WannaCry Ransomware – That Got Our Attention, Didn’t It?

If you see this screen, then you will wanna cry!!

If you have not heard about the WannaCry ransomware that is (and perhaps was) running rampant over the past weekend, then you must have been in a cave or on your honeymoon! This one is a doozie, let me tell you!! Some quick facts…

  • This ransomware is based on the EternalBlue exploit (developed by the NSA, and then stolen and leaked on the Internet)
  • Microsoft released a patch for this (MS17-010) in March
  • Some quick thinking good guys were able to slow down the spread of WannaCry by activating a killswitch within the ransomware code
  • MANY people and organizations, throughout the world, have been hit by this

An excellent analysis of WannaCry can be found here…

WannaCry no more: ransomware worm IOC’s, Tor C2 and technical analysis + SIEM rules

Stay informed…AND patch your systems!!