Massive ransomware attack just took out my work and ukraine, anyone else affected?

[Destination]

Is this just hitting XP machines again?

Last time it was win7 machines, not the xp ones which were hit hardest.

 

[Gzero]

This line from the BBC article is a face-palm, imo:

Veteran security expert Chris Wysopal from Veracode said the malware seemed to be spreading via some of the same Windows code loopholes exploited by Wannacry. Many firms did not patch those holes because Wannacry was tackled so quickly, he added.

How does one become a veteran security expert?

 

[C.R.A.Z.Y]

This looks to be a pretty evolved piece of ransomware code!

 

[Rroff]

This looks to be a pretty evolved piece of ransomware code!

These things will be ever evolving and increasing looking to exploit hardware at a low level which makes it hard to detect and remove the infection entirely. The seeming complacency towards the initial outbreak and attack vectors of wannacry I think is going to bite people in the rear down the line as well - nearly every security expert has concentrated on the ransomware it deployed, a few better ones have done some forensic examination of the dropper but it seems like pretty much no one is looking at it end to end in full detail and still lots of assumptions based on how previous malware worked and equating it with how those worked instead of looking at what it actually did.

 

[mattyg]

Big Logistics company!!! No **** sherlock. I was thinking DPD,APC but this ones a little bigger Hope they get it sorted quick.

 

[CapitalOne]

Well in the case of email's, an admin should really be authorizing the use of the internet, or just closing the entire system off. Too many liberal users in company and too liberal an IT department are issues.

It's lack of knowledge like this that is part of the problem oh dear!

ETA should have included your 2FA post as its a classic.

 

[C.R.A.Z.Y]

Looks like Posteo have shutdown the ransomware e-mail account
Not sure I agree with that! I understand the whole not paying ransom logic but for some people it might be extremely important?!?!

 

[cheesyface]

Last time it was win7 machines, not the xp ones which were hit hardest.

Is it M$ last ditch effort to get everyone onto Win10?

 

[SPG]

Internet is no longer becoming fun... oh well was a fun time while it lasted I guess.

Back to rolling the dice for ADnD and going outside again

 

[Rifte]

I am completely ignorant to these things, am I safe on my W10 laptop?

 

[GizF1]

Yeah we are a large courier company

Orange soon to be purple?

 

[wesley]

Ordered something from Amazon prime earlier today. Hopefully I'll get tomorrow

 

[Mynight]

I am completely ignorant to these things, am I safe on my W10 laptop?

No such thing as safe. Just don't click on links/emails you don't trust and you should be good from the majority of it.

Best way to be "safe" is regular external backups. Doesnt really matter if you get infected then just restore from backups.

 

[Azza]

An accounting company in Ukraine was hacked and it has an auto updater in it's MeDoc software.

 

[Azza]

Looks like Maersk use MeDoc which is how they've been effected.

 

[Azza]

http://www.me-doc.com.ua/vnimaniyu-polzovateley


Brilliant!


Apparently this software is used exclusively throughout Ukrainian government sectors.



Nice work Putin.

 

[sanaxe1]

Chernobyl is now affected.

Latest on Chernobyl: the normal radiation monitoring system has been taken offline. Officials say hand-held counters are being used to measure levels.

 

[dowie]

Well in the case of email's, an admin should really be authorizing the use of the internet, or just closing the entire system off. Too many liberal users in company and too liberal an IT department are issues.

oh great now we're blaming liberals for this too....

 

[hornetstinger]

My place at work got this

Multi-national as well!!

 

[Hades]

Indeed, it's absolutely shocking how poorly funded and supported many companies IT departments are.

On the plus side anyone looking to get into IT security which is already understaffed should make the jump.

Very much considering it.