.

 

It was 17:05 on Friday, not quite sure what he was thinking lol

Share this post


Link to post
Share on other sites
Jason    56
Jason

Is this coming in specifically from email attachments? I just flew out of London Heath Row on Fri. am as their hospitals were getting hit. Scary.


Sent from my iPhone using Tapatalk

Share this post


Link to post
Share on other sites
Dave    277
Dave

A new Killswitch was found and registered further stopping the spread.



@msuiche: New kill switch detected ! http://www.ifferfsodp9ifjaposdfjhgosurijfaewrwergwea.com #WannaCry - Just pushed for an order ! pbs.twimg.com/media/C_yVpB2XUAE9QcU.jpg pbs.twimg.com/media/C_yWDeEXgAANlYS.jpg




Sent from my Pixel XL using Tapatalk

Share this post


Link to post
Share on other sites
ShadowPeo    33
ShadowPeo

In some respects, in regards to this outbreak I am happy that it happened and garnered so much attention, for several reasons in particular. Yes it sucks that people will loose data but in the end I am hoping some good will come from it

Firstly, people and companies ditching their old XP/2003 installs and finally updating (I am sure Dell, HP and others are going to get a bunch of new orders for servers now) thus eliminating many other potential vulnerabilities and potential attack vectors

Secondly, Backups, again people and companies will hopefully learn the value of good backups, there are after all only 2 (or should that be 10) types of people in the world those that have lost data and those that will loose data, it is primarily the former that will have backups. As the recent podcast episode showed, no backup system is infallible as it is set up and maintained by humans after all, but every bit helps.

Thirdly and I am going to lump some things together here, specifically people/companies patching their equipment and AV/AM software. The damned patch for this was released a while back as I am sure everyone here is aware, so just how is it that this patch has not been deployed, I mean come on people. There should be getting some hard questions asked of IT staff and of management as to why patches are not deployed in a timely manner.

Share this post


Link to post
Share on other sites
Trig0r    118
Trig0r

I patch our cluster a few times a month tbh, the boss was all panicing though, I was happy to just carry on as normal..

Share this post


Link to post
Share on other sites
ShadowPeo    33
ShadowPeo

I have our internal systems set to do any patches that do not require a reboot at 8PM each day, anything that requires a reboot is done over the weekend with the majority being done in the first batch, only the secondary DC and one of the HV's not being rebooted (so the second DC has something to run on), that DC and HV is rebooted several hours later to complete the updates

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now




×