Author Topic: New cyber-attack  (Read 4885 times)

0 Members and 1 Guest are viewing this topic.

Offline Paddy

  • LandzDown Team
  • Hero Member
  • *****
  • Posts: 1602
    • View Profile
New cyber-attack
« on: June 27, 2017, 02:20:16 PM »
Many firms hit by global cyber-attacks

http://www.bbc.co.uk/news/technology-40416611

Paddy..
This is one race of people for whom psychoanalysis is of no use whatsoever - Sigmund Freud (about the Irish)

Never argue with a fool, they will lower you to their level and then beat you with experience.

Offline Frands

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1069
  • Esbjerg, Denmark
    • View Profile
Re: New cyber-attack
« Reply #1 on: June 27, 2017, 04:54:32 PM »
Frightful! >:(   A bit more on the topic here: http://thehackernews.com/2017/06/petya-ransomware-attack.html?m=1
Our greatest glory is not in never falling but in rising every time we fall.
- Confucius
-----
Trend Micro Internet Security


Home Forums:
https://www.landzdown.com/
http://securitygarden.blogspot.dk/
https://www.classicrockforums.com/

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 20873
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: New cyber-attack
« Reply #2 on: June 28, 2017, 12:47:01 AM »
Make sure SMB is off on your computer.  Here's how:  Turn Off SMB1 on Windows Now

You may also want to run the ESET EternalBlue Checker, available here:  ESET Stops WannaCryptor, WannaCry and EternalBlue. Use our free tool to make sure Windows vulnerabilities are patched—ESET Knowledgebase


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline winchester73

  • Half a bubble off plumb
  • Administrator
  • Hero Member
  • *****
  • Posts: 7436
  • Liverpool FC - YNWA
    • View Profile
Speak softly, but carry a big Winchester ... Winchester Arms Collectors Association member

Offline plodr

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1443
    • View Profile
Re: New cyber-attack
« Reply #4 on: June 28, 2017, 02:27:32 PM »
Susan Bradley mentioned turning off SMB1 in May.

I followed her directions but did not find SMB.

Any one know why? (One computer Home Premium 32 bit and the other Home Premium 64 bit). I didn't look at the other two Win 7 computers in the house.

Here's a screenshot

Offline satrow

  • LzD Friends
  • Full Member
  • *****
  • Posts: 246
    • View Profile
Re: New cyber-attack
« Reply #5 on: June 28, 2017, 04:49:34 PM »
That method only works with W10 I think, for W7, I had to use the Registry edits (though I don't run Workstation or Server Services, so I should have been 'safe' anyway), there's also the Group Policy method, both detailed by MS: https://support.microsoft.com/en-us/help/2696547/how-to-enable-and-disable-smbv1-smbv2-and-smbv3-in-windows-and-windows

Offline pastywhitegurl

  • Hero Member
  • *****
  • Posts: 1180
  • advanced techno feeb
    • View Profile
Re: New cyber-attack
« Reply #6 on: July 04, 2017, 11:07:01 PM »
Is the ESET EternalBlue Checker necessary if your Windows updates have all successfully installed?

Offline winchester73

  • Half a bubble off plumb
  • Administrator
  • Hero Member
  • *****
  • Posts: 7436
  • Liverpool FC - YNWA
    • View Profile
Re: New cyber-attack
« Reply #7 on: July 04, 2017, 11:10:47 PM »
Necessary? If nothing else, it's a simple double check that a system is protected. It certainly couldn't do any harm to run it, but the choice is yours.

Quote
Click for my Computer Specs, AntiVirus/Spyware programs list Updated Nov 2016

Have you updated to Malwarebytes 3.1?
Speak softly, but carry a big Winchester ... Winchester Arms Collectors Association member

Offline pastywhitegurl

  • Hero Member
  • *****
  • Posts: 1180
  • advanced techno feeb
    • View Profile
Re: New cyber-attack
« Reply #8 on: July 05, 2017, 02:09:21 AM »
Yes, I have MalwareBytes 3.1.2

Ah ok.  When I read the page about it, it seemed like you had to install something additional unless you had ESET.  I'm always leary about adding new programs. Now I know its just a one time diagnostic.

Guess I had better update my computer specs.

Thanks.

Offline pastywhitegurl

  • Hero Member
  • *****
  • Posts: 1180
  • advanced techno feeb
    • View Profile
Re: New cyber-attack
« Reply #9 on: July 05, 2017, 02:36:55 AM »
I ran the checker and got this in the black box:
Quote
Checking your system for CVE-2017-0144 vulnerability.
Failed to get version of 'C:\WINDOWS\system32\Drivers\srv\sys'
We are unable to tell if your computer is vulnerable.
So I guess I'm done with that?




Offline Pete!

  • Hero Member
  • *****
  • Posts: 5280
    • View Profile
Re: New cyber-attack
« Reply #10 on: July 05, 2017, 11:45:26 AM »
I ran the checker and got this in the black box:
Quote
Checking your system for CVE-2017-0144 vulnerability.
Failed to get version of 'C:\WINDOWS\system32\Drivers\srv\sys'
We are unable to tell if your computer is vulnerable.
So I guess I'm done with that?
The first time I ran the checker, I got a favorable result.

After a few more Win 10 "updates", I got the same result you got.
I have no idea what that means.
Perhaps the "checker" needs an update?

Offline winchester73

  • Half a bubble off plumb
  • Administrator
  • Hero Member
  • *****
  • Posts: 7436
  • Liverpool FC - YNWA
    • View Profile
Re: New cyber-attack
« Reply #11 on: July 05, 2017, 12:51:33 PM »
No clue about that error you got.  The checker worked fine just now on this Win 10  box.

You can manually verify that you've installed MS17-010: https://support.microsoft.com/en-us/help/4023262/how-to-verify-that-ms17-010-is-installed
Speak softly, but carry a big Winchester ... Winchester Arms Collectors Association member

Offline Pete!

  • Hero Member
  • *****
  • Posts: 5280
    • View Profile
Re: New cyber-attack
« Reply #12 on: July 05, 2017, 01:07:38 PM »
I just downloaded a fresh copy and ran it again:
Quote
ESET CVE-2017-0144 vulnerability checker
Copyright 1992-2017 ESET spol. s r.o.

Checking your system for CVE-2017-0144 vulnerability.
Failed to get version of 'C:\WINDOWS\system32\Drivers\srv.sys'.
We are unable to tell if your computer is vulnerable.

Press any key to close this application ...

Offline Pete!

  • Hero Member
  • *****
  • Posts: 5280
    • View Profile
Re: New cyber-attack
« Reply #13 on: July 05, 2017, 01:19:17 PM »
I wasn't fast enough to edit the previous post....

A quick check shows that C:\WINDOWS\system32\Drivers\ does not contain a file called "srv.sys" at this time.

Offline winchester73

  • Half a bubble off plumb
  • Administrator
  • Hero Member
  • *****
  • Posts: 7436
  • Liverpool FC - YNWA
    • View Profile
Re: New cyber-attack
« Reply #14 on: July 05, 2017, 05:54:33 PM »
Is the ESET EternalBlue Checker necessary if your Windows updates have all successfully installed?

I thought you were having trouble getting updates installed?

http://www.landzdown.com/security-alerts-briefings/microsoft-security-updates-for-june-2017/msg194078/#msg194078

Maybe you aren't current?
Speak softly, but carry a big Winchester ... Winchester Arms Collectors Association member