±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 33043
New Yesterday: 0 Visitors: 192

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

RSS Feed Widget

±Latest Webinars

WannaCry no kill switch 3rd wave

Computer forensics discussion. Please ensure that your post is not better suited to one of the forums below (if it is, please post it there instead!)
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
 
  

WannaCry no kill switch 3rd wave

Post Posted: Sun May 14, 2017 5:29 pm

You may laugh on me if you already knew, but maybe not

Patch XP, 7, 8, 8.1, 10 and SMB 2003 Server immediately to prevent from worm and ransomware WannaCry 3rd wave since friday. The actual version has no kill switch in the WORM, the ransomware is part two of WannaCry.

thehackernews.com/2017...ttack.html

So just patch your system.  

RolfGutmann
Senior Member
 
 
  

Re: WannaCry no kill switch 3rd wave

Post Posted: Sun May 14, 2017 8:18 pm

The Yara Rule Set you find here

github.com/Neo23x0/sig...nnacry.yar

The Indicators Of Compromise (IOC) you find here

www.us-cert.gov/ncas/a.../TA17-132A

If you are interested in CyberSec Threat Intel Sharing standards you can learn these terms

STIX Structured Threat Information Expression
TAXII Trusted Automated eXchange of Indicator Information
CybOX Cyber Observable eXpression

securityintelligence.c...formation/
www.rsaconference.com/...f-2015.pdf  

RolfGutmann
Senior Member
 
 

Page 1 of 1