See
https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
The Bulletin
https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
Background
https://www.nytimes.com/2017/05/14/world/europe/cyberattacks-hack-computers-monday.html
Lots of good technical details:
https://gist.github.com/rain-1/989428fa5504f378b993ee6efbc0b168
MORE technical details, in depth:
https://www.endgame.com/blog/wcrywanacry-ransomware-technical-analysis
And more background, particularity MS' response
https://www.engadget.com/2017/05/13/microsoft-windowsxp-wannacrypt-nhs-patch/
Consider blocking port 445
or disabling SMBv1,2,3....see:
https://support.microsoft.com/en-us/help/2696547/how-to-enable-and-disable-smbv1,-smbv2,-and-smbv3-in-windows-vista,-windows-server-2008,-windows-7,-windows-server-2008-r2,-windows-8,-and-windows-server-2012
LIVE MAP of related infections and botnets
https://intel.malwaretech.com/botnet/wcrypt
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment