[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Please run windows update now
- Subject: Please run windows update now
- From: andrew at thekerrs.ca (Andrew Kerr)
- Date: Fri, 12 May 2017 21:05:44 +0000
- In-reply-to: <CAN9qwJ_=qV15h6BbZtw_igVHmSwrg-7uXw1FqNwjvRFKCNGCCw@mail.gmail.com>
- References: <CAD6AjGTXWekAFvTadsgSTe-Bpwk09N+W09=EVZ6nqv8Q=L3D8g@mail.gmail.com> <CAAXNyuA0ejTkYD_RP5sQGPe_d6AXKTBMaLPJ-x58KWzqt9Q5Ug@mail.gmail.com> <CAN9qwJ_=qV15h6BbZtw_igVHmSwrg-7uXw1FqNwjvRFKCNGCCw@mail.gmail.com>
Just a note folks that while this particular ransomware is using the
MS17-010 exploit to help spread, it does not rely on it. This is still a
regular piece of ransomware that if someone opens the malicious file, will
encrypt files.
SANS has some IoCs and more information:
https://isc.sans.edu/forums/diary/Massive+wave+of+ransomware+ongoing/22412/
On Fri, 12 May 2017 at 11:45 Josh Luthman <josh at imaginenetworksllc.com>
wrote:
> MS17-010
> https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
>
>
> Josh Luthman
> Office: 937-552-2340 <(937)%20552-2340>
> Direct: 937-552-2343 <(937)%20552-2343>
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
>
> On Fri, May 12, 2017 at 2:35 PM, JoeSox <joesox at gmail.com> wrote:
>
> > Thanks for the headsup but I would expect to see some references to the
> > patches that need to be installed to block the vulnerability (Sorry for
> > sounding like a jerk).
> > We all know to update systems ASAP.
> >
> > --
> > Later, Joe
> >
> > On Fri, May 12, 2017 at 10:35 AM, Ca By <cb.list6 at gmail.com> wrote:
> >
> > > This looks like a major worm that is going global
> > >
> > > Please run windows update as soon as possible and spread the word
> > >
> > > It may be worth also closing down ports 445 / 139 / 3389
> > >
> > > http://www.npr.org/sections/thetwo-way/2017/05/12/
> > > 528119808/large-cyber-attack-hits-englands-nhs-hospital-
> > > system-ransoms-demanded
> > >
> >
>