LinkBack URL
About LinkBacksNo details yet, but just spotted this
http://www.telegraph.co.uk/news/2017...e-cyberattack/
No details yet, but just spotted this
http://www.telegraph.co.uk/news/2017...e-cyberattack/
(\__/)
(='.'=)
(")_(")
Been helped or just 'Like' a post? Use the Thanks button!
My broadband speed - 750 Meganibbles/minute
It relies on a WIndows flaw fixed in March, which NHS IT didn't bother applying.
Seems the NHS isn't alone, Telefonica in Spain and several other corporations affected. It seems that fake invoice e mails have been used as the vector - I had a couple of those two days ago! One was allegedly from BT, quite plausible until I checked the headers.
(\__/)
(='.'=)
(")_(")
Been helped or just 'Like' a post? Use the Thanks button!
My broadband speed - 750 Meganibbles/minute
Yeah, lots of targets hit around Europe. Nobody applying their "this is critical apply this or die" security fixes.Originally Posted by peterb
I've worked in an environment with a recurrent rmware issue
This maybe more directed?!
Last edited by sybrows; 12-05-2017 at 10:38 PM. Reason: forgot the last bit
These were all made possible thanks to an exploit the NSA had which was made public by wiki leaks who are now calling for the NSA to release information of all exploits that they know of.
Well done wiki leaks... well done.
This appears to be world wide. I've seen a lot of ransomewear recently but it's been in the background and hasn't been close to the scale of state sponsored campaigns. Well looks like some criminals gangs have been busy. Russians also hit btw.
Oddly I finished a SANS forensic course today and was looking at just this kind of thing this afternoon on my home lab including how to exploit the older versions of the SMB protocol.
To me this is far more scary than nuclear weapons or chemical weapons. The cold war and Cuban missile crisis have nothing on what's happening now days.
Guess the new (ish) NCSC is going to be busy.
Last edited by walibe; 12-05-2017 at 11:39 PM.
Laptop - Macbook Pro Retina 13" (Early 2015) i5/8GB/256GB
Desktop 1 - iMac 27" (late 2012) i7/32GB/1TB Fusion Drive
Desktop 2 - i7 2600K/32GB/1TB/GTX 760
Server - HP DL160 G6 2 x Hex Core Xenon x5650/64GB/8TB
NAS - ASUSTOR 604T ATOM Dual Core/3GB/16TB
If any of you are genuinely interesting in following this keep an eye on the internet store center.
https://isc.sans.edu
They are 24/7 and as many of them are SANS instructors who have taught us and other well establish SMEs they tend to get samples of new malware etc pretty damn quickly forward often by former students etc.
Laptop - Macbook Pro Retina 13" (Early 2015) i5/8GB/256GB
Desktop 1 - iMac 27" (late 2012) i7/32GB/1TB Fusion Drive
Desktop 2 - i7 2600K/32GB/1TB/GTX 760
Server - HP DL160 G6 2 x Hex Core Xenon x5650/64GB/8TB
NAS - ASUSTOR 604T ATOM Dual Core/3GB/16TB
peterb (14-05-2017)
As it's not been mentioned yet - Microsoft have released patches for a bunch of unsupported platforms to protect against this
https://blogs.technet.microsoft.com/...acrypt-attacks
I know that everyone here is patched and running a supported OS, or has some form of mitigation against this kind of risk in place (see Saracen's number of posts on the matter), but you probably have family and friends that don't (and who also have no backups). Do them a favour and share that information with them.
peterb (14-05-2017)
Thank you everyone who posted here. As this now covered on a general HEXUS news post here http://forums.hexus.net/hexus-news/3...cross-nhs.html
I'll close this thread.
(\__/)
(='.'=)
(")_(")
Been helped or just 'Like' a post? Use the Thanks button!
My broadband speed - 750 Meganibbles/minute
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
