WannaCrypt ransomware worm targets out-of-date systems

Discussion in 'malware problems & news' started by ronjor, May 13, 2017.

  1. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    2,587
    Location:
    Toronto, Canada
  2. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,156
    but could you not block ntoskrnl.exe from running?
     
    Last edited: Jun 8, 2017
  3. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    Yeah. At that point Windows is totally non-functional.
     
  4. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    http://securityaffairs.co/wordpress/59955/deep-web/wannacry.html
     
  5. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    https://www.forbes.com/sites/thomas...t-from-nsa-powered-cyberattacks-like-wannacry
     
  6. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
  7. Lockdown

    Lockdown Registered Member

    Joined:
    Oct 28, 2016
    Posts:
    772
    Location:
    Wilders Security
    L0L... yeah, let's apply lockdown protections to SYSTEM. Let's blackhole SYSTEM functionality. I have people asking why we don't do this - because SMB\EB\DP are worse than the Black Death...
     
  8. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    5,507
  9. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    I doubt that they will release updates for Windows regularly. Probably just for potentially dangerous and wormable exploits. Still it's a good news for Windows XP users.
     
  10. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    2,872
    Microsoft releases Windows XP updates... not for us lesser mortals. For the government and businesses who pay Microsoft for the privilege of having an updated Windows XP workstation.
     
  11. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    It's not hard for your system to become "privileged" one. Just one registry key :)
     
  12. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    https://threatpost.com/metadata-analysis-draws-its-own-conclusions-on-wannacry-authors
     
  13. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    163,052
    Location:
    Texas
  14. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    Make sure you read the hardware requirements for these "mitigations."
     
  15. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
  16. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Good read, straight and to the point.

    Here is one comment that kind of echo's one of our own members here who recently raised this.

     
  17. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,499
    Wow that was a stupid mistake for their IT people to stop connection to the killswitch.
     
  18. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
  19. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,499
    "Please also state the edition of Windows that has these features apply to. Nothing so frustrating as reading about a feature and thinking of implementing, only to realize it’s only available on Windows 10 Enterprise and not Windows 10 Professional.
    And why are security features being used to differentiate between editions? Should not these be uniform across the board?"

    Haven't you installed the 90 trial of Win 10 Enterprise yet in Virtual Box? I think you can delete it after 90 days and reinstall it again for another 90.
     
  20. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
  21. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    You haven't figured this one out by now? MS is all about $$$$$ profit. Therefore only provide your best security features for your most expensive desktop OS versions. Ditto for your advanced stand alone security features such as WD ATP. Again, this is the type of behavior engaged in when you have a complete monopoly over an area.

    -EDIT-

    Since you already have Win 10 Pro, you can get E3 here for $8.50 per month: ttps://www.mychoicesoftware.com/products/microsoft-corporation-windows-10-enterprise-e3

    -or-

    E5 for $15 per month which includes ATP: https://www.mychoicesoftware.com/products/microsoft-corporation-windows-10-enterprise-e5

    Hey, its only money ............. right?
     
    Last edited: Jun 22, 2017
  22. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Which should help ensure that many security vendors are quite ok with that policy and keeping new start-up introductions very relevant.
     
  23. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
  24. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    https://www.crn.com.au/news/only-half-of-cios-updated-security-after-wannacry-report-467550
     
  25. guest

    guest Guest

    What you expected, you thought MS was charity lol
    That is not different than some vendors locking out some features for free users.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.