[et_pb_section fb_built=”1″ background_color=”#27323a” admin_label=”section”][et_pb_row admin_label=”row”][et_pb_column type=”4_4″ parallax=”off” parallax_method=”on”][et_pb_text background_layout=”dark” text_orientation=”center” admin_label=”Text”]
New Cyber Attack
6/27/2017
Petya Ransomware
[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row custom_padding=”27px|0px|0px|0px” admin_label=”row”][et_pb_column type=”4_4″ parallax=”off” parallax_method=”on”][et_pb_video src=”https://youtu.be/ANFT-cgpZ94″ admin_label=”Video”][/et_pb_video][/et_pb_column][/et_pb_row][et_pb_row custom_padding=”0px|0px|27px|0px” admin_label=”row” make_fullwidth=”on”][et_pb_column type=”4_4″ parallax=”off” parallax_method=”on”][et_pb_text admin_label=”Text”]
A new strain of ransomware called Petya rampaged Europe this Tuesday, crippling banks and the electric grid in what cybersecurity experts refer to as one of the most “devastating digital intrusions of its time”. Reports claim Petya employs credential theft techniques to spread laterally through the network via stolen credentials.
The ransomware so far has been known to:
• Writes a message to the raw disk partition
• Clear the windows event log using Wevtutil
• Shut down the machine
• Leverages PsExec to spread. PsExec is dropped as dllhost.dat
• Encrypt files matching a list of file extensions for the purpose of extortion
Based on this new strain of cybercrime, the MDS team urges the following actions be taken immediately:
• Apply patches to any systems still vulnerable to the previous ETERNALBLUE Exploit
• Update network security appliances to the latest versions
• Exercise caution opening all emails, and do not open attachments at this time
• Limit all web financial transactions
• Perform the most frequent computer backup, and keep a copy offline
• Limit your website usage (even on known sites)
As always, your friends at MDS are available 24×7 to provide continuous network vulnerability assessments to ensure your organization is as protected as possible against these increasingly common, debilitating attacks.
[/et_pb_text][et_pb_contact_form captcha=”off” email=”maureendatasystems@gmail.com” title=”Decrypt your files, request a free security assessment” input_border_radius=”7px” admin_label=”Contact Form” module_id=”et_pb_contact_form_1″ title_font=”|on|||” title_font_size=”19px” title_text_color=”#ffffff” use_border_color=”on” border_color=”#000000″ custom_button=”on” button_text_color=”#ffffff” button_bg_color=”#0c71c3″ button_border_radius=”7px” button_border_radius_hover=”7px”][et_pb_contact_field field_id=”Name” field_title=”Name” fullwidth_field=”on”][/et_pb_contact_field][et_pb_contact_field field_id=”Email” field_title=”Email Address” field_type=”email” fullwidth_field=”on”][/et_pb_contact_field][et_pb_contact_field field_id=”Company” field_title=”Company” fullwidth_field=”on”][/et_pb_contact_field][et_pb_contact_field field_id=”Phone” field_title=”Phone” fullwidth_field=”on”][/et_pb_contact_field][/et_pb_contact_form][/et_pb_column][/et_pb_row][/et_pb_section]