Page 3 of 11 FirstFirst 12345 ... LastLast
  1.    13 May 2017 #21
    Join Date : Jul 2015
    Posts : 866
    Windows 10 Home x64

    It seems nobody is doing BACKUPS at all. That's an easy and affordable way to be protected from ransomware.

    The No More Ransom Project
      My ComputerSystem Spec
  2.    13 May 2017 #22
    Join Date : Jan 2015
    UK, Midlands
    Posts : 10,938
    Win 10 Pro (1703)

    Actually the UK government has one system incapable of being hacked electronically - all Acts of Parliament must be written on vellum.
    - calf or goat skin.

    Why is the UK still printing its laws on vellum? - BBC News

    Now, just consider- how many of your files will be accessible and readable by anything in, say, 900 years?

    But with BREXIT, there will be a vast amount of legislation.... so maybe I'll buy shares in vellum manufacturers!
      My ComputerSystem Spec
  3.    13 May 2017 #23

    Is there a way to tell if you have the patch?
      My ComputersSystem Spec
  4.    13 May 2017 #24
    Join Date : Dec 2013
    Portsmouth Hampshire
    Posts : 1,825
    Windows 10 x86 14383 Insider Pro and Core 10240

    The worm that spreads WanaCrypt0r

    Posted: May 12, 2017 by Zammis Clark
    Something that many security researchers have feared has indeed come true. Threat actors have integrated a critical exploit taking advantage of a popular communication protocol used by Windows systems, crippling thousands of computers worldwide with ransomware.
    Within hours of being leveraged, a flaw that had been recently patched by Microsoft has been used to distribute the WanaCrypt0r ransomware and wreak havoc worldwide.
    In this blog post, we will describe the worm responsible for spreading this ransomware by looking at its capabilities and what has made this threat so successful.
    Main functionality

    WanaCrypt0r has been most effective—not only does the ransomware loop through every open RDP session on a system and run the ransomware as that user, but the initial component that gets dropped on systems appears to be a worm that contains and runs the ransomware, spreading itself using the ETERNALBLUE SMB vulnerability (MS17-010).
    The WinMain of this executable first tries to connect to the website http://www.iuqerfsodp9ifjaposdfjhgos...ewrwergwea.com. It doesn’t actually download anything there, just tries to connect. If the connection succeeds, the binary exits.
    This was probably some kind of kill switch or anti-sandbox technique. Whichever it is, it has backfired on the authors of the worm, as the domain has been sinkholed and the host in question now resolves to an IP address that hosts a website. Therefore, nothing will happen on any new systems that runs the executable. This only applies to the binary with the hash listed above; there may well be new versions released in the future.

    read more at:

    The worm that spreads WanaCrypt0r - Malwarebytes Labs | Malwarebytes Labs

    MS Patch for SMB1.0/CIFS File Sharing Support:

    Microsoft Security Bulletin MS17-010 - Critical

    Seems systems from Vista onwards are affected, so the XP speculation is pointless.
      My ComputersSystem Spec
  5.    13 May 2017 #25

    Quote Originally Posted by Fafhrd View Post
    It all depends on what your email client opens the ascii file with.

    Notepad would just try to send it to the screen and fail to show the binary characters properly.

    If it's your browser, or an email client like outlook, then anything may happen.
    If there's collusion the user would use his "Unscramble" key for the email -- then BANG !!!!!
    In large organisations employing 100,000's of people -- it's impossible to vet everybody and there will always be some people with greviances -- so even in this case where it was a purely external attack (or so it seems) there's no reason to suppose the next invasion could involve "malcontented insiders".

    In a busy hospital where there nearly always is 100% Chaos - people don't notice things like a computer say in a back small room which might only be mainly used for office supplies or monitoring Laundry requirements etc.

    The publicity given to this malware will certainly give some people ideas - and while upgrading from XP is certainly necessary it isn't by any manner of means the whole story.

    Couldn't believe the INANE remarks of a UK Govt Minister --- "The NHS must learn from this !!!!!!!"

    I'm sure any I.T dept on the planet when a defect is discovered usually does that as a matter of course and takes steps (not always successfully) to prevent a repeat.

    Cheers
    jimbo
      My ComputerSystem Spec
  6.    13 May 2017 #26
    Join Date : Dec 2013
    Portsmouth Hampshire
    Posts : 1,825
    Windows 10 x86 14383 Insider Pro and Core 10240

    Quote Originally Posted by jimbo45
    In a busy hospital where there nearly always is 100% Chaos - people don't notice things like a computer say in a back small room which might only be mainly used for office supplies or monitoring Laundry requirements etc.
    No, there's no money for spare computers in back small rooms, and if there's a small back room, it's somebody's office, so the PC is not spare. If it's networked then there's a logon, so there's an audit trail.
      My ComputersSystem Spec
  7.    13 May 2017 #27
    Join Date : Oct 2013
    Newport, South Wales, UK
    Posts : 1,801
    Windows 10 Pro x64 FCU - XP/Vista/Win7/Win8.1 in VM for testing

    Political will is an important factor in this issue - the London Government is responsible for the NHS in England and are in favour a private medical system, and a lack of IT resource causes this failure,

    In Wales where the Devolved government is given responsibility for the running of the NHS, and is in favour of a Publicly funded NHS, the Welsh NHS IT system appears to be much better funded, and the Windows 7 (mainly ) based system are unaffected.

    Indeed Since this attack has started the IT system has sent me several electronic reminders for upcoming appointments - I've had two this morning
      My ComputerSystem Spec
  8.    13 May 2017 #28
    Join Date : Oct 2014
    Posts : 2,454
    W10 Pro + W10 Preview

    Quote Originally Posted by swarfega View Post
    Is there a way to tell if you have the patch?
    If you have W10 and Updates are up to date you are protected.....it was included with monthly Malicious Software Removal Tool.
      My ComputersSystem Spec
  9.    13 May 2017 #29
    Join Date : Oct 2013
    Standish, Lancashire
    Posts : 6,013
    Windows 10 Pro x64
      My ComputersSystem Spec
  10.    13 May 2017 #30
    Join Date : Jan 2014
    Posts : 1,391
    Windows 10 Pro (32-bit) 16299.15

    There's a bit more from Microsoft on the patches for XP and Windows 8 (that is, Windows 8.0, which is out of support unlike 8.1) here.
    https://blogs.technet.microsoft.com/...crypt-attacks/

    Although Vista is now out of support too, I guess it was still in support when the patches for this bug came out and hence not mentioned because there should be a patch available already.
      My ComputerSystem Spec

 
Page 3 of 11 FirstFirst 12345 ... LastLast


Similar Threads
Thread Forum
Today's leading causes of DDoS attacks
Read more: Today's leading causes of DDoS attacks | ZDNet
Windows 10 News
Windows 10: protection against recent Depriz malware attacks
Source: Windows 10: protection, detection, and response against recent Depriz malware attacks Microsoft Malware Protection Center
Windows 10 News
Multi-Vector DDoS Attacks Are Becoming the Norm
Multi-Vector DDoS Attacks Are Becoming the Norm 47% of all multi-vector DDoS attacks were launched in Q4 '15 72430 Read more: http://news.softpedia.com/news/multi-vector-ddos-attacks-are-becoming-the-norm-502416.shtml
Windows 10 News
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 07:34.
Find Us
Twitter Facebook Google+ Ten Forums iOS App Ten Forums Android App



Windows 10 Forums