Latest Ransomware

Forumite Members General Topics Tech Security Talk Latest Ransomware

Viewing 11 posts - 1 through 11 (of 11 total)
  • Author
    Posts
  • June 28, 2017 at 12:16 am #9576
    doctoryorkiedoctoryorkie
    Participant
      @doctoryorkie
      Forumite Points: 2

      No point bothering with links. This will degrade into the usual.

      http://www.bbc.co.uk/news/technology-40416611

      Laptop T420 i5 8GB SSD 2x Spinners Optimus GFX
      HTPC 5350 8GB SSD 2x Spinners Antec 300
      Desktop 2700K 16GB Revo x2 GTX570SC Antec900
      Server N54L 8GB SSD 6x Spinners HD6450

      June 28, 2017 at 9:25 am #9582
      Dave RiceDave Rice
      Participant
        @ricedg
        Forumite Points: 7

        Just had this email

        Dear Customer
        Thank you for your recent order with Parcel2Go.
        Unfortunately, due to a TNT system error, your TNT delivery may not have been booked or collected as scheduled. TNT cannot confirm when they will be able to fix the issue, so we are switching your delivery to a UPS service.

        June 28, 2017 at 1:26 pm #9588
        The DukeThe Duke
        Participant
          @sgb101
          Forumite Points: 5

          TNT in the system is never good.

          Jk aside, this is going to run and run, every few months forever,  It seems.

          June 28, 2017 at 4:00 pm #9596
          Ed PEd P
          Participant
            @edps
            Forumite Points: 39

            Rumour is that it was a  Ukrainian Tax Advice program that was the initial vector!

            June 28, 2017 at 6:11 pm #9606
            Bob WilliamsBob Williams
            Participant
              @bullstuff2
              Forumite Points: 0

              More than rumour Ed:     https://tinyurl.com/yb9c8m9o

              A growing number of security experts, including the British malware expert Marcus Hutchins – credited with ending the WannaCry ransomware outbreak – claim to have logs that reveal (Ukrainian tax-filing software)  MEDoc as the source. ”

              Note that Russia is proud of not having suffered an attack…

               

              When the Thought Police arrive at your door, think -
              I'm out.

              June 28, 2017 at 8:31 pm #9613
              Ed PEd P
              Participant
                @edps
                Forumite Points: 39

                Not true wrt Russia Bob:

                “The Russian anti-virus firm Kaspersky Lab said its analysis showed that there had been about 2,000 attacks – most in Ukraine, Russia and Poland.”

                June 28, 2017 at 10:05 pm #9619
                Bob WilliamsBob Williams
                Participant
                  @bullstuff2
                  Forumite Points: 0
                  Ed P wrote:

                  Not true wrt Russia Bob: “The Russian anti-virus firm Kaspersky Lab said its analysis showed that there had been about 2,000 attacks – most in Ukraine, Russia and Poland.”

                  I cannot find the part of the report in (I think) RT which initially had some Russian figurehead boasting that Russian business was not affected, Ed. After visiting yesterday’s Beeb report, I see that a lot of Russian business is affected, including Antonov, Rosneft, (biggest Russian oil business) and Chernobyl monitoring software.

                  I humbly apologise to the Russian state, which is a strange thing for me to have to say!

                   

                  When the Thought Police arrive at your door, think -
                  I'm out.

                  June 29, 2017 at 3:37 pm #9640
                  Bob WilliamsBob Williams
                  Participant
                    @bullstuff2
                    Forumite Points: 0

                    It’s not Ransomeware, according to Kaspersky research and contributors:

                    https://tinyurl.com/ybpwlbn4

                    It’s just destructive wiping/

                    When the Thought Police arrive at your door, think -
                    I'm out.

                    June 29, 2017 at 4:46 pm #9646
                    Ed PEd P
                    Participant
                      @edps
                      Forumite Points: 39

                      Not just destructive to one PC Bob, it appears it actively searches your network then uses some modified NSA tricks to hit all M$ OSs whether using SMB or not. Looks like full off-line backups may be an essential defence.

                      June 29, 2017 at 6:14 pm #9651
                      Bob WilliamsBob Williams
                      Participant
                        @bullstuff2
                        Forumite Points: 0

                        After reading about this, I checked the Kaspersky information, manually update Kaspersky, and scan, then make an unscheduled backup. The rest is in the lap of the gods.

                        When the Thought Police arrive at your door, think -
                        I'm out.

                        June 29, 2017 at 7:17 pm #9655
                        Ed PEd P
                        Participant
                          @edps
                          Forumite Points: 39

                          Not really Bob. There are some simple steps that can be taken such as using a Sandbox  (Sandboxie?) or Linux VM for all your browsing/emails. Ditto just using a Smartphone to do the same. This would however require that anything transferred to a PC would need a darned good scan before use.

                        • Author
                          Posts
                        Viewing 11 posts - 1 through 11 (of 11 total)
                        • You must be logged in to reply to this topic.