RV_ Posted June 29, 2017 Report Share Posted June 29, 2017 I am sure there are lots of folks that think they can afford to lose all that is on their computer. But as I harp on a lot it is critical today to do your patches! Lots of folks are still running XP and even though Microsoft issued a patch for this in March, and even for XP users too, folks just think they are under the radar. If you don't patch, don't complain about Microsoft, they aren't the problem. Excerpt: "How to protect against it There are two ways Petya/GoldenEye attacks a computer. "The exploit attacks vulnerable Windows Server Message Block (SMB) service, which is used to share files and printers across local networks," said David Sykes, business security expert at Sophos. "Microsoft addressed the issue in its MS17-010 bulletin in March, but the exploit proved instrumental in the spread of WannaCry last month. The new Petya variant can also spread by using a version of the Microsoft PsExec tool in combination with admin credentials from the target computer." These problems have been patched, but some people have not downloaded the fix, so it keeps spreading. Your first line of defense is to be sure you have the latest version of Windows: If you have automatic updates turned on, you're safe. The update should already be installed to your computer. If you don't have auto update on, you can download the security update here: Windows 8 x86 Windows 8 x64 Windows XP SP2 x64 Windows XP SP3 x86 Windows XP Embedded SP3 x86 Windows Server 2003 SP2 x64 Windows Server 2003 SP2 x86 Windows has a download page for all versions available here. Next, make sure that your antivirus software is up to date. Most antivirus companies already have patches out that block Petya and this new version of it." More in the article here: https://www.cnet.com/how-to/petya-goldeneye-malware-ransomware-protect-yourself-against/?ftag=CAD3c77551&bhid=20640562413884385817807471581031 RV/Derekhttp://www.rvroadie.com Email on the bottom of my website page.Retired AF 1971-1998 When you see a worthy man, endeavor to emulate him. When you see an unworthy man, look inside yourself. - Confucius “Those who can make you believe absurdities, can make you commit atrocities.” ... Voltaire Link to comment Share on other sites More sharing options...
RV_ Posted June 29, 2017 Author Report Share Posted June 29, 2017 It's worse! The malware is now considered to be a "wiper infection" that wipes your drive with no hope of decrypting the data in an infected computer. The good news is the initial wave of the global attack is over, and patched/updated computers since March are safe for now. Excerpt: “We actually consider this a sabotage attack or wiper attack. Whether it is intentional or not, I’ll leave that to others to speculate,” said Juan Andres Guerrero-Saade, senior security researcher at Kaspersky Lab. “You can’t call an attack, with no possible way of decrypting files, a ransomware attack,” he said. According to Comae Technologies researcher Matt Suiche, there is bug in the malware’s encryption code that prevents any decryption key from working. That is something independent of the fact the German email provider Posteo shut down the attacker’s email address preventing victims from contacting the attacker in order to have payments verified. “The actual function to encrypt files contains a logic bug. Because of the way the malware encrypts the data, it makes it impossible to decrypt the files properly, assuming there was a decryption key,” Suiche said during the webinar. The good news about the outbreak is the initial attack wave is over. Suiche said most of the damage from ExPetr has already been done. “So, if you haven’t been effected by now it’s very unlikely you are going to be,” he said. The initial infection, unlike WannaCry, was one big wave, he said." More here: https://threatpost.com/expetr-called-a-wiper-attack-not-ransomware/126614/?utm_source=newsletter&utm_medium=Email&utm_campaign=tp daily digest RV/Derekhttp://www.rvroadie.com Email on the bottom of my website page.Retired AF 1971-1998 When you see a worthy man, endeavor to emulate him. When you see an unworthy man, look inside yourself. - Confucius “Those who can make you believe absurdities, can make you commit atrocities.” ... Voltaire Link to comment Share on other sites More sharing options...
frater jason Posted July 3, 2017 Report Share Posted July 3, 2017 I would also recommend making backups before you need them; and run windows on a virtual machine; or run linux -- 2017 Promaster 159" , 570W mono, 220AH FLA blog | RVwiki project Link to comment Share on other sites More sharing options...
Pat & Pete Posted July 3, 2017 Report Share Posted July 3, 2017 2 hours ago, secessus said: I would also recommend making backups before you need them; and run windows on a virtual machine; or run linux I just read that Linux has come under attack , as well . Goes around , comes around . Link to comment Share on other sites More sharing options...
markandkim Posted July 3, 2017 Report Share Posted July 3, 2017 Man, the stuff you guys put up with. Retired USN Engineer 2020 Ram 2500 Bighorn 6.7 Diesel 2022 Grand Design Reflection 315RLTS Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.