1 min read

What you need to know about Petya / Not Petya Malware

Chris Bedel : Updated on March 23, 2018

Category One

You've probably heard about the the latest outbreak of the 'Petya' ransomware. Like WannaCry, this is a worm-enabled ransomware, so it can spread across your network to infect other machines. It sounds like 'Petya' not only encrypts files, but also uses mimikatz to steal administrative credentials as well.

Links are below to more information, but here are the quick hitters:

  1. Make sure all your systems have the MS17-010 patch applied. (https://technet.microsoft.com/en-us/library/security/ms17-010.aspx)
  2. Disable SMBv1 where possible
  3. Block outside access (firewall) to the following ports: 137, 138, 139 and 445
  4. Remove administrative access where not needed (like 99% of your users on their workstations)
  5. Have good, offline backups
  6. Train users to not folllow links or open attachments in emails they are not suspecting or look suspicious 

Krebs: https://krebsonsecurity.com/2017/06/petya-ransomware-outbreak-goes-global/
The Register: https://www.theregister.co.uk/2017/06/28/petya_notpetya_ransomware/

1 min read

Equifax Deserves the Corporate Death Penalty

contributor : Oct 23, 2017

Interesting perspective from Ron Fein over at Wired. If this happens, what is the precedent for other industries like healthcare or banking? Are...

Category One
Read More

1 min read

NIST’s new password rules – what you need to know

contributor : May 29, 2017

One of the biggest changes proposed by the new NIST Digital Identity Guidelines is getting rid of mandatory password changes. This would mean no...

Category One
Read More

1 min read

To Click or Not to Click? The 5 Laws of Links

Chris Bedel : Oct 31, 2017

We're all human. Which, for better or worse, means that we are far from perfect. Now we can look at that one of two ways: Accepting the way things...

Category One
Read More