Ransomware – Sophos describes how Petya attack cycle works

Uncategorized Comments Off on Ransomware – Sophos describes how Petya attack cycle works

Sophos shares simularities and differences between WannaCry (May 2017 world-wide attack) & this new one, that is being gradually contained https://nakedsecurity.sophos.com/2017/06/28/deconstructing-petya-how-it-spreads-and-how-to-fight-back/ The researchers found no internet-spreading mechanism, though like WannaCry, it uses the EternalBlue/DoublePulsar exploits that target vulnerable SMB installations to spread. But that spread is through internal networks only. Here’s the SMB exploit shellcode […]

Ransomware – Petya kill switch discovered for specific Server or PC

Uncategorized Comments Off on Ransomware – Petya kill switch discovered for specific Server or PC

Some of earlier analysis has been redacted and rewritten, as more is learned.  The discovery of “kill switch” c:\windows\perfc is technically a “prevention switch” for only a specific server or PC (i.e., not a kill switch that stops the full outbreak) … Corporate users need to get patched up on MS17-010, keep A/V updated, get on […]


© 2021 Computer Safety & News.
WordPress Theme & Icons by N.Design Studio. Provided by WPMU DEV -The WordPress Experts   Hosted by Microsoft MVPs
Entries RSS Comments RSS Log in