Author Topic: NSA Exploit Strikes Again (Read 1510 times)

Ben · « **on:** June 27, 2017, 07:04:09 PM »

The Petya ransomware is infecting much of Europe, including Maersk shipping. I'm curious how far that actually affects their worldwide shipping and what backups they have for something like that.

Petya is using the same exploit as Wannacry did, which was developed by the NSA to poke into everybody's business. Thanks NSA.

http://www.foxnews.com/tech/2017/06/27/huge-ransomware-attack-hits-europe-sparks-mass-disruption.html

Regolith · « **Reply #1 on:** June 28, 2017, 12:00:22 AM »

Anyone who hasn't patched that vulnerability by now almost freaking deserves it.

agricola · « **Reply #2 on:** June 28, 2017, 10:54:35 AM »

Quote from: Regolith on June 28, 2017, 12:00:22 AM

Anyone who hasn't patched that vulnerability by now almost freaking deserves it.

you mean the virus or the NSA?

Perd Hapley · « **Reply #3 on:** June 28, 2017, 11:22:34 AM »

Quote from: agricola on June 28, 2017, 10:54:35 AM

you mean the virus or the NSA?

Well played.

Fitz · « **Reply #4 on:** June 28, 2017, 07:40:42 PM »

Quote from: Regolith on June 28, 2017, 12:00:22 AM

Anyone who hasn't patched that vulnerability by now almost freaking deserves it.

This

so far as we can tell, the kill switch found and used during the last one made tons of IT people say "Oh ok, we're safe now"

... so they were still unpatched.

RevDisk · « **Reply #5 on:** June 30, 2017, 08:46:41 AM »

Quote from: Fitz on June 28, 2017, 07:40:42 PM

This

so far as we can tell, the kill switch found and used during the last one made tons of IT people say "Oh ok, we're safe now"

... so they were still unpatched.

It's not the 90's anymore. Any business these days at a minimum needs monthly patching, reporting, enterprise grade AV and malware/baddie checking at multiple points all over the network. Plus you know, employee training. My email gets filtered three times before a user sees it, and we still sometimes get new stuff. Then you have the desktop AV just in case.

Morons. If it can't be patched, draw up a business plan for scheduled replacement. Or put them behind dedicated firewalls with very tight whitelists.

Fitz · « **Reply #6 on:** June 30, 2017, 06:59:35 PM »

Quote from: RevDisk on June 30, 2017, 08:46:41 AM

It's not the 90's anymore. Any business these days at a minimum needs monthly patching, reporting, enterprise grade AV and malware/baddie checking at multiple points all over the network. Plus you know, employee training. My email gets filtered three times before a user sees it, and we still sometimes get new stuff. Then you have the desktop AV just in case.

Morons. If it can't be patched, draw up a business plan for scheduled replacement. Or put them behind dedicated firewalls with very tight whitelists.

We even patched old OS's that we said we were done patching, and people still got hit.

RevDisk · « **Reply #7 on:** July 01, 2017, 11:11:01 AM »

Quote from: Fitz on June 30, 2017, 06:59:35 PM

We even patched old OS's that we said we were done patching, and people still got hit.

In fairness, some blame lies on lots of vendors who screw up and do not keep up with security. I've seen quite a few legacy systems labeled "DO NOT PATCH, OR WILL BREAK COMPLETELY". I've always made it conditional that max of one year or we yank the cable. That's not as easy with say, a CNC router that's a couple million bucks. Embedded computer folks are generally the absolute stone cold worst, and charge insane pricing for support that's terrible.

Armed Polite Society

News:

Author Topic: NSA Exploit Strikes Again (Read 1510 times)

Ben

NSA Exploit Strikes Again

Regolith

Re: NSA Exploit Strikes Again

agricola

Re: NSA Exploit Strikes Again

Perd Hapley

Re: NSA Exploit Strikes Again

Fitz

Re: NSA Exploit Strikes Again

RevDisk

Re: NSA Exploit Strikes Again

Fitz

Re: NSA Exploit Strikes Again

RevDisk

Re: NSA Exploit Strikes Again