Dave 434 Posted May 12, 2017 Share Posted May 12, 2017 Seems to be an epidemic on ransomware again. Microsoft has a patch but you need to make sure your Windows systems are patched up. Here is Microsoft's patch - https://technet.microsoft.com/en-us/library/security/ms17-010.aspx Quote In a statement Friday, Microsoft said: “Today our engineers added detection and protection against new malicious software known as Ransom:Win32.WannaCrypt. In March, we provided a security update which provides additional protections against this potential attack. Those who are running our free antivirus software and have Windows Update enabled, are protected. We are working with customers to provide additional assistance.” Kaspersky Software will also block the bad bits. https://usa.kaspersky.com/home-security Read more on WordFence. (a security blog/company for WordPress) https://www.wordfence.com/blog/2017/05/massive-global-ransomware-attack-underway-patch-available/ more on Washing Post - https://www.washingtonpost.com/world/hospitals-across-england-report-it-failure-amid-suspected-major-cyber-attack/2017/05/12/84e3dc5e-3723-11e7-b373-418f6849a004_story.html 2 Link to post Share on other sites
GavinCampbell 18 Posted May 13, 2017 Share Posted May 13, 2017 I just got called into work about this... way to ruin my weekend. Its actually a bit scary. Link to post Share on other sites
Trig0r 211 Posted May 13, 2017 Share Posted May 13, 2017 My boss rang up and said to go into the main office and tell everyone not to open email attachment's and be careful. It was 17:05 on Friday, not quite sure what he was thinking lol Link to post Share on other sites
Jason 84 Posted May 14, 2017 Share Posted May 14, 2017 Is this coming in specifically from email attachments? I just flew out of London Heath Row on Fri. am as their hospitals were getting hit. Scary. Sent from my iPhone using Tapatalk Link to post Share on other sites
Dave 434 Posted May 14, 2017 Author Share Posted May 14, 2017 Update for May 14th, 2017 Quote In the past few hours, on Sunday May 14th, the WannaCry ransomware campaign has evolved. We are seeing new variants of the ransomware emerge. How to protect yourself - https://www.wordfence.com/blog/2017/05/how-to-protect-yourself-against-wannacry/ 1 Link to post Share on other sites
Dave 434 Posted May 15, 2017 Author Share Posted May 15, 2017 An update to this madness. Interesting read about how a portion of the attack was stopped. https://www.theguardian.com/technology/2017/may/13/accidental-hero-finds-kill-switch-to-stop-spread-of-ransomware-cyber-attackSent from my Pixel XL using Tapatalk Link to post Share on other sites
Dave 434 Posted May 15, 2017 Author Share Posted May 15, 2017 A new Killswitch was found and registered further stopping the spread. @msuiche: New kill switch detected ! http://www.ifferfsodp9ifjaposdfjhgosurijfaewrwergwea.com #WannaCry - Just pushed for an order ! pbs.twimg.com/media/C_yVpB2XUAE9QcU.jpg pbs.twimg.com/media/C_yWDeEXgAANlYS.jpgSent from my Pixel XL using Tapatalk Link to post Share on other sites
ShadowPeo 81 Posted May 17, 2017 Share Posted May 17, 2017 In some respects, in regards to this outbreak I am happy that it happened and garnered so much attention, for several reasons in particular. Yes it sucks that people will loose data but in the end I am hoping some good will come from it Firstly, people and companies ditching their old XP/2003 installs and finally updating (I am sure Dell, HP and others are going to get a bunch of new orders for servers now) thus eliminating many other potential vulnerabilities and potential attack vectors Secondly, Backups, again people and companies will hopefully learn the value of good backups, there are after all only 2 (or should that be 10) types of people in the world those that have lost data and those that will loose data, it is primarily the former that will have backups. As the recent podcast episode showed, no backup system is infallible as it is set up and maintained by humans after all, but every bit helps. Thirdly and I am going to lump some things together here, specifically people/companies patching their equipment and AV/AM software. The damned patch for this was released a while back as I am sure everyone here is aware, so just how is it that this patch has not been deployed, I mean come on people. There should be getting some hard questions asked of IT staff and of management as to why patches are not deployed in a timely manner. Link to post Share on other sites
Trig0r 211 Posted May 17, 2017 Share Posted May 17, 2017 I patch our cluster a few times a month tbh, the boss was all panicing though, I was happy to just carry on as normal.. Link to post Share on other sites
ShadowPeo 81 Posted May 17, 2017 Share Posted May 17, 2017 I have our internal systems set to do any patches that do not require a reboot at 8PM each day, anything that requires a reboot is done over the weekend with the majority being done in the first batch, only the secondary DC and one of the HV's not being rebooted (so the second DC has something to run on), that DC and HV is rebooted several hours later to complete the updates Link to post Share on other sites
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now